Attack
Attack
Attack
Company Name: Fujitsu
Report Title: dd
Generated on: Tue Jan 17 21:12:06 2023
Period: 2023-01-10 00:00 - 2023-01-16 23:59
Filters: None
Scheduled at: Every day at 11:15
dd - 1
f
Table of Contents
Attack by Time
dd - 2
f
dd - 3
f
dd - 4
f
dd - 5
f
dd - 6
f
dd - 7
f
dd - 8
f
Attacks By Date
dd - 9
f
dd - 10
f
dd - 11
f
dd - 12
f
dd - 13
f
Other(1) 48 0.02%
Subtotal(4) 216979 3.88%
01:00 - 02:00 low 215650 99.83%
high 194 0.09%
medium 148 0.07%
Other(1) 27 0.01%
Subtotal(4) 216019 3.87%
02:00 - 03:00 low 215060 99.86%
high 158 0.07%
medium 119 0.06%
Other(1) 32 0.01%
Subtotal(4) 215369 3.85%
03:00 - 04:00 low 214619 99.89%
high 133 0.06%
medium 92 0.04%
Other(1) 13 0.01%
Subtotal(4) 214857 3.84%
04:00 - 05:00 low 213066 99.87%
high 165 0.08%
medium 86 0.04%
Other(1) 17 0.01%
Subtotal(4) 213334 3.82%
05:00 - 06:00 low 212443 99.90%
medium 135 0.06%
high 60 0.03%
Other(1) 26 0.01%
Subtotal(4) 212664 3.81%
06:00 - 07:00 low 212472 99.87%
high 142 0.07%
medium 127 0.06%
Other(1) 12 0.01%
Subtotal(4) 212753 3.81%
Other(17) 4086540 73.12%
Total(24) 5588515 100.00%
dd - 14
f
dd - 15
f
dd - 16
f
The most frequently detected attack types over the reporting period.
Top Attack Types
Attack Type Events Percent
HTTP Connection 5443372 97.40%
Failure
Generic 50631 0.91%
Attacks(Extended)
Generic Attacks 29773 0.53%
SQL Injection 19152 0.34%
SQL/XSS Syntax Based 15180 0.27%
Detection
Machine Learning 8418 0.15%
SQL Injection 6013 0.11%
(Extended)
Other(8) 15976 0.29%
Total(15) 5588515 100.00%
dd - 17
f
The protocols carrying the most attacks over the reporting period, broken down by attack
type.
Top Attack Protocols by Type
Protocol Attack Type Events Percent
https/tls1.2 HTTP Connection 5431042 97.58%
Failure
Generic 50631 0.91%
Attacks(Extended)
Generic Attacks 28548 0.51%
Other(11) 55329 0.99%
Subtotal(14) 5565550 99.59%
tcp Machine Learning 8418 100.00%
Subtotal(1) 8418 0.15%
https/tls1.0 HTTP Connection 5022 100.00%
Failure
Subtotal(1) 5022 0.09%
https/tls1.1 HTTP Connection 3369 100.00%
Failure
Subtotal(1) 3369 0.06%
https/tls1.3 HTTP Connection 2858 100.00%
Failure
Subtotal(1) 2858 0.05%
http Generic Attacks 1225 55.25%
IP Reputation 980 44.20%
dd - 18
f
The number of attacks for each attack category over the reporting period, broken down by
attack type.
Attack Categories by Type
Category Attack Type Events Percent
HTTP Connection HTTP Connection 5443372 100.00%
Failure Failure
Subtotal(1) 5443372 97.40%
Signature Generic 50631 43.77%
Detection Attacks(Extended)
Generic Attacks 29773 25.74%
SQL Injection 19152 16.56%
Other(5) 16108 13.93%
Subtotal(8) 115664 2.07%
SQL/XSS Syntax SQL/XSS Syntax 15180 100.00%
Based Detection Based Detection
Subtotal(1) 15180 0.27%
dd - 19
f
The most frequently detected attack severities over the reporting period, broken down by
action.
Top Attack Severities by Action
Action Severity Events Percent
Alert_Deny low 5446823 98.53%
high 71821 1.30%
medium 9265 0.17%
Subtotal(3) 5527909 98.92%
Alert medium 50592 83.48%
informative 8418 13.89%
low 1046 1.73%
dd - 20
f
The most frequently attacked destinations over the reporting period, broken down by attack
type.
Top Attack Destinations by Type
Destination Attack Type Events Percent
10.17.210.65 HTTP Connection 5408298 99.06%
Failure
Generic 48853 0.89%
Attacks(Extended)
IP Reputation 1583 0.03%
Other(5) 994 0.02%
Subtotal(8) 5459728 97.70%
10.17.210.12 Generic Attacks 23181 40.10%
HTTP Connection 17809 30.81%
Failure
SQL/XSS Syntax 15075 26.08%
Based Detection
Other(5) 1738 3.01%
Subtotal(8) 57803 1.03%
10.17.210.18 SQL Injection 19150 43.13%
Generic Attacks 5294 11.92%
dd - 21
f
dd - 22
f
The most frequently attacked destinations over the reporting period, broken down by
source.
Top Attack Destinations by Source
Destination Source Events Percent
10.17.210.65 193.127.193.53 5345702 97.91%
177.222.109.47 3147 0.06%
157.55.39.33 1596 0.03%
Other(11717) 109283 2.00%
Subtotal(11720) 5459728 97.70%
10.17.210.12 206.189.127.129 4660 8.06%
37.97.137.40 4657 8.06%
195.57.52.2 974 1.69%
Other(4855) 47512 82.20%
Subtotal(4858) 57803 1.03%
10.17.210.18 10.17.61.224 25279 56.93%
10.17.60.108 16004 36.04%
185.190.43.21 303 0.68%
Other(443) 2816 6.34%
Subtotal(446) 44402 0.79%
0.0.0.0 0.0.0.0 8418 100.00%
Subtotal(1) 8418 0.15%
10.17.210.9 157.55.39.33 579 11.11%
157.55.39.201 578 11.09%
157.55.39.89 570 10.94%
Other(320) 3485 66.86%
Subtotal(323) 5212 0.09%
10.17.210.40 88.221.90.166 263 5.24%
88.221.90.7 210 4.19%
2.22.234.134 209 4.17%
Other(1706) 4335 86.41%
Subtotal(1709) 5017 0.09%
10.17.210.29 10.17.60.168 631 21.38%
185.190.43.21 303 10.26%
157.230.243.49 161 5.45%
Other(304) 1857 62.91%
Subtotal(307) 2952 0.05%
Other(6) 4983 0.09%
Total(13) 5588515 100.00%
The most frequently detected attack types over the reporting period, broken down by
source.
