31.31.196.92

As of: Jun 21, 2024 10:50pm UTC | Latest

Basic Information

Reverse DNS
vip37.hosting.reg.ru
Forward DNS
oksay.ru, www.met-inv.com, www.ruanswers.ru, bethemom.ru, www.urist-33.ru, ...
Routing
31.31.196.0/24  via AS-REG, RU (AS197695)
OS
linux
Services (15)
21/FTP, 22/SSH, 25/SMTP, 53/DNS, 80/HTTP, 110/POP3, 111/PORTMAP, 143/IMAP, 443/HTTP, 465/SMTP, 587/SMTP, 993/IMAP, 995/POP3, 1500/HTTP, 3306/MYSQL
Labels
Database Email File Sharing Remote Access

FTP 21/TCP
06/21/2024 15:06 UTC

File Sharing

Details

Banner
220 FTP Server ready.
Auth TLS Response
234 AUTH TLS successful
Status Code
220
Status Meaning
Service ready for new user.

TLS

Handshake
Version Selected
TLSv1_2
Cipher Selected
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
Certificate
Fingerprint
d2044f5cb91ac0c8e7d33164df52f0ed15ef35597d7d14b9752aaa8c35896cdc
Subject
CN=*.hosting.reg.ru
Issuer
C=BE, O=GlobalSign nv-sa, CN=AlphaSSL CA - SHA256 - G4
Names
*.hosting.reg.ru, hosting.reg.ru
Fingerprint
JA3S
303951d4c50efb2e991652225a6f02b1
JA4S
t120200_c02f_344b4dce5a52

SSH 22/TCP
06/21/2024 15:54 UTC

Remote Access

Software

linux
Dropbear SSH Project Dropbear SSH 2022.82

Details

Host Key
Algorithm
ecdsa-sha2-nistp256
Fingerprint
e52702aad3c4363b464c7a64cd8dbc45c9d1bd027c318575c74abc546b4f7de0
Negotiated
Key Exchange
[email protected]
Symmetric Cipher
aes128-ctr [] aes128-ctr []
MAC
hmac-sha2-256 [] hmac-sha2-256 []

SMTP 25/TCP
06/21/2024 21:40 UTC

Email

Software

linux
exim 4.97.1

Details

Banner
220 vip37.hosting.reg.ru ESMTP Exim 4.97.1 Sat, 22 Jun 2024 00:40:22 +0300
EHLO
250-vip37.hosting.reg.ru Hello www.censys.io [206.168.32.110]
250-SIZE 52428800
250-8BITMIME
250-PIPELINING
250-PIPECONNECT
250-AUTH LOGIN PLAIN
250-STARTTLS
250 HELP
Start TLS
220 TLS go ahead

TLS

Handshake
Version Selected
TLSv1_2
Cipher Selected
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
Certificate
Fingerprint
d2044f5cb91ac0c8e7d33164df52f0ed15ef35597d7d14b9752aaa8c35896cdc
Subject
CN=*.hosting.reg.ru
Issuer
C=BE, O=GlobalSign nv-sa, CN=AlphaSSL CA - SHA256 - G4
Names
*.hosting.reg.ru, hosting.reg.ru
Fingerprint
JA3S
303951d4c50efb2e991652225a6f02b1
JA4S
t120200_c02f_344b4dce5a52

DNS 53/UDP
06/20/2024 19:26 UTC


Details

Server Type
AUTHORITATIVE
R Code
REFUSED

HTTP 80/TCP
06/21/2024 11:52 UTC


Software

nginx

Details

http://31.31.196.92/
Status
200  OK
Body Hash
sha1:9af051ee66e04dfd7485e1c8c81bb8d175c997ba
HTML Title
Домен не добавлен в панели
Response Body
      
    

POP3 110/TCP
06/21/2024 16:51 UTC

Email

Software

Dovecot

Details

Banner
+OK Dovecot ready.
Start TLS
+OK Begin TLS negotiation now.

