814052254 | 2025-01-07T20:14:25.534429
21 /
tcp
220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
220-You are user number 1 of 50 allowed.
220-Local time is now 13:14. Server port: 21.
220-This is a private system - No anonymous login
220-IPv6 connections are also welcome on this server.
220 You will be disconnected after 15 minutes of inactivity.
530 Login authentication failed
214-The following SITE commands are recognized
ALIAS
CHMOD
IDLE
UTIME
214 Pure-FTPd - http://pureftpd.org/
211-Extensions supported:
UTF8
EPRT
IDLE
MDTM
SIZE
MFMT
REST STREAM
MLST type*;size*;sizd*;modify*;UNIX.mode*;UNIX.uid*;UNIX.gid*;unique*;
MLSD
PRET
AUTH TLS
PBSZ
PROT
TVFS
ESTA
PASV
EPSV
ESTP
211 End.
SSL Certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 676578380601145839 (0x963b073d670b9ef)
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, ST=Arizona, L=Scottsdale, O=Starfield Technologies, Inc., OU=http:\/\/certs.starfieldtech.com\/repository\/, CN=Starfield Secure Certificate Authority - G2
Validity
Not Before: Feb 15 21:45:33 2024 GMT
Not After : Mar 18 21:45:33 2025 GMT
Subject: CN=*.prod.phx3.secureserver.net
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:c5:85:b0:76:4c:86:3b:11:d8:89:2c:dd:3a:a8:
62:fc:51:2d:c5:b5:59:41:52:2f:51:5b:cf:3f:d9:
28:80:a4:c3:6b:18:df:bc:3a:9b:29:1f:5a:9d:26:
70:35:63:65:75:77:a3:05:43:56:92:5e:8c:be:ef:
cd:55:5d:c6:6a:15:27:14:56:ec:5b:27:e1:13:81:
7a:bb:77:d5:99:0c:b4:9e:f9:31:ee:36:7b:98:ce:
5d:f3:57:50:55:8f:eb:b3:bf:fd:0b:6f:a1:03:6b:
d6:a8:17:bc:d4:a9:6f:7c:36:5b:9b:a5:18:3c:ba:
2a:d1:b9:06:19:46:38:ae:ac:b6:9d:57:fb:0c:af:
59:fd:c8:34:a7:a6:13:9d:2c:18:8b:93:7c:f4:3b:
52:ad:11:12:08:d1:2b:65:02:31:41:9e:ee:06:8e:
36:bd:dc:6c:83:c0:74:8a:b8:0f:be:82:d1:93:da:
5e:bd:01:ae:ca:a8:61:ea:45:cd:ad:05:76:3e:5a:
c7:93:d7:b7:c7:f7:38:e7:88:ac:1a:9a:cd:e4:0a:
db:6a:07:14:d5:a8:c9:c9:19:6b:83:4c:a2:fd:51:
5c:80:94:ea:6b:92:e8:1e:e7:8f:79:96:18:56:ea:
58:b2:98:36:9b:99:2d:ee:c6:62:40:c4:5f:0d:61:
08:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints: critical
CA:FALSE
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client Authentication
X509v3 Key Usage: critical
Digital Signature, Key Encipherment
X509v3 CRL Distribution Points:
Full Name:
URI:http://crl.starfieldtech.com/sfig2s1-676.crl
X509v3 Certificate Policies:
Policy: 2.16.840.1.114414.1.7.23.1
CPS: http://certificates.starfieldtech.com/repository/
Policy: 2.23.140.1.2.1
Authority Information Access:
OCSP - URI:http://ocsp.starfieldtech.com/
CA Issuers - URI:http://certificates.starfieldtech.com/repository/sfig2.crt
