services.certificate
|
73affba5c44b63792974412ba8abf537e1d5653a2323287797db85251bc79d9c |
|
services.discovery_method
|
PREDICTIVE_METHOD_7 |
|
services.extended_service_name
|
RDP |
|
services.jarm.fingerprint
|
2ad2ad16d2ad2ad22c2ad2ad2ad2adfd9c9d14e4f4f67f94f0359f8b28f532 |
|
services.jarm.cipher_and_version_fingerprint
|
2ad2ad16d2ad2ad22c2ad2ad2ad2ad |
|
services.jarm.tls_extensions_sha256
|
fd9c9d14e4f4f67f94f0359f8b28f532 |
|
services.jarm.observed_at
|
2023-11-30T08:58:12.833604628Z |
|
services.labels
|
network-administration |
|
services.labels
|
remote-access |
|
services.observed_at
|
2023-12-07T21:53:23.397000620Z |
|
services.perspective_id
|
PERSPECTIVE_NTT |
|
services.port
|
3389 |
|
services.rdp.protocol_flags.extended_client_data_supported |
true |
|
services.rdp.protocol_flags.dynvc_graphics_pipeline |
true |
|
services.rdp.protocol_flags.neg_resp_reserved |
true |
|
services.rdp.protocol_flags.restricted_admin_mode |
true |
|
services.rdp.protocol_flags.restricted_auth_mode |
true |
|
services.rdp.selected_security_protocol.rdstls |
true |
|
services.rdp.selected_security_protocol.raw_value
|
4 |
|
services.rdp.selected_security_protocol.standard_rdp |
false |
|
services.rdp.selected_security_protocol.tls |
false |
|
services.rdp.selected_security_protocol.credssp |
false |
|
services.rdp.selected_security_protocol.credssp_early_auth |
false |
|
services.rdp.selected_security_protocol.error |
false |
|
services.rdp.selected_security_protocol.error_ssl_required |
false |
|
services.rdp.selected_security_protocol.error_ssl_forbidden |
false |
|
services.rdp.selected_security_protocol.error_ssl_cert_missing |
false |
|
services.rdp.selected_security_protocol.error_bad_flags |
false |
|
services.rdp.selected_security_protocol.error_hybrid_required |
false |
|
services.rdp.selected_security_protocol.error_ssl_user_auth_required |
false |
|
services.rdp.selected_security_protocol.error_unknown |
false |
|
services.rdp.x224_cc_pdu_srcref
|
13330 |
|
services.service_name
|
RDP |
|
services.source_ip
|
167.248.133.53 |
|
services.tls.version_selected
|
TLSv1_2 |
|
services.tls.cipher_selected
|
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 |
|
services.tls.certificates.leaf_fp_sha_256
|
73affba5c44b63792974412ba8abf537e1d5653a2323287797db85251bc79d9c |
|
services.tls.certificates.leaf_data.subject_dn
|
CN=WIN-LIVFRVQFMKO |
|
services.tls.certificates.leaf_data.issuer_dn
|
CN=WIN-LIVFRVQFMKO |
|
services.tls.certificates.leaf_data.pubkey_bit_size
|
2048 |
|
services.tls.certificates.leaf_data.pubkey_algorithm
|
RSA |
|
services.tls.certificates.leaf_data.tbs_fingerprint
|
04426210de688283d0dd5d990a50a00bff808c0d172dde407688bf524e1f1406 |
|
services.tls.certificates.leaf_data.fingerprint
|
73affba5c44b63792974412ba8abf537e1d5653a2323287797db85251bc79d9c |
|
services.tls.certificates.leaf_data.issuer.common_name
|
WIN-LIVFRVQFMKO |
|
services.tls.certificates.leaf_data.subject.common_name
|
WIN-LIVFRVQFMKO |
|
services.tls.certificates.leaf_data.public_key.key_algorithm
|
RSA |
|
services.tls.certificates.leaf_data.public_key.rsa.modulus
|
v+EPWk/oRHiWc2izqzVb0GLqz/cN6qUkAW45aKEx7a/rg0BGxJlCJCj+UrG6QQhE3iPHhH74yATUEyNoOyqbwC19WVKlIQPRcAVbkSkne9TveQW7ooNVpRge9QWkOPnNLirWJj3rLKEfP8Jr5OCQhqAWGXBXOzirUpoXflMf/60fvBJkab9WUThAE9awkNbN4hpb8xpm9PS1xKmbQiDfBf/nIbT/WJN1pUhDkKTsqIcnKuqCLR1T9xLii9QlIG6UusQK7Pu1cVdwyRWnpBgvHiDagyRhD8iGHcYZ6JfkAzkofx7gyMNdvExjnSL8mbGXyMdqRgtOTJhMasRsMfM/NQ== |
|
services.tls.certificates.leaf_data.public_key.rsa.exponent
|
AAEAAQ== |
|
services.tls.certificates.leaf_data.public_key.rsa.length
|
256 |
|
services.tls.certificates.leaf_data.public_key.fingerprint
|
67f386d699ae79dfe0e1b7b49524dbbf4714468bb6b3df059dd5c74876363ae6 |
|
services.tls.certificates.leaf_data.signature.self_signed |
true |
|
services.tls.certificates.leaf_data.signature.signature_algorithm
|
SHA256-RSA |
|
services.tls.server_key_exchange.ec_params.named_curve
|
24 |
|
services.tls.ja3s
|
364ff14b04ef93c3b4cfa429d729c0d9 |
|
services.transport_fingerprint.raw
|
64000,128,true,MNWNNS,1460,false,false |
|
services.transport_protocol
|
TCP |
|
services.truncated |
false |
|