0% found this document useful (0 votes)
121 views185 pages

Attack

The document is a security report detailing attacks detected between January 10th and January 16th, 2023. It provides statistics on the top attack types by date, including HTTP connection failures which accounted for over 97% of all detected attacks. It also shows the most common attack types by month and day of week. The report lists the top attacked sources and destinations and includes breakdowns of attacks by severity, protocol, and other categories.

Uploaded by

Septis Sitpes
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as RTF, PDF, TXT or read online on Scribd
0% found this document useful (0 votes)
121 views185 pages

Attack

The document is a security report detailing attacks detected between January 10th and January 16th, 2023. It provides statistics on the top attack types by date, including HTTP connection failures which accounted for over 97% of all detected attacks. It also shows the most common attack types by month and day of week. The report lists the top attacked sources and destinations and includes breakdowns of attacks by severity, protocol, and other categories.

Uploaded by

Septis Sitpes
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as RTF, PDF, TXT or read online on Scribd
You are on page 1/ 185

      f

  
Attack
  
Company Name:    Fujitsu
Report Title:    dd
Generated on:    Tue Jan 17 21:12:06 2023
Period:    2023-01-10 00:00 - 2023-01-16 23:59
Filters:    None
Scheduled at:    Every day at 11:15

dd    - 1
      f

Table of Contents

Attack by Time ..............................................................................................................................................


Top Attack Types by Date .............................................................................................................................
Top Attack Types by Month ..........................................................................................................................
Top Attack Types by Day of Week ...............................................................................................................
Top Attack Types by Hour of Day ................................................................................................................
Attacks By Date .............................................................................................................................................
Top Attack Severity by Date .........................................................................................................................
Top Attack Severity by Month .....................................................................................................................
Top Attack Severity by Day of Week ...........................................................................................................
Top Attack Severity by Hour of Day ............................................................................................................
Top Attacks Summary ...................................................................................................................................
Top Attack Sources ........................................................................................................................................
Top Attacked Destinations ............................................................................................................................
Top Attack Types ...........................................................................................................................................
Top Attack Protocols by Type .......................................................................................................................
Attack Categories by Type ............................................................................................................................
Top Attack Severities by Action ...................................................................................................................
Top Attack Destinations by Type ..................................................................................................................
Top Attack Destinations by Source ..............................................................................................................
Top Attack Types by Source .........................................................................................................................
Top Attacked Http methods by Type ...........................................................................................................
Attacks By Policy ...........................................................................................................................................
Top Attack URLs ...........................................................................................................................................
Top Attacked User Identifications ................................................................................................................
Top Triggered Source Countries ..................................................................................................................
Top Triggered Signature IDs ........................................................................................................................
Top Triggered Signature IDs By Type .........................................................................................................
FortiSandbox Statistics (Last 7 Days) ..........................................................................................................
Top Attacked Http Host ................................................................................................................................
Top Attacked User Name ..............................................................................................................................
Top Attacked Http Referer ...........................................................................................................................
Top Attacked Http Version ...........................................................................................................................
Top Threat Weights by Client Device IDs ...................................................................................................
Top Attack Attempts by Client Device IDs ..................................................................................................
Top Attack Categories by Client Device IDs ...............................................................................................
Attack Summary ............................................................................................................................................
Attack Details .................................................................................................................................................

Attack by Time

Top Attack Types by Date

The daily breakdown of the most frequently detected attack types.

dd    - 2
      f

Top Attack Types by Date


Date Attack Type Events Percent
2023-01-10 HTTP Connection 1970880 98.94%
Failure
Generic 9238 0.46%
Attacks(Extended)
Generic Attacks 6619 0.33%
Other(9) 5304 0.27%
Subtotal(12) 1992041 35.65%
2023-01-11 HTTP Connection 3407671 99.38%
Failure
Generic 9644 0.28%
Attacks(Extended)
Generic Attacks 5205 0.15%
Other(9) 6245 0.18%
Subtotal(12) 3428765 61.35%
2023-01-12 HTTP Connection 14179 42.51%
Failure
Generic 9541 28.61%
Attacks(Extended)
Generic Attacks 4129 12.38%
Other(8) 5505 16.50%
Subtotal(11) 33354 0.60%
2023-01-13 HTTP Connection 13461 24.33%
Failure
SQL Injection 11250 20.34%
Generic 8813 15.93%
Attacks(Extended)
Other(12) 21795 39.40%
Subtotal(15) 55319 0.99%
2023-01-14 HTTP Connection 11244 82.80%
Failure
Generic 1181 8.70%
Attacks(Extended)
Generic Attacks 610 4.49%
Other(8) 545 4.01%
Subtotal(11) 13580 0.24%
2023-01-15 HTTP Connection 10776 83.97%
Failure
Generic 1074 8.37%
Attacks(Extended)
Generic Attacks 324 2.52%
Other(7) 659 5.14%
Subtotal(10) 12833 0.23%
2023-01-16 HTTP Connection 15161 28.81%
Failure
Generic 11140 21.17%
Attacks(Extended)
SQL Injection 7900 15.01%
Other(11) 18422 35.01%

dd    - 3
      f

Subtotal(14) 52623 0.94%


Total(7) 5588515 100.00%

Top Attack Types by Month

The monthly breakdown of the most frequently detected attack types.


Top Attack Types by Month
Month Attack Type Events Percent
2023-jan HTTP Connection 5443372 97.40%
Failure
Generic 50631 0.91%
Attacks(Extended)
Generic Attacks 29773 0.53%
Other(12) 64739 1.16%
Subtotal(15) 5588515 100.00%
Total(1) 5588515 100.00%

dd    - 4
      f

Top Attack Types by Day of Week

The daily breakdown of the most frequently detected attack types.


Top Attack Types by Day of Week
Day of Week Attack Type Events Percent
MON HTTP Connection 15161 28.81%
Failure
Generic 11140 21.17%
Attacks(Extended)
SQL Injection 7900 15.01%
Other(11) 18422 35.01%
Subtotal(14) 52623 0.94%
TUE HTTP Connection 1970880 98.94%
Failure
Generic 9238 0.46%
Attacks(Extended)
Generic Attacks 6619 0.33%
Other(9) 5304 0.27%
Subtotal(12) 1992041 35.65%
WED HTTP Connection 3407671 99.38%
Failure
Generic 9644 0.28%
Attacks(Extended)
Generic Attacks 5205 0.15%
Other(9) 6245 0.18%
Subtotal(12) 3428765 61.35%

dd    - 5
      f

THU HTTP Connection 14179 42.51%


Failure
Generic 9541 28.61%
Attacks(Extended)
Generic Attacks 4129 12.38%
Other(8) 5505 16.50%
Subtotal(11) 33354 0.60%
FRI HTTP Connection 13461 24.33%
Failure
SQL Injection 11250 20.34%
Generic 8813 15.93%
Attacks(Extended)
Other(12) 21795 39.40%
Subtotal(15) 55319 0.99%
SAT HTTP Connection 11244 82.80%
Failure
Generic 1181 8.70%
Attacks(Extended)
Generic Attacks 610 4.49%
Other(8) 545 4.01%
Subtotal(11) 13580 0.24%
SUN HTTP Connection 10776 83.97%
Failure
Generic 1074 8.37%
Attacks(Extended)
Generic Attacks 324 2.52%
Other(7) 659 5.14%
Subtotal(10) 12833 0.23%
Total(7) 5588515 100.00%

dd    - 6
      f

Top Attack Types by Hour of Day

The hourly breakdown of the most frequently detected attack types.


