31.31.196.28

As of: Nov 28, 2022 7:44pm UTC | Latest

Basic Information

Reverse DNS: server209.hosting.reg.ru
OS: linux
Network: AS-REG (RU)
Routing: 31.31.196.0/24 via AS197695
Protocols: 21/FTP , 22/SSH , 25/SMTP , 53/DNS , 80/HTTP , 110/POP3 , 111/PORTMAP , 143/IMAP , 443/HTTP , 465/SMTP , 587/SMTP , 993/IMAP , 995/POP3 , 1500/HTTP , 3306/MYSQL , 9443/HTTP

21/FTP TCP
Observed Nov 28, 2022 at 12:02pm UTC

View All Data

Software

linux

Details

Banner

220 FTP Server ready.

Auth TLS Response

234 AUTH TLS successful

Status Code

220

Status Meaning

Service ready for new user.

TLS

JA3S: 303951d4c50efb2e991652225a6f02b1
Version Selected: TLSv1_2
Cipher Selected: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256

22/SSH TCP
Observed Nov 28, 2022 at 5:22pm UTC

View All Data

Software

linux

Dropbear SSH Project Dropbear SSH 2022.82

Details

Algorithm: ecdsa-sha2-nistp256
Fingerprint: e52702aad3c4363b464c7a64cd8dbc45c9d1bd027c318575c74abc546b4f7de0
Key Exchange: [email protected]
Symmetric Cipher: aes128-ctr [] aes128-ctr []
MAC: hmac-sha2-256 [] hmac-sha2-256 []

25/SMTP TCP
Observed Nov 27, 2022 at 2:55pm UTC

View All Data

Software

linux

exim 4.96

Details

Banner

220 server209.hosting.reg.ru ESMTP Exim 4.96 Sun, 27 Nov 2022 17:55:59 +0300

EHLO

250-server209.hosting.reg.ru Hello scanner-05.ch1.censys-scanner.com [162.142.125.212]
250-SIZE 52428800
250-8BITMIME
250-PIPELINING
250-PIPECONNECT
250-AUTH LOGIN PLAIN
250-STARTTLS
250 HELP

Start TLS

220 TLS go ahead

TLS

JA3S: 303951d4c50efb2e991652225a6f02b1
Version Selected: TLSv1_2
Cipher Selected: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256

53/DNS UDP
Observed Nov 28, 2022 at 12:32pm UTC

View All Data

Details

Server Type: AUTHORITATIVE
R Code: REFUSED

80/HTTP TCP
Observed Nov 26, 2022 at 10:18pm UTC

View All Data Go

Software

nginx

Details

http://31.31.196.28

Request

GET /

Protocol

HTTP/1.1

Status Code

200

Status Reason

Body Hash

sha1:2bd3786fdf1c61f1eba08f2a3a470da79d00eb57

HTML Title

Домен не&nbsp;добавлен в&nbsp;панели

Response Body

110/POP3 TCP
Observed Nov 28, 2022 at 6:40pm UTC

View All Data

Software

linux

Dovecot

Details

Banner

+OK Dovecot ready.

Start TLS

+OK Begin TLS negotiation now.

TLS

JA3S: 303951d4c50efb2e991652225a6f02b1
Version Selected: TLSv1_2
Cipher Selected: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256

111/PORTMAP UDP
Observed Nov 27, 2022 at 8:37pm UTC

View All Data

Details

Banner (Hex)

  00000000
00000010
00000020
00000030
00000040
00000050
00000060
00000070
00000080
00000090
1a a9 ff e1 00 00 00 01  00 00 00 00 00 00 00 00 
00 00 00 00 00 00 00 00  00 00 00 01 00 01 86 a0 
00 00 00 04 00 00 00 06  00 00 00 6f 00 00 00 01 
00 01 86 a0 00 00 00 03  00 00 00 06 00 00 00 6f 
00 00 00 01 00 01 86 a0  00 00 00 02 00 00 00 06 
00 00 00 6f 00 00 00 01  00 01 86 a0 00 00 00 04 
00 00 00 11 00 00 00 6f  00 00 00 01 00 01 86 a0 
00 00 00 03 00 00 00 11  00 00 00 6f 00 00 00 01 
00 01 86 a0 00 00 00 02  00 00 00 11 00 00 00 6f 
00 00 00 00                                      
................
................
...........o....
...............o
................
...o............
.......o........
...........o....
...............o
....

