Accessible RDP Report

Fields

• timestamp
  Time that the IP was probed in UTC+0
• ip
  The IP address of the device in question
• protocol
  Protocol that the response came on (always TCP)
• port
  Port that the response came from (3389/TCP)
• hostname
  Reverse DNS name of the device in question
• tag
  Will always be rdp
• asn
  ASN of where the device in question resides
• geo
  Country where the device in question resides
• region
  State / Province / Administrative region where the device in question resides
• city
  City in which the device in question resides
• rdp_protocol
  The version of RDP protocol that responded; valid responses are RDP (aka RDP Security), RDP_negotiation_ignored (this can be old versions of windows or xrdp), unsupported (no idea what this is), CredSSP_Enforced (Hybrid Security, NLA), SSL_Enforced (TLS security is mandated)
• cert_length
  Length of the Certificate (1024, 2048, 4096, et cetera)
• subject_common_name
  The Common Name (CN) of the SSL certificate
• issuer_common_name
  The Common Name of the entity that signed the SSL certificate
• cert_issue_date
  Date when the SSL certificate became valid
• cert_expiration_date
  Date when the SSL certificate expires
• sha1_fingerprint
  SHA1 fingerprint of the certificate
• cert_serial_number
  Serial number embedded in the certificate
• ssl_version
  SSL Version
• signature_algorithm
  Algorithm used to sign the certificate
• key_algorithm
  Algorithm used by the key
• sha256_fingerprint
  SHA256 fingerprint of the certificate
• sha512_fingerprint
  SHA512 fingerprint of the certificate
• md5_fingerprint
  MD5 fingerprint of the certificate
• naics
  North American Industry Classification System Code
• sic
  Standard Industrial Classification System Code