Top Attack Types by Hour of Day
Hour Attack Type Events Percent
00:00 - 01:00 HTTP Connection 216600 99.83%
Failure
Generic 205 0.09%
Attacks(Extended)
Generic Attacks 55 0.03%
Other(7) 119 0.05%
Subtotal(10) 216979 3.88%
01:00 - 02:00 HTTP Connection 215619 99.81%
Failure
Generic 143 0.07%
Attacks(Extended)
Generic Attacks 139 0.06%
Other(7) 118 0.05%
Subtotal(10) 216019 3.87%
02:00 - 03:00 HTTP Connection 215060 99.86%
Failure
Generic 119 0.06%
Attacks(Extended)
Generic Attacks 81 0.04%
Other(4) 109 0.05%
Subtotal(7) 215369 3.85%

dd    - 7
      f

03:00 - 04:00 HTTP Connection 214605 99.88%


Failure
Known Bots 121 0.06%
Detection
Generic 92 0.04%
Attacks(Extended)
Other(6) 39 0.02%
Subtotal(9) 214857 3.84%
04:00 - 05:00 HTTP Connection 213062 99.87%
Failure
Generic Attacks 95 0.04%
Generic 86 0.04%
Attacks(Extended)
Other(5) 91 0.04%
Subtotal(8) 213334 3.82%
05:00 - 06:00 HTTP Connection 212441 99.90%
Failure
Generic 132 0.06%
Attacks(Extended)
Known Bots 52 0.02%
Detection
Other(6) 39 0.02%
Subtotal(9) 212664 3.81%
06:00 - 07:00 HTTP Connection 212470 99.87%
Failure
Generic 123 0.06%
Attacks(Extended)
Known Bots 67 0.03%
Detection
Other(8) 93 0.04%
Subtotal(11) 212753 3.81%
Other(17) 4086540 73.12%
Total(24) 5588515 100.00%

dd    - 8
      f

Attacks By Date

The daily breakdown of the number of detected attacks.


Attacks By Date
Date Events Percent
2023-01-10 1992041 35.65%
2023-01-11 3428765 61.35%
2023-01-12 33354 0.60%
2023-01-13 55319 0.99%
2023-01-14 13580 0.24%
2023-01-15 12833 0.23%
2023-01-16 52623 0.94%
Total(7) 5588515 100.00%

dd    - 9
      f

Top Attack Severity by Date

The daily breakdown of the most frequently detected attack severity.


Top Attack Severity by Date
Date Severity Events Percent
2023-01-10 low 1971036 98.95%
high 9906 0.50%
medium 9386 0.47%
Other(1) 1713 0.09%
Subtotal(4) 1992041 35.65%
2023-01-11 low 3408273 99.40%
medium 9840 0.29%
high 9065 0.26%
Other(1) 1587 0.05%
Subtotal(4) 3428765 61.35%
2023-01-12 low 14222 42.64%
medium 9681 29.03%
high 7887 23.65%
Other(1) 1564 4.69%
Subtotal(4) 33354 0.60%
2023-01-13 high 23883 43.17%
low 16035 28.99%
medium 14134 25.55%
Other(1) 1267 2.29%
Subtotal(4) 55319 0.99%
2023-01-14 low 11283 83.09%

dd    - 10
      f

medium 1227 9.04%


high 897 6.61%
Other(1) 173 1.27%
Subtotal(4) 13580 0.24%
2023-01-15 low 10857 84.60%
medium 1084 8.45%
high 669 5.21%
Other(1) 223 1.74%
Subtotal(4) 12833 0.23%
2023-01-16 high 20064 38.13%
low 16163 30.71%
medium 14505 27.56%
Other(1) 1891 3.59%
Subtotal(4) 52623 0.94%
Total(7) 5588515 100.00%

Top Attack Severity by Month

The monthly breakdown of the most frequently detected attack severity.


Top Attack Severity by Month
Month Severity Events Percent
2023-jan low 5447869 97.48%
high 72371 1.29%
medium 59857 1.07%
Other(1) 8418 0.15%
Subtotal(4) 5588515 100.00%

dd    - 11
      f

Total(1) 5588515 100.00%

Top Attack Severity by Day of Week

The daily breakdown of the most frequently detected attack severity.


Top Attack Severity by Day of Week
Day of Week Severity Events Percent
MON high 20064 38.13%
low 16163 30.71%
medium 14505 27.56%
Other(1) 1891 3.59%
Subtotal(4) 52623 0.94%
TUE low 1971036 98.95%
high 9906 0.50%
medium 9386 0.47%
Other(1) 1713 0.09%
Subtotal(4) 1992041 35.65%
WED low 3408273 99.40%
medium 9840 0.29%
high 9065 0.26%
Other(1) 1587 0.05%
Subtotal(4) 3428765 61.35%
THU low 14222 42.64%
medium 9681 29.03%
high 7887 23.65%
Other(1) 1564 4.69%

dd    - 12
      f

Subtotal(4) 33354 0.60%


FRI high 23883 43.17%
low 16035 28.99%
medium 14134 25.55%
Other(1) 1267 2.29%
Subtotal(4) 55319 0.99%
SAT low 11283 83.09%
medium 1227 9.04%
high 897 6.61%
Other(1) 173 1.27%
Subtotal(4) 13580 0.24%
SUN low 10857 84.60%
medium 1084 8.45%
high 669 5.21%
Other(1) 223 1.74%
Subtotal(4) 12833 0.23%
Total(7) 5588515 100.00%

Top Attack Severity by Hour of Day

The hourly breakdown of the most frequently detected attack severity.


Top Attack Severity by Hour of Day
Hour Severity Events Percent
00:00 - 01:00 low 216611 99.83%
medium 207 0.10%
high 113 0.05%

dd    - 13
      f

Other(1) 48 0.02%
Subtotal(4) 216979 3.88%
01:00 - 02:00 low 215650 99.83%
high 194 0.09%
medium 148 0.07%
Other(1) 27 0.01%
Subtotal(4) 216019 3.87%
02:00 - 03:00 low 215060 99.86%
high 158 0.07%
medium 119 0.06%
Other(1) 32 0.01%
Subtotal(4) 215369 3.85%
03:00 - 04:00 low 214619 99.89%
high 133 0.06%
medium 92 0.04%
Other(1) 13 0.01%
Subtotal(4) 214857 3.84%
04:00 - 05:00 low 213066 99.87%
high 165 0.08%
medium 86 0.04%
Other(1) 17 0.01%
Subtotal(4) 213334 3.82%
05:00 - 06:00 low 212443 99.90%
medium 135 0.06%
high 60 0.03%
Other(1) 26 0.01%
Subtotal(4) 212664 3.81%
06:00 - 07:00 low 212472 99.87%
high 142 0.07%
medium 127 0.06%
Other(1) 12 0.01%
Subtotal(4) 212753 3.81%
Other(17) 4086540 73.12%
Total(24) 5588515 100.00%

dd    - 14
      f

Top Attacks Summary

Top Attack Sources

The most frequent sources of attacks over the reporting period.


Top Attack Sources
Source Events Percent
193.127.193.53 5345702 95.66%
10.17.61.224 25279 0.45%
10.17.60.108 16004 0.29%
0.0.0.0 8418 0.15%
206.189.127.129 4660 0.08%
37.97.137.40 4657 0.08%
177.222.109.47 3147 0.06%
Other(17635) 180648 3.23%
Total(17642) 5588515 100.00%

dd    - 15
      f

Top Attacked Destinations

The most frequently attacked destinations over the reporting period.