Top Attack Types by Source
Attack Type Source Events Percent
HTTP Connection 193.127.193.53 5345702 98.21%
dd - 23
f
The most frequently attacked http methods over the reporting period, broken down by
attack type.
Top Attacked Http methods by Type
Http Method Attack Type Events Percent
none HTTP Connection 5443372 99.83%
Failure
Machine Learning 8418 0.15%
IP Reputation 980 0.02%
Subtotal(3) 5452770 97.57%
post Generic 47827 59.52%
Attacks(Extended)
Generic Attacks 23163 28.82%
SQL/XSS Syntax 5617 6.99%
dd - 24
f
Based Detection
Other(9) 3754 4.67%
Subtotal(12) 80361 1.44%
get SQL Injection 18488 33.62%
SQL/XSS Syntax 9563 17.39%
Based Detection
Generic Attacks 6580 11.97%
Other(10) 20362 37.03%
Subtotal(13) 54993 0.98%
head Known Bots 294 81.44%
Detection
Information 67 18.56%
Disclosure
Subtotal(2) 361 0.01%
webdav Generic Attacks 24 100.00%
Subtotal(1) 24 0.00%
options Generic Attacks 6 100.00%
Subtotal(1) 6 0.00%
Total(6) 5588515 100.00%
Attacks By Policy
dd - 25
f
The most frequently detected attack URLs over the reporting period.
Top Attack URLs
URL Events Percent
none 5452770 97.57%
/rb_672bda62-27f5- 46812 0.84%
4ac5-a713-
9fda56ef7959
/Delta2Web/ 20680 0.37%
rb_672bda62-27f5-
4ac5-a713-
9fda56ef7959
/Delta2Web/gusu/ 3457 0.06%
j_security_check
/Delta2Web/gpat/ 3348 0.06%
GestionPat.do
dd - 26
f
The most frequently attacked user identifications over the reporting period.
Top Attacked User Identifications
Session ID Events Percent
none 5458167 97.67%
678B286DEEC1BEF66B 22289 0.40%
BF6EAF4ECBF69A
678B286DC789B92609 9356 0.17%
E23634208EFD75
678B286AA252002FE68 759 0.01%
319DE8CA86958
678B286A3670FB26D9 522 0.01%
A76A82E9701D05
678B286A59AA61CE8E 428 0.01%
CF7BEF539CFFB3
678B286949DF5FBA43F 325 0.01%
CA7A7612A15D5
Other(12593) 96669 1.73%
Total(12600) 5588515 100.00%
dd - 27
f
dd - 28
f
dd - 29
f
The most frequently triggered signature ID over the reporting period, broken down by
attack type.
Top Triggered Signature IDs By Type
Attack Type Signature ID Events Percent
Generic 060140003 49701 98.16%
Attacks(Extende 060070002 406 0.80%
d) 060050011 180 0.36%
Other(4) 344 0.68%
Subtotal(7) 50631 43.77%
Generic Attacks 050050039 19809 66.53%
050180008 2462 8.27%
050150001 2092 7.03%
Other(18) 5410 18.17%
Subtotal(21) 29773 25.74%
SQL Injection 030000040 5583 29.15%
030000042 5002 26.12%
030000163 2959 15.45%
Other(7) 5608 29.28%
Subtotal(10) 19152 16.56%
SQL Injection 040000142 1213 20.17%
(Extended) 040000040 1005 16.71%
040000213 879 14.62%
Other(7) 2916 48.49%
Subtotal(10) 6013 5.20%
dd - 30
f
dd - 31
f
dd - 32
f
dd - 33
f
dd - 34
f
preinterweb.mites.gob.
es/astin/
Other(4898) 66242 1.19%
Total(4905) 5588515 100.00%
dd - 35
f
dd - 36
f
dd - 37
f
dd - 38
f
dd - 39
f
Attack Summary
dd - 40
f
dd - 41
f
dd - 42
f
dd - 43
f
dd - 44
f
dd - 45
f
Attack Details
dd - 46
f
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level
Attack Details
Item Value
Date 2023-01-10 00:00:59
&
Time
Log 20000016
ID
MSG 1775098313
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 185.191.171.34
e
Sourc 27172
e Port
Destin 10.17.210.65
ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
dd - 47
f
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc United States
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level
Attack Details
Item Value
Date 2023-01-10 00:00:59
&
Time
Log 20000016
ID
MSG 1775098321
ID
Main HTTP Connection Failure
dd - 48
f
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 185.191.171.34
e
Sourc 34298
e Port
Destin 10.17.210.65
ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc United States
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
dd - 49
f
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level
Attack Details
Item Value
Date 2023-01-10 00:01:06
&
Time
Log 20000016
ID
MSG 1775098423
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 217.115.34.254
e
Sourc 54396
e Port
Destin 10.17.210.65
ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;193& 41; - no shared
ge
Signat Unknown
ure
Maincl
dd - 50
f
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc Sweden
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level
Attack Details
Item Value
Date 2023-01-10 00:01:08
&
Time
Log 20000008
ID
MSG 1775098430
ID
Main Signature Detection
Type
Sub Generic Attacks(Extended)
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 167.61.51.189
e
Sourc 64367
e Port
Destin 10.17.210.65
ation
Destin 443
dd - 51
f
ation
Port
Policy Pol_expinterweb
Action Alert
Http post
Metho
d
URL /rb_672bda62-27f5-4ac5-a713-9fda56ef7959
Http expinterweb.mites.gob.es
Host
Http Mozilla/5.0 (iPhone; CPU iPhone OS 16_1_2 like Mac OS X) AppleWebKit/605.1.15 (KHTML,
Agent like Gecko) Version/16.1 Mobile/15E148 Safari/604.1
Sessio 678B286A315DA7417E9BE4B07944C18E
n ID
Severi medium
ty
Level
Trigge N/A
r
Policy
Messa Parameter& 40;rf& 41; triggered signature ID 060140003 of Signatures policy
ge WP_Signature_EXPINTERWEB_ALL
Signat Unknown
ure
Maincl
ass
Type
Signat RFI Injection
ure
Subcl
ass
Type
Signat 060140003
ure ID
Sourc Uruguay
e
Count
ry
Serve EXPINTERWEB
r Pool
User Unknown
Name
Http https://expinterweb.mites.gob.es/regcon/index.htm
Refer
er
Http 1.x
Versio
n
Client A4C68DD35C513E09C066869C2B5BDAB401AF
Devic
e ID
Threa 25
t
Weigh
t
Histor 25
ical
Threa
t
Weigh
t
Threa Moderate
t
Level
dd - 52
f
Attack Details
Item Value
Date 2023-01-10 00:01:08
&
Time
Log 20000008
ID
MSG 1775098431
ID
Main Signature Detection
Type
Sub Generic Attacks(Extended)
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 167.61.51.189
e
Sourc 64367
e Port
Destin 10.17.210.65
ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert
Http post
Metho
d
URL /rb_672bda62-27f5-4ac5-a713-9fda56ef7959
Http expinterweb.mites.gob.es
Host
Http Mozilla/5.0 (iPhone; CPU iPhone OS 16_1_2 like Mac OS X) AppleWebKit/605.1.15 (KHTML,
Agent like Gecko) Version/16.1 Mobile/15E148 Safari/604.1
Sessio 678B286A315DA7417E9BE4B07944C18E
n ID
Severi medium
ty
Level
Trigge N/A
r
Policy
Messa Parameter& 40;$a& 41; triggered signature ID 060140003 of Signatures policy
ge WP_Signature_EXPINTERWEB_ALL
Signat Unknown
ure
Maincl
ass
Type
Signat RFI Injection
ure
Subcl
ass
Type
Signat 060140003
ure ID
Sourc Uruguay
e
Count
ry
Serve EXPINTERWEB
dd - 53
f
r Pool
User Unknown
Name
Http https://expinterweb.mites.gob.es/regcon/index.htm
Refer
er
Http 1.x
Versio
n
Client A4C68DD35C513E09C066869C2B5BDAB401AF
Devic
e ID
Threa 25
t
Weigh
t
Histor 50
ical
Threa
t
Weigh
t
Threa Moderate
t
Level
Attack Details
Item Value
Date 2023-01-10 00:01:10
&
Time
Log 20000008
ID
MSG 1775098436
ID
Main Signature Detection
Type
Sub Generic Attacks(Extended)
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 167.61.51.189
e
Sourc 64367
e Port
Destin 10.17.210.65
ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert
Http post
Metho
d
URL /rb_672bda62-27f5-4ac5-a713-9fda56ef7959
Http expinterweb.mites.gob.es
Host
Http Mozilla/5.0 (iPhone; CPU iPhone OS 16_1_2 like Mac OS X) AppleWebKit/605.1.15 (KHTML,
Agent like Gecko) Version/16.1 Mobile/15E148 Safari/604.1
Sessio 678B286A315DA7417E9BE4B07944C18E
n ID
