31.31.198.216

As of: Feb 06, 2023 12:49am UTC | Latest

Basic Information

Reverse DNS
spl96.hosting.reg.ru
OS
linux
Network
AS-REG (RU)
Routing
31.31.198.0/24  via  AS197695
Protocols
21/FTP , 22/SSH , 25/SMTP , 53/DNS , 80/HTTP , 110/POP3 , 111/PORTMAP , 143/IMAP , 443/HTTP , 465/SMTP , 587/SMTP , 993/IMAP , 995/POP3 , 3306/MYSQL , 4190/PIGEONHOLE , 8443/HTTP , 8880/HTTP

21/FTP TCP
Observed Feb 05, 2023 at 1:56am UTC


View All Data

Software

ProFTPD Project ProFTPD

Details

Banner
220 ProFTPD Server (ProFTPD) [31.31.198.216]
Auth TLS Response
234 AUTH TLS successful
Status Code
220
Status Meaning
Service ready for new user.

TLS

Fingerprint
JA3S
303951d4c50efb2e991652225a6f02b1
Handshake
Version Selected
TLSv1_2
Cipher Selected
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
Leaf Certificate
9693742aab10afb226c0ef0ee86a13fbbd4256bf3ba659a0c0bf5cc38803d672
CN=*.hosting.reg.ru
C=BE, O=GlobalSign nv-sa, CN=AlphaSSL CA - SHA256 - G4
Issuer Chain

22/SSH TCP
Observed Feb 05, 2023 at 4:05am UTC


View All Data

Software

linux
Dropbear SSH Project Dropbear SSH 2022.82

Details

Host Key
Algorithm
ecdsa-sha2-nistp256
Fingerprint
9b8b116109a495b2c75ee345ccc10daa50a81722aaf3cdce6ecd8a6eb41b653b
Negotiated
Key Exchange
[email protected]
Symmetric Cipher
aes128-ctr [] aes128-ctr []
MAC
hmac-sha2-256 [] hmac-sha2-256 []

25/SMTP TCP
Observed Feb 04, 2023 at 3:34pm UTC


View All Data

Software

Postfix

Details

Banner
220 spl96.hosting.reg.ru ESMTP Postfix
EHLO
250-spl96.hosting.reg.ru
250-PIPELINING
250-SIZE 52428800
250-ETRN
250-STARTTLS
250-AUTH CRAM-MD5 PLAIN LOGIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250-DSN
250 CHUNKING
Start TLS
220 2.0.0 Ready to start TLS

TLS

Fingerprint
JA3S
303951d4c50efb2e991652225a6f02b1
Handshake
Version Selected
TLSv1_2
Cipher Selected
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
Leaf Certificate
9693742aab10afb226c0ef0ee86a13fbbd4256bf3ba659a0c0bf5cc38803d672
CN=*.hosting.reg.ru
C=BE, O=GlobalSign nv-sa, CN=AlphaSSL CA - SHA256 - G4
Issuer Chain

53/DNS UDP
Observed Feb 05, 2023 at 5:00pm UTC


View All Data

Details

Server Type
AUTHORITATIVE
R Code
REFUSED

80/HTTP TCP
Observed Feb 05, 2023 at 5:00pm UTC


View All Data Go

Software

PleskLin
nginx

Details

http://31.31.198.216
Request
GET /
Protocol
HTTP/1.1
Status Code
200
Status Reason
OK
Body Hash
sha1:cf1c4b1e5f18d99aaf0cb9d4960dae1ea75e8f78
HTML Title
Домен не добавлен в панели
Response Body

110/POP3 TCP
Observed Feb 04, 2023 at 2:02pm UTC


View All Data

Software

Dovecot

Details

Banner
+OK Dovecot ready. <[email protected]>
Start TLS
+OK Begin TLS negotiation now.

