1489525118 | 2024-10-14T08:23:11.77683880 / tcp
HTTP/1.1 404 Not Found Content-Type: text/html; charset=us-ascii Server: Microsoft-HTTPAPI/2.0 Date: Mon, 14 Oct 2024 08:23:11 GMT Connection: close Content-Length: 315
1426780296 | 2024-10-20T06:04:08.961380135 / tcp
Microsoft RPC Endpoint Mapper d95afe70-a6d5-4259-822e-2c84da1ddb0d version: v1.0 protocol: [MS-RSP]: Remote Shutdown Protocol provider: wininit.exe ncacn_ip_tcp: 5.135.42.25:49152 ncalrpc: WindowsShutdown ncacn_np: \\CELUGA05\PIPE\InitShutdown ncalrpc: WMsgKRpc095C00 76f226c3-ec14-4325-8a99-6a46348418af version: v1.0 provider: winlogon.exe ncalrpc: WindowsShutdown ncacn_np: \\CELUGA05\PIPE\InitShutdown ncalrpc: WMsgKRpc095C00 ncalrpc: WMsgKRpc098CF1 ncalrpc: WMsgKRpc05BBFD22 c9ac6db5-82b7-4e55-ae8a-e464ed7b4277 version: v1.0 annotation: Impl friendly name provider: sysntfy.dll ncalrpc: LRPC-bf7529c0900d3e51f7 ncacn_np: \\CELUGA05\PIPE\srvsvc ncacn_ip_tcp: 5.135.42.25:49154 ncacn_np: \\CELUGA05\PIPE\atsvc ncalrpc: senssvc ncalrpc: OLE9839EE48185B4E2BB4FF05384CEC ncalrpc: IUserProfile2 ncalrpc: senssvc ncalrpc: OLE9839EE48185B4E2BB4FF05384CEC ncalrpc: IUserProfile2 ncalrpc: OLE9839EE48185B4E2BB4FF05384CEC ncalrpc: IUserProfile2 ncalrpc: IUserProfile2 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5 version: v1.0 annotation: DHCP Client LRPC Endpoint provider: dhcpcsvc.dll ncalrpc: dhcpcsvc ncalrpc: dhcpcsvc6 ncacn_ip_tcp: 5.135.42.25:49153 ncacn_np: \\CELUGA05\pipe\eventlog ncalrpc: eventlog 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d6 version: v1.0 annotation: DHCPv6 Client LRPC Endpoint provider: dhcpcsvc6.dll ncalrpc: dhcpcsvc6 ncacn_ip_tcp: 5.135.42.25:49153 ncacn_np: \\CELUGA05\pipe\eventlog ncalrpc: eventlog 30adc50c-5cbc-46ce-9a0e-91914789e23c version: v1.0 annotation: NRP server endpoint provider: nrpsrv.dll ncacn_ip_tcp: 5.135.42.25:49153 ncacn_np: \\CELUGA05\pipe\eventlog ncalrpc: eventlog f6beaff7-1e19-4fbb-9f8f-b89e2018337c version: v1.0 annotation: Event log TCPIP protocol: [MS-EVEN6]: EventLog Remoting Protocol provider: wevtsvc.dll ncacn_ip_tcp: 5.135.42.25:49153 ncacn_np: \\CELUGA05\pipe\eventlog ncalrpc: eventlog 58e604e8-9adb-4d2e-a464-3b0683fb1480 version: v1.0 annotation: AppInfo provider: appinfo.dll ncacn_np: \\CELUGA05\PIPE\srvsvc ncacn_ip_tcp: 5.135.42.25:49154 ncacn_np: \\CELUGA05\PIPE\atsvc ncalrpc: senssvc ncalrpc: OLE9839EE48185B4E2BB4FF05384CEC ncalrpc: IUserProfile2 fd7a0523-dc70-43dd-9b2e-9c5ed48225b1 version: v1.0 annotation: AppInfo provider: appinfo.dll ncacn_np: \\CELUGA05\PIPE\srvsvc ncacn_ip_tcp: 5.135.42.25:49154 ncacn_np: \\CELUGA05\PIPE\atsvc ncalrpc: senssvc ncalrpc: OLE9839EE48185B4E2BB4FF05384CEC ncalrpc: IUserProfile2 5f54ce7d-5b79-4175-8584-cb65313a0e98 version: v1.0 annotation: AppInfo provider: appinfo.dll ncacn_np: \\CELUGA05\PIPE\srvsvc ncacn_ip_tcp: 5.135.42.25:49154 ncacn_np: \\CELUGA05\PIPE\atsvc ncalrpc: senssvc ncalrpc: OLE9839EE48185B4E2BB4FF05384CEC ncalrpc: IUserProfile2 201ef99a-7fa0-444c-9399-19ba84f12a1a version: v1.0 annotation: AppInfo provider: appinfo.dll ncacn_np: \\CELUGA05\PIPE\srvsvc ncacn_ip_tcp: 5.135.42.25:49154 ncacn_np: \\CELUGA05\PIPE\atsvc ncalrpc: senssvc ncalrpc: OLE9839EE48185B4E2BB4FF05384CEC ncalrpc: IUserProfile2 30b044a5-a225-43f0-b3a4-e060df91f9c1 version: v1.0 provider: certprop.dll ncacn_np: \\CELUGA05\PIPE\srvsvc ncacn_ip_tcp: 5.135.42.25:49154 ncacn_np: \\CELUGA05\PIPE\atsvc ncalrpc: senssvc ncalrpc: OLE9839EE48185B4E2BB4FF05384CEC ncalrpc: IUserProfile2 98716d03-89ac-44c7-bb8c-285824e51c4a version: v1.0 annotation: XactSrv service provider: srvsvc.dll ncacn_ip_tcp: 5.135.42.25:49154 ncacn_np: \\CELUGA05\PIPE\atsvc ncalrpc: senssvc ncalrpc: OLE9839EE48185B4E2BB4FF05384CEC ncalrpc: IUserProfile2 552d076a-cb29-4e44-8b6a-d15e59e2c0af version: v1.0 annotation: IP Transition Configuration endpoint provider: iphlpsvc.dll ncacn_ip_tcp: 5.135.42.25:49154 ncacn_np: \\CELUGA05\PIPE\atsvc ncalrpc: senssvc ncalrpc: OLE9839EE48185B4E2BB4FF05384CEC ncalrpc: IUserProfile2 86d35949-83c9-4044-b424-db363231fd0c version: v1.0 protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol provider: schedsvc.dll ncacn_ip_tcp: 5.135.42.25:49154 ncacn_np: \\CELUGA05\PIPE\atsvc ncalrpc: senssvc ncalrpc: OLE9839EE48185B4E2BB4FF05384CEC ncalrpc: IUserProfile2 378e52b0-c0a9-11cf-822d-00aa0051e40f version: v1.0 protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol provider: taskcomp.dll ncacn_np: \\CELUGA05\PIPE\atsvc ncalrpc: senssvc ncalrpc: OLE9839EE48185B4E2BB4FF05384CEC ncalrpc: IUserProfile2 1ff70682-0a51-30e8-076d-740be8cee98b version: v1.0 protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol provider: taskcomp.dll ncacn_np: \\CELUGA05\PIPE\atsvc ncalrpc: senssvc ncalrpc: OLE9839EE48185B4E2BB4FF05384CEC ncalrpc: IUserProfile2 0a74ef1c-41a4-4e06-83ae-dc74fb1cdd53 version: v1.0 provider: schedsvc.dll ncalrpc: senssvc ncalrpc: OLE9839EE48185B4E2BB4FF05384CEC ncalrpc: IUserProfile2 2eb08e3e-639f-4fba-97b1-14f878961076 version: v1.0 provider: gpsvc.dll ncalrpc: OLE9839EE48185B4E2BB4FF05384CEC ncalrpc: IUserProfile2 3473dd4d-2e88-4006-9cba-22570909dd10 version: v5.256 annotation: WinHttp Auto-Proxy Service ncacn_np: \\CELUGA05\PIPE\W32TIME_ALT ncalrpc: W32TIME_ALT ncalrpc: LRPC-ca430f107086ac3d43 ncalrpc: OLE0EB502AAE06A48B19172B95A6C39 7ea70bcf-48af-4f6a-8968-6a440754d5fa version: v1.0 annotation: NSI server endpoint provider: nsisvc.dll ncalrpc: LRPC-ca430f107086ac3d43 ncalrpc: OLE0EB502AAE06A48B19172B95A6C39 24019106-a203-4642-b88d-82dae9158929 version: v1.0 provider: authui.dll ncalrpc: LRPC-d42cd0d717b3b57c1c 2fb92682-6599-42dc-ae13-bd2ca89bd11c version: v1.0 annotation: Fw APIs provider: MPSSVC.dll ncalrpc: LRPC-44c77eb24591f045ca 7f9d11bf-7fb9-436b-a812-b2d50c5d4c03 version: v1.0 annotation: Fw APIs provider: MPSSVC.dll ncalrpc: LRPC-44c77eb24591f045ca dd490425-5325-4565-b774-7e27d6c09c24 version: v1.0 annotation: Base Firewall Engine API provider: BFE.DLL ncalrpc: LRPC-44c77eb24591f045ca 7f1343fe-50a9-4927-a778-0c5859517bac version: v1.0 annotation: DfsDs service ncacn_np: \\CELUGA05\PIPE\wkssvc ncalrpc: DNSResolver 4a452661-8290-4b36-8fbe-7f4093a94978 version: v1.0 annotation: Spooler function endpoint provider: spoolsv.exe ncalrpc: spoolss ae33069b-a2a8-46ee-a235-ddfd339be281 version: v1.0 annotation: Spooler base remote object endpoint protocol: [MS-PAN]: Print System Asynchronous Notification Protocol provider: spoolsv.exe ncalrpc: spoolss 0b6edbfa-4a24-4fc6-8a23-942b1eca65d1 version: v1.0 annotation: Spooler function endpoint protocol: [MS-PAN]: Print System Asynchronous Notification Protocol provider: spoolsv.exe ncalrpc: spoolss b25a52bf-e5dd-4f4a-aea6-8ca7272a0e86 version: v1.0 annotation: KeyIso provider: keyiso.dll ncacn_ip_tcp: 5.135.42.25:49155 ncalrpc: efslrpc ncacn_np: \\CELUGA05\pipe\efsrpc ncalrpc: samss lpc ncalrpc: dsrole ncacn_np: \\CELUGA05\PIPE\protected_storage ncalrpc: protected_storage ncalrpc: lsasspirpc ncalrpc: lsapolicylookup ncalrpc: LSARPC_ENDPOINT ncalrpc: securityevent ncalrpc: audit ncalrpc: LRPC-76228b6ab57b931928 ncacn_np: \\CELUGA05\pipe\lsass 12345778-1234-abcd-ef00-0123456789ac version: v1.0 protocol: [MS-SAMR]: Security Account Manager (SAM) Remote Protocol provider: samsrv.dll ncacn_ip_tcp: 5.135.42.25:49155 ncalrpc: efslrpc ncacn_np: \\CELUGA05\pipe\efsrpc ncalrpc: samss lpc ncalrpc: dsrole ncacn_np: \\CELUGA05\PIPE\protected_storage ncalrpc: protected_storage ncalrpc: lsasspirpc ncalrpc: lsapolicylookup ncalrpc: LSARPC_ENDPOINT ncalrpc: securityevent ncalrpc: audit ncalrpc: LRPC-76228b6ab57b931928 ncacn_np: \\CELUGA05\pipe\lsass 367abb81-9844-35f1-ad32-98f038001003 version: v2.0 protocol: [MS-SCMR]: Service Control Manager Remote Protocol provider: services.exe ncacn_ip_tcp: 5.135.42.25:49176 