dd - 54
f
Severi medium
ty
Level
Trigge N/A
r
Policy
Messa Parameter& 40;rf& 41; triggered signature ID 060140003 of Signatures policy
ge WP_Signature_EXPINTERWEB_ALL
Signat Unknown
ure
Maincl
ass
Type
Signat RFI Injection
ure
Subcl
ass
Type
Signat 060140003
ure ID
Sourc Uruguay
e
Count
ry
Serve EXPINTERWEB
r Pool
User Unknown
Name
Http https://expinterweb.mites.gob.es/regcon/index.htm
Refer
er
Http 1.x
Versio
n
Client A4C68DD35C513E09C066869C2B5BDAB401AF
Devic
e ID
Threa 25
t
Weigh
t
Histor 75
ical
Threa
t
Weigh
t
Threa Moderate
t
Level
Attack Details
Item Value
Date 2023-01-10 00:01:10
&
Time
Log 20000008
ID
MSG 1775098437
ID
Main Signature Detection
Type
Sub Generic Attacks(Extended)
Type
dd - 55
f
Priorit alert
y
Servic https/tls1.2
e
Sourc 167.61.51.189
e
Sourc 64367
e Port
Destin 10.17.210.65
ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert
Http post
Metho
d
URL /rb_672bda62-27f5-4ac5-a713-9fda56ef7959
Http expinterweb.mites.gob.es
Host
Http Mozilla/5.0 (iPhone; CPU iPhone OS 16_1_2 like Mac OS X) AppleWebKit/605.1.15 (KHTML,
Agent like Gecko) Version/16.1 Mobile/15E148 Safari/604.1
Sessio 678B286A315DA7417E9BE4B07944C18E
n ID
Severi medium
ty
Level
Trigge N/A
r
Policy
Messa Parameter& 40;$tvn& 41; triggered signature ID 060140003 of Signatures policy
ge WP_Signature_EXPINTERWEB_ALL
Signat Unknown
ure
Maincl
ass
Type
Signat RFI Injection
ure
Subcl
ass
Type
Signat 060140003
ure ID
Sourc Uruguay
e
Count
ry
Serve EXPINTERWEB
r Pool
User Unknown
Name
Http https://expinterweb.mites.gob.es/regcon/index.htm
Refer
er
Http 1.x
Versio
n
Client A4C68DD35C513E09C066869C2B5BDAB401AF
Devic
e ID
Threa 25
t
dd - 56
f
Weigh
t
Histor 100
ical
Threa
t
Weigh
t
Threa Moderate
t
Level
Attack Details
Item Value
Date 2023-01-10 00:01:10
&
Time
Log 20000016
ID
MSG 1775098439
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 157.55.39.89
e
Sourc 64640
e Port
Destin 10.17.210.65
ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
dd - 57
f
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc United States
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level
Attack Details
Item Value
Date 2023-01-10 00:01:11
&
Time
Log 20000016
ID
MSG 1775098440
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 157.55.39.89
e
Sourc 64641
e Port
Destin 10.17.210.65
ation
Destin 443
ation
Port
Policy Pol_expinterweb
dd - 58
f
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc United States
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level
Attack Details
Item Value
dd - 59
f
dd - 60
f
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level
Attack Details
Item Value
Date 2023-01-10 00:01:15
&
Time
Log 20000016
ID
MSG 1775098486
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 17.241.219.30
e
Sourc 41482
e Port
Destin 10.17.210.65
ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
dd - 61
f
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc United States
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level
Attack Details
Item Value
Date 2023-01-10 00:01:19
&
Time
Log 20000016
ID
MSG 1775098548
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
dd - 62
f
e
Sourc 37.97.137.40
e
Sourc 49006
e Port
Destin 10.17.210.12
ation
Destin 443
ation
Port
Policy Pol_delta
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc Netherlands
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
dd - 63
f
ical
Threa
t
Weigh
t
Threa Off
t
Level
Attack Details
Item Value
Date 2023-01-10 00:01:58
&
Time
Log 20000051
ID
MSG 1775098859
ID
Main Known Bots Detection
Type
Sub Crawler
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 23.55.111.181
e
Sourc 57762
e Port
Destin 10.17.210.40
ation
Destin 443
ation
Port
Policy Pol_Prensa_https_SNI
Action Alert_Deny
Http get
Metho
d
URL /robots.txt
Http prensa.mites.gob.es
Host
Http Mozilla/5.0 (compatible; DotBot/1.2; +https://opensiteexplorer.org/dotbot;
Agent [email protected])
Sessio none
n ID
Severi high
ty
Level
Trigge N/A
r
Policy
Messa Known Bots triggered Malicious Bot DotBot in category Crawler of Known Bots policy
ge Predefined - Known Bots
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
dd - 64
f
Type
Signat N/A
ure ID
Sourc United States
e
Count
ry
Serve Prensa_https_SNI
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client 7A2DD9840FA8F8C7C51D6EFD348633150D36
Devic
e ID
Threa 25
t
Weigh
t
Histor 475
ical
Threa
t
Weigh
t
Threa Moderate
t
Level
Attack Details
Item Value
Date 2023-01-10 00:02:10
&
Time
Log 20000016
ID
MSG 1775098911
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 37.14.71.80
e
Sourc 54746
e Port
Destin 10.17.210.65
ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert_Deny
Http none
Metho
dd - 65
f
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc Spain
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level
Attack Details
Item Value
Date 2023-01-10 00:02:12
&
Time
dd - 66
f
Log 20000016
ID
MSG 1775098957
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 92.190.165.45
e
Sourc 44336
e Port
Destin 10.17.210.65
ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc Spain
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
dd - 67
f
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level
Attack Details
Item Value
Date 2023-01-10 00:02:12
&
Time
Log 20000016
ID
MSG 1775098962
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 92.190.165.45
e
Sourc 44338
e Port
Destin 10.17.210.65
ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
dd - 68
f
Attack Details
Item Value
Date 2023-01-10 00:02:14
&
Time
Log 20000016
ID
MSG 1775098991
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 92.190.165.45
e
dd - 69
f
Sourc 44340
e Port
Destin 10.17.210.65
ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc Spain
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
dd - 70
f
Weigh
t
Threa Off
t
Level
Attack Details
Item Value
Date 2023-01-10 00:02:14
&
Time
Log 20000016
ID
MSG 1775098992
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 92.190.165.45
e
Sourc 44342
e Port
Destin 10.17.210.65
ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
dd - 71
f
Sourc Spain
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level
Attack Details
Item Value
Date 2023-01-10 00:02:23
&
Time
Log 20000016
ID
MSG 1775099038
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 206.189.127.129
e
Sourc 58016
e Port
Destin 10.17.210.12
ation
Destin 443
ation
Port
Policy Pol_delta
Action Alert_Deny
Http none
Metho
d
URL none
Http none
dd - 72
f
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc United Kingdom
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level
Attack Details
Item Value
Date 2023-01-10 00:03:25
&
Time
Log 20000016
ID
MSG 1775099572
dd - 73
f
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 37.97.137.40
e
Sourc 56846
e Port
Destin 10.17.210.12
ation
Destin 443
ation
Port
Policy Pol_delta
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc Netherlands
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
dd - 74
f
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level
Attack Details
Item Value
Date 2023-01-10 00:03:29