Top Attacked Destinations
Destination Events Percent
10.17.210.65 5459728 97.70%
10.17.210.12 57803 1.03%
10.17.210.18 44402 0.79%
0.0.0.0 8418 0.15%
10.17.210.9 5212 0.09%
10.17.210.40 5017 0.09%
10.17.210.29 2952 0.05%
Other(6) 4983 0.09%
Total(13) 5588515 100.00%

dd    - 16
      f

Top Attack Types

The most frequently detected attack types over the reporting period.
Top Attack Types
Attack Type Events Percent
HTTP Connection 5443372 97.40%
Failure
Generic 50631 0.91%
Attacks(Extended)
Generic Attacks 29773 0.53%
SQL Injection 19152 0.34%
SQL/XSS Syntax Based 15180 0.27%
Detection
Machine Learning 8418 0.15%
SQL Injection 6013 0.11%
(Extended)
Other(8) 15976 0.29%
Total(15) 5588515 100.00%

dd    - 17
      f

Top Attack Protocols by Type

The protocols carrying the most attacks over the reporting period, broken down by attack
type.
Top Attack Protocols by Type
Protocol Attack Type Events Percent
https/tls1.2 HTTP Connection 5431042 97.58%
Failure
Generic 50631 0.91%
Attacks(Extended)
Generic Attacks 28548 0.51%
Other(11) 55329 0.99%
Subtotal(14) 5565550 99.59%
tcp Machine Learning 8418 100.00%
Subtotal(1) 8418 0.15%
https/tls1.0 HTTP Connection 5022 100.00%
Failure
Subtotal(1) 5022 0.09%
https/tls1.1 HTTP Connection 3369 100.00%
Failure
Subtotal(1) 3369 0.06%
https/tls1.3 HTTP Connection 2858 100.00%
Failure
Subtotal(1) 2858 0.05%
http Generic Attacks 1225 55.25%
IP Reputation 980 44.20%

dd    - 18
      f

Known Exploits 7 0.32%


Other(1) 5 0.23%
Subtotal(4) 2217 0.04%
https HTTP Connection 1081 100.00%
Failure
Subtotal(1) 1081 0.02%
Total(7) 5588515 100.00%

Attack Categories by Type

The number of attacks for each attack category over the reporting period, broken down by
attack type.
Attack Categories by Type
Category Attack Type Events Percent
HTTP Connection HTTP Connection 5443372 100.00%
Failure Failure
Subtotal(1) 5443372 97.40%
Signature Generic 50631 43.77%
Detection Attacks(Extended)
Generic Attacks 29773 25.74%
SQL Injection 19152 16.56%
Other(5) 16108 13.93%
Subtotal(8) 115664 2.07%
SQL/XSS Syntax SQL/XSS Syntax 15180 100.00%
Based Detection Based Detection
Subtotal(1) 15180 0.27%

dd    - 19
      f

Machine LearningMachine Learning 8418 100.00%


Subtotal(1) 8418 0.15%
Protected Protected 2706 100.00%
Hostnames Hostnames
Subtotal(1) 2706 0.05%
IP Reputation IP Reputation 1619 100.00%
Subtotal(1) 1619 0.03%
Known Bots Known Bots 1550 100.00%
Detection Detection
Subtotal(1) 1550 0.03%
Other(1) 6 0.00%
Total(8) 5588515 100.00%

Top Attack Severities by Action

The most frequently detected attack severities over the reporting period, broken down by
action.
Top Attack Severities by Action
Action Severity Events Percent
Alert_Deny low 5446823 98.53%
high 71821 1.30%
medium 9265 0.17%
Subtotal(3) 5527909 98.92%
Alert medium 50592 83.48%
informative 8418 13.89%
low 1046 1.73%

dd    - 20
      f

Other(1) 550 0.91%


Subtotal(4) 60606 1.08%
Total(2) 5588515 100.00%

Top Attack Destinations by Type

The most frequently attacked destinations over the reporting period, broken down by attack
type.
Top Attack Destinations by Type
Destination Attack Type Events Percent
10.17.210.65 HTTP Connection 5408298 99.06%
Failure
Generic 48853 0.89%
Attacks(Extended)
IP Reputation 1583 0.03%
Other(5) 994 0.02%
Subtotal(8) 5459728 97.70%
10.17.210.12 Generic Attacks 23181 40.10%
HTTP Connection 17809 30.81%
Failure
SQL/XSS Syntax 15075 26.08%
Based Detection
Other(5) 1738 3.01%
Subtotal(8) 57803 1.03%
10.17.210.18 SQL Injection 19150 43.13%
Generic Attacks 5294 11.92%

dd    - 21
      f

SQL Injection 5134 11.56%


(Extended)
Other(8) 14824 33.39%
Subtotal(11) 44402 0.79%
0.0.0.0 Machine Learning 8418 100.00%
Subtotal(1) 8418 0.15%
10.17.210.9 HTTP Connection 5212 100.00%
Failure
Subtotal(1) 5212 0.09%
10.17.210.40 HTTP Connection 2067 41.20%
Failure
Known Bots 1548 30.86%
Detection
Generic Attacks 1236 24.64%
Other(4) 166 3.31%
Subtotal(7) 5017 0.09%
10.17.210.29 HTTP Connection 2045 69.28%
Failure
Generic 886 30.01%
Attacks(Extended)
SQL/XSS Syntax 16 0.54%
Based Detection
Other(2) 5 0.17%
Subtotal(5) 2952 0.05%
Other(6) 4983 0.09%
Total(13) 5588515 100.00%

dd    - 22
      f

Top Attack Destinations by Source

The most frequently attacked destinations over the reporting period, broken down by
source.
Top Attack Destinations by Source
Destination Source Events Percent
10.17.210.65 193.127.193.53 5345702 97.91%
177.222.109.47 3147 0.06%
157.55.39.33 1596 0.03%
Other(11717) 109283 2.00%
Subtotal(11720) 5459728 97.70%
10.17.210.12 206.189.127.129 4660 8.06%
37.97.137.40 4657 8.06%
195.57.52.2 974 1.69%
Other(4855) 47512 82.20%
Subtotal(4858) 57803 1.03%
10.17.210.18 10.17.61.224 25279 56.93%
10.17.60.108 16004 36.04%
185.190.43.21 303 0.68%
Other(443) 2816 6.34%
Subtotal(446) 44402 0.79%
0.0.0.0 0.0.0.0 8418 100.00%
Subtotal(1) 8418 0.15%
10.17.210.9 157.55.39.33 579 11.11%
157.55.39.201 578 11.09%
157.55.39.89 570 10.94%
Other(320) 3485 66.86%
Subtotal(323) 5212 0.09%
10.17.210.40 88.221.90.166 263 5.24%
88.221.90.7 210 4.19%
2.22.234.134 209 4.17%
Other(1706) 4335 86.41%
Subtotal(1709) 5017 0.09%
10.17.210.29 10.17.60.168 631 21.38%
185.190.43.21 303 10.26%
157.230.243.49 161 5.45%
Other(304) 1857 62.91%
Subtotal(307) 2952 0.05%
Other(6) 4983 0.09%
Total(13) 5588515 100.00%

Top Attack Types by Source

The most frequently detected attack types over the reporting period, broken down by
source.
Top Attack Types by Source
Attack Type Source Events Percent
HTTP Connection 193.127.193.53 5345702 98.21%

dd    - 23
      f

Failure 206.189.127.129 4660 0.09%


37.97.137.40 4657 0.09%
Other(8056) 88353 1.62%
Subtotal(8059) 5443372 97.40%
Generic 10.17.60.168 612 1.21%
Attacks(Extende 185.161.117.124 606 1.20%
d) 10.17.61.224 535 1.06%
Other(5601) 48878 96.54%
Subtotal(5604) 50631 0.91%
Generic Attacks 10.17.61.224 2732 9.18%
10.17.60.108 2551 8.57%
195.57.52.2 690 2.32%
Other(4657) 23800 79.94%
Subtotal(4660) 29773 0.53%
SQL Injection 10.17.61.224 11250 58.74%
10.17.60.108 7900 41.25%
2.136.236.57 1 0.01%
Other(1) 1 0.01%
Subtotal(4) 19152 0.34%
SQL/XSS Syntax 217.124.168.105 325 2.14%
Based Detection 10.252.99.25 309 2.04%
46.26.235.205 304 2.00%
Other(1624) 14242 93.82%
Subtotal(1627) 15180 0.27%
Machine Learning0.0.0.0 8418 100.00%
Subtotal(1) 8418 0.15%
SQL Injection 10.17.61.224 2582 42.94%
(Extended) 10.17.60.108 2552 42.44%
195.76.252.85 23 0.38%
Other(267) 856 14.24%
Subtotal(270) 6013 0.11%
Other(8) 15976 0.29%
Total(15) 5588515 100.00%