12345678-1234-abcd-ef00-0123456789ab version: v1.0 annotation: IPSec Policy agent endpoint protocol: [MS-RPRN]: Print System Remote Protocol provider: spoolsv.exe ncalrpc: LRPC-18e3ede8fdeea89314 906b0ce0-c70b-1067-b317-00dd010662da version: v1.0 protocol: [MS-CMPO]: MSDTC Connection Manager: provider: msdtcprx.dll ncalrpc: LRPC-1abf4c986cfd64e3ba ncalrpc: OLECC2906E2942D4D8DBC5117B8ECBB ncalrpc: LRPC-9ab780e4b27c0b9ce3 ncalrpc: LRPC-9ab780e4b27c0b9ce3 ncalrpc: LRPC-9ab780e4b27c0b9ce3 ncalrpc: LRPC-9ab780e4b27c0b9ce3 12e65dd8-887f-41ef-91bf-8d816c42c2e7 version: v1.0 annotation: Secure Desktop LRPC interface provider: winlogon.exe ncalrpc: WMsgKRpc05BBFD22
-29256688 | 2024-10-26T02:29:49.760036443 / tcp
HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html Server: Microsoft-IIS/7.5 Date: Sat, 26 Oct 2024 02:29:58 GMT Content-Length: 0
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
88:14:ce:cf:50:89:00:cb:2d:fa:6c:2a:48:a4:31:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Organization Validation Secure Server CA
Validity
Not Before: Jul 4 00:00:00 2024 GMT
Not After : Jul 4 23:59:59 2025 GMT
Subject: C=FR, ST=\xC3\x8Ele-de-France, O=L'EQUITE COMP. D'ASSUR. REASSUR. CONT. RISQUES DE TOUTE NATURE, CN=*.lamedicale.fr
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:bc:da:f8:2f:b1:85:74:8c:88:22:28:c8:08:87:
7d:98:b4:85:85:12:3f:62:3b:bb:b2:f7:64:30:4d:
95:5e:37:95:f9:fe:82:86:26:ca:a6:b4:dc:e9:51:
db:ce:e1:60:52:2b:28:91:c6:85:ff:9a:7e:d8:de:
94:09:cb:9f:25:4a:78:3c:5b:5c:f6:e7:9b:d0:fd:
73:60:09:64:a6:b9:13:b1:09:22:08:ed:0b:ce:93:
a4:3e:f6:33:8d:5c:5a:77:80:5a:98:72:cf:d7:bf:
52:9c:2d:eb:09:0b:7f:ce:4f:fb:25:f5:e2:ee:bb:
eb:aa:7d:78:19:96:2f:da:e7:f3:cb:ad:a2:b1:86:
17:ce:9f:61:d7:d1:ed:1c:0b:67:cf:13:66:f9:44:
db:59:d6:a5:9f:2a:b2:da:b8:c0:b7:46:32:53:e8:
96:2f:25:78:1f:39:fe:27:11:01:68:06:96:05:16:
e4:2a:8e:6d:10:03:00:4d:85:d4:75:25:bc:68:9c:
78:49:35:88:95:6b:e1:32:63:5c:b7:20:1c:cc:2b:
aa:06:d3:09:15:77:22:4f:0e:42:21:32:4e:ec:89:
d3:92:65:fd:25:66:ad:b9:37:59:45:14:20:4d:2d:
da:45:51:db:3a:59:51:a1:39:10:be:bc:33:cf:75:
c4:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Authority Key Identifier:
17:D9:D6:25:27:67:F9:31:C2:49:43:D9:30:36:44:8C:6C:A9:4F:EB
X509v3 Subject Key Identifier:
EE:F1:FF:95:E8:21:88:DA:CF:4C:F8:08:22:37:4F:A8:7F:FE:FE:45
X509v3 Key Usage: critical
Digital Signature, Key Encipherment
X509v3 Basic Constraints: critical
CA:FALSE
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client Authentication
X509v3 Certificate Policies:
Policy: 1.3.6.1.4.1.6449.1.2.1.3.4
CPS: https://sectigo.com/CPS