&
Time
Log 20000016
ID
MSG 1775099654
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 157.55.39.2
e
Sourc 25472
e Port
Destin 10.17.210.65
ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
dd - 75
f
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc United States
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level
Attack Details
Item Value
Date 2023-01-10 00:03:29
&
Time
Log 20000016
ID
MSG 1775099669
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 157.55.39.2
e
Sourc 25473
e Port
Destin 10.17.210.65
dd - 76
f
ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc United States
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
dd - 77
f
t
Level
Attack Details
Item Value
Date 2023-01-10 00:03:30
&
Time
Log 20000016
ID
MSG 1775099673
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 157.55.39.2
e
Sourc 25474
e Port
Destin 10.17.210.65
ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc United States
e
Count
dd - 78
f
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level
Attack Details
Item Value
Date 2023-01-10 00:03:30
&
Time
Log 20000016
ID
MSG 1775099675
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 157.55.39.2
e
Sourc 25475
e Port
Destin 10.17.210.65
ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
dd - 79
f
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;258& 41; - unsupported protocol
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc United States
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level
Attack Details
Item Value
Date 2023-01-10 00:03:34
&
Time
Log 20000016
ID
MSG 1775099731
ID
Main HTTP Connection Failure
Type
dd - 80
f
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 40.77.167.63
e
Sourc 48000
e Port
Destin 10.17.210.65
ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc United States
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
dd - 81
f
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level
Attack Details
Item Value
Date 2023-01-10 00:03:35
&
Time
Log 20000016
ID
MSG 1775099736
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 40.77.167.63
e
Sourc 48001
e Port
Destin 10.17.210.65
ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
dd - 82
f
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc United States
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level
Attack Details
Item Value
Date 2023-01-10 00:04:28
&
Time
Log 20000016
ID
MSG 1775100221
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 206.189.127.129
e
Sourc 39588
e Port
Destin 10.17.210.12
ation
Destin 443
ation
dd - 83
f
Port
Policy Pol_delta
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc United Kingdom
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level
dd - 84
f
Attack Details
Item Value
Date 2023-01-10 00:04:59
&
Time
Log 20000016
ID
MSG 1775100462
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 157.55.39.10
e
Sourc 37248
e Port
Destin 10.17.210.65
ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc United States
e
Count
ry
Serve none
r Pool
dd - 85
f
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level
Attack Details
Item Value
Date 2023-01-10 00:04:59
&
Time
Log 20000016
ID
MSG 1775100464
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 157.55.39.10
e
Sourc 37249
e Port
Destin 10.17.210.65
ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
dd - 86
f
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc United States
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level
Attack Details
Item Value
Date 2023-01-10 00:05:04
&
Time
Log 20000016
ID
MSG 1775100502
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
dd - 87
f
y
Servic https/tls1.2
e
Sourc 157.55.39.201
e
Sourc 37696
e Port
Destin 10.17.210.65
ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc United States
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
dd - 88
f
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level
Attack Details
Item Value
Date 2023-01-10 00:05:04
&
Time
Log 20000016
ID
MSG 1775100503
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 157.55.39.201
e
Sourc 37697
e Port
Destin 10.17.210.65
ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
dd - 89
f
Subcl
ass
Type
Signat N/A
ure ID
Sourc United States
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level
Attack Details
Item Value
Date 2023-01-10 00:05:11
&
Time
Log 20000016
ID
MSG 1775100610
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 66.249.76.7
e
Sourc 49760
e Port
Destin 10.17.210.65
ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert_Deny
dd - 90
f
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc Belgium
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level
Attack Details
Item Value
Date 2023-01-10 00:05:31
dd - 91
f
&
Time
Log 20000016
ID
MSG 1775100826
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 37.97.137.40
e
Sourc 37986
e Port
Destin 10.17.210.12
ation
Destin 443
ation
Port
Policy Pol_delta
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc Netherlands
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
dd - 92
f
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level
Attack Details
Item Value
Date 2023-01-10 00:06:34
&
Time
Log 20000016
ID
MSG 1775101756
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 206.189.127.129
e
Sourc 47358
e Port
Destin 10.17.210.12
ation
Destin 443
ation
Port
Policy Pol_delta
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
dd - 93
f
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc United Kingdom
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level
Attack Details
Item Value
Date 2023-01-10 00:07:08
&
Time
Log 20000016
ID
MSG 1775102058
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
dd - 94
f
Sourc 169.228.66.212
e
Sourc 49246
e Port
Destin 10.17.210.64
ation
Destin 443
ation
Port
Policy Pol_libreriavirtual
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc United States
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
dd - 95
f
Threa
t
Weigh
t
Threa Off
t
Level
Attack Details
Item Value
Date 2023-01-10 00:07:29
&
Time
Log 20000016
ID
MSG 1775102231
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 157.55.39.10
e
Sourc 38912
e Port
Destin 10.17.210.65
ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
dd - 96
f
Signat N/A
ure ID
Sourc United States
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level
Attack Details
Item Value
Date 2023-01-10 00:07:29
&
Time
Log 20000016
ID
MSG 1775102232
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 157.55.39.10
e
Sourc 38913
e Port
Destin 10.17.210.65
ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert_Deny
Http none
Metho
d
dd - 97
f
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc United States
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level
Attack Details
Item Value
Date 2023-01-10 00:07:39
&
Time
Log 20000016
dd - 98
f
ID
MSG 1775102333
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 213.180.203.77
e
Sourc 64414
e Port
Destin 10.17.210.65
ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc Russian Federation
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
