services.certificate
|
943d658e82464ac07ba01e57d5552ebc5e3330221fa1a29e281ba703be470edd |
|
services.discovery_method
|
IPV4_WALK_FULL_PRIORITY_1 |
|
services.extended_service_name
|
RDP |
|
services.jarm.fingerprint
|
2ad2ad16d2ad2ad22c2ad2ad2ad2adfd9c9d14e4f4f67f94f0359f8b28f532 |
|
services.jarm.cipher_and_version_fingerprint
|
2ad2ad16d2ad2ad22c2ad2ad2ad2ad |
|
services.jarm.tls_extensions_sha256
|
fd9c9d14e4f4f67f94f0359f8b28f532 |
|
services.jarm.observed_at
|
2024-09-13T21:28:15.849403396Z |
|
services.labels
|
network-administration |
|
services.labels
|
remote-access |
|
services.observed_at
|
2024-09-16T02:14:14.631643966Z |
|
services.perspective_id
|
PERSPECTIVE_NTT |
|
services.port
|
3389 |
|
services.rdp.version.raw
|
524299 |
|
services.rdp.version.major
|
10 |
|
services.rdp.version.minor
|
6 |
|
services.rdp.protocol_flags.extended_client_data_supported |
true |
|
services.rdp.protocol_flags.dynvc_graphics_pipeline |
true |
|
services.rdp.protocol_flags.neg_resp_reserved |
true |
|
services.rdp.protocol_flags.restricted_admin_mode |
true |
|
services.rdp.protocol_flags.restricted_auth_mode |
true |
|
services.rdp.selected_security_protocol.standard_rdp |
true |
|
services.rdp.selected_security_protocol.tls |
true |
|
services.rdp.selected_security_protocol.raw_value
|
1 |
|
services.rdp.selected_security_protocol.credssp |
false |
|
services.rdp.selected_security_protocol.rdstls |
false |
|
services.rdp.selected_security_protocol.credssp_early_auth |
false |
|
services.rdp.selected_security_protocol.error |
false |
|
services.rdp.selected_security_protocol.error_ssl_required |
false |
|
services.rdp.selected_security_protocol.error_ssl_forbidden |
false |
|
services.rdp.selected_security_protocol.error_ssl_cert_missing |
false |
|
services.rdp.selected_security_protocol.error_bad_flags |
false |
|
services.rdp.selected_security_protocol.error_hybrid_required |
false |
|
services.rdp.selected_security_protocol.error_ssl_user_auth_required |
false |
|
services.rdp.selected_security_protocol.error_unknown |
false |
|
services.rdp.x224_cc_pdu_srcref
|
13330 |
|
services.rdp.connect_response.domain_parameters.max_channel_ids
|
34 |
|
services.rdp.connect_response.domain_parameters.max_user_id_channels
|
3 |
|
services.rdp.connect_response.domain_parameters.num_priorities
|
1 |
|
services.rdp.connect_response.domain_parameters.max_provider_height
|
1 |
|
services.rdp.connect_response.domain_parameters.max_mcspdu_size
|
65528 |
|
services.rdp.connect_response.domain_parameters.domain_protocol_version
|
2 |
|
services.rdp.connect_response.domain_parameters.max_token_ids
|
0 |
|
services.rdp.connect_response.domain_parameters.min_throughput
|
0 |
|
services.rdp.connect_response.connect_id
|
0 |
|
services.service_name
|
RDP |
|
services.source_ip
|
206.168.34.119 |
|
services.tls.version_selected
|
TLSv1_2 |
|
services.tls.cipher_selected
|
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 |
|
services.tls.certificates.leaf_fp_sha_256
|
943d658e82464ac07ba01e57d5552ebc5e3330221fa1a29e281ba703be470edd |
|
services.tls.certificates.leaf_data.subject_dn
|
CN=WIN-UB5PQEGCD95 |
|
services.tls.certificates.leaf_data.issuer_dn
|
CN=WIN-UB5PQEGCD95 |
|
services.tls.certificates.leaf_data.pubkey_bit_size
|
2048 |
|
services.tls.certificates.leaf_data.pubkey_algorithm
|
RSA |
|
services.tls.certificates.leaf_data.tbs_fingerprint
|
50fe1a36f6f8e43ea8eaa942750580cf623b0f1a25c8c9e445f5beb4be19e4f4 |
|
services.tls.certificates.leaf_data.fingerprint
|
943d658e82464ac07ba01e57d5552ebc5e3330221fa1a29e281ba703be470edd |
|
services.tls.certificates.leaf_data.issuer.common_name
|
WIN-UB5PQEGCD95 |
|
services.tls.certificates.leaf_data.subject.common_name
|
WIN-UB5PQEGCD95 |
|
services.tls.certificates.leaf_data.public_key.key_algorithm
|
RSA |
|
services.tls.certificates.leaf_data.public_key.rsa.modulus
|
zp+WRD/Pi/IKZ1sA9Y2qyAfde6BG3AtKlwlWDbXUGdA2lZ+F/mhYnSePOoa6i3NbaNoxWeQAQTJkRKGDTnK3SCi2zKYbffp7NUveR9r0uJY+ixd0j5fjXS0qr4bkuNewfXw7dfAjuhBjjqe6njkarkO16477qElbsN3Xx0J2p5JSUosYR3zOtMKrXpcz3yQf/sh52GodZK/pRPIUX584tcDNg5B+AIg/J5tPDTuKjpf++5CHoszhOFRYSpPAz+PdcF6S5ftz0s5uutXxXjm6lq3S9/Kp+ECErXJG014tCLn9DUhmkUIXFXZ6/td8UCgIUozct5gC6QBPUizITqifeQ== |
|
services.tls.certificates.leaf_data.public_key.rsa.exponent
|
AAEAAQ== |
|
services.tls.certificates.leaf_data.public_key.rsa.length
|
256 |
|
services.tls.certificates.leaf_data.public_key.fingerprint
|
e3ea79f22d3ec5fac2dabe94c181ae64cce27f413f530a4cde5c81a9ea0bd6e6 |
|
services.tls.certificates.leaf_data.signature.self_signed |
true |
|
services.tls.certificates.leaf_data.signature.signature_algorithm
|
SHA256-RSA |
|
services.tls.server_key_exchange.ec_params.named_curve
|
24 |
|
services.tls.ja3s
|
364ff14b04ef93c3b4cfa429d729c0d9 |
|
services.tls.ja4s
|
t120100_c030_bc98f8e001b5 |
|
services.tls.versions.tls_version
|
TLSv1_2 |
|
services.tls.versions.ja3s
|
364ff14b04ef93c3b4cfa429d729c0d9 |
|
services.tls.versions.ja4s
|
t120100_c030_bc98f8e001b5 |
|
|
services.tls.versions.tls_version
|
TLSv1_1 |
|
services.tls.versions.ja3s
|
1308be477c8afb355e2860ab89378ae5 |
|
services.tls.versions.ja4s
|
t110100_c014_bc98f8e001b5 |
|
|
services.tls.versions.tls_version
|
TLSv1_0 |
|
services.tls.versions.ja3s
|
bcf3a836c82d12ee988005fb0c011445 |
|
services.tls.versions.ja4s
|
t100100_c014_bc98f8e001b5 |
|
|
services.transport_fingerprint.raw
|
64000,128,true,MNWNNS,1460,false,false |
|
services.transport_protocol
|
TCP |
|
services.truncated |
false |
|