Hostnames |
147.0.180.107.host.secureserver.net shr.prod.iad2.secureserver.net |
Domains | secureserver.net |
Country | United States |
City | Ashburn |
Organization | GoDaddy.com, LLC |
ISP | GoDaddy.com, LLC |
ASN | AS400754 |
Operating System | Windows |
-370734890 | 2024-04-21T01:18:17.58068821 / tcp
220 Microsoft FTP Service 530 User cannot log in. 214-The following commands are recognized (* ==>'s unimplemented). ABOR ACCT ADAT * ALLO APPE AUTH CCC CDUP CWD DELE ENC * EPRT EPSV FEAT HELP HOST LANG LIST MDTM MIC * MKD MODE NLST NOOP OPTS PASS PASV PBSZ PORT PROT PWD QUIT REIN REST RETR RMD RNFR RNTO SITE SIZE SMNT STAT STOR STOU STRU SYST TYPE USER XCUP XCWD XMKD XPWD XRMD 214 HELP command successful. 211-Extended features supported: LANG EN* UTF8 AUTH TLS;TLS-C;SSL;TLS-P; PBSZ PROT C;P; CCC HOST SIZE MDTM REST STREAM 211 END
Certificate: Data: Version: 3 (0x2) Serial Number: 623566826923873420 (0x8a75ab9ac83d48c) Signature Algorithm: sha256WithRSAEncryption Issuer: C=US, ST=Arizona, L=Scottsdale, O=Starfield Technologies, Inc., OU=http:\/\/certs.starfieldtech.com\/repository\/, CN=Starfield Secure Certificate Authority - G2 Validity Not Before: Feb 9 20:37:03 2024 GMT Not After : Mar 12 20:37:03 2025 GMT Subject: CN=*.shr.prod.iad2.secureserver.net Subject Public Key Info: Public Key Algorithm: rsaEncryption Public-Key: (2048 bit) Modulus: 00:d1:43:7a:0a:d9:8f:0e:06:91:b9:1d:5b:9a:c9: 7f:07:d1:b3:e9:49:05:16:be:9f:a0:a6:e2:35:88: 79:fc:bf:99:43:88:5d:94:a1:1d:f1:1b:85:02:9d: 44:b4:72:dd:b8:35:cb:ce:4a:29:6d:17:92:aa:60: 94:3c:48:a9:02:6a:3b:80:9a:82:76:26:e9:f5:4b: 0e:26:13:13:29:00:13:c7:75:7e:e1:de:97:7f:12: 0e:9d:34:b5:ec:0a:a4:20:45:dd:c3:d2:3f:bb:27: 8d:7c:78:e0:4c:37:23:62:b8:28:0b:f5:96:91:23: cc:fa:bb:7e:3a:01:16:0d:25:4a:fa:16:e7:f6:a0: 34:0b:a5:28:a3:16:7a:9b:4f:cf:62:a6:82:8c:2b: aa:20:55:74:5a:34:1a:13:5b:a8:81:d6:f7:73:b7: 5a:c0:c6:43:e8:a3:16:f4:b8:8a:0c:b7:d2:92:43: b0:14:95:e6:e0:3d:91:df:fd:00:86:7a:4d:7d:52: dd:a2:ab:12:4f:04:d9:b5:d4:8b:3d:6b:ce:a0:b4: de:97:c1:58:0b:88:da:6f:6e:ce:fb:12:22:1c:a3: 18:0f:77:93:d8:e7:b4:0c:b1:da:17:57:59:56:f1: 0e:0d:83:3c:fc:1e:97:60:ab:96:26:5f:fc:b0:51: be:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:FALSE X509v3 Extended Key Usage: TLS Web Server Authentication, TLS Web Client Authentication X509v3 Key Usage: critical Digital Signature, Key Encipherment X509v3 CRL Distribution Points: Full Name: URI:http://crl.starfieldtech.com/sfig2s1-674.crl X509v3 Certificate Policies: Policy: 2.16.840.1.114414.1.7.23.1 CPS: http://certificates.starfieldtech.com/repository/ Policy: 2.23.140.1.2.1 Authority Information Access: OCSP - URI:http://ocsp.starfieldtech.com/ CA Issuers - URI:http://certificates.starfieldtech.com/repository/sfig2.crt X509v3 Authority Key Identifier: 25:45:81:68:50:26:38:3D:3B:2D:2C:BE:CD:6A:D9:B6:3D:B3:66:63 X509v3 Subject Alternative Name: DNS:*.shr.prod.iad2.secureserver.net, DNS:shr.prod.iad2.secureserver.net X509v3 Subject Key Identifier: C1:05:5B:E5:2E:74:0B:62:D8:04:9E:68:36:CB:1D:B0:1B:03:9B:95 CT Precertificate SCTs: Signed Certificate Timestamp: Version : v1 (0x0) Log ID : 4E:75:A3:27:5C:9A:10:C3:38:5B:6C:D4:DF:3F:52:EB: 1D:F0:E0:8E:1B:8D:69:C0:B1:FA:64:B1:62:9A:39:DF Timestamp : Feb 9 20:37:03.538 2024 GMT Extensions: none Signature : ecdsa-with-SHA256 30:45:02:20:65:19:F2:DC:DB:B6:EA:B0:58:B4:ED:85: 2A:54:18:82:FB:0E:9D:CC:5D:A3:1F:46:C7:EE:D0:92: A6:08:9F:0B:02:21:00:82:BE:35:E4:E9:71:FE:5A:CD: 21:ED:DC:DF:07:45:66:CE:AB:80:8A:F0:B1:7E:99:DF: D6:6E:62:4F:62:FB:57 Signed Certificate Timestamp: Version : v1 (0x0) Log ID : 7D:59:1E:12:E1:78:2A:7B:1C:61:67:7C:5E:FD:F8:D0: 87:5C:14:A0:4E:95:9E:B9:03:2F:D9:0E:8C:2E:79:B8 Timestamp : Feb 9 20:37:03.785 2024 GMT Extensions: none Signature : ecdsa-with-SHA256 30:44:02:20:2C:C9:3A:CE:38:28:48:E1:9B:FD:B7:A4: D0:11:23:F1:9C:AB:B5:D9:73:47:E6:7A:9C:73:97:89: C0:2F:13:AF:02:20:6A:D2:BB:21:26:AC:B1:AD:FD:C2: 22:8B:B5:16:44:3D:D2:86:F0:D2:8A:EE:34:8F:A8:47: 31:49:31:05:12:38 Signed Certificate Timestamp: Version : v1 (0x0) Log ID : CC:FB:0F:6A:85:71:09:65:FE:95:9B:53:CE:E9:B2:7C: 22:E9:85:5C:0D:97:8D:B6:A9:7E:54:C0:FE:4C:0D:B0 Timestamp : Feb 9 20:37:03.888 2024 GMT Extensions: none Signature : ecdsa-with-SHA256 30:44:02:20:0B:A1:D4:A9:65:DE:3E:D0:B1:34:49:0F: 88:F0:77:6B:49:AA:B3:1D:AB:FD:FF:84:05:9B:9D:67: 2A:9E:24:BD:02:20:74:F2:F1:D9:E5:EB:37:EB:5E:02: 61:8D:6C:55:FC:EE:6A:78:06:AE:E9:6D:3E:F2:F5:8A: 63:38:96:50:7D:AA Signature Algorithm: sha256WithRSAEncryption Signature Value: 71:49:bd:cd:ae:6b:a7:1b:8b:d7:30:e3:f1:b0:aa:6a:cc:25: d2:d8:cf:a3:59:80:ad:4d:f4:2f:2b:5f:6b:dd:f5:5c:8e:b9: 8c:fe:3e:34:00:0b:79:04:74:5a:14:9a:13:77:dc:4b:c2:8c: 14:3b:f5:05:9b:2a:64:4d:18:5b:59:33:df:5e:57:ae:6a:4e: c2:f6:d8:0d:9e:f6:b6:70:ca:2c:5c:84:c6:a6:ad:63:df:6a: ca:63:53:f0:0c:76:d7:8a:be:6a:29:f4:41:13:b0:93:61:34: e3:de:ff:ec:7b:ba:46:78:56:6d:2f:cf:66:e7:53:5d:6c:ae: 09:38:a5:54:02:c0:97:77:2d:61:4d:86:5e:74:9d:ea:90:18: 37:7c:b8:85:48:87:4b:3b:0c:dd:a0:fd:b2:88:88:47:51:e1: ea:8a:39:a2:c8:f3:d8:7f:00:11:13:4b:1f:1b:8d:24:a7:bb: 0b:a8:2f:29:2a:81:d4:c3:38:a4:c9:62:c0:6e:20:ed:54:42: da:1e:74:4a:47:9d:0f:d9:86:a2:e5:5d:1c:69:9e:35:01:11: e6:5e:54:72:b0:46:8b:ea:5c:89:77:f0:b4:59:85:39:38:cc: 93:7b:d0:6e:75:3e:e6:3f:b2:de:a6:ee:15:3f:d2:26:04:6c: c9:cb:31:77
1086039113 | 2024-04-21T21:36:09.31553580 / tcp
HTTP/1.1 200 OK Content-Type: text/html Last-Modified: Tue, 15 Feb 2022 09:40:22 GMT Accept-Ranges: bytes ETag: "5b8c24d5022d81:0" Server: Microsoft-IIS/10.0 X-Powered-By: ASP.NET Date: Sun, 21 Apr 2024 21:36:09 GMT Content-Length: 10573
1209052466 | 2024-04-21T02:22:25.963816135 / tcp
Microsoft RPC Endpoint Mapper d95afe70-a6d5-4259-822e-2c84da1ddb0d version: v1.0 protocol: [MS-RSP]: Remote Shutdown Protocol provider: wininit.exe ncacn_ip_tcp: 107.180.0.147:49668 ncalrpc: WindowsShutdown ncacn_np: \\A2NWVPWEB056\PIPE\InitShutdown ncalrpc: WMsgKRpc07D7A0 76f226c3-ec14-4325-8a99-6a46348418af version: v1.0 provider: winlogon.exe ncalrpc: WindowsShutdown ncacn_np: \\A2NWVPWEB056\PIPE\InitShutdown ncalrpc: WMsgKRpc07D7A0 ncalrpc: WMsgKRpc098981 d09bdeb5-6171-4a34-bfe2-06fa82652568 version: v1.0 ncalrpc: csebpub ncalrpc: LRPC-2b0c4ab5148e2f3a3f ncalrpc: LRPC-c0ca17eb29576c28c0 ncalrpc: LRPC-79a64dd2a9726af7bc ncalrpc: LRPC-050e937acdc4212897 ncalrpc: LRPC-41b14d528e17d20a0a ncalrpc: OLE9DAE16BAF3C3F299AAB76B6B9941 ncalrpc: LRPC-c8a90e6451f32453b7 ncalrpc: actkernel ncalrpc: umpo ncalrpc: LRPC-c0ca17eb29576c28c0 ncalrpc: LRPC-79a64dd2a9726af7bc ncalrpc: LRPC-050e937acdc4212897 ncalrpc: LRPC-41b14d528e17d20a0a ncalrpc: OLE9DAE16BAF3C3F299AAB76B6B9941 ncalrpc: LRPC-c8a90e6451f32453b7 ncalrpc: actkernel ncalrpc: umpo ncalrpc: LRPC-79a64dd2a9726af7bc ncalrpc: LRPC-050e937acdc4212897 ncalrpc: LRPC-41b14d528e17d20a0a ncalrpc: OLE9DAE16BAF3C3F299AAB76B6B9941 ncalrpc: LRPC-c8a90e6451f32453b7 ncalrpc: actkernel ncalrpc: umpo ncalrpc: LRPC-d2d156f22b4efdf764 ncalrpc: LRPC-ed5e5fa4488d413952 697dcda9-3ba9-4eb2-9247-e11f1901b0d2 version: v1.0 ncalrpc: LRPC-2b0c4ab5148e2f3a3f ncalrpc: LRPC-c0ca17eb29576c28c0 ncalrpc: LRPC-79a64dd2a9726af7bc ncalrpc: LRPC-050e937acdc4212897 ncalrpc: LRPC-41b14d528e17d20a0a ncalrpc: OLE9DAE16BAF3C3F299AAB76B6B9941 ncalrpc: LRPC-c8a90e6451f32453b7 ncalrpc: actkernel ncalrpc: umpo 9b008953-f195-4bf9-bde0-4471971e58ed version: v1.0 ncalrpc: LRPC-c0ca17eb29576c28c0 ncalrpc: LRPC-79a64dd2a9726af7bc ncalrpc: LRPC-050e937acdc4212897 ncalrpc: LRPC-41b14d528e17d20a0a ncalrpc: OLE9DAE16BAF3C3F299AAB76B6B9941 ncalrpc: LRPC-c8a90e6451f32453b7 ncalrpc: actkernel ncalrpc: umpo dd59071b-3215-4c59-8481-972edadc0f6a version: v1.0 ncalrpc: umpo 0d47017b-b33b-46ad-9e18-fe96456c5078 version: v1.0 ncalrpc: umpo 95406f0b-b239-4318-91bb-cea3a46ff0dc version: v1.0 ncalrpc: umpo 4ed8abcc-f1e2-438b-981f-bb0e8abc010c version: v1.0 ncalrpc: umpo 0ff1f646-13bb-400a-ab50-9a78f2b7a85a version: v1.0 ncalrpc: umpo 6982a06e-5fe2-46b1-b39c-a2c545bfa069 version: v1.0 ncalrpc: umpo 082a3471-31b6-422a-b931-a54401960c62 version: v1.0 ncalrpc: umpo fae436b0-b864-4a87-9eda-298547cd82f2 version: v1.0 ncalrpc: umpo e53d94ca-7464-4839-b044-09a2fb8b3ae5 version: v1.0 ncalrpc: umpo 178d84be-9291-4994-82c6-3f909aca5a03 version: v1.0 ncalrpc: umpo 4dace966-a243-4450-ae3f-9b7bcb5315b8 version: v2.0 ncalrpc: umpo 1832bcf6-cab8-41d4-85d2-c9410764f75a version: v1.0 ncalrpc: umpo c521facf-09a9-42c5-b155-72388595cbf0 version: v0.0 ncalrpc: umpo 2c7fd9ce-e706-4b40-b412-953107ef9bb0 version: v0.0 ncalrpc: umpo 88abcbc3-34ea-76ae-8215-767520655a23 version: v0.0 ncalrpc: LRPC-050e937acdc4212897 ncalrpc: LRPC-41b14d528e17d20a0a ncalrpc: OLE9DAE16BAF3C3F299AAB76B6B9941 ncalrpc: LRPC-c8a90e6451f32453b7 ncalrpc: actkernel ncalrpc: umpo 76c217bc-c8b4-4201-a745-373ad9032b1a version: v1.0 ncalrpc: LRPC-050e937acdc4212897 ncalrpc: LRPC-41b14d528e17d20a0a ncalrpc: OLE9DAE16BAF3C3F299AAB76B6B9941 ncalrpc: LRPC-c8a90e6451f32453b7 ncalrpc: actkernel ncalrpc: umpo 55e6b932-1979-45d6-90c5-7f6270724112 version: v1.0 ncalrpc: LRPC-050e937acdc4212897 ncalrpc: LRPC-41b14d528e17d20a0a ncalrpc: OLE9DAE16BAF3C3F299AAB76B6B9941 ncalrpc: LRPC-c8a90e6451f32453b7 ncalrpc: actkernel ncalrpc: umpo 857fb1be-084f-4fb5-b59c-4b2c4be5f0cf version: v1.0 ncalrpc: LRPC-41b14d528e17d20a0a ncalrpc: OLE9DAE16BAF3C3F299AAB76B6B9941 ncalrpc: LRPC-c8a90e6451f32453b7 ncalrpc: actkernel ncalrpc: umpo b8cadbaf-e84b-46b9-84f2-6f71c03f9e55 version: v1.0 ncalrpc: LRPC-41b14d528e17d20a0a ncalrpc: OLE9DAE16BAF3C3F299AAB76B6B9941 ncalrpc: LRPC-c8a90e6451f32453b7 ncalrpc: actkernel ncalrpc: umpo 20c40295-8dba-48e6-aebf-3e78ef3bb144 version: v1.0 ncalrpc: LRPC-41b14d528e17d20a0a ncalrpc: OLE9DAE16BAF3C3F299AAB76B6B9941 ncalrpc: LRPC-c8a90e6451f32453b7 ncalrpc: actkernel ncalrpc: umpo 2513bcbe-6cd4-4348-855e-7efb3c336dd3 version: v1.0 ncalrpc: LRPC-41b14d528e17d20a0a ncalrpc: OLE9DAE16BAF3C3F299AAB76B6B9941 ncalrpc: LRPC-c8a90e6451f32453b7 ncalrpc: actkernel ncalrpc: umpo 0d3e2735-cea0-4ecc-a9e2-41a2d81aed4e version: v1.0 ncalrpc: LRPC-c8a90e6451f32453b7 ncalrpc: actkernel ncalrpc: umpo c605f9fb-f0a3-4e2a-a073-73560f8d9e3e version: v1.0 ncalrpc: LRPC-c8a90e6451f32453b7 ncalrpc: actkernel ncalrpc: umpo 1b37ca91-76b1-4f5e-a3c7-2abfc61f2bb0 version: v1.0 ncalrpc: LRPC-c8a90e6451f32453b7 ncalrpc: actkernel ncalrpc: umpo 8bfc3be1-6def-4e2d-af74-7c47cd0ade4a version: v1.0 ncalrpc: LRPC-c8a90e6451f32453b7 ncalrpc: actkernel ncalrpc: umpo 2d98a740-581d-41b9-aa0d-a88b9d5ce938 version: v1.0 ncalrpc: LRPC-c8a90e6451f32453b7 ncalrpc: actkernel ncalrpc: umpo 0361ae94-0316-4c6c-8ad8-c594375800e2 version: v1.0 ncalrpc: umpo 5824833b-3c1a-4ad2-bdfd-c31d19e23ed2 version: v1.0 ncalrpc: umpo bdaa0970-413b-4a3e-9e5d-f6dc9d7e0760 version: v1.0 ncalrpc: umpo 