143/IMAP TCP
Observed Nov 28, 2022 at 6:20am UTC

View All Data

Details

Banner

* OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE STARTTLS AUTH=PLAIN AUTH=LOGIN] Dovecot ready.

Start TLS

a001 OK Begin TLS negotiation now.

TLS

JA3S: 303951d4c50efb2e991652225a6f02b1
Version Selected: TLSv1_2
Cipher Selected: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256

443/HTTP TCP
Observed Nov 27, 2022 at 8:37pm UTC

View All Data Go

Software

nginx

Details

https://31.31.196.28

Request

GET /manager/ispmgr

Protocol

HTTP/1.1

Status Code

404

Status Reason

Not Found

Body Hash

sha1:3c0af39ecb3753c5fee3b53d063c7286019eac3b

HTML Title

404 Not Found

Response Body

# 404 Not Found

* * *

nginx

TLS

JARM: 29d29d00029d29d00042d42d0000005d86ccb1a0567e012264097a0315d7a7
JA3S: 15af977ce25de452b96affa2addb1036
Version Selected: TLSv1_3
Cipher Selected: TLS_AES_256_GCM_SHA384

465/SMTP TCP
Observed Nov 28, 2022 at 3:06pm UTC

View All Data

Software

exim 4.96

Details

Banner

220 server209.hosting.reg.ru ESMTP Exim 4.96 Mon, 28 Nov 2022 18:06:42 +0300

EHLO

250-server209.hosting.reg.ru Hello www.censys.io [167.94.145.59]
250-SIZE 52428800
250-8BITMIME
250-PIPELINING
250-PIPECONNECT
250-AUTH LOGIN PLAIN
250 HELP

TLS

JA3S: 303951d4c50efb2e991652225a6f02b1
Version Selected: TLSv1_2
Cipher Selected: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256

587/SMTP TCP
Observed Nov 27, 2022 at 7:26pm UTC

View All Data

Software

linux

exim 4.96

Details

Banner

220 server209.hosting.reg.ru ESMTP Exim 4.96 Sun, 27 Nov 2022 22:26:12 +0300

EHLO

250-server209.hosting.reg.ru Hello scanner-25.ch1.censys-scanner.com [162.142.125.221]
250-SIZE 52428800
250-8BITMIME
250-PIPELINING
250-PIPECONNECT
250-AUTH LOGIN PLAIN
250-STARTTLS
250 HELP

Start TLS

220 TLS go ahead

TLS

JA3S: 303951d4c50efb2e991652225a6f02b1
Version Selected: TLSv1_2
Cipher Selected: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256

993/IMAP TCP
Observed Nov 27, 2022 at 7:58pm UTC

View All Data

Details

Banner

* OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE AUTH=PLAIN AUTH=LOGIN] Dovecot ready.

TLS

JARM: 05d02d20d21d20d05c05d02d05d20da23a7a927f270a23608b3c7a72999cab
JA3S: 303951d4c50efb2e991652225a6f02b1
Version Selected: TLSv1_2
Cipher Selected: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256

995/POP3 TCP
Observed Nov 26, 2022 at 10:02pm UTC

View All Data

Software

Dovecot

Details

Banner

+OK Dovecot ready.

TLS

JARM: 05d02d20d21d20d05c05d02d05d20da23a7a927f270a23608b3c7a72999cab
JA3S: 303951d4c50efb2e991652225a6f02b1
Version Selected: TLSv1_2
Cipher Selected: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256

1500/HTTP TCP
Observed Nov 27, 2022 at 8:37pm UTC

View All Data Go

Details

https://31.31.196.28:1500

Request

GET /

Protocol

HTTP/1.1

Status Code

200

Status Reason

Body Hash

sha1:147411e9b2fe8f926164afac9332a4306d2e70cc

HTML Title

Authorization

Response Body

Javascript required for login

Your browser is out of date. ISPmanager may work incorrectly. Please update or
change your browser.