TLS

Handshake
Version Selected
TLSv1_2
Cipher Selected
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
Certificate
Fingerprint
d2044f5cb91ac0c8e7d33164df52f0ed15ef35597d7d14b9752aaa8c35896cdc
Subject
CN=*.hosting.reg.ru
Issuer
C=BE, O=GlobalSign nv-sa, CN=AlphaSSL CA - SHA256 - G4
Names
*.hosting.reg.ru, hosting.reg.ru
Fingerprint
JA3S
303951d4c50efb2e991652225a6f02b1
JA4S
t120200_c02f_344b4dce5a52

PORTMAP 111/UDP
06/21/2024 15:18 UTC


Details

Banner (Hex)
  
00000000
00000010
00000020
00000030
00000040
00000050
00000060
00000070
00000080
00000090
1a a9 ff e1 00 00 00 01 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 01 00 01 86 a0
00 00 00 04 00 00 00 06 00 00 00 6f 00 00 00 01
00 01 86 a0 00 00 00 03 00 00 00 06 00 00 00 6f
00 00 00 01 00 01 86 a0 00 00 00 02 00 00 00 06
00 00 00 6f 00 00 00 01 00 01 86 a0 00 00 00 04
00 00 00 11 00 00 00 6f 00 00 00 01 00 01 86 a0
00 00 00 03 00 00 00 11 00 00 00 6f 00 00 00 01
00 01 86 a0 00 00 00 02 00 00 00 11 00 00 00 6f
00 00 00 00
................
................
...........o....
...............o
................
...o............
.......o........
...........o....
...............o
....

IMAP 143/TCP
06/21/2024 17:52 UTC

Email

Software

linux
Dovecot

Details

Banner
* OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE STARTTLS AUTH=PLAIN AUTH=LOGIN] Dovecot ready.
Start TLS
a001 OK Begin TLS negotiation now.

TLS

Handshake
Version Selected
TLSv1_2
Cipher Selected
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
Certificate
Fingerprint
d2044f5cb91ac0c8e7d33164df52f0ed15ef35597d7d14b9752aaa8c35896cdc
Subject
CN=*.hosting.reg.ru
Issuer
C=BE, O=GlobalSign nv-sa, CN=AlphaSSL CA - SHA256 - G4
Names
*.hosting.reg.ru, hosting.reg.ru
Fingerprint
JA3S
303951d4c50efb2e991652225a6f02b1
JA4S
t120200_c02f_344b4dce5a52

HTTP 443/TCP
06/21/2024 22:30 UTC


Software

nginx

Details

https://31.31.196.92/
Status
200  OK
Body Hash
sha1:9af051ee66e04dfd7485e1c8c81bb8d175c997ba
HTML Title
Домен не добавлен в панели
Response Body
      
    

TLS

Handshake
Version Selected
TLSv1_3
Cipher Selected
TLS_AES_256_GCM_SHA384
Certificate
Fingerprint
d2044f5cb91ac0c8e7d33164df52f0ed15ef35597d7d14b9752aaa8c35896cdc
Subject
CN=*.hosting.reg.ru
Issuer
C=BE, O=GlobalSign nv-sa, CN=AlphaSSL CA - SHA256 - G4
Names
*.hosting.reg.ru, hosting.reg.ru
Fingerprint
JARM
29d29d00029d29d00042d42d0000005d86ccb1a0567e012264097a0315d7a7
JA3S
15af977ce25de452b96affa2addb1036
JA4S
t130200_1302_a56c5b993250

SMTP 465/TCP
06/21/2024 21:31 UTC

Email

Software

linux
exim 4.97.1

Details

Banner
220 vip37.hosting.reg.ru ESMTP Exim 4.97.1 Sat, 22 Jun 2024 00:31:49 +0300
EHLO
250-vip37.hosting.reg.ru Hello www.censys.io [167.94.138.49]
250-SIZE 52428800
250-8BITMIME
250-PIPELINING
250-PIPECONNECT
250-AUTH LOGIN PLAIN
250 HELP

TLS

Handshake
Version Selected
TLSv1_2
Cipher Selected
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
Certificate
Fingerprint
d2044f5cb91ac0c8e7d33164df52f0ed15ef35597d7d14b9752aaa8c35896cdc
Subject
CN=*.hosting.reg.ru
Issuer
C=BE, O=GlobalSign nv-sa, CN=AlphaSSL CA - SHA256 - G4
Names
*.hosting.reg.ru, hosting.reg.ru
Fingerprint
JARM
05d02d20d21d20d05c05d02d05d20da01e52cd5e3f9306da4ac348a0fe7af8
JA3S
303951d4c50efb2e991652225a6f02b1
JA4S
t120200_c02f_344b4dce5a52

SMTP 587/TCP
06/21/2024 18:36 UTC

Email

Software

exim 4.97.1

Details

Banner
220 vip37.hosting.reg.ru ESMTP Exim 4.97.1 Fri, 21 Jun 2024 21:36:24 +0300
EHLO
250-vip37.hosting.reg.ru Hello www.censys.io [206.168.32.106]
250-SIZE 52428800
250-8BITMIME
250-PIPELINING
250-PIPECONNECT
250-AUTH LOGIN PLAIN
250-STARTTLS
250 HELP
Start TLS
220 TLS go ahead

