31.31.196.28

As of: Sep 27, 2023 11:28am UTC | Latest

Basic Information

Reverse DNS
server209.hosting.reg.ru
OS
linux
Network
AS-REG (RU)
Routing
31.31.196.0/24  via  AS197695
Protocols
21/FTP , 22/SSH , 25/SMTP , 53/DNS , 80/HTTP , 110/POP3 , 111/PORTMAP , 143/IMAP , 443/HTTP , 465/SMTP , 587/SMTP , 993/IMAP , 995/POP3 , 1500/HTTP , 3306/MYSQL
Labels
database , email , file-sharing , remote-access

21/FTP TCP
Observed Sep 26, 2023 at 10:38am UTC


View All Data

Labels

File Sharing

Details

Banner
220 FTP Server ready.
Auth TLS Response
234 AUTH TLS successful
Status Code
220
Status Meaning
Service ready for new user.

TLS

Fingerprint
JA3S
303951d4c50efb2e991652225a6f02b1
Handshake
Version Selected
TLSv1_2
Cipher Selected
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
Leaf Certificate
9693742aab10afb226c0ef0ee86a13fbbd4256bf3ba659a0c0bf5cc38803d672
CN=*.hosting.reg.ru
C=BE, O=GlobalSign nv-sa, CN=AlphaSSL CA - SHA256 - G4

22/SSH TCP
Observed Sep 27, 2023 at 7:19am UTC


View All Data

Labels

Remote Access

Software

linux
Dropbear SSH Project Dropbear SSH 2022.82

Details

Host Key
Algorithm
ecdsa-sha2-nistp256
Fingerprint
e52702aad3c4363b464c7a64cd8dbc45c9d1bd027c318575c74abc546b4f7de0
Negotiated
Key Exchange
[email protected]
Symmetric Cipher
aes128-ctr [] aes128-ctr []
MAC
hmac-sha2-256 [] hmac-sha2-256 []

25/SMTP TCP
Observed Sep 26, 2023 at 6:41pm UTC


View All Data

Labels

Email

Software

linux
exim 4.96

Details

Banner
220 server209.hosting.reg.ru ESMTP Exim 4.96 Tue, 26 Sep 2023 21:41:24 +0300
EHLO
250-server209.hosting.reg.ru Hello scanner-26.ch1.censys-scanner.com [167.248.133.125]
250-SIZE 52428800
250-8BITMIME
250-PIPELINING
250-PIPECONNECT
250-AUTH LOGIN PLAIN
250-STARTTLS
250 HELP
Start TLS
220 TLS go ahead

TLS

Fingerprint
JA3S
303951d4c50efb2e991652225a6f02b1
Handshake
Version Selected
TLSv1_2
Cipher Selected
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
Leaf Certificate
9693742aab10afb226c0ef0ee86a13fbbd4256bf3ba659a0c0bf5cc38803d672
CN=*.hosting.reg.ru
C=BE, O=GlobalSign nv-sa, CN=AlphaSSL CA - SHA256 - G4
Issuer Chain

53/DNS UDP
Observed Sep 26, 2023 at 8:57pm UTC


View All Data

Details

Server Type
AUTHORITATIVE
R Code
REFUSED

80/HTTP TCP
Observed Sep 26, 2023 at 8:18am UTC


View All Data Go

Software

nginx

Details

http://31.31.196.28
Request
GET /
Protocol
HTTP/1.1
Status Code
200
Status Reason
OK
Body Hash
sha1:ce9c7868089c71d595acb3c3aad088605927b1f4
HTML Title
Домен не добавлен в панели
Response Body
      
    

110/POP3 TCP
Observed Sep 25, 2023 at 3:15pm UTC


View All Data

Labels

Email

Software

linux
Dovecot

Details

Banner
+OK Dovecot ready.
Start TLS
+OK Begin TLS negotiation now.