dd - 99
f
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level
Attack Details
Item Value
Date 2023-01-10 00:07:39
&
Time
Log 20000016
ID
MSG 1775102334
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 213.180.203.77
e
Sourc 64490
e Port
Destin 10.17.210.65
ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
dd - 100
f
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc Russian Federation
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level
Attack Details
Item Value
Date 2023-01-10 00:07:39
&
Time
Log 20000016
ID
MSG 1775102335
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.1
e
Sourc 213.180.203.77
e
Sourc 64566
dd - 101
f
e Port
Destin 10.17.210.65
ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;258& 41; - unsupported protocol
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc Russian Federation
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
dd - 102
f
t
Threa Off
t
Level
Attack Details
Item Value
Date 2023-01-10 00:07:40
&
Time
Log 20000016
ID
MSG 1775102346
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.0
e
Sourc 213.180.203.77
e
Sourc 64656
e Port
Destin 10.17.210.65
ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;258& 41; - unsupported protocol
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc Russian Federation
dd - 103
f
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level
Attack Details
Item Value
Date 2023-01-10 00:07:42
&
Time
Log 20000016
ID
MSG 1775102440
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 37.97.137.40
e
Sourc 50248
e Port
Destin 10.17.210.12
ation
Destin 443
ation
Port
Policy Pol_delta
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
dd - 104
f
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc Netherlands
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level
Attack Details
Item Value
Date 2023-01-10 00:08:21
&
Time
Log 20000016
ID
MSG 1775102832
ID
dd - 105
f
dd - 106
f
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level
Attack Details
Item Value
Date 2023-01-10 00:08:22
&
Time
Log 20000016
ID
MSG 1775102834
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 40.77.167.40
e
Sourc 2881
e Port
Destin 10.17.210.65
ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
dd - 107
f
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc United States
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level
Attack Details
Item Value
Date 2023-01-10 00:08:48
&
Time
Log 20000016
ID
MSG 1775103099
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 206.189.127.129
e
Sourc 56172
e Port
Destin 10.17.210.12
ation
dd - 108
f
Destin 443
ation
Port
Policy Pol_delta
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc United Kingdom
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
dd - 109
f
Level
Attack Details
Item Value
Date 2023-01-10 00:08:50
&
Time
Log 20000016
ID
MSG 1775103180
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 157.55.39.201
e
Sourc 37376
e Port
Destin 10.17.210.65
ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc United States
e
Count
ry
dd - 110
f
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level
Attack Details
Item Value
Date 2023-01-10 00:08:51
&
Time
Log 20000016
ID
MSG 1775103183
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 157.55.39.201
e
Sourc 37377
e Port
Destin 10.17.210.65
ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
dd - 111
f
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc United States
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level
Attack Details
Item Value
Date 2023-01-10 00:09:40
&
Time
Log 20000037
ID
MSG 1775103873
ID
Main Machine Learning
Type
Sub Model test failed
dd - 112
f
Type
Priorit alert
y
Servic tcp
e
Sourc 0.0.0.0
e
Sourc 0
e Port
Destin 0.0.0.0
ation
Destin 0
ation
Port
Policy Pol_expinterweb
Action Alert
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi informative
ty
Level
Trigge N/A
r
Policy
Messa The mathematical model of argument& 60;idDivProv& 62;& 40;2228& 41; in *.mites.gob.es
ge failed. Model
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc Unknown
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http unknown
Versio
n
Client none
Devic
e ID
Threa 0
dd - 113
f
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Low
t
Level
Attack Details
Item Value
Date 2023-01-10 00:09:40
&
Time
Log 20000037
ID
MSG 1775103874
ID
Main Machine Learning
Type
Sub Model test failed
Type
Priorit alert
y
Servic tcp
e
Sourc 0.0.0.0
e
Sourc 0
e Port
Destin 0.0.0.0
ation
Destin 0
ation
Port
Policy Pol_expinterweb
Action Alert
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi informative
ty
Level
Trigge N/A
r
Policy
Messa The mathematical model of argument& 60;hayConvenios& 62;& 40;2231& 41; in
ge *.mites.gob.es failed. Model
Signat Unknown
ure
Maincl
ass
Type
dd - 114
f
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc Unknown
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http unknown
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Low
t
Level
Attack Details
Item Value
Date 2023-01-10 00:09:40
&
Time
Log 20000037
ID
MSG 1775103875
ID
Main Machine Learning
Type
Sub Model test failed
Type
Priorit alert
y
Servic tcp
e
Sourc 0.0.0.0
e
Sourc 0
e Port
Destin 0.0.0.0
ation
Destin 0
ation
Port
dd - 115
f
Policy Pol_expinterweb
Action Alert
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi informative
ty
Level
Trigge N/A
r
Policy
Messa The mathematical model of argument& 60;detalleProvincia& 62;& 40;2232& 41; in
ge *.mites.gob.es failed. Model
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc Unknown
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http unknown
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Low
t
Level
Attack Details
dd - 116
f
Item Value
Date 2023-01-10 00:09:40
&
Time
Log 20000037
ID
MSG 1775103876
ID
Main Machine Learning
Type
Sub Model test failed
Type
Priorit alert
y
Servic tcp
e
Sourc 0.0.0.0
e
Sourc 0
e Port
Destin 0.0.0.0
ation
Destin 0
ation
Port
Policy Pol_expinterweb
Action Alert
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi informative
ty
Level
Trigge N/A
r
Policy
Messa The mathematical model of argument& 60;provinciaId& 62;& 40;2233& 41; in
ge *.mites.gob.es failed. Model
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc Unknown
e
Count
ry
Serve none
r Pool
User Unknown
dd - 117
f
Name
Http none
Refer
er
Http unknown
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Low
t
Level
Attack Details
Item Value
Date 2023-01-10 00:09:48
&
Time
Log 20000016
ID
MSG 1775104025
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 157.55.39.86
e
Sourc 3648
e Port
Destin 10.17.210.65
ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
dd - 118
f
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc United States
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level
Attack Details
Item Value
Date 2023-01-10 00:09:48
&
Time
Log 20000016
ID
MSG 1775104026
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
dd - 119
f
Servic https/tls1.2
e
Sourc 157.55.39.86
e
Sourc 3393
e Port
Destin 10.17.210.65
ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc United States
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
dd - 120
f
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level
Attack Details
Item Value
Date 2023-01-10 00:09:49
&
Time
Log 20000051
ID
MSG 1775104053
ID
Main Known Bots Detection
Type
Sub Crawler
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 23.59.168.230
e
Sourc 52950
e Port
Destin 10.17.210.40
ation
Destin 443
ation
Port
Policy Pol_Prensa_https_SNI
Action Alert_Deny
Http get
Metho
d
URL /WebPrensa/img/noticias/principal/20220525_17_52_25_photo_2022-05-25_17-04-05.jpg
Http prensa.mites.gob.es
Host
Http Mozilla/5.0 (Linux; Android 7.0;) AppleWebKit/537.36 (KHTML, like Gecko) Mobile
Agent Safari/537.36 (compatible; PetalBot;+https://webmaster.petalsearch.com/site/petalbot)
Sessio none
n ID
Severi high
ty
Level
Trigge N/A
r
Policy
Messa Known Bots triggered Malicious Bot PetalBot in category Crawler of Known Bots policy
ge Predefined - Known Bots
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
dd - 121
f
ass
Type
Signat N/A
ure ID
Sourc Singapore
e
Count
ry
Serve Prensa_https_SNI
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client 76EE5589BFEC42394E3A3C4AEE666FB90AF9
Devic
e ID
Threa 25
t
Weigh
t
Histor 75
ical
Threa
t
Weigh
t
Threa Moderate
t
Level
Attack Details
Item Value
Date 2023-01-10 00:09:55
&
Time
Log 20000016
ID
MSG 1775104166
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 37.97.137.40
e
Sourc 60968
e Port
Destin 10.17.210.12
ation
Destin 443
ation
Port
Policy Pol_delta
Action Alert_Deny
Http none
dd - 122
f
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc Netherlands
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level
Attack Details
Item Value
Date 2023-01-10 00:10:28
&
dd - 123
f
Time
Log 20000016
ID
MSG 1775104443
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 66.249.76.7
e
Sourc 57613
e Port
Destin 10.17.210.65
ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc Belgium
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
dd - 124
f
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level
Attack Details
Item Value
Date 2023-01-10 00:10:36
&
Time
Log 20000008
ID
MSG 1775104537
ID
Main Signature Detection
Type
Sub Generic Attacks
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 10.179.34.146
e
Sourc 64465
e Port
Destin 10.17.210.12
ation
Destin 443
ation
Port
Policy Pol_delta
Action Alert_Deny
Http get
Metho
d
URL /Delta2Web/gusu/../gpat/CritConsultaPat.jsp
Http delta.mites.gob.es
Host
Http Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Firefox/60.0 Java/1.8.0_221
Agent
Sessio 678B28691B115C687C4FFDEE23388403
n ID
Severi high
ty
Level
Trigge N/A
r
dd - 125
f
Policy
Messa URI triggered signature ID 050180008 of Signatures policy MEYSS_Signature_MEDIUM
ge
Signat Unknown
ure
Maincl
ass
Type
Signat Directory Traversal
ure
Subcl
ass
Type
Signat 050180008
ure ID
Sourc Reserved
e
Count
ry
Serve Delta_PRO
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client 8688CC67609208AACEF0D65DB7F40ED625B7
Devic
e ID
Threa 100
t
Weigh
t
Histor 100
ical
Threa
t
Weigh
t
Threa Severe
t
Level
Attack Details
Item Value
Date 2023-01-10 00:10:37
&
Time
Log 20000016
ID
MSG 1775104556
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 173.252.83.20
dd - 126
f
e
Sourc 39480
e Port
Destin 10.17.210.65
ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc United States
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
dd - 127
f
t
Weigh
t
Threa Off
t
Level
Attack Details
Item Value
Date 2023-01-10 00:10:38
&
Time
Log 20000016
ID
MSG 1775104561
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 173.252.79.14
e
Sourc 45718
e Port
Destin 10.17.210.65
ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
dd - 128
f
ure ID
Sourc United States
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level
Attack Details
Item Value
Date 2023-01-10 00:10:55
&
Time
Log 20000016
ID
MSG 1775104736
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 216.244.66.232
e
Sourc 45424
e Port
Destin 10.17.210.65
ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert_Deny
Http none
Metho
d
URL none
dd - 129
f
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc United States
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level
Attack Details
Item Value
Date 2023-01-10 00:10:58
&
Time
Log 20000016
ID
dd - 130
f
MSG 1775104743
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 206.189.127.129
e
Sourc 37780
e Port
Destin 10.17.210.12
ation
Destin 443
ation
Port
Policy Pol_delta
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc United Kingdom
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
dd - 131
f
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level
Attack Details
Item Value
Date 2023-01-10 00:11:06
&
Time
Log 20000016
ID
MSG 1775104819
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 216.244.66.232
e
Sourc 47258
e Port
Destin 10.17.210.65
ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
dd - 132
f
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc United States
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level
Attack Details
Item Value
Date 2023-01-10 00:11:08
&
Time
Log 20000008
ID
MSG 1775104888
ID
Main Signature Detection
Type
Sub Generic Attacks(Extended)
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 81.202.2.92
e
Sourc 53595
e Port
dd - 133
f
Destin 10.17.210.65
ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert
Http post
Metho
d
URL /rb_672bda62-27f5-4ac5-a713-9fda56ef7959
Http expinterweb.mites.gob.es
Host
Http Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko)
Agent Chrome/108.0.0.0 Safari/537.36 Edg/108.0.1462.76
Sessio 678B286A9FA9E88E201C127571A29158
n ID
Severi medium
ty
Level
Trigge N/A
r
Policy
Messa Parameter& 40;rf& 41; triggered signature ID 060140003 of Signatures policy
ge WP_Signature_EXPINTERWEB_ALL
Signat Unknown
ure
Maincl
ass
Type
Signat RFI Injection
ure
Subcl
ass
Type
Signat 060140003
ure ID
Sourc Spain
e
Count
ry
Serve EXPINTERWEB
r Pool
User Unknown
Name
Http https://expinterweb.mites.gob.es/regcon/
Refer
er
Http 1.x
Versio
n
Client 1D25B0660503EADC894F8B9953B3EF07BF4B
Devic
e ID
Threa 25
t
Weigh
t
Histor 25
ical
Threa
t
Weigh
t
dd - 134
f
Threa Moderate
t
Level
Attack Details
Item Value
Date 2023-01-10 00:11:22
&
Time
Log 20000016
ID
MSG 1775105004
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 46.26.248.1
e
Sourc 53774
e Port
Destin 10.17.210.65
ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc Spain
e
dd - 135
f
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level
Attack Details
Item Value
Date 2023-01-10 00:11:22
&
Time
Log 20000016
ID
MSG 1775105005
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 46.26.248.1
e
Sourc 53776
e Port
Destin 10.17.210.65
ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
dd - 136
f
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc Spain
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level
Attack Details
Item Value
Date 2023-01-10 00:11:22
&
Time
Log 20000016
ID
MSG 1775105049
ID
Main HTTP Connection Failure
dd - 137
f