X509v3 Authority Key Identifier:
25:45:81:68:50:26:38:3D:3B:2D:2C:BE:CD:6A:D9:B6:3D:B3:66:63
X509v3 Subject Alternative Name:
DNS:*.prod.phx3.secureserver.net, DNS:prod.phx3.secureserver.net
X509v3 Subject Key Identifier:
E3:6A:A4:88:DA:00:95:F4:40:9F:1E:14:BA:5D:3C:48:C5:E9:01:E0
CT Precertificate SCTs:
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : 4E:75:A3:27:5C:9A:10:C3:38:5B:6C:D4:DF:3F:52:EB:
1D:F0:E0:8E:1B:8D:69:C0:B1:FA:64:B1:62:9A:39:DF
Timestamp : Feb 15 21:45:34.154 2024 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:45:02:20:72:96:96:7F:6B:97:2A:E9:77:86:F6:5C:
30:77:E3:43:FD:22:AB:E5:A3:53:8D:48:1A:F1:67:A9:
85:D9:D7:AA:02:21:00:9E:17:CB:61:0E:CB:9F:E5:D0:
00:8F:B7:CF:19:FD:0B:EE:B5:42:1B:12:80:E9:CB:66:
9E:16:9C:E8:22:C7:F3
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : 7D:59:1E:12:E1:78:2A:7B:1C:61:67:7C:5E:FD:F8:D0:
87:5C:14:A0:4E:95:9E:B9:03:2F:D9:0E:8C:2E:79:B8
Timestamp : Feb 15 21:45:34.425 2024 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:45:02:20:18:A3:61:2F:FE:EB:65:A5:DB:E3:B1:E8:
63:D6:8B:07:1C:68:E0:AE:AD:19:35:44:32:CA:4C:42:
F3:B8:6E:B3:02:21:00:CC:1A:7E:D3:2F:01:66:14:7F:
14:AB:4D:3B:BF:37:DA:25:3D:E6:BA:7E:97:81:16:8D:
14:59:DB:4C:D0:17:E5
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : CC:FB:0F:6A:85:71:09:65:FE:95:9B:53:CE:E9:B2:7C:
22:E9:85:5C:0D:97:8D:B6:A9:7E:54:C0:FE:4C:0D:B0
Timestamp : Feb 15 21:45:34.638 2024 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:46:02:21:00:D3:BA:C7:A2:8D:69:45:CC:66:1A:E2:
CF:5B:E3:77:B0:35:69:CE:CF:DC:74:CA:34:FA:20:C7:
F7:32:B3:1F:B9:02:21:00:93:05:A3:42:2C:9A:4A:B5:
FE:4E:F2:33:7C:60:1C:EF:94:3E:24:51:5B:68:9F:66:
EB:45:26:23:58:16:FE:E1
Signature Algorithm: sha256WithRSAEncryption
Signature Value:
22:ac:6e:66:5e:b5:6c:b2:66:e6:4e:4e:a7:5c:d8:62:6d:18:
df:11:21:33:38:10:9c:58:1b:23:c3:0e:4d:a5:8e:3a:45:38:
81:67:d7:61:44:1c:ab:b6:2f:ee:44:0c:ee:21:81:99:6e:e0:
0e:b3:ca:4a:0a:b4:3c:66:36:5b:29:c9:ab:dc:a1:7c:71:e3:
3b:a5:56:ae:a2:61:89:a0:0f:e4:62:6c:94:f2:3a:a7:f4:90:
28:1c:52:b7:09:03:c0:f7:27:8b:fc:79:cf:a0:3c:8d:d3:84:
5b:79:56:cb:fc:60:97:24:e5:95:ff:4d:79:27:7d:36:cc:ff:
32:85:ec:eb:1f:eb:3a:45:4a:66:19:01:f9:fa:21:32:b4:74:
0c:12:bf:d3:05:de:71:0e:2e:05:6a:04:a9:af:82:a4:0b:73:
bf:ed:3e:67:af:5f:ac:39:23:dc:79:fb:bf:6b:d3:29:50:00:
ca:69:25:5b:8a:6d:0e:b2:07:40:16:3d:88:14:fb:f5:0d:e6:
33:44:9d:a8:68:5c:27:fe:40:85:70:54:bb:46:95:08:4d:79:
07:11:c8:82:9a:12:9c:63:5c:67:8f:40:3f:ba:e1:b4:7e:a6:
f7:f9:a8:c3:cc:d4:0c:62:3c:18:4a:83:bd:ef:32:ef:4e:61:
71:f9:c1:e9