TLS

Fingerprint
JA3S
303951d4c50efb2e991652225a6f02b1
Handshake
Version Selected
TLSv1_2
Cipher Selected
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
Leaf Certificate
9693742aab10afb226c0ef0ee86a13fbbd4256bf3ba659a0c0bf5cc38803d672
CN=*.hosting.reg.ru
C=BE, O=GlobalSign nv-sa, CN=AlphaSSL CA - SHA256 - G4
Issuer Chain

111/PORTMAP UDP
Observed Sep 26, 2023 at 2:09am UTC


View All Data

Details

Banner (Hex)
  
00000000
00000010
00000020
00000030
00000040
00000050
00000060
00000070
00000080
00000090
1a a9 ff e1 00 00 00 01 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 01 00 01 86 a0
00 00 00 04 00 00 00 06 00 00 00 6f 00 00 00 01
00 01 86 a0 00 00 00 03 00 00 00 06 00 00 00 6f
00 00 00 01 00 01 86 a0 00 00 00 02 00 00 00 06
00 00 00 6f 00 00 00 01 00 01 86 a0 00 00 00 04
00 00 00 11 00 00 00 6f 00 00 00 01 00 01 86 a0
00 00 00 03 00 00 00 11 00 00 00 6f 00 00 00 01
00 01 86 a0 00 00 00 02 00 00 00 11 00 00 00 6f
00 00 00 00
................
................
...........o....
...............o
................
...o............
.......o........
...........o....
...............o
....

143/IMAP TCP
Observed Sep 26, 2023 at 3:12pm UTC


View All Data

Labels

Email

Software

Dovecot

Details

Banner
* OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE STARTTLS AUTH=PLAIN AUTH=LOGIN] Dovecot ready.
Start TLS
a001 OK Begin TLS negotiation now.

TLS

Fingerprint
JA3S
303951d4c50efb2e991652225a6f02b1
Handshake
Version Selected
TLSv1_2
Cipher Selected
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
Leaf Certificate
9693742aab10afb226c0ef0ee86a13fbbd4256bf3ba659a0c0bf5cc38803d672
CN=*.hosting.reg.ru
C=BE, O=GlobalSign nv-sa, CN=AlphaSSL CA - SHA256 - G4
Issuer Chain

443/HTTP TCP
Observed Sep 27, 2023 at 6:51am UTC


View All Data Go

Software

nginx

Details

https://31.31.196.28
Request
GET /
Protocol
HTTP/1.1
Status Code
200
Status Reason
OK
Body Hash
sha1:ce9c7868089c71d595acb3c3aad088605927b1f4
HTML Title
Домен не добавлен в панели
Response Body
      
    

TLS

Fingerprint
JARM
29d29d00029d29d00042d42d0000005d86ccb1a0567e012264097a0315d7a7
JA3S
15af977ce25de452b96affa2addb1036
Handshake
Version Selected
TLSv1_3
Cipher Selected
TLS_AES_256_GCM_SHA384
Leaf Certificate
9693742aab10afb226c0ef0ee86a13fbbd4256bf3ba659a0c0bf5cc38803d672
CN=*.hosting.reg.ru
C=BE, O=GlobalSign nv-sa, CN=AlphaSSL CA - SHA256 - G4
Issuer Chain

465/SMTP TCP
Observed Sep 26, 2023 at 5:05pm UTC


View All Data

Labels

Email

Software

exim 4.96

Details

Banner
220 server209.hosting.reg.ru ESMTP Exim 4.96 Tue, 26 Sep 2023 20:05:51 +0300
EHLO
250-server209.hosting.reg.ru Hello scanner-04.ch1.censys-scanner.com [162.142.125.12]
250-SIZE 52428800
250-8BITMIME
250-PIPELINING
250-PIPECONNECT
250-AUTH LOGIN PLAIN
250 HELP

TLS

Fingerprint
JARM
05d02d20d21d20d05c05d02d05d20da01e52cd5e3f9306da4ac348a0fe7af8
JA3S
303951d4c50efb2e991652225a6f02b1
Handshake
Version Selected
TLSv1_2
Cipher Selected
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
Leaf Certificate
9693742aab10afb226c0ef0ee86a13fbbd4256bf3ba659a0c0bf5cc38803d672
CN=*.hosting.reg.ru
C=BE, O=GlobalSign nv-sa, CN=AlphaSSL CA - SHA256 - G4
Issuer Chain

587/SMTP TCP
Observed Sep 27, 2023 at 9:10am UTC


View All Data

Labels

Email

Software

exim 4.96

Details

Banner
220 server209.hosting.reg.ru ESMTP Exim 4.96 Wed, 27 Sep 2023 12:10:47 +0300
EHLO
250-server209.hosting.reg.ru Hello scanner-04.ch1.censys-scanner.com [162.142.125.13]
250-SIZE 52428800
250-8BITMIME
250-PIPELINING
250-PIPECONNECT
250-AUTH LOGIN PLAIN
250-STARTTLS
250 HELP
Start TLS
220 TLS go ahead