![](/manimg/dragon/default/login-logo-ispmgr.svg)

Log in

Language English

  * Český
  * Deutsch
  * English
  * Español
  * Français
  * Magyar
  * հայերեն
  * Nederlands
  * Polski
  * Русский
  * Українська

  * [Exosoft (C) 2022](https://www.ispsystem.com/software/ispmanager)

TLS

JARM: 20d02d20d29d20d20c20d02d20d20d82810f76c2e865422123f6b34a0b8aa5
JA3S: 303951d4c50efb2e991652225a6f02b1
Version Selected: TLSv1_2
Cipher Selected: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256

3306/MYSQL TCP
Observed Nov 27, 2022 at 7:13pm UTC

View All Data

Software

Oracle MySQL 5.7.27-30

linux

Details

Protocol Version: 10
Character Set: 8

TLS

JA3S: 303951d4c50efb2e991652225a6f02b1
Version Selected: TLSv1_2
Cipher Selected: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256

9443/HTTP TCP
Observed Nov 27, 2022 at 8:37pm UTC

View All Data Go

Software

nginx 1.9.15

Details

https://31.31.196.28:9443

Request

GET /

Protocol

HTTP/1.1

Status Code

302

Status Reason

Moved Temporarily

Body Hash

sha1:b0d0bea9bca4195a1324bfab7c9054768fa7648f

HTML Title

302 Found

Response Body

# 302 Found

* * *

nginx/1.9.15

TLS

JARM: 05d10d20d21d20d05c05d10d05d20d74fcf6501ae7a92319e575bfafd2a827
JA3S: ccc514751b175866924439bdbb5bba34
Version Selected: TLSv1_2
Cipher Selected: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256

Geographic Location

Country: Russia (RU)
Coordinates: 55.7386, 37.6068
Timezone: Europe/Moscow

31.31.196.28

Basic Information

21/FTP TCP Observed Nov 28, 2022 at 12:02pm UTC

Software

linux

Details

TLS

Fingerprint

Handshake

Leaf Certificate

22/SSH TCP Observed Nov 28, 2022 at 5:22pm UTC

Software

linux

Dropbear SSH Project Dropbear SSH 2022.82

Details

Host Key

Negotiated

25/SMTP TCP Observed Nov 27, 2022 at 2:55pm UTC

Software

linux

exim 4.96

Details

TLS

Fingerprint

Handshake

Leaf Certificate

Issuer Chain

53/DNS UDP Observed Nov 28, 2022 at 12:32pm UTC

Details

80/HTTP TCP Observed Nov 26, 2022 at 10:18pm UTC

Software

nginx

Details

http://31.31.196.28

110/POP3 TCP Observed Nov 28, 2022 at 6:40pm UTC

Software

linux

Dovecot

Details

TLS

Fingerprint

Handshake

Leaf Certificate

Issuer Chain

111/PORTMAP UDP Observed Nov 27, 2022 at 8:37pm UTC

Details

Banner (Hex)

143/IMAP TCP Observed Nov 28, 2022 at 6:20am UTC

Details

TLS

Fingerprint

Handshake

Leaf Certificate

Issuer Chain

443/HTTP TCP Observed Nov 27, 2022 at 8:37pm UTC

Software

nginx

Details

https://31.31.196.28

TLS

Fingerprint

Handshake

Leaf Certificate

Issuer Chain

465/SMTP TCP Observed Nov 28, 2022 at 3:06pm UTC

Software

exim 4.96

Details

TLS

Fingerprint

Handshake

Leaf Certificate

Issuer Chain

587/SMTP TCP Observed Nov 27, 2022 at 7:26pm UTC

Software

linux

exim 4.96

Details

TLS

Fingerprint

21/FTP TCP
Observed Nov 28, 2022 at 12:02pm UTC

22/SSH TCP
Observed Nov 28, 2022 at 5:22pm UTC

25/SMTP TCP
Observed Nov 27, 2022 at 2:55pm UTC

53/DNS UDP
Observed Nov 28, 2022 at 12:32pm UTC

80/HTTP TCP
Observed Nov 26, 2022 at 10:18pm UTC

110/POP3 TCP
Observed Nov 28, 2022 at 6:40pm UTC

111/PORTMAP UDP
Observed Nov 27, 2022 at 8:37pm UTC

143/IMAP TCP
Observed Nov 28, 2022 at 6:20am UTC

443/HTTP TCP
Observed Nov 27, 2022 at 8:37pm UTC

465/SMTP TCP
Observed Nov 28, 2022 at 3:06pm UTC

587/SMTP TCP
Observed Nov 27, 2022 at 7:26pm UTC

993/IMAP TCP
Observed Nov 27, 2022 at 7:58pm UTC

995/POP3 TCP
Observed Nov 26, 2022 at 10:02pm UTC

1500/HTTP TCP
Observed Nov 27, 2022 at 8:37pm UTC

3306/MYSQL TCP
Observed Nov 27, 2022 at 7:13pm UTC

9443/HTTP TCP
Observed Nov 27, 2022 at 8:37pm UTC