3b338d89-6cfa-44b8-847e-531531bc9992 version: v1.0 ncalrpc: umpo 8782d3b9-ebbd-4644-a3d8-e8725381919b version: v1.0 ncalrpc: umpo 085b0334-e454-4d91-9b8c-4134f9e793f3 version: v1.0 ncalrpc: umpo 4bec6bb8-b5c2-4b6f-b2c1-5da5cf92d0d9 version: v1.0 ncalrpc: umpo c9ac6db5-82b7-4e55-ae8a-e464ed7b4277 version: v1.0 annotation: Impl friendly name provider: sysntfy.dll ncalrpc: LRPC-d1b9a49991f9ab3a49 ncalrpc: LRPC-7c196e93ace701e090 ncalrpc: IUserProfile2 ncalrpc: LRPC-84b7252492745fd9e9 ncalrpc: senssvc ncalrpc: LRPC-d6954256f00f902ef8 8a7b5006-cc13-11db-9705-005056c00008 version: v1.0 annotation: AppIDSvc provider: appidsvc.dll ncalrpc: LRPC-67d23e88d99128d20b 7ea70bcf-48af-4f6a-8968-6a440754d5fa version: v1.0 annotation: NSI server endpoint provider: nsisvc.dll ncalrpc: LRPC-7fcb7e4b5b6ff14cf2 30adc50c-5cbc-46ce-9a0e-91914789e23c version: v1.0 annotation: NRP server endpoint provider: nrpsrv.dll ncalrpc: LRPC-acd2ae8e12e0337f0c a500d4c6-0dd1-4543-bc0c-d5f93486eaf8 version: v1.0 ncalrpc: LRPC-85621546d32e028828 ncalrpc: LRPC-d2d156f22b4efdf764 e40f7b57-7a25-4cd3-a135-7f7d3df9d16b version: v1.0 annotation: Network Connection Broker server endpoint ncalrpc: LRPC-bd599ee705ff702ce3 ncalrpc: OLE4DAFFF85C85EEE16BBB728DC4C6E ncalrpc: LRPC-68bf3e622aec701409 ncalrpc: LRPC-ed5e5fa4488d413952 880fd55e-43b9-11e0-b1a8-cf4edfd72085 version: v1.0 annotation: KAPI Service endpoint ncalrpc: LRPC-bd599ee705ff702ce3 ncalrpc: OLE4DAFFF85C85EEE16BBB728DC4C6E ncalrpc: LRPC-68bf3e622aec701409 ncalrpc: LRPC-ed5e5fa4488d413952 5222821f-d5e2-4885-84f1-5f6185a0ec41 version: v1.0 annotation: Network Connection Broker server endpoint for NCB Reset module ncalrpc: LRPC-68bf3e622aec701409 ncalrpc: LRPC-ed5e5fa4488d413952 f6beaff7-1e19-4fbb-9f8f-b89e2018337c version: v1.0 annotation: Event log TCPIP protocol: [MS-EVEN6]: EventLog Remoting Protocol provider: wevtsvc.dll ncacn_ip_tcp: 107.180.0.147:49669 ncacn_np: \\A2NWVPWEB056\pipe\eventlog ncalrpc: eventlog 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5 version: v1.0 annotation: DHCP Client LRPC Endpoint provider: dhcpcsvc.dll ncalrpc: dhcpcsvc ncalrpc: dhcpcsvc6 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d6 version: v1.0 annotation: DHCPv6 Client LRPC Endpoint provider: dhcpcsvc6.dll ncalrpc: dhcpcsvc6 f763c91c-2ab1-47fa-868f-7de7efd42194 version: v1.0 annotation: VM Allow-List Provider RPC ncalrpc: RdvVmAllowListRpc 2eb08e3e-639f-4fba-97b1-14f878961076 version: v1.0 annotation: Group Policy RPC Interface provider: gpsvc.dll ncalrpc: LRPC-d7391221047264b130 3a9ef155-691d-4449-8d05-09ad57031823 version: v1.0 ncacn_ip_tcp: 107.180.0.147:49624 ncalrpc: LRPC-bb4662a533642ac70f ncalrpc: ubpmtaskhostchannel ncacn_np: \\A2NWVPWEB056\PIPE\atsvc ncalrpc: LRPC-31008451546f09a5fe 86d35949-83c9-4044-b424-db363231fd0c version: v1.0 protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol provider: schedsvc.dll ncacn_ip_tcp: 107.180.0.147:49624 ncalrpc: LRPC-bb4662a533642ac70f ncalrpc: ubpmtaskhostchannel ncacn_np: \\A2NWVPWEB056\PIPE\atsvc ncalrpc: LRPC-31008451546f09a5fe 33d84484-3626-47ee-8c6f-e7e98b113be1 version: v2.0 ncalrpc: LRPC-bb4662a533642ac70f ncalrpc: ubpmtaskhostchannel ncacn_np: \\A2NWVPWEB056\PIPE\atsvc ncalrpc: LRPC-31008451546f09a5fe 378e52b0-c0a9-11cf-822d-00aa0051e40f version: v1.0 protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol provider: taskcomp.dll ncacn_np: \\A2NWVPWEB056\PIPE\atsvc ncalrpc: LRPC-31008451546f09a5fe 1ff70682-0a51-30e8-076d-740be8cee98b version: v1.0 protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol provider: taskcomp.dll ncacn_np: \\A2NWVPWEB056\PIPE\atsvc ncalrpc: LRPC-31008451546f09a5fe 0a74ef1c-41a4-4e06-83ae-dc74fb1cdd53 version: v1.0 provider: schedsvc.dll ncalrpc: LRPC-31008451546f09a5fe 3473dd4d-2e88-4006-9cba-22570909dd10 version: v5.256 annotation: WinHttp Auto-Proxy Service ncalrpc: 4a31c7c4-bd4d-4eb8-b5d9-518cda926265 ncalrpc: LRPC-2c8ae729142cc9cd98 c2d1b5dd-fa81-4460-9dd6-e7658b85454b version: v1.0 ncalrpc: LRPC-37c5866d247df04295 ncalrpc: OLE5ACD7601FB736497D65D024D6813 f44e62af-dab1-44c2-8013-049a9de417d6 version: v1.0 ncalrpc: LRPC-37c5866d247df04295 ncalrpc: OLE5ACD7601FB736497D65D024D6813 7aeb6705-3ae6-471a-882d-f39c109edc12 version: v1.0 ncalrpc: LRPC-37c5866d247df04295 ncalrpc: OLE5ACD7601FB736497D65D024D6813 e7f76134-9ef5-4949-a2d6-3368cc0988f3 version: v1.0 ncalrpc: LRPC-37c5866d247df04295 ncalrpc: OLE5ACD7601FB736497D65D024D6813 b37f900a-eae4-4304-a2ab-12bb668c0188 version: v1.0 ncalrpc: LRPC-37c5866d247df04295 ncalrpc: OLE5ACD7601FB736497D65D024D6813 abfb6ca3-0c5e-4734-9285-0aee72fe8d1c version: v1.0 ncalrpc: LRPC-37c5866d247df04295 ncalrpc: OLE5ACD7601FB736497D65D024D6813 2fb92682-6599-42dc-ae13-bd2ca89bd11c version: v1.0 annotation: Fw APIs provider: MPSSVC.dll ncalrpc: LRPC-45c72f28653b0f28c7 ncalrpc: LRPC-d2c0494bba49e60c66 ncalrpc: LRPC-eb0a9f8c93ad4aa67a ncalrpc: LRPC-d8291b8f59febe2bc8 f47433c3-3e9d-4157-aad4-83aa1f5c2d4c version: v1.0 annotation: Fw APIs ncalrpc: LRPC-d2c0494bba49e60c66 ncalrpc: LRPC-eb0a9f8c93ad4aa67a ncalrpc: LRPC-d8291b8f59febe2bc8 7f9d11bf-7fb9-436b-a812-b2d50c5d4c03 version: v1.0 annotation: Fw APIs provider: MPSSVC.dll ncalrpc: LRPC-eb0a9f8c93ad4aa67a ncalrpc: LRPC-d8291b8f59febe2bc8 dd490425-5325-4565-b774-7e27d6c09c24 version: v1.0 annotation: Base Firewall Engine API provider: BFE.DLL ncalrpc: LRPC-d8291b8f59febe2bc8 30b044a5-a225-43f0-b3a4-e060df91f9c1 version: v1.0 provider: certprop.dll ncalrpc: LRPC-c00c0d154814446823 0d3c7f20-1c8d-4654-a1b3-51563b298bda version: v1.0 annotation: UserMgrCli ncalrpc: LRPC-4034aaad2b7dc48396 ncalrpc: OLE49A03B2D876BCEC0F9B379E05892 b18fbab6-56f8-4702-84e0-41053293a869 version: v1.0 annotation: UserMgrCli ncalrpc: LRPC-4034aaad2b7dc48396 ncalrpc: OLE49A03B2D876BCEC0F9B379E05892 c49a5a70-8a7f-4e70-ba16-1e8f1f193ef1 version: v1.0 annotation: Adh APIs ncalrpc: OLEA0BA709D2DAB2D0A67F7CE891752 ncalrpc: TeredoControl ncalrpc: TeredoDiagnostics ncalrpc: LRPC-b616b7800cdaded882 c36be077-e14b-4fe9-8abc-e856ef4f048b version: v1.0 annotation: Proxy Manager client server endpoint ncalrpc: TeredoControl ncalrpc: TeredoDiagnostics ncalrpc: LRPC-b616b7800cdaded882 2e6035b2-e8f1-41a7-a044-656b439c4c34 version: v1.0 annotation: Proxy Manager provider server endpoint ncalrpc: TeredoControl ncalrpc: TeredoDiagnostics ncalrpc: LRPC-b616b7800cdaded882 552d076a-cb29-4e44-8b6a-d15e59e2c0af version: v1.0 annotation: IP Transition Configuration endpoint provider: iphlpsvc.dll ncalrpc: LRPC-b616b7800cdaded882 7f1343fe-50a9-4927-a778-0c5859517bac version: v1.0 annotation: DfsDs service ncacn_np: \\A2NWVPWEB056\PIPE\wkssvc ncalrpc: LRPC-0c3098b8a79de368e7 eb081a0d-10ee-478a-a1dd-50995283e7a8 version: v3.0 annotation: Witness Client Test Interface ncalrpc: LRPC-0c3098b8a79de368e7 f2c9b409-c1c9-4100-8639-d8ab1486694a version: v1.0 annotation: Witness Client Upcall Server ncalrpc: LRPC-0c3098b8a79de368e7 12345778-1234-abcd-ef00-0123456789ac version: v1.0 protocol: [MS-SAMR]: Security Account Manager (SAM) Remote Protocol provider: samsrv.dll ncacn_ip_tcp: 107.180.0.147:49672 ncacn_ip_tcp: 107.180.0.147:49626 ncalrpc: NETLOGON_LRPC ncalrpc: MicrosoftLaps_LRPC_0fb2f016-fe45-4a08-a7f9-a467f5e5fa0b ncalrpc: samss lpc ncalrpc: SidKey Local End Point ncalrpc: protected_storage ncalrpc: lsasspirpc ncalrpc: lsapolicylookup ncalrpc: LSA_EAS_ENDPOINT ncalrpc: LSA_IDPEXT_ENDPOINT ncalrpc: lsacap ncalrpc: LSARPC_ENDPOINT ncalrpc: securityevent ncalrpc: audit ncacn_np: \\A2NWVPWEB056\pipe\lsass 51a227ae-825b-41f2-b4a9-1ac9557a1018 version: v1.0 annotation: Ngc Pop Key Service ncacn_ip_tcp: 107.180.0.147:49626 ncalrpc: NETLOGON_LRPC ncalrpc: MicrosoftLaps_LRPC_0fb2f016-fe45-4a08-a7f9-a467f5e5fa0b ncalrpc: samss lpc ncalrpc: SidKey Local End Point ncalrpc: protected_storage ncalrpc: lsasspirpc ncalrpc: lsapolicylookup ncalrpc: LSA_EAS_ENDPOINT ncalrpc: LSA_IDPEXT_ENDPOINT ncalrpc: lsacap ncalrpc: LSARPC_ENDPOINT ncalrpc: securityevent ncalrpc: audit ncacn_np: \\A2NWVPWEB056\pipe\lsass 8fb74744-b2ff-4c00-be0d-9ef9a191fe1b version: v1.0 annotation: Ngc Pop Key Service ncacn_ip_tcp: 107.180.0.147:49626 ncalrpc: NETLOGON_LRPC ncalrpc: MicrosoftLaps_LRPC_0fb2f016-fe45-4a08-a7f9-a467f5e5fa0b ncalrpc: samss lpc ncalrpc: SidKey Local End Point ncalrpc: protected_storage ncalrpc: lsasspirpc ncalrpc: lsapolicylookup ncalrpc: LSA_EAS_ENDPOINT ncalrpc: LSA_IDPEXT_ENDPOINT ncalrpc: lsacap ncalrpc: LSARPC_ENDPOINT ncalrpc: securityevent ncalrpc: audit ncacn_np: \\A2NWVPWEB056\pipe\lsass b25a52bf-e5dd-4f4a-aea6-8ca7272a0e86 version: v2.0 annotation: KeyIso ncacn_ip_tcp: 107.180.0.147:49626 ncalrpc: NETLOGON_LRPC ncalrpc: MicrosoftLaps_LRPC_0fb2f016-fe45-4a08-a7f9-a467f5e5fa0b ncalrpc: samss lpc ncalrpc: SidKey Local End Point ncalrpc: protected_storage ncalrpc: lsasspirpc ncalrpc: lsapolicylookup ncalrpc: LSA_EAS_ENDPOINT ncalrpc: LSA_IDPEXT_ENDPOINT ncalrpc: lsacap ncalrpc: LSARPC_ENDPOINT ncalrpc: securityevent ncalrpc: audit ncacn_np: \\A2NWVPWEB056\pipe\lsass 0b1c2170-5732-4e0e-8cd3-d9b16f3b84d7 version: v0.0 annotation: RemoteAccessCheck protocol: [MS-RAA]: Remote Authorization API Protocol ncacn_ip_tcp: 107.180.0.147:49626 ncalrpc: NETLOGON_LRPC ncalrpc: MicrosoftLaps_LRPC_0fb2f016-fe45-4a08-a7f9-a467f5e5fa0b ncalrpc: samss lpc ncalrpc: SidKey Local End Point ncalrpc: protected_storage ncalrpc: lsasspirpc ncalrpc: lsapolicylookup ncalrpc: LSA_EAS_ENDPOINT ncalrpc: LSA_IDPEXT_ENDPOINT ncalrpc: lsacap ncalrpc: LSARPC_ENDPOINT ncalrpc: securityevent ncalrpc: audit ncacn_np: \\A2NWVPWEB056\pipe\lsass ncacn_ip_tcp: 107.180.0.147:49626 ncalrpc: NETLOGON_LRPC ncalrpc: MicrosoftLaps_LRPC_0fb2f016-fe45-4a08-a7f9-a467f5e5fa0b ncalrpc: samss lpc ncalrpc: SidKey Local End Point ncalrpc: protected_storage ncalrpc: lsasspirpc ncalrpc: lsapolicylookup ncalrpc: LSA_EAS_ENDPOINT ncalrpc: LSA_IDPEXT_ENDPOINT ncalrpc: lsacap ncalrpc: LSARPC_ENDPOINT ncalrpc: securityevent ncalrpc: audit ncacn_np: \\A2NWVPWEB056\pipe\lsass df4df73a-c52d-4e3a-8003-8437fdf8302a version: v0.0 annotation: WM_WindowManagerRPC\Server ncalrpc: LRPC-45bca9a41c1a4ce262 29770a8f-829b-4158-90a2-78cd488501f7 version: v1.0 ncacn_ip_tcp: 107.180.0.147:49645 ncacn_np: \\A2NWVPWEB056\pipe\SessEnvPublicRpc ncalrpc: SessEnvPrivateRpc ncalrpc: LRPC-d6954256f00f902ef8 b58aa02e-2884-4e97-8176-4ee06d794184 version: v1.0 provider: sysmain.dll ncalrpc: LRPC-03f8a7d68971c363e9 a398e520-d59a-4bdd-aa7a-3c1e0303a511 version: v1.0 annotation: IKE/Authip API provider: IKEEXT.DLL ncalrpc: LRPC-eac5367df4f434dff1 1a0d010f-1c33-432c-b0f5-8cf4e8053099 version: v1.0 annotation: IdSegSrv service ncalrpc: LRPC-4e1f9954f5dd0e0c83 98716d03-89ac-44c7-bb8c-285824e51c4a version: v1.0 annotation: XactSrv service provider: srvsvc.dll