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 46.26.248.1
e
Sourc 53778
e Port
Destin 10.17.210.65
ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc Spain
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
dd - 138
f
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level
Attack Details
Item Value
Date 2023-01-10 00:11:22
&
Time
Log 20000016
ID
MSG 1775105050
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 46.26.248.1
e
Sourc 53780
e Port
Destin 10.17.210.65
ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
dd - 139
f
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc Spain
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level
Attack Details
Item Value
Date 2023-01-10 00:11:39
&
Time
Log 20000016
ID
MSG 1775105168
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 185.191.171.39
e
Sourc 12008
e Port
Destin 10.17.210.65
ation
Destin 443
dd - 140
f
ation
Port
Policy Pol_expinterweb
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc United States
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level
dd - 141
f
Attack Details
Item Value
Date 2023-01-10 00:11:39
&
Time
Log 20000016
ID
MSG 1775105171
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 185.191.171.39
e
Sourc 13496
e Port
Destin 10.17.210.65
ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc United States
e
Count
ry
Serve none
dd - 142
f
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level
Attack Details
Item Value
Date 2023-01-10 00:12:00
&
Time
Log 20000016
ID
MSG 1775105394
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 37.97.137.40
e
Sourc 42562
e Port
Destin 10.17.210.12
ation
Destin 443
ation
Port
Policy Pol_delta
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
dd - 143
f
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc Netherlands
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level
Attack Details
Item Value
Date 2023-01-10 00:12:14
&
Time
Log 20000016
ID
MSG 1775105462
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
dd - 144
f
Priorit alert
y
Servic https/tls1.2
e
Sourc 40.77.167.63
e
Sourc 47872
e Port
Destin 10.17.210.65
ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc United States
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
dd - 145
f
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level
Attack Details
Item Value
Date 2023-01-10 00:12:15
&
Time
Log 20000016
ID
MSG 1775105464
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 40.77.167.63
e
Sourc 47873
e Port
Destin 10.17.210.65
ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
dd - 146
f
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc United States
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level
Attack Details
Item Value
Date 2023-01-10 00:12:47
&
Time
Log 20000016
ID
MSG 1775105721
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 157.55.39.86
e
Sourc 3648
e Port
Destin 10.17.210.9
ation
Destin 443
ation
Port
Policy Pol_bibliotecavirtual
dd - 147
f
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc United States
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level
Attack Details
Item Value
dd - 148
f
dd - 149
f
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level
Attack Details
Item Value
Date 2023-01-10 00:13:06
&
Time
Log 20000016
ID
MSG 1775105813
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 206.189.127.129
e
Sourc 45658
e Port
Destin 10.17.210.12
ation
Destin 443
ation
Port
Policy Pol_delta
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
dd - 150
f
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc United Kingdom
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level
Attack Details
Item Value
Date 2023-01-10 00:13:21
&
Time
Log 20000016
ID
MSG 1775105918
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
dd - 151
f
e
Sourc 216.244.66.232
e
Sourc 36098
e Port
Destin 10.17.210.65
ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc United States
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
dd - 152
f
ical
Threa
t
Weigh
t
Threa Off
t
Level
Attack Details
Item Value
Date 2023-01-10 00:13:22
&
Time
Log 20000016
ID
MSG 1775105935
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 157.55.39.201
e
Sourc 37376
e Port
Destin 10.17.210.65
ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
dd - 153
f
Type
Signat N/A
ure ID
Sourc United States
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level
Attack Details
Item Value
Date 2023-01-10 00:13:22
&
Time
Log 20000016
ID
MSG 1775105953
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 157.55.39.201
e
Sourc 37377
e Port
Destin 10.17.210.65
ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert_Deny
Http none
Metho
dd - 154
f
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc United States
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level
Attack Details
Item Value
Date 2023-01-10 00:14:09
&
Time
dd - 155
f
Log 20000016
ID
MSG 1775106424
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 37.97.137.40
e
Sourc 53076
e Port
Destin 10.17.210.12
ation
Destin 443
ation
Port
Policy Pol_delta
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc Netherlands
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
dd - 156
f
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level
Attack Details
Item Value
Date 2023-01-10 00:14:10
&
Time
Log 20000008
ID
MSG 1775106426
ID
Main Signature Detection
Type
Sub Generic Attacks(Extended)
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 83.44.52.242
e
Sourc 60935
e Port
Destin 10.17.210.65
ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert
Http post
Metho
d
URL /rb_672bda62-27f5-4ac5-a713-9fda56ef7959
Http expinterweb.mites.gob.es
Host
Http Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko)
Agent Chrome/108.0.0.0 Safari/537.36
Sessio 678B286AF889F3A3DA9CD88CC7CCB083
n ID
Severi medium
ty
Level
Trigge N/A
r
Policy
dd - 157
f
Attack Details
Item Value
Date 2023-01-10 00:14:10
&
Time
Log 20000008
ID
MSG 1775106427
ID
Main Signature Detection
Type
Sub Generic Attacks(Extended)
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 83.44.52.242
e
dd - 158
f
Sourc 60935
e Port
Destin 10.17.210.65
ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert
Http post
Metho
d
URL /rb_672bda62-27f5-4ac5-a713-9fda56ef7959
Http expinterweb.mites.gob.es
Host
Http Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko)
Agent Chrome/108.0.0.0 Safari/537.36
Sessio 678B286AF889F3A3DA9CD88CC7CCB083
n ID
Severi medium
ty
Level
Trigge N/A
r
Policy
Messa Parameter& 40;$a& 41; triggered signature ID 060140003 of Signatures policy
ge WP_Signature_EXPINTERWEB_ALL
Signat Unknown
ure
Maincl
ass
Type
Signat RFI Injection
ure
Subcl
ass
Type
Signat 060140003
ure ID
Sourc Spain
e
Count
ry
Serve EXPINTERWEB
r Pool
User Unknown
Name
Http https://expinterweb.mites.gob.es/regcon/index.htm
Refer
er
Http 1.x
Versio
n
Client 89745709D2DFC5DA260E017145D16793FB06
Devic
e ID
Threa 25
t
Weigh
t
Histor 50
ical
Threa
t
dd - 159
f
Weigh
t
Threa Moderate
t
Level
Attack Details
Item Value
Date 2023-01-10 00:15:14
&
Time
Log 20000016
ID
MSG 1775106924