Top Attacked Http methods by Type

The most frequently attacked http methods over the reporting period, broken down by
attack type.
Top Attacked Http methods by Type
Http Method Attack Type Events Percent
none HTTP Connection 5443372 99.83%
Failure
Machine Learning 8418 0.15%
IP Reputation 980 0.02%
Subtotal(3) 5452770 97.57%
post Generic 47827 59.52%
Attacks(Extended)
Generic Attacks 23163 28.82%
SQL/XSS Syntax 5617 6.99%

dd    - 24
      f

Based Detection
Other(9) 3754 4.67%
Subtotal(12) 80361 1.44%
get SQL Injection 18488 33.62%
SQL/XSS Syntax 9563 17.39%
Based Detection
Generic Attacks 6580 11.97%
Other(10) 20362 37.03%
Subtotal(13) 54993 0.98%
head Known Bots 294 81.44%
Detection
Information 67 18.56%
Disclosure
Subtotal(2) 361 0.01%
webdav Generic Attacks 24 100.00%
Subtotal(1) 24 0.00%
options Generic Attacks 6 100.00%
Subtotal(1) 6 0.00%
Total(6) 5588515 100.00%

Attacks By Policy

The most frequently used policies over the reporting period.


Attacks By Policy
Policy Events Percent
Pol_expinterweb 5471097 97.90%

dd    - 25
      f

Pol_delta 57803 1.03%


Pol_Preinterweb 44403 0.79%
Pol_bibliotecavirtual 5212 0.09%
Pol_Prensa_https_SNI 3764 0.07%
Pol_Pruebasdelta 1989 0.04%
RepositorioDocumental 1549 0.03%
Other(4) 2698 0.05%
Total(11) 5588515 100.00%

Top Attack URLs

The most frequently detected attack URLs over the reporting period.
Top Attack URLs
URL Events Percent
none 5452770 97.57%
/rb_672bda62-27f5- 46812 0.84%
4ac5-a713-
9fda56ef7959
/Delta2Web/ 20680 0.37%
rb_672bda62-27f5-
4ac5-a713-
9fda56ef7959
/Delta2Web/gusu/ 3457 0.06%
j_security_check
/Delta2Web/gpat/ 3348 0.06%
GestionPat.do

dd    - 26
      f

/Delta2Web/grem/ 1537 0.03%


GestionRemesas.do
/participa/listado 1444 0.03%
Other(20660) 58467 1.05%
Total(20667) 5588515 100.00%

Top Attacked User Identifications

The most frequently attacked user identifications over the reporting period.
Top Attacked User Identifications
Session ID Events Percent
none 5458167 97.67%
678B286DEEC1BEF66B 22289 0.40%
BF6EAF4ECBF69A
678B286DC789B92609 9356 0.17%
E23634208EFD75
678B286AA252002FE68 759 0.01%
319DE8CA86958
678B286A3670FB26D9 522 0.01%
A76A82E9701D05
678B286A59AA61CE8E 428 0.01%
CF7BEF539CFFB3
678B286949DF5FBA43F 325 0.01%
CA7A7612A15D5
Other(12593) 96669 1.73%
Total(12600) 5588515 100.00%

dd    - 27
      f

Top Triggered Source Countries

Source countries with the most attack attempts.


Top Triggered Source Countries
Source Country Events Percent
Spain 5459176 97.69%
Reserved 45611 0.82%
United States 35650 0.64%
Russian Federation 11010 0.20%
Unknown 8418 0.15%
United Kingdom 6766 0.12%
Netherlands 5823 0.10%
Other(68) 16061 0.29%
Total(75) 5588515 100.00%

dd    - 28
      f

Top Triggered Signature IDs

The most frequently triggered signature ID over the reporting period.


Top Triggered Signature IDs
Signature ID Events Percent
060140003 49701 42.97%
050050039 19809 17.13%
030000040 5583 4.83%
030000042 5002 4.32%
030000163 2959 2.56%
050180008 2462 2.13%
030000025 2283 1.97%
Other(75) 27865 24.09%
Total(82) 115664 100.00%

dd    - 29
      f

Top Triggered Signature IDs By Type

The most frequently triggered signature ID over the reporting period, broken down by
attack type.
Top Triggered Signature IDs By Type
Attack Type Signature ID Events Percent
Generic 060140003 49701 98.16%
Attacks(Extende 060070002 406 0.80%
d) 060050011 180 0.36%
Other(4) 344 0.68%
Subtotal(7) 50631 43.77%
Generic Attacks 050050039 19809 66.53%
050180008 2462 8.27%
050150001 2092 7.03%
Other(18) 5410 18.17%
Subtotal(21) 29773 25.74%
SQL Injection 030000040 5583 29.15%
030000042 5002 26.12%
030000163 2959 15.45%
Other(7) 5608 29.28%
Subtotal(10) 19152 16.56%
SQL Injection 040000142 1213 20.17%
(Extended) 040000040 1005 16.71%
040000213 879 14.62%
Other(7) 2916 48.49%
Subtotal(10) 6013 5.20%

dd    - 30
      f

Cross Site 010000107 2006 33.86%


Scripting 010000041 1703 28.75%
010000063 578 9.76%
Other(12) 1637 27.63%
Subtotal(15) 5924 5.12%
Cross Site 020000009 1488 46.31%
Scripting 020000041 1488 46.31%
(Extended) 020000143 201 6.26%
Other(1) 36 1.12%
Subtotal(4) 3213 2.78%
Known Exploits 090501484 384 48.85%
090500999 197 25.06%
090501632 86 10.94%
Other(10) 119 15.14%
Subtotal(13) 786 0.68%
Other(1) 172 0.15%
Total(8) 115664 100.00%

FortiSandbox Statistics (Last 7 Days)

FortiSandbox statistics over the last 7 days.


FortiSandbox Statistics (Last 7 Days)
Events Percent
Malicious 0 0.00%
High Risk 0 0.00%
Medium Risk 0 0.00%
Low Risk 0 0.00%
Clean 0 0.00%
Total(5) 0 100.00%

dd    - 31
      f

Top Attacked Http Host

Http Hosts with the most attack attempts.


Top Attacked Http Host
Http Host Events Percent
none 5452770 97.57%
expinterweb.mites.gob. 49718 0.89%
es
delta.mites.gob.es 39991 0.72%
preinterweb.mites.gob. 38602 0.69%
es
prensa.mites.gob.es 1695 0.03%
prensa.empleo.gob.es 1222 0.02%
expinterweb.inclusion.g 916 0.02%
ob.es
Other(912) 3601 0.06%
Total(919) 5588515 100.00%

dd    - 32
      f

Top Attacked User Name

User Names with the most attack attempts.


Top Attacked User Name
User Name Events Percent
Unknown 5587756 99.99%
[email protected] 759 0.01%
Total(2) 5588515 100.00%

dd    - 33
      f

Top Attacked Http Referer

Http Referers with the most attack attempts.


Top Attacked Http Referer
Http Referer Events Percent
none 5476646 98.00%
https:// 16711 0.30%
expinterweb.mites.gob.
es/regcon/
https:// 9362 0.17%
expinterweb.mites.gob.
es/regcon/index.htm
https:// 7879 0.14%
delta.mites.gob.es/
Delta2Web/grsb/
AnadirTrabAcc.jsp?
numAcc=0&cmd=nuevo
&mes=12&anyo=2022
https:// 4530 0.08%
delta.mites.gob.es/
Delta2Web/gusu/
usuarioregistrado.jsp
https:// 3731 0.07%
expinterweb.mites.gob.
es/regcon/cat/
index.htm
https:// 3414 0.06%

dd    - 34
      f

preinterweb.mites.gob.
es/astin/
Other(4898) 66242 1.19%
Total(4905) 5588515 100.00%

Top Attacked Http Version

Http Versions with the most attack attempts.