TLS

Fingerprint
JA3S
303951d4c50efb2e991652225a6f02b1
Handshake
Version Selected
TLSv1_2
Cipher Selected
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
Leaf Certificate
9693742aab10afb226c0ef0ee86a13fbbd4256bf3ba659a0c0bf5cc38803d672
CN=*.hosting.reg.ru
C=BE, O=GlobalSign nv-sa, CN=AlphaSSL CA - SHA256 - G4
Issuer Chain

111/PORTMAP UDP
Observed Feb 05, 2023 at 5:00pm UTC


View All Data

Details

Banner (Hex)
  
00000000
00000010
00000020
00000030
00000040
00000050
00000060
00000070
00000080
00000090
1a a9 ff e1 00 00 00 01 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 01 00 01 86 a0
00 00 00 04 00 00 00 06 00 00 00 6f 00 00 00 01
00 01 86 a0 00 00 00 03 00 00 00 06 00 00 00 6f
00 00 00 01 00 01 86 a0 00 00 00 02 00 00 00 06
00 00 00 6f 00 00 00 01 00 01 86 a0 00 00 00 04
00 00 00 11 00 00 00 6f 00 00 00 01 00 01 86 a0
00 00 00 03 00 00 00 11 00 00 00 6f 00 00 00 01
00 01 86 a0 00 00 00 02 00 00 00 11 00 00 00 6f
00 00 00 00
................
................
...........o....
...............o
................
...o............
.......o........
...........o....
...............o
....

143/IMAP TCP
Observed Feb 05, 2023 at 4:41am UTC


View All Data

Details

Banner
* OK [CAPABILITY IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE LITERAL+ STARTTLS AUTH=PLAIN AUTH=LOGIN AUTH=DIGEST-MD5 AUTH=CRAM-MD5] Dovecot ready.
Start TLS
a001 OK Begin TLS negotiation now.

TLS

Fingerprint
JA3S
303951d4c50efb2e991652225a6f02b1
Handshake
Version Selected
TLSv1_2
Cipher Selected
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
Leaf Certificate
9693742aab10afb226c0ef0ee86a13fbbd4256bf3ba659a0c0bf5cc38803d672
CN=*.hosting.reg.ru
C=BE, O=GlobalSign nv-sa, CN=AlphaSSL CA - SHA256 - G4
Issuer Chain

443/HTTP TCP
Observed Feb 04, 2023 at 1:51pm UTC


View All Data Go

Software

linux
PleskLin
nginx

Details

https://31.31.198.216
Request
GET /
Protocol
HTTP/1.1
Status Code
200
Status Reason
OK
Body Hash
sha1:cf1c4b1e5f18d99aaf0cb9d4960dae1ea75e8f78
HTML Title
Домен не&nbsp;добавлен в&nbsp;панели
Response Body

TLS

Fingerprint
JARM
29d29d00029d29d00042d42d0000005d86ccb1a0567e012264097a0315d7a7
JA3S
15af977ce25de452b96affa2addb1036
Handshake
Version Selected
TLSv1_3
Cipher Selected
TLS_AES_256_GCM_SHA384
Leaf Certificate
9693742aab10afb226c0ef0ee86a13fbbd4256bf3ba659a0c0bf5cc38803d672
CN=*.hosting.reg.ru
C=BE, O=GlobalSign nv-sa, CN=AlphaSSL CA - SHA256 - G4
Issuer Chain

465/SMTP TCP
Observed Feb 05, 2023 at 11:20pm UTC


View All Data

Software

linux
Postfix

Details

Banner
220 spl96.hosting.reg.ru ESMTP Postfix
EHLO
250-spl96.hosting.reg.ru
250-PIPELINING
250-SIZE 52428800
250-ETRN
250-AUTH CRAM-MD5 PLAIN LOGIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250-DSN
250 CHUNKING

TLS

Fingerprint
JA3S
303951d4c50efb2e991652225a6f02b1
Handshake
Version Selected
TLSv1_2
Cipher Selected
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
Leaf Certificate
9693742aab10afb226c0ef0ee86a13fbbd4256bf3ba659a0c0bf5cc38803d672
CN=*.hosting.reg.ru
C=BE, O=GlobalSign nv-sa, CN=AlphaSSL CA - SHA256 - G4
Issuer Chain

587/SMTP TCP
Observed Feb 04, 2023 at 9:16pm UTC


View All Data

Software

Postfix

Details

Banner
220 spl96.hosting.reg.ru ESMTP Postfix
EHLO
250-spl96.hosting.reg.ru
250-PIPELINING
250-SIZE 52428800
250-ETRN
250-STARTTLS
250-ENHANCEDSTATUSCODES
250-8BITMIME
250-DSN
250 CHUNKING
Start TLS
220 2.0.0 Ready to start TLS

TLS

Fingerprint
JA3S
303951d4c50efb2e991652225a6f02b1
Handshake
Version Selected
TLSv1_2
Cipher Selected
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
Leaf Certificate
9693742aab10afb226c0ef0ee86a13fbbd4256bf3ba659a0c0bf5cc38803d672
CN=*.hosting.reg.ru
C=BE, O=GlobalSign nv-sa, CN=AlphaSSL CA - SHA256 - G4
Issuer Chain

993/IMAP TCP
Observed Feb 05, 2023 at 5:03am UTC


View All Data

Details

Banner
* OK [CAPABILITY IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE LITERAL+ AUTH=PLAIN AUTH=LOGIN AUTH=DIGEST-MD5 AUTH=CRAM-MD5] Dovecot ready.