TLS

Fingerprint
JA3S
303951d4c50efb2e991652225a6f02b1
Handshake
Version Selected
TLSv1_2
Cipher Selected
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
Leaf Certificate
9693742aab10afb226c0ef0ee86a13fbbd4256bf3ba659a0c0bf5cc38803d672
CN=*.hosting.reg.ru
C=BE, O=GlobalSign nv-sa, CN=AlphaSSL CA - SHA256 - G4
Issuer Chain

993/IMAP TCP
Observed Sep 26, 2023 at 11:36pm UTC


View All Data

Labels

Email

Software

linux
Dovecot

Details

Banner
* OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE AUTH=PLAIN AUTH=LOGIN] Dovecot ready.

TLS

Fingerprint
JARM
05d02d20d21d20d05c05d02d05d20da23a7a927f270a23608b3c7a72999cab
JA3S
303951d4c50efb2e991652225a6f02b1
Handshake
Version Selected
TLSv1_2
Cipher Selected
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
Leaf Certificate
9693742aab10afb226c0ef0ee86a13fbbd4256bf3ba659a0c0bf5cc38803d672
CN=*.hosting.reg.ru
C=BE, O=GlobalSign nv-sa, CN=AlphaSSL CA - SHA256 - G4
Issuer Chain

995/POP3 TCP
Observed Sep 27, 2023 at 11:28am UTC


View All Data

Labels

Email

Software

linux
Dovecot

Details

Banner
+OK Dovecot ready.

TLS

Fingerprint
JARM
05d02d20d21d20d05c05d02d05d20da23a7a927f270a23608b3c7a72999cab
JA3S
303951d4c50efb2e991652225a6f02b1
Handshake
Version Selected
TLSv1_2
Cipher Selected
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
Leaf Certificate
9693742aab10afb226c0ef0ee86a13fbbd4256bf3ba659a0c0bf5cc38803d672
CN=*.hosting.reg.ru
C=BE, O=GlobalSign nv-sa, CN=AlphaSSL CA - SHA256 - G4
Issuer Chain

1500/HTTP TCP
Observed Sep 26, 2023 at 2:55pm UTC


View All Data Go

Software

linux

Details

https://31.31.196.28:1500
Request
GET /
Protocol
HTTP/1.1
Status Code
200
Status Reason
OK
Body Hash
sha1:d665754edabfee98b8ddba3e87edb66610db45bc
HTML Title
Authorization
Response Body
      Javascript required for login

Your browser is out of date, so the interface may work incorrectly. Please
update or change the browser
    

TLS

Fingerprint
JARM
29d02d00029d29d22c29d02d29d29ddec047dae5c8df4f14546ec68b9cee76
JA3S
303951d4c50efb2e991652225a6f02b1
Handshake
Version Selected
TLSv1_2
Cipher Selected
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
Leaf Certificate
9693742aab10afb226c0ef0ee86a13fbbd4256bf3ba659a0c0bf5cc38803d672
CN=*.hosting.reg.ru
C=BE, O=GlobalSign nv-sa, CN=AlphaSSL CA - SHA256 - G4
Issuer Chain

3306/MYSQL TCP
Observed Sep 26, 2023 at 12:26am UTC


View All Data

Labels

Database

Software

Oracle MySQL 5.7.27-30
linux

Details

Protocol Version
10
Character Set
8

TLS

Fingerprint
JA3S
303951d4c50efb2e991652225a6f02b1
Handshake
Version Selected
TLSv1_2
Cipher Selected
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
Leaf Certificate
281e864663a978b0facc45ca7960d21d03b1b8787c846ab6b55fd4c684ac8f02
CN=MySQL_Server_5.7.23-24_Auto_Generated_Server_Certificate
CN=MySQL_Server_5.7.23-24_Auto_Generated_CA_Certificate
Issuer Chain

Geographic Location

City
Moscow
Province
Moscow
Country
Russia (RU)
Coordinates
55.75222, 37.61556
Timezone
Europe/Moscow