ncalrpc: LRPC-4e1f9954f5dd0e0c83 1a9134dd-7b39-45ba-ad88-44d01ca47f28 version: v1.0 annotation: Message Queuing - RemoteRead V1 protocol: [MS-MQRR]: Message Queuing (MSMQ): provider: mqqm.dll ncacn_ip_tcp: 107.180.0.147:2105 ncacn_ip_tcp: 107.180.0.147:2103 ncacn_ip_tcp: 107.180.0.147:2107 ncacn_ip_tcp: 107.180.0.147:49654 ncalrpc: QMMgmtFacility$a2nwvpweb056 ncalrpc: QMsvc$a2nwvpweb056 1088a980-eae5-11d0-8d9b-00a02453c337 version: v1.0 annotation: Message Queuing - QM2QM V1 protocol: [MS-MQQP]: Message Queuing (MSMQ): provider: mqqm.dll ncacn_ip_tcp: 107.180.0.147:2105 ncacn_ip_tcp: 107.180.0.147:2103 ncacn_ip_tcp: 107.180.0.147:2107 ncacn_ip_tcp: 107.180.0.147:49654 ncalrpc: QMMgmtFacility$a2nwvpweb056 ncalrpc: QMsvc$a2nwvpweb056 76d12b80-3467-11d3-91ff-0090272f9ea3 version: v1.0 annotation: Message Queuing - QMRT V2 protocol: [MS-MQMP]: Message Queuing (MSMQ): provider: mqqm.dll ncacn_ip_tcp: 107.180.0.147:2105 ncacn_ip_tcp: 107.180.0.147:2103 ncacn_ip_tcp: 107.180.0.147:2107 ncacn_ip_tcp: 107.180.0.147:49654 ncalrpc: QMMgmtFacility$a2nwvpweb056 ncalrpc: QMsvc$a2nwvpweb056 fdb3a030-065f-11d1-bb9b-00a024ea5525 version: v1.0 annotation: Message Queuing - QMRT V1 protocol: [MS-MQMP]: Message Queuing (MSMQ): provider: mqqm.dll ncacn_ip_tcp: 107.180.0.147:2105 ncacn_ip_tcp: 107.180.0.147:2103 ncacn_ip_tcp: 107.180.0.147:2107 ncacn_ip_tcp: 107.180.0.147:49654 ncalrpc: QMMgmtFacility$a2nwvpweb056 ncalrpc: QMsvc$a2nwvpweb056 f3f09ffd-fbcf-4291-944d-70ad6e0e73bb version: v1.0 ncalrpc: LRPC-8f5a73b7da9ed49eb1 367abb81-9844-35f1-ad32-98f038001003 version: v2.0 protocol: [MS-SCMR]: Service Control Manager Remote Protocol provider: services.exe ncacn_ip_tcp: 107.180.0.147:49713 31e6505c-3a76-432e-a422-183da88f075b version: v1.0 ncalrpc: LRPC-5b1222ca2aadb24ce8 ncalrpc: OLE600D4111CCE4905E7B0FA7BE3129 9fbe172c-e36a-4fee-a445-99f0675728fa version: v1.0 ncalrpc: LRPC-5b1222ca2aadb24ce8 ncalrpc: OLE600D4111CCE4905E7B0FA7BE3129 906b0ce0-c70b-1067-b317-00dd010662da version: v1.0 protocol: [MS-CMPO]: MSDTC Connection Manager: provider: msdtcprx.dll ncalrpc: LRPC-09a3c6b1bc47b85e87 ncalrpc: LRPC-09a3c6b1bc47b85e87 ncalrpc: LRPC-09a3c6b1bc47b85e87 bf4dc912-e52f-4904-8ebe-9317c1bdd497 version: v1.0 ncalrpc: LRPC-9fe992a40cbd0676c7 ncalrpc: OLE5BBA6720754A55F452A2D99A1CAE 54b4c689-969a-476f-8dc2-990885e9f562 version: v0.0 ncalrpc: LRPC-e64962e7f8c0936b0c be7f785e-0e3a-4ab7-91de-7e46e443be29 version: v0.0 ncalrpc: LRPC-e64962e7f8c0936b0c
1489525118 | 2024-04-23T00:53:02.190064443 / tcp
HTTP/1.1 404 Not Found Content-Type: text/html; charset=us-ascii Server: Microsoft-HTTPAPI/2.0 Date: Tue, 23 Apr 2024 00:53:02 GMT Connection: close Content-Length: 315
Certificate: Data: Version: 3 (0x2) Serial Number: 623566826923873420 (0x8a75ab9ac83d48c) Signature Algorithm: sha256WithRSAEncryption Issuer: C=US, ST=Arizona, L=Scottsdale, O=Starfield Technologies, Inc., OU=http:\/\/certs.starfieldtech.com\/repository\/, CN=Starfield Secure Certificate Authority - G2 Validity Not Before: Feb 9 20:37:03 2024 GMT Not After : Mar 12 20:37:03 2025 GMT Subject: CN=*.shr.prod.iad2.secureserver.net Subject Public Key Info: Public Key Algorithm: rsaEncryption Public-Key: (2048 bit) Modulus: 00:d1:43:7a:0a:d9:8f:0e:06:91:b9:1d:5b:9a:c9: 7f:07:d1:b3:e9:49:05:16:be:9f:a0:a6:e2:35:88: 79:fc:bf:99:43:88:5d:94:a1:1d:f1:1b:85:02:9d: 44:b4:72:dd:b8:35:cb:ce:4a:29:6d:17:92:aa:60: 94:3c:48:a9:02:6a:3b:80:9a:82:76:26:e9:f5:4b: 0e:26:13:13:29:00:13:c7:75:7e:e1:de:97:7f:12: 0e:9d:34:b5:ec:0a:a4:20:45:dd:c3:d2:3f:bb:27: 8d:7c:78:e0:4c:37:23:62:b8:28:0b:f5:96:91:23: cc:fa:bb:7e:3a:01:16:0d:25:4a:fa:16:e7:f6:a0: 34:0b:a5:28:a3:16:7a:9b:4f:cf:62:a6:82:8c:2b: aa:20:55:74:5a:34:1a:13:5b:a8:81:d6:f7:73:b7: 5a:c0:c6:43:e8:a3:16:f4:b8:8a:0c:b7:d2:92:43: b0:14:95:e6:e0:3d:91:df:fd:00:86:7a:4d:7d:52: dd:a2:ab:12:4f:04:d9:b5:d4:8b:3d:6b:ce:a0:b4: de:97:c1:58:0b:88:da:6f:6e:ce:fb:12:22:1c:a3: 18:0f:77:93:d8:e7:b4:0c:b1:da:17:57:59:56:f1: 0e:0d:83:3c:fc:1e:97:60:ab:96:26:5f:fc:b0:51: be:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:FALSE X509v3 Extended Key Usage: TLS Web Server Authentication, TLS Web Client Authentication X509v3 Key Usage: critical Digital Signature, Key Encipherment X509v3 CRL Distribution Points: Full Name: URI:http://crl.starfieldtech.com/sfig2s1-674.crl X509v3 Certificate Policies: Policy: 2.16.840.1.114414.1.7.23.1 CPS: http://certificates.starfieldtech.com/repository/ Policy: 2.23.140.1.2.1 Authority Information Access: OCSP - URI:http://ocsp.starfieldtech.com/ CA Issuers - URI:http://certificates.starfieldtech.com/repository/sfig2.crt X509v3 Authority Key Identifier: 25:45:81:68:50:26:38:3D:3B:2D:2C:BE:CD:6A:D9:B6:3D:B3:66:63 X509v3 Subject Alternative Name: DNS:*.shr.prod.iad2.secureserver.net, DNS:shr.prod.iad2.secureserver.net X509v3 Subject Key Identifier: C1:05:5B:E5:2E:74:0B:62:D8:04:9E:68:36:CB:1D:B0:1B:03:9B:95 CT Precertificate SCTs: Signed Certificate Timestamp: Version : v1 (0x0) Log ID : 4E:75:A3:27:5C:9A:10:C3:38:5B:6C:D4:DF:3F:52:EB: 1D:F0:E0:8E:1B:8D:69:C0:B1:FA:64:B1:62:9A:39:DF Timestamp : Feb 9 20:37:03.538 2024 GMT Extensions: none Signature : ecdsa-with-SHA256 30:45:02:20:65:19:F2:DC:DB:B6:EA:B0:58:B4:ED:85: 2A:54:18:82:FB:0E:9D:CC:5D:A3:1F:46:C7:EE:D0:92: A6:08:9F:0B:02:21:00:82:BE:35:E4:E9:71:FE:5A:CD: 21:ED:DC:DF:07:45:66:CE:AB:80:8A:F0:B1:7E:99:DF: D6:6E:62:4F:62:FB:57 Signed Certificate Timestamp: Version : v1 (0x0) Log ID : 7D:59:1E:12:E1:78:2A:7B:1C:61:67:7C:5E:FD:F8:D0: 87:5C:14:A0:4E:95:9E:B9:03:2F:D9:0E:8C:2E:79:B8 Timestamp : Feb 9 20:37:03.785 2024 GMT Extensions: none Signature : ecdsa-with-SHA256 30:44:02:20:2C:C9:3A:CE:38:28:48:E1:9B:FD:B7:A4: D0:11:23:F1:9C:AB:B5:D9:73:47:E6:7A:9C:73:97:89: C0:2F:13:AF:02:20:6A:D2:BB:21:26:AC:B1:AD:FD:C2: 22:8B:B5:16:44:3D:D2:86:F0:D2:8A:EE:34:8F:A8:47: 31:49:31:05:12:38 Signed Certificate Timestamp: Version : v1 (0x0) Log ID : CC:FB:0F:6A:85:71:09:65:FE:95:9B:53:CE:E9:B2:7C: 22:E9:85:5C:0D:97:8D:B6:A9:7E:54:C0:FE:4C:0D:B0 Timestamp : Feb 9 20:37:03.888 2024 GMT Extensions: none Signature : ecdsa-with-SHA256 30:44:02:20:0B:A1:D4:A9:65:DE:3E:D0:B1:34:49:0F: 88:F0:77:6B:49:AA:B3:1D:AB:FD:FF:84:05:9B:9D:67: 2A:9E:24:BD:02:20:74:F2:F1:D9:E5:EB:37:EB:5E:02: 61:8D:6C:55:FC:EE:6A:78:06:AE:E9:6D:3E:F2:F5:8A: 63:38:96:50:7D:AA Signature Algorithm: sha256WithRSAEncryption Signature Value: 71:49:bd:cd:ae:6b:a7:1b:8b:d7:30:e3:f1:b0:aa:6a:cc:25: d2:d8:cf:a3:59:80:ad:4d:f4:2f:2b:5f:6b:dd:f5:5c:8e:b9: 8c:fe:3e:34:00:0b:79:04:74:5a:14:9a:13:77:dc:4b:c2:8c: 14:3b:f5:05:9b:2a:64:4d:18:5b:59:33:df:5e:57:ae:6a:4e: c2:f6:d8:0d:9e:f6:b6:70:ca:2c:5c:84:c6:a6:ad:63:df:6a: ca:63:53:f0:0c:76:d7:8a:be:6a:29:f4:41:13:b0:93:61:34: e3:de:ff:ec:7b:ba:46:78:56:6d:2f:cf:66:e7:53:5d:6c:ae: 09:38:a5:54:02:c0:97:77:2d:61:4d:86:5e:74:9d:ea:90:18: 37:7c:b8:85:48:87:4b:3b:0c:dd:a0:fd:b2:88:88:47:51:e1: ea:8a:39:a2:c8:f3:d8:7f:00:11:13:4b:1f:1b:8d:24:a7:bb: 0b:a8:2f:29:2a:81:d4:c3:38:a4:c9:62:c0:6e:20:ed:54:42: da:1e:74:4a:47:9d:0f:d9:86:a2:e5:5d:1c:69:9e:35:01:11: e6:5e:54:72:b0:46:8b:ea:5c:89:77:f0:b4:59:85:39:38:cc: 93:7b:d0:6e:75:3e:e6:3f:b2:de:a6:ee:15:3f:d2:26:04:6c: c9:cb:31:77