TLS

Fingerprint
JARM
29d29d15d29d29d21c29d29d29d29d579b2ec9bfaf00aff9d6fe780b7932ae
JA3S
303951d4c50efb2e991652225a6f02b1
Handshake
Version Selected
TLSv1_2
Cipher Selected
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
Leaf Certificate
9693742aab10afb226c0ef0ee86a13fbbd4256bf3ba659a0c0bf5cc38803d672
CN=*.hosting.reg.ru
C=BE, O=GlobalSign nv-sa, CN=AlphaSSL CA - SHA256 - G4
Issuer Chain

995/POP3 TCP
Observed Feb 05, 2023 at 2:01pm UTC


View All Data

Software

linux
Dovecot

Details

Banner
+OK Dovecot ready. <5b05.6df7.63dfb69c./[email protected]>

TLS

Fingerprint
JA3S
303951d4c50efb2e991652225a6f02b1
Handshake
Version Selected
TLSv1_2
Cipher Selected
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
Leaf Certificate
9693742aab10afb226c0ef0ee86a13fbbd4256bf3ba659a0c0bf5cc38803d672
CN=*.hosting.reg.ru
C=BE, O=GlobalSign nv-sa, CN=AlphaSSL CA - SHA256 - G4
Issuer Chain

3306/MYSQL TCP
Observed Feb 05, 2023 at 9:17pm UTC


View All Data

Software

Oracle MySQL 5.7.27-30

Details

Protocol Version
10
Character Set
8

TLS

Fingerprint
JA3S
303951d4c50efb2e991652225a6f02b1
Handshake
Version Selected
TLSv1_2
Cipher Selected
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
Leaf Certificate
19fbca3bc708ed6ef90526470fd56a391c35888d4a7115c5efbbf1d7f18754ad
CN=MySQL_Server_5.7.27-30_Auto_Generated_Server_Certificate
CN=MySQL_Server_5.7.27-30_Auto_Generated_CA_Certificate
Issuer Chain

4190/PIGEONHOLE TCP
Observed Feb 04, 2023 at 1:51pm UTC


View All Data

Details

Banner
"IMPLEMENTATION" "Dovecot Pigeonhole"
"SIEVE" "fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4

8443/HTTP TCP
Observed Feb 05, 2023 at 5:35am UTC


View All Data Go

Software

Parallels Plesk Panel
Parallels Plesk

Details

https://31.31.198.216:8443
Request
GET /login_up.php
Protocol
HTTP/1.1
Status Code
200
Status Reason
OK
Body Hash
sha1:9fc84a3126bdb024fb8a8166f46e726c848d9107
HTML Title
Reg.ru Plesk Panel
Response Body

TLS

Fingerprint
JARM
29d29d00029d29d21c29d29d29d29d6a7bd8f51d54bfc07e1cd34e5ca50bb3
JA3S
ccc514751b175866924439bdbb5bba34
Handshake
Version Selected
TLSv1_2
Cipher Selected
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
Leaf Certificate
9693742aab10afb226c0ef0ee86a13fbbd4256bf3ba659a0c0bf5cc38803d672
CN=*.hosting.reg.ru
C=BE, O=GlobalSign nv-sa, CN=AlphaSSL CA - SHA256 - G4
Issuer Chain

8880/HTTP TCP
Observed Feb 05, 2023 at 8:35pm UTC


View All Data Go

Software

Parallels Plesk Panel
Parallels Plesk

Details

http://31.31.198.216:8880
Request
GET /login_up.php
Protocol
HTTP/1.1
Status Code
200
Status Reason
OK
Body Hash
sha1:5eed201da53494808dc2be35dec67b8551955325
HTML Title
Reg.ru Plesk Panel
Response Body

Geographic Location

Country
Russia (RU)
Coordinates
55.7386, 37.6068
Timezone
Europe/Moscow