356457844 | 2025-01-08T02:41:16.304938
25 /
tcp
421 Too many concurrent SMTP connections from this IP address; please try again later.\r\n
355845565 | 2025-01-09T14:00:15.101137
80 /
tcp
HTTP/1.1 200 OK
Date: Thu, 09 Jan 2025 14:00:14 GMT
Server: Apache
X-Pingback: http://valleyoakinvestments.com/xmlrpc.php
Link: <http://wp.me/P3fJUE-i>; rel=shortlink
Upgrade: h2,h2c
Connection: Upgrade
Cache-Control: max-age=3600
Expires: Thu, 09 Jan 2025 15:00:14 GMT
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
1104654269 | 2025-01-08T22:41:36.808580
443 /
tcp
HTTP/1.1 200 OK
Date: Wed, 08 Jan 2025 22:41:36 GMT
Server: Apache
X-Pingback: http://valleyoakinvestments.com/xmlrpc.php
Link: <http://wp.me/P3fJUE-i>; rel=shortlink
Upgrade: h2,h2c
Connection: Upgrade
Cache-Control: max-age=3600
Expires: Wed, 08 Jan 2025 23:41:36 GMT
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
SSL Certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5702580169 (0x153e677c9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=valleyoakinvestments.com
Validity
Not Before: Nov 9 01:58:44 2021 GMT
Not After : Nov 9 01:58:44 2022 GMT
Subject: CN=valleyoakinvestments.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:f5:b5:f1:07:bd:2e:55:b1:d7:db:60:97:fb:06:
41:7d:ed:73:2f:c7:9b:2f:72:7d:96:ea:99:d0:3b:
0b:f5:fb:c3:2f:6a:0a:2d:bc:f9:eb:26:a2:87:d4:
82:c9:23:9c:77:57:e1:f6:4f:9b:f3:a5:67:03:c4:
90:25:b5:a1:6c:71:03:1b:47:3e:01:42:f9:7e:fe:
cf:17:ba:43:66:f8:76:e7:44:6e:40:6c:b0:51:33:
b2:64:58:9c:ba:08:bd:31:cb:44:b6:c3:d7:40:ca:
2c:81:22:86:da:c6:99:dc:40:de:84:58:8a:b0:3a:
cb:43:28:f4:27:af:eb:50:24:1d:8e:45:be:c8:8c:
35:67:78:94:75:cd:4a:45:5a:15:c8:d5:6c:5d:3e:
1e:2f:88:af:b7:8c:04:f9:71:d9:a0:d9:07:88:06:
60:d1:71:d8:b2:3c:eb:0c:d5:cb:50:3f:6c:78:75:
ad:8c:75:ac:69:de:5c:9d:71:52:62:b0:d2:cb:5c:
ad:e2:fa:4d:9a:e3:9b:d5:b6:94:35:cd:e1:5a:6c:
ff:25:ac:55:a0:e8:28:a7:40:2e:2b:e5:b0:75:73:
24:7d:28:9a:d4:37:cc:d2:be:05:9b:c5:d3:76:ed:
c6:61:20:e9:70:92:8b:31:dc:2f:18:b7:5d:36:75:
aa:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:F7:38:1C:F0:60:7B:39:C9:67:5A:E9:AE:96:3F:B0:56:1F:F7:B2
X509v3 Basic Constraints:
CA:FALSE
X509v3 Authority Key Identifier:
keyid:88:F7:38:1C:F0:60:7B:39:C9:67:5A:E9:AE:96:3F:B0:56:1F:F7:B2
DirName:/CN=valleyoakinvestments.com
serial:01:53:E6:77:C9
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client Authentication
X509v3 Subject Alternative Name:
DNS:valleyoakinvestments.com, DNS:mail.valleyoakinvestments.com, DNS:www.valleyoakinvestments.com, DNS:cpanel.valleyoakinvestments.com, DNS:webmail.valleyoakinvestments.com, DNS:webdisk.valleyoakinvestments.com, DNS:cpcontacts.valleyoakinvestments.com, DNS:cpcalendars.valleyoakinvestments.com, DNS:autodiscover.valleyoakinvestments.com
Signature Algorithm: sha256WithRSAEncryption
Signature Value:
a5:e3:d6:56:9d:3f:60:38:c5:7c:c2:cb:a3:57:00:e5:06:37:
20:af:27:c7:18:70:8d:8b:fd:12:8e:c9:70:07:90:96:ab:92:
e5:1a:44:58:fc:12:11:cc:35:8e:9b:46:25:56:22:59:4d:f6:
df:c5:f4:fa:fb:50:01:9e:cd:2b:5e:65:26:3d:81:8a:a1:f2:
1e:b7:24:3a:d2:b6:0b:e2:65:48:55:2f:f5:b2:7f:1d:bf:4c:
b6:35:94:5a:c9:ac:b0:94:56:bf:06:6b:0a:fd:29:cb:7d:bd:
ce:3b:ee:e1:93:3f:44:16:14:f4:2d:22:84:5b:8f:d9:d6:e7:
59:c3:5e:dc:1e:31:73:73:cd:e5:3a:67:23:09:ff:bc:52:c2:
42:67:6e:74:88:b5:3a:67:f3:59:f7:eb:c1:8e:46:62:14:a5:
fb:af:90:fe:d8:97:61:df:39:a3:83:23:00:7c:b9:84:03:2b:
67:05:3c:35:fe:e4:26:ee:92:a7:fc:3a:cc:e5:dd:bf:09:d2:
9f:50:a6:ef:22:6c:76:b2:e9:fd:9c:bc:a8:b1:c5:c6:94:72:
3d:60:43:99:04:3f:63:a4:f7:b5:0f:78:93:eb:31:27:93:85:
6d:3b:30:44:e6:30:2b:18:d7:c3:30:e1:c0:1b:73:5a:69:e0:
2f:35:49:c5
-1245259217 | 2024-12-31T16:39:50.282910
465 /
tcp
220-p3plzcpnl506593.prod.phx3.secureserver.net ESMTP Exim 4.96.2 #2 Tue, 31 Dec 2024 09:39:45 -0700
220-We do not authorize the use of this system to transport unsolicited,
220 and/or bulk e-mail.
250-p3plzcpnl506593.prod.phx3.secureserver.net Hello ul5md59hca4k.com [224.100.58.6]
250-SIZE 52428800
250-8BITMIME
250-PIPELINING
250-PIPECONNECT
250-AUTH PLAIN LOGIN
250 HELP
-1762631829 | 2024-12-25T12:47:18.318738
2077 /
tcp
HTTP/1.1 302 Moved
Date: Wed, 25 Dec 2024 12:47:18 GMT
Server: cPanel
Persistent-Auth: false
Host: 160.153.47.71:2077
Cache-Control: no-cache, no-store, must-revalidate, private
Connection: close
Location: https://p3plzcpnl506593.prod.phx3.secureserver.net:2078/
Vary: Accept-Encoding
Expires: Fri, 01 Jan 1990 00:00:00 GMT
X-Redirect-Reason: requiressl
-2060570294 | 2025-01-15T13:22:57.156158
2087 /
tcp
HTTP/1.1 301 Moved
Content-length: 139
Location: https://p3plzcpnl506593.prod.phx3.secureserver.net:2087
Content-type: text/html; charset="utf-8"
Cache-Control: no-cache, no-store, must-revalidate, private
Pragma: no-cache
<html><head><META HTTP-EQUIV="refresh" CONTENT="2;URL=https://p3plzcpnl506593.prod.phx3.secureserver.net:2087"></head><body></body></html>
1149396539 | 2024-12-22T18:59:24.572976
2096 /
tcp
HTTP/1.1 301 Moved
Content-length: 139
Location: https://p3plzcpnl506593.prod.phx3.secureserver.net:2096
Content-type: text/html; charset="utf-8"
Cache-Control: no-cache, no-store, must-revalidate, private
Pragma: no-cache