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 206.189.127.129
e
Sourc 54256
e Port
Destin 10.17.210.12
ation
Destin 443
ation
Port
Policy Pol_delta
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
dd - 160
f
Attack Details
Item Value
Date 2023-01-10 00:15:18
&
Time
Log 20000016
ID
MSG 1775106946
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 157.55.39.86
e
Sourc 2624
e Port
Destin 10.17.210.65
ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert_Deny
Http none
Metho
d
URL none
Http none
dd - 161
f
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc United States
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level
Attack Details
Item Value
Date 2023-01-10 00:15:18
&
Time
Log 20000016
ID
MSG 1775106965
dd - 162
f
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 157.55.39.86
e
Sourc 2625
e Port
Destin 10.17.210.65
ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc United States
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
dd - 163
f
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level
Attack Details
Item Value
Date 2023-01-10 00:16:11
&
Time
Log 20000016
ID
MSG 1775107559
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 40.77.167.40
e
Sourc 1600
e Port
Destin 10.17.210.65
ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
dd - 164
f
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc United States
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level
Attack Details
Item Value
Date 2023-01-10 00:16:11
&
Time
Log 20000016
ID
MSG 1775107560
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 40.77.167.40
e
Sourc 1601
e Port
Destin 10.17.210.65
dd - 165
f
ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc United States
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
dd - 166
f
t
Level
Attack Details
Item Value
Date 2023-01-10 00:16:16
&
Time
Log 20000016
ID
MSG 1775107649
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 157.55.39.89
e
Sourc 64640
e Port
Destin 10.17.210.65
ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc United States
e
Count
dd - 167
f
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level
Attack Details
Item Value
Date 2023-01-10 00:16:16
&
Time
Log 20000016
ID
MSG 1775107650
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 157.55.39.89
e
Sourc 64641
e Port
Destin 10.17.210.65
ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
dd - 168
f
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc United States
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level
Attack Details
Item Value
Date 2023-01-10 00:16:18
&
Time
Log 20000016
ID
MSG 1775107656
ID
Main HTTP Connection Failure
Type
dd - 169
f
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 37.97.137.40
e
Sourc 33012
e Port
Destin 10.17.210.12
ation
Destin 443
ation
Port
Policy Pol_delta
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc Netherlands
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
dd - 170
f
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level
Attack Details
Item Value
Date 2023-01-10 00:16:22
&
Time
Log 20000016
ID
MSG 1775107693
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 173.252.95.10
e
Sourc 62572
e Port
Destin 10.17.210.65
ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
dd - 171
f
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc United States
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level
Attack Details
Item Value
Date 2023-01-10 00:16:28
&
Time
Log 20000016
ID
MSG 1775107737
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 185.191.171.45
e
Sourc 30946
e Port
Destin 10.17.210.65
ation
Destin 443
ation
dd - 172
f
Port
Policy Pol_expinterweb
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc United States
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level
dd - 173
f
Attack Details
Item Value
Date 2023-01-10 00:16:28
&
Time
Log 20000016
ID
MSG 1775107738
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 185.191.171.45
e
Sourc 31038
e Port
Destin 10.17.210.65
ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc United States
e
Count
ry
Serve none
r Pool
dd - 174
f
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level
Attack Details
Item Value
Date 2023-01-10 00:16:40
&
Time
Log 20000016
ID
MSG 1775107887
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 130.211.54.158
e
Sourc 43512
e Port
Destin 10.17.210.64
ation
Destin 443
ation
Port
Policy Pol_libreriavirtual
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
dd - 175
f
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc Belgium
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level
Attack Details
Item Value
Date 2023-01-10 00:16:42
&
Time
Log 20000016
ID
MSG 1775107900
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
dd - 176
f
y
Servic https/tls1.2
e
Sourc 35.233.62.116
e
Sourc 50122
e Port
Destin 10.17.210.64
ation
Destin 443
ation
Port
Policy Pol_libreriavirtual
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc Belgium
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
dd - 177
f
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level
Attack Details
Item Value
Date 2023-01-10 00:16:46
&
Time
Log 20000016
ID
MSG 1775107907
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 35.233.62.116
e
Sourc 43786
e Port
Destin 10.17.210.64
ation
Destin 443
ation
Port
Policy Pol_libreriavirtual
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
dd - 178
f
Subcl
ass
Type
Signat N/A
ure ID
Sourc Belgium
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level
Attack Details
Item Value
Date 2023-01-10 00:16:53
&
Time
Log 20000016
ID
MSG 1775107996
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 157.55.39.89
e
Sourc 64642
e Port
Destin 10.17.210.65
ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert_Deny
dd - 179
f
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc United States
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level
Attack Details
Item Value
Date 2023-01-10 00:16:53
dd - 180
f
&
Time
Log 20000016
ID
MSG 1775108011
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 157.55.39.89
e
Sourc 64643
e Port
Destin 10.17.210.65
ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc United States
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
dd - 181
f
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level
Attack Details
Item Value
Date 2023-01-10 00:17:01
&
Time
Log 20000016
ID
MSG 1775108072
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 88.20.206.206
e
Sourc 51255
e Port
Destin 10.17.210.65
ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
dd - 182
f
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc Spain
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level
Attack Details
Item Value
Date 2023-01-10 00:17:01
&
Time
Log 20000016
ID
MSG 1775108073
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
dd - 183
f
Sourc 88.20.206.206
e
Sourc 51256
e Port
Destin 10.17.210.65
ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc Spain
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
dd - 184
f
Threa
t
Weigh
t
Threa Off
t
Level
dd - 185