Top Attacked Http Version
Http Version Events Percent
1.x 5579115 99.83%
unknown 9398 0.17%
2.0 2 0.00%
Total(3) 5588515 100.00%

dd    - 35
      f

Top Threat Weights by Client Device IDs

Client Device IDs with the most Threat Weights.


Top Threat Weights by Client Device IDs
Client Device ID Threat Weight Events Percent
none 0 5451790 99.98%
200 980 0.02%
Subtotal(2) 5452770 97.57%
8C7F8CCE7F28B 100 16048 72.00%
DD6245CFFDE17 50 2902 13.02%
1AB1076313 0 2019 9.06%
Other(3) 1320 5.92%
Subtotal(6) 22289 0.40%
2BD8234FDE776 100 6933 74.10%
AEF5321C1B3A7 50 1415 15.12%
E44C25FFEB 25 567 6.06%
Other(3) 441 4.71%
Subtotal(6) 9356 0.17%
DD49A566DB590 100 1650 74.32%
3BAE962082E7E 50 372 16.76%
C9544F39B1 0 90 4.05%
Other(2) 108 4.86%
Subtotal(5) 2220 0.04%
C0A2E074B859E 25 740 97.50%
29534224CBA28 100 19 2.50%
042EFC5B85 Subtotal(2) 759 0.01%

dd    - 36
      f

D940A28D0B128 25 522 100.00%


CF249EB8C9F96 Subtotal(1) 522 0.01%
4711B469F1
FA5FDD2D80CE4 200 428 100.00%
66DE5A20807CB Subtotal(1) 428 0.01%
642FD8E860
Other(13938) 100171 1.79%
Total(13945) 5588515 100.00%

Top Attack Attempts by Client Device IDs

Client Device IDs with the most attack attempts.


Top Attack Attempts by Client Device IDs
Client Device ID Attack Type Events Percent
none HTTP Connection 5443372 99.83%
Failure
Machine Learning 8418 0.15%
IP Reputation 980 0.02%
Subtotal(3) 5452770 97.57%
8C7F8CCE7F28B SQL Injection 9655 43.32%
DD6245CFFDE17 Cross Site Scripting 2762 12.39%
1AB1076313 Cross Site Scripting 2443 10.96%
(Extended)
Other(6) 7429 33.33%
Subtotal(9) 22289 0.40%
2BD8234FDE776 SQL Injection 4824 51.56%

dd    - 37
      f

AEF5321C1B3A7 SQL Injection 1481 15.83%


E44C25FFEB (Extended)
Generic Attacks 1432 15.31%
Other(5) 1619 17.30%
Subtotal(8) 9356 0.17%
DD49A566DB590 SQL Injection 1248 56.22%
3BAE962082E7E SQL Injection 328 14.77%
C9544F39B1 (Extended)
Generic Attacks 236 10.63%
Other(5) 408 18.38%
Subtotal(8) 2220 0.04%
C0A2E074B859E Generic 740 97.50%
29534224CBA28 Attacks(Extended)
042EFC5B85 SQL/XSS Syntax 16 2.11%
Based Detection
Known Exploits 3 0.40%
Subtotal(3) 759 0.01%
D940A28D0B128 Generic 522 100.00%
CF249EB8C9F96 Attacks(Extended)
4711B469F1 Subtotal(1) 522 0.01%
FA5FDD2D80CE4 IP Reputation 428 100.00%
66DE5A20807CB Subtotal(1) 428 0.01%
642FD8E860
Other(13938) 100171 1.79%
Total(13945) 5588515 100.00%

Top Attack Categories by Client Device IDs

dd    - 38
      f

Client Device IDs with the most attack category attempts.


Top Attack Categories by Client Device IDs
Client Device ID Category Events Percent
none HTTP Connection 5443372 99.83%
Failure
Machine Learning 8418 0.15%
IP Reputation 980 0.02%
Subtotal(3) 5452770 97.57%
8C7F8CCE7F28B Signature Detection 20264 90.91%
DD6245CFFDE17 Protected 2019 9.06%
1AB1076313 Hostnames
SQL/XSS Syntax 6 0.03%
Based Detection
Subtotal(3) 22289 0.40%
2BD8234FDE776 Signature Detection 9077 97.02%
AEF5321C1B3A7 Protected 279 2.98%
E44C25FFEB Hostnames
Subtotal(2) 9356 0.17%
DD49A566DB590 Signature Detection 2130 95.95%
3BAE962082E7E Protected 90 4.05%
C9544F39B1 Hostnames
Subtotal(2) 2220 0.04%
C0A2E074B859E Signature Detection 743 97.89%
29534224CBA28 SQL/XSS Syntax 16 2.11%
042EFC5B85 Based Detection
Subtotal(2) 759 0.01%
D940A28D0B128 Signature Detection 522 100.00%
CF249EB8C9F96 Subtotal(1) 522 0.01%
4711B469F1
FA5FDD2D80CE4 IP Reputation 428 100.00%
66DE5A20807CB Subtotal(1) 428 0.01%
642FD8E860
Other(13938) 100171 1.79%
Total(13945) 5588515 100.00%

dd    - 39
      f

Attack Summary

Attack summary infomation table.


Attack Summary
Date & Time Source Source Country Destination URL Threat Level Action
2023-01-10 206.189.127.129 United Kingdom 10.17.210.12 none Off Alert_Deny
00:00:15

2023-01-10 185.191.171.34 United States 10.17.210.65 none Off Alert_Deny


00:00:59

2023-01-10 185.191.171.34 United States 10.17.210.65 none Off Alert_Deny


00:00:59

2023-01-10 217.115.34.254 Sweden 10.17.210.65 none Off Alert_Deny


00:01:06
2023-01-10 167.61.51.189 Uruguay 10.17.210.65 /rb_672bda62- Moderate Alert
00:01:08 27f5-4ac5-a713-
9fda56ef7959

2023-01-10 167.61.51.189 Uruguay 10.17.210.65 /rb_672bda62- Moderate Alert


00:01:08 27f5-4ac5-a713-
9fda56ef7959

2023-01-10 167.61.51.189 Uruguay 10.17.210.65 /rb_672bda62- Moderate Alert


00:01:10 27f5-4ac5-a713-
9fda56ef7959

dd    - 40
      f

2023-01-10 167.61.51.189 Uruguay 10.17.210.65 /rb_672bda62- Moderate Alert


00:01:10 27f5-4ac5-a713-
9fda56ef7959

2023-01-10 157.55.39.89 United States 10.17.210.65 none Off Alert_Deny


00:01:10

2023-01-10 157.55.39.89 United States 10.17.210.65 none Off Alert_Deny


00:01:11

2023-01-10 17.22.237.167 United States 10.17.210.65 none Off Alert_Deny


00:01:13

2023-01-10 17.241.219.30 United States 10.17.210.65 none Off Alert_Deny


00:01:15

2023-01-10 37.97.137.40 Netherlands 10.17.210.12 none Off Alert_Deny


00:01:19

2023-01-10 23.55.111.181 United States 10.17.210.40 /robots.txt Moderate Alert_Deny