Policy: 2.23.140.1.2.2
X509v3 CRL Distribution Points:
Full Name:
URI:http://crl.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crl
Authority Information Access:
CA Issuers - URI:http://crt.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crt
OCSP - URI:http://ocsp.sectigo.com
CT Precertificate SCTs:
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : DD:DC:CA:34:95:D7:E1:16:05:E7:95:32:FA:C7:9F:F8:
3D:1C:50:DF:DB:00:3A:14:12:76:0A:2C:AC:BB:C8:2A
Timestamp : Jul 4 13:59:37.284 2024 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:43:02:20:3A:A5:09:BE:76:46:8D:6A:AE:3E:AE:85:
36:69:96:B6:69:22:72:A5:7F:53:7F:BC:CF:34:DE:DC:
6B:D7:61:00:02:1F:12:A7:8D:27:38:A4:AB:F0:6F:68:
43:62:DB:94:12:DA:07:16:BD:0B:CD:F6:0B:22:5E:A5:
BD:91:78:65:56
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : 0D:E1:F2:30:2B:D3:0D:C1:40:62:12:09:EA:55:2E:FC:
47:74:7C:B1:D7:E9:30:EF:0E:42:1E:B4:7E:4E:AA:34
Timestamp : Jul 4 13:59:37.188 2024 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:44:02:20:73:9E:32:F9:09:27:DF:93:FE:50:54:51:
69:DB:2A:60:0D:EE:20:2D:D6:BD:15:78:23:7D:6D:76:
00:DB:5D:2F:02:20:75:66:51:8B:AC:48:7A:45:3A:F4:
8C:74:EA:84:CD:0C:04:D9:34:27:05:C8:8D:DA:9A:C0:
3D:BA:AD:14:DA:21
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : 12:F1:4E:34:BD:53:72:4C:84:06:19:C3:8F:3F:7A:13:
F8:E7:B5:62:87:88:9C:6D:30:05:84:EB:E5:86:26:3A
Timestamp : Jul 4 13:59:37.209 2024 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:45:02:21:00:E4:6E:36:25:1E:E9:CF:C6:1C:60:25:
2C:C4:DF:AB:9A:63:B2:D2:4A:92:55:20:F2:5A:D7:76:
DD:89:CA:BB:BA:02:20:7A:BD:1B:4B:CC:C6:23:2F:4D:
55:7C:75:52:14:87:87:E7:27:37:19:AD:D9:17:28:81:
CF:1F:DC:FC:BE:1A:1B
X509v3 Subject Alternative Name:
DNS:*.lamedicale.fr
Signature Algorithm: sha256WithRSAEncryption
Signature Value:
3a:cd:40:80:e6:a0:39:96:60:01:bc:28:23:54:ec:c1:11:b5:
dc:62:6f:d9:4a:d9:72:3e:fe:c3:ed:07:25:83:85:08:11:e4:
00:f8:54:c2:95:1b:62:83:97:51:c3:ee:a4:09:a7:bb:32:5d:
e4:a6:49:e6:de:69:6f:e0:d6:4a:18:4b:83:b0:50:a5:33:f4:
84:67:e6:7d:2f:4a:d5:24:8d:8a:84:d7:42:4e:75:09:a0:dc:
76:1a:93:52:96:75:f7:d0:73:98:08:2e:4c:c9:ed:fb:0b:31:
e4:af:91:43:19:d0:73:5c:02:d6:92:a8:0f:37:2a:15:76:3b:
db:16:be:68:6a:38:09:ce:08:74:5f:83:f5:0a:e2:9d:8b:88:
1a:49:48:bc:75:cd:94:71:35:e4:33:b0:79:fe:82:3a:96:6e:
5e:fd:12:3b:8b:a0:18:a0:9e:74:42:c1:fd:67:2b:e6:16:8d:
5b:9a:a4:45:b7:75:b8:67:00:31:da:dc:0b:3b:ed:46:78:83:
47:e1:f9:ba:c6:36:77:bf:1f:86:4f:88:f6:00:04:60:eb:0c:
de:40:52:e6:43:76:94:3b:35:1c:4b:d8:b5:18:e6:34:d7:fe:
56:2c:5c:dc:66:02:80:70:34:26:46:64:c8:69:8e:c2:4f:44:
70:f1:35:cd