TLS

Handshake
Version Selected
TLSv1_2
Cipher Selected
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
Certificate
Fingerprint
d2044f5cb91ac0c8e7d33164df52f0ed15ef35597d7d14b9752aaa8c35896cdc
Subject
CN=*.hosting.reg.ru
Issuer
C=BE, O=GlobalSign nv-sa, CN=AlphaSSL CA - SHA256 - G4
Names
*.hosting.reg.ru, hosting.reg.ru
Fingerprint
JA3S
303951d4c50efb2e991652225a6f02b1
JA4S
t120200_c02f_344b4dce5a52

IMAP 993/TCP
06/21/2024 05:04 UTC

Email

Software

linux
Dovecot

Details

Banner
* OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE AUTH=PLAIN AUTH=LOGIN] Dovecot ready.

TLS

Handshake
Version Selected
TLSv1_2
Cipher Selected
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
Certificate
Fingerprint
d2044f5cb91ac0c8e7d33164df52f0ed15ef35597d7d14b9752aaa8c35896cdc
Subject
CN=*.hosting.reg.ru
Issuer
C=BE, O=GlobalSign nv-sa, CN=AlphaSSL CA - SHA256 - G4
Names
*.hosting.reg.ru, hosting.reg.ru
Fingerprint
JARM
05d02d20d21d20d05c05d02d05d20da23a7a927f270a23608b3c7a72999cab
JA3S
303951d4c50efb2e991652225a6f02b1
JA4S
t120200_c02f_344b4dce5a52

POP3 995/TCP
06/21/2024 15:01 UTC

Email

Software

linux
Dovecot

Details

Banner
+OK Dovecot ready.

TLS

Handshake
Version Selected
TLSv1_2
Cipher Selected
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
Certificate
Fingerprint
d2044f5cb91ac0c8e7d33164df52f0ed15ef35597d7d14b9752aaa8c35896cdc
Subject
CN=*.hosting.reg.ru
Issuer
C=BE, O=GlobalSign nv-sa, CN=AlphaSSL CA - SHA256 - G4
Names
*.hosting.reg.ru, hosting.reg.ru
Fingerprint
JARM
05d02d20d21d20d05c05d02d05d20da23a7a927f270a23608b3c7a72999cab
JA3S
303951d4c50efb2e991652225a6f02b1
JA4S
t120200_c02f_344b4dce5a52

HTTP 1500/TCP
06/20/2024 19:29 UTC


Software

linux

Details

https://31.31.196.92:1500/
Status
200  OK
Body Hash
sha1:208355bf1317a8129bf0667b50fd2f06b780f198
HTML Title
Authorization
Response Body
      Javascript required for login

Your browser is out of date, so the interface may work incorrectly. Please
update or change the browser
    

TLS

Handshake
Version Selected
TLSv1_2
Cipher Selected
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
Certificate
Fingerprint
d2044f5cb91ac0c8e7d33164df52f0ed15ef35597d7d14b9752aaa8c35896cdc
Subject
CN=*.hosting.reg.ru
Issuer
C=BE, O=GlobalSign nv-sa, CN=AlphaSSL CA - SHA256 - G4
Names
*.hosting.reg.ru, hosting.reg.ru
Fingerprint
JARM
29d02d00029d29d22c29d02d29d29ddec047dae5c8df4f14546ec68b9cee76
JA3S
303951d4c50efb2e991652225a6f02b1
JA4S
t120200_c02f_344b4dce5a52

MYSQL 3306/TCP
06/21/2024 19:30 UTC

Database

Software

Oracle MySQL 5.7.27-30

Details

Protocol Version
10
Character Set
8

TLS

Handshake
Version Selected
TLSv1_2
Cipher Selected
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
Certificate
Fingerprint
719c093d7a1ff4527e2d8ba12c9c621af6186acad8711b1e51504a45af85c87e
Subject
CN=MySQL_Server_5.7.23-24_Auto_Generated_Server_Certificate
Issuer
CN=MySQL_Server_5.7.23-24_Auto_Generated_CA_Certificate
Fingerprint
JA3S
303951d4c50efb2e991652225a6f02b1
JA4S
t120200_c02f_344b4dce5a52

Geographic Location

City
Moscow
Province
Moscow
Country
Russia (RU)
Coordinates
55.75222, 37.61556
Timezone
Europe/Moscow