00:01:58

2023-01-10 37.14.71.80 Spain 10.17.210.65 none Off Alert_Deny


00:02:10

2023-01-10 92.190.165.45 Spain 10.17.210.65 none Off Alert_Deny


00:02:12

2023-01-10 92.190.165.45 Spain 10.17.210.65 none Off Alert_Deny


00:02:12

2023-01-10 92.190.165.45 Spain 10.17.210.65 none Off Alert_Deny


00:02:14

2023-01-10 92.190.165.45 Spain 10.17.210.65 none Off Alert_Deny


00:02:14

2023-01-10 206.189.127.129 United Kingdom 10.17.210.12 none Off Alert_Deny


00:02:23

2023-01-10 37.97.137.40 Netherlands 10.17.210.12 none Off Alert_Deny


00:03:25

2023-01-10 157.55.39.2 United States 10.17.210.65 none Off Alert_Deny


00:03:29

2023-01-10 157.55.39.2 United States 10.17.210.65 none Off Alert_Deny


00:03:29

2023-01-10 157.55.39.2 United States 10.17.210.65 none Off Alert_Deny


00:03:30

2023-01-10 157.55.39.2 United States 10.17.210.65 none Off Alert_Deny


00:03:30

2023-01-10 40.77.167.63 United States 10.17.210.65 none Off Alert_Deny


00:03:34

dd    - 41
      f

2023-01-10 40.77.167.63 United States 10.17.210.65 none Off Alert_Deny


00:03:35

2023-01-10 206.189.127.129 United Kingdom 10.17.210.12 none Off Alert_Deny


00:04:28

2023-01-10 157.55.39.10 United States 10.17.210.65 none Off Alert_Deny


00:04:59

2023-01-10 157.55.39.10 United States 10.17.210.65 none Off Alert_Deny


00:04:59

2023-01-10 157.55.39.201 United States 10.17.210.65 none Off Alert_Deny


00:05:04

2023-01-10 157.55.39.201 United States 10.17.210.65 none Off Alert_Deny


00:05:04

2023-01-10 66.249.76.7 Belgium 10.17.210.65 none Off Alert_Deny


00:05:11

2023-01-10 37.97.137.40 Netherlands 10.17.210.12 none Off Alert_Deny


00:05:31

2023-01-10 206.189.127.129 United Kingdom 10.17.210.12 none Off Alert_Deny


00:06:34

2023-01-10 169.228.66.212 United States 10.17.210.64 none Off Alert_Deny


00:07:08

2023-01-10 157.55.39.10 United States 10.17.210.65 none Off Alert_Deny


00:07:29

2023-01-10 157.55.39.10 United States 10.17.210.65 none Off Alert_Deny


00:07:29

2023-01-10 213.180.203.77 Russian Federation 10.17.210.65 none Off Alert_Deny


00:07:39

2023-01-10 213.180.203.77 Russian Federation 10.17.210.65 none Off Alert_Deny


00:07:39

2023-01-10 213.180.203.77 Russian Federation 10.17.210.65 none Off Alert_Deny


00:07:39

2023-01-10 213.180.203.77 Russian Federation 10.17.210.65 none Off Alert_Deny


00:07:40

2023-01-10 37.97.137.40 Netherlands 10.17.210.12 none Off Alert_Deny


00:07:42

2023-01-10 40.77.167.40 United States 10.17.210.65 none Off Alert_Deny


00:08:21

2023-01-10 40.77.167.40 United States 10.17.210.65 none Off Alert_Deny


00:08:22

2023-01-10 206.189.127.129 United Kingdom 10.17.210.12 none Off Alert_Deny


00:08:48

2023-01-10 157.55.39.201 United States 10.17.210.65 none Off Alert_Deny


00:08:50

dd    - 42
      f

2023-01-10 157.55.39.201 United States 10.17.210.65 none Off Alert_Deny


00:08:51

2023-01-10 0.0.0.0 Unknown 0.0.0.0 none Low Alert


00:09:40

2023-01-10 0.0.0.0 Unknown 0.0.0.0 none Low Alert


00:09:40

2023-01-10 0.0.0.0 Unknown 0.0.0.0 none Low Alert


00:09:40

2023-01-10 0.0.0.0 Unknown 0.0.0.0 none Low Alert


00:09:40

2023-01-10 157.55.39.86 United States 10.17.210.65 none Off Alert_Deny


00:09:48

2023-01-10 157.55.39.86 United States 10.17.210.65 none Off Alert_Deny


00:09:48

2023-01-10 23.59.168.230 Singapore 10.17.210.40 /WebPrensa/img/ Moderate Alert_Deny


