Hello
Based on the information you provided, we can see that the local device appears to have initiated a connection from port 3389 to the Azure AD server (via HTTPS port 443). This substandard network behavior may be due to a specific configuration or software behavior.
To investigate this further, consider the following steps:
Confirm device status: Check whether the device is running the RDP service and whether a connection should be initiated from this port.
Check software configuration: See if any software or services on your device are configured to use port 3389 for outbound connections.
View network traffic: Use network monitoring tools to observe network traffic on the device to see if there are other unusual connections or behaviors.
Check for security events: Check the security log or event viewer to see if there are any security warnings or errors related to this connection.