00:09:49 noticias/principal/
20220525_17_52_2
5_photo_2022-05-
25_17-04-05.jpg

2023-01-10 37.97.137.40 Netherlands 10.17.210.12 none Off Alert_Deny


00:09:55

2023-01-10 66.249.76.7 Belgium 10.17.210.65 none Off Alert_Deny


00:10:28

2023-01-10 10.179.34.146 Reserved 10.17.210.12 /Delta2Web/ Severe Alert_Deny


00:10:36 gusu/../gpat/
CritConsultaPat.jsp

2023-01-10 173.252.83.20 United States 10.17.210.65 none Off Alert_Deny


00:10:37

2023-01-10 173.252.79.14 United States 10.17.210.65 none Off Alert_Deny


00:10:38

2023-01-10 216.244.66.232 United States 10.17.210.65 none Off Alert_Deny


00:10:55

dd    - 43
      f

2023-01-10 206.189.127.129 United Kingdom 10.17.210.12 none Off Alert_Deny


00:10:58

2023-01-10 216.244.66.232 United States 10.17.210.65 none Off Alert_Deny


00:11:06

2023-01-10 81.202.2.92 Spain 10.17.210.65 /rb_672bda62- Moderate Alert


00:11:08 27f5-4ac5-a713-
9fda56ef7959

2023-01-10 46.26.248.1 Spain 10.17.210.65 none Off Alert_Deny


00:11:22

2023-01-10 46.26.248.1 Spain 10.17.210.65 none Off Alert_Deny


00:11:22

2023-01-10 46.26.248.1 Spain 10.17.210.65 none Off Alert_Deny


00:11:22

2023-01-10 46.26.248.1 Spain 10.17.210.65 none Off Alert_Deny


00:11:22

2023-01-10 185.191.171.39 United States 10.17.210.65 none Off Alert_Deny


00:11:39

2023-01-10 185.191.171.39 United States 10.17.210.65 none Off Alert_Deny


00:11:39

2023-01-10 37.97.137.40 Netherlands 10.17.210.12 none Off Alert_Deny


00:12:00

2023-01-10 40.77.167.63 United States 10.17.210.65 none Off Alert_Deny


00:12:14

2023-01-10 40.77.167.63 United States 10.17.210.65 none Off Alert_Deny


00:12:15

2023-01-10 157.55.39.86 United States 10.17.210.9 none Off Alert_Deny


00:12:47

2023-01-10 157.55.39.86 United States 10.17.210.9 none Off Alert_Deny


00:12:48

2023-01-10 206.189.127.129 United Kingdom 10.17.210.12 none Off Alert_Deny


00:13:06

2023-01-10 216.244.66.232 United States 10.17.210.65 none Off Alert_Deny


00:13:21

2023-01-10 157.55.39.201 United States 10.17.210.65 none Off Alert_Deny


00:13:22

2023-01-10 157.55.39.201 United States 10.17.210.65 none Off Alert_Deny


00:13:22

2023-01-10 37.97.137.40 Netherlands 10.17.210.12 none Off Alert_Deny


00:14:09

2023-01-10 83.44.52.242 Spain 10.17.210.65 /rb_672bda62- Moderate Alert


00:14:10 27f5-4ac5-a713-
9fda56ef7959

dd    - 44
      f

2023-01-10 83.44.52.242 Spain 10.17.210.65 /rb_672bda62- Moderate Alert


00:14:10 27f5-4ac5-a713-
9fda56ef7959

2023-01-10 206.189.127.129 United Kingdom 10.17.210.12 none Off Alert_Deny


00:15:14

2023-01-10 157.55.39.86 United States 10.17.210.65 none Off Alert_Deny


00:15:18

2023-01-10 157.55.39.86 United States 10.17.210.65 none Off Alert_Deny


00:15:18

2023-01-10 40.77.167.40 United States 10.17.210.65 none Off Alert_Deny


00:16:11

2023-01-10 40.77.167.40 United States 10.17.210.65 none Off Alert_Deny


00:16:11

2023-01-10 157.55.39.89 United States 10.17.210.65 none Off Alert_Deny


00:16:16

2023-01-10 157.55.39.89 United States 10.17.210.65 none Off Alert_Deny


00:16:16

2023-01-10 37.97.137.40 Netherlands 10.17.210.12 none Off Alert_Deny


00:16:18

2023-01-10 173.252.95.10 United States 10.17.210.65 none Off Alert_Deny


00:16:22

2023-01-10 185.191.171.45 United States 10.17.210.65 none Off Alert_Deny


00:16:28

2023-01-10 185.191.171.45 United States 10.17.210.65 none Off Alert_Deny


00:16:28

2023-01-10 130.211.54.158 Belgium 10.17.210.64 none Off Alert_Deny


00:16:40

2023-01-10 35.233.62.116 Belgium 10.17.210.64 none Off Alert_Deny


00:16:42

2023-01-10 35.233.62.116 Belgium 10.17.210.64 none Off Alert_Deny


00:16:46

2023-01-10 157.55.39.89 United States 10.17.210.65 none Off Alert_Deny


00:16:53

2023-01-10 157.55.39.89 United States 10.17.210.65 none Off Alert_Deny


00:16:53

2023-01-10 88.20.206.206 Spain 10.17.210.65 none Off Alert_Deny


00:17:01

2023-01-10 88.20.206.206 Spain 10.17.210.65 none Off Alert_Deny


00:17:01

dd    - 45
      f

Attack Details

Attack details infomation table.


Attack Details
Item Value
Date 2023-01-10 00:00:15
&
Time
Log 20000016
ID
MSG 1775097718
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 206.189.127.129
e
Sourc 49184
e Port
Destin 10.17.210.12
ation
Destin 443
ation
Port
Policy Pol_delta
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc United Kingdom
e

dd    - 46
      f

Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level

Attack Details
Item Value
Date 2023-01-10 00:00:59
&
Time
Log 20000016
ID
MSG 1775098313
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 185.191.171.34
e
Sourc 27172
e Port
Destin 10.17.210.65
ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none

dd    - 47
      f

Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc United States
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level

Attack Details
Item Value
Date 2023-01-10 00:00:59
&
Time
Log 20000016
ID
MSG 1775098321
ID
Main HTTP Connection Failure

dd    - 48
      f

Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 185.191.171.34
e
Sourc 34298
e Port
Destin 10.17.210.65
ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc United States
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic

dd    - 49
      f

e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level

Attack Details
Item Value
Date 2023-01-10 00:01:06
&
Time
Log 20000016
ID
MSG 1775098423
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 217.115.34.254
e
Sourc 54396
e Port
Destin 10.17.210.65
ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;193& 41; - no shared
ge
Signat Unknown
ure
Maincl

dd    - 50
      f

ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc Sweden
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level

Attack Details
Item Value
Date 2023-01-10 00:01:08
&
Time
Log 20000008
ID
MSG 1775098430
ID
Main Signature Detection
Type
Sub Generic Attacks(Extended)
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 167.61.51.189
e
Sourc 64367
e Port
Destin 10.17.210.65
ation
Destin 443

dd    - 51
      f

ation
Port
Policy Pol_expinterweb
Action Alert
Http post
Metho
d
URL /rb_672bda62-27f5-4ac5-a713-9fda56ef7959
Http expinterweb.mites.gob.es
Host
Http Mozilla/5.0 (iPhone; CPU iPhone OS 16_1_2 like Mac OS X) AppleWebKit/605.1.15 (KHTML,
Agent like Gecko) Version/16.1 Mobile/15E148 Safari/604.1
Sessio 678B286A315DA7417E9BE4B07944C18E
n ID
Severi medium
ty
Level
Trigge N/A
r
Policy
Messa Parameter& 40;rf& 41; triggered signature ID 060140003 of Signatures policy
ge WP_Signature_EXPINTERWEB_ALL
Signat Unknown
ure
Maincl
ass
Type
Signat RFI Injection
ure
Subcl
ass
Type
Signat 060140003
ure ID
Sourc Uruguay
e
Count
ry
Serve EXPINTERWEB
r Pool
User Unknown
Name
Http https://expinterweb.mites.gob.es/regcon/index.htm
Refer
er
Http 1.x
Versio
n
Client A4C68DD35C513E09C066869C2B5BDAB401AF
Devic
e ID
Threa 25
t
Weigh
t
Histor 25
ical
Threa
t
Weigh
t
Threa Moderate
t
Level

dd    - 52
      f

Attack Details
Item Value
Date 2023-01-10 00:01:08
&
Time
Log 20000008
ID
MSG 1775098431
ID
Main Signature Detection
Type
Sub Generic Attacks(Extended)
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 167.61.51.189
e
Sourc 64367
e Port
Destin 10.17.210.65
ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert
Http post
Metho
d
URL /rb_672bda62-27f5-4ac5-a713-9fda56ef7959
Http expinterweb.mites.gob.es
Host
Http Mozilla/5.0 (iPhone; CPU iPhone OS 16_1_2 like Mac OS X) AppleWebKit/605.1.15 (KHTML,
Agent like Gecko) Version/16.1 Mobile/15E148 Safari/604.1
Sessio 678B286A315DA7417E9BE4B07944C18E
n ID
Severi medium
ty
Level
Trigge N/A
r
Policy
Messa Parameter& 40;$a& 41; triggered signature ID 060140003 of Signatures policy
ge WP_Signature_EXPINTERWEB_ALL
Signat Unknown
ure
Maincl
ass
Type
Signat RFI Injection
ure
Subcl
ass
Type
Signat 060140003
ure ID
Sourc Uruguay
e
Count
ry
Serve EXPINTERWEB

dd    - 53
      f

r Pool
User Unknown
Name
Http https://expinterweb.mites.gob.es/regcon/index.htm
Refer
er
Http 1.x
Versio
n
Client A4C68DD35C513E09C066869C2B5BDAB401AF
Devic
e ID
Threa 25
t
Weigh
t
Histor 50
ical
Threa
t
Weigh
t
Threa Moderate
t
Level

Attack Details
Item Value
Date 2023-01-10 00:01:10
&
Time
Log 20000008
ID
MSG 1775098436
ID
Main Signature Detection
Type
Sub Generic Attacks(Extended)
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 167.61.51.189
e
Sourc 64367
e Port
Destin 10.17.210.65
ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert
Http post
Metho
d
URL /rb_672bda62-27f5-4ac5-a713-9fda56ef7959
Http expinterweb.mites.gob.es
Host
Http Mozilla/5.0 (iPhone; CPU iPhone OS 16_1_2 like Mac OS X) AppleWebKit/605.1.15 (KHTML,
Agent like Gecko) Version/16.1 Mobile/15E148 Safari/604.1
Sessio 678B286A315DA7417E9BE4B07944C18E
n ID

dd    - 54
      f

Severi medium
ty
Level
Trigge N/A
r
Policy
Messa Parameter& 40;rf& 41; triggered signature ID 060140003 of Signatures policy
ge WP_Signature_EXPINTERWEB_ALL
Signat Unknown
ure
Maincl
ass
Type
Signat RFI Injection
ure
Subcl
ass
Type
Signat 060140003
ure ID
Sourc Uruguay
e
Count
ry
Serve EXPINTERWEB
r Pool
User Unknown
Name
Http https://expinterweb.mites.gob.es/regcon/index.htm
Refer
er
Http 1.x
Versio
n
Client A4C68DD35C513E09C066869C2B5BDAB401AF
Devic
e ID
Threa 25
t
Weigh
t
Histor 75
ical
Threa
t
Weigh
t
Threa Moderate
t
Level

Attack Details
Item Value
Date 2023-01-10 00:01:10
&
Time
Log 20000008
ID
MSG 1775098437
ID
Main Signature Detection
Type
Sub Generic Attacks(Extended)
Type

dd    - 55
      f

Priorit alert
y
Servic https/tls1.2
e
Sourc 167.61.51.189
e
Sourc 64367
e Port
Destin 10.17.210.65
ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert
Http post
Metho
d
URL /rb_672bda62-27f5-4ac5-a713-9fda56ef7959
Http expinterweb.mites.gob.es
Host
Http Mozilla/5.0 (iPhone; CPU iPhone OS 16_1_2 like Mac OS X) AppleWebKit/605.1.15 (KHTML,
Agent like Gecko) Version/16.1 Mobile/15E148 Safari/604.1
Sessio 678B286A315DA7417E9BE4B07944C18E
n ID
Severi medium
ty
Level
Trigge N/A
r
Policy
Messa Parameter& 40;$tvn& 41; triggered signature ID 060140003 of Signatures policy
ge WP_Signature_EXPINTERWEB_ALL
Signat Unknown
ure
Maincl
ass
Type
Signat RFI Injection
ure
Subcl
ass
Type
Signat 060140003
ure ID
Sourc Uruguay
e
Count
ry
Serve EXPINTERWEB
r Pool
User Unknown
Name
Http https://expinterweb.mites.gob.es/regcon/index.htm
Refer
er
Http 1.x
Versio
n
Client A4C68DD35C513E09C066869C2B5BDAB401AF
Devic
e ID
Threa 25
t

dd    - 56
      f

Weigh
t
Histor 100
ical
Threa
t
Weigh
t
Threa Moderate
t
Level

Attack Details
Item Value
Date 2023-01-10 00:01:10
&
Time
Log 20000016
ID
MSG 1775098439
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 157.55.39.89
e
Sourc 64640
e Port
Destin 10.17.210.65
ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A

dd    - 57
      f

ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc United States
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level

Attack Details
Item Value
Date 2023-01-10 00:01:11
&
Time
Log 20000016
ID
MSG 1775098440
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 157.55.39.89
e
Sourc 64641
e Port
Destin 10.17.210.65
ation
Destin 443
ation
Port
Policy Pol_expinterweb

dd    - 58
      f

Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc United States
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level

Attack Details
Item Value

dd    - 59
      f

Date 2023-01-10 00:01:13


&
Time
Log 20000016
ID
MSG 1775098445
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 17.22.237.167
e
Sourc 36546
e Port
Destin 10.17.210.65
ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc United States
e
Count
ry
Serve none
r Pool
User Unknown
Name

dd    - 60
      f

Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level

Attack Details
Item Value
Date 2023-01-10 00:01:15
&
Time
Log 20000016
ID
MSG 1775098486
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 17.241.219.30
e
Sourc 41482
e Port
Destin 10.17.210.65
ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level

dd    - 61
      f

Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc United States
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level

Attack Details
Item Value
Date 2023-01-10 00:01:19
&
Time
Log 20000016
ID
MSG 1775098548
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2

dd    - 62
      f

e
Sourc 37.97.137.40
e
Sourc 49006
e Port
Destin 10.17.210.12
ation
Destin 443
ation
Port
Policy Pol_delta
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc Netherlands
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0

dd    - 63
      f

ical
Threa
t
Weigh
t
Threa Off
t
Level

Attack Details
Item Value
Date 2023-01-10 00:01:58
&
Time
Log 20000051
ID
MSG 1775098859
ID
Main Known Bots Detection
Type
Sub Crawler
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 23.55.111.181
e
Sourc 57762
e Port
Destin 10.17.210.40
ation
Destin 443
ation
Port
Policy Pol_Prensa_https_SNI
Action Alert_Deny
Http get
Metho
d
URL /robots.txt
Http prensa.mites.gob.es
Host
Http Mozilla/5.0 (compatible; DotBot/1.2; +https://opensiteexplorer.org/dotbot;
Agent [email protected])
Sessio none
n ID
Severi high
ty
Level
Trigge N/A
r
Policy
Messa Known Bots triggered Malicious Bot DotBot in category Crawler of Known Bots policy
ge Predefined - Known Bots
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass

dd    - 64
      f

Type
Signat N/A
ure ID
Sourc United States
e
Count
ry
Serve Prensa_https_SNI
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client 7A2DD9840FA8F8C7C51D6EFD348633150D36
Devic
e ID
Threa 25
t
Weigh
t
Histor 475
ical
Threa
t
Weigh
t
Threa Moderate
t
Level

Attack Details
Item Value
Date 2023-01-10 00:02:10
&
Time
Log 20000016
ID
MSG 1775098911
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 37.14.71.80
e
Sourc 54746
e Port
Destin 10.17.210.65
ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert_Deny
Http none
Metho

dd    - 65
      f

d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc Spain
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level

Attack Details
Item Value
Date 2023-01-10 00:02:12
&
Time

dd    - 66
      f

Log 20000016
ID
MSG 1775098957
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 92.190.165.45
e
Sourc 44336
e Port
Destin 10.17.210.65
ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc Spain
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er

dd    - 67
      f

Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level

Attack Details
Item Value
Date 2023-01-10 00:02:12
&
Time
Log 20000016
ID
MSG 1775098962
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 92.190.165.45
e
Sourc 44338
e Port
Destin 10.17.210.65
ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy

dd    - 68
      f

Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername


ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc Spain
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level

Attack Details
Item Value
Date 2023-01-10 00:02:14
&
Time
Log 20000016
ID
MSG 1775098991
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 92.190.165.45
e

dd    - 69
      f

Sourc 44340
e Port
Destin 10.17.210.65
ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc Spain
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t

dd    - 70
      f

Weigh
t
Threa Off
t
Level

Attack Details
Item Value
Date 2023-01-10 00:02:14
&
Time
Log 20000016
ID
MSG 1775098992
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 92.190.165.45
e
Sourc 44342
e Port
Destin 10.17.210.65
ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID

dd    - 71
      f

Sourc Spain
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level

Attack Details
Item Value
Date 2023-01-10 00:02:23
&
Time
Log 20000016
ID
MSG 1775099038
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 206.189.127.129
e
Sourc 58016
e Port
Destin 10.17.210.12
ation
Destin 443
ation
Port
Policy Pol_delta
Action Alert_Deny
Http none
Metho
d
URL none
Http none

dd    - 72
      f

Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc United Kingdom
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level

Attack Details
Item Value
Date 2023-01-10 00:03:25
&
Time
Log 20000016
ID
MSG 1775099572

dd    - 73
      f

ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 37.97.137.40
e
Sourc 56846
e Port
Destin 10.17.210.12
ation
Destin 443
ation
Port
Policy Pol_delta
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc Netherlands
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n

dd    - 74
      f

Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level

Attack Details
Item Value
Date 2023-01-10 00:03:29
&
Time
Log 20000016
ID
MSG 1775099654
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 157.55.39.2
e
Sourc 25472
e Port
Destin 10.17.210.65
ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown

dd    - 75
      f

ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc United States
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level

Attack Details
Item Value
Date 2023-01-10 00:03:29
&
Time
Log 20000016
ID
MSG 1775099669
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 157.55.39.2
e
Sourc 25473
e Port
Destin 10.17.210.65

dd    - 76
      f

ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc United States
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off

dd    - 77
      f

t
Level

Attack Details
Item Value
Date 2023-01-10 00:03:30
&
Time
Log 20000016
ID
MSG 1775099673
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 157.55.39.2
e
Sourc 25474
e Port
Destin 10.17.210.65
ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc United States
e
Count

dd    - 78
      f

ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level

Attack Details
Item Value
Date 2023-01-10 00:03:30
&
Time
Log 20000016
ID
MSG 1775099675
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 157.55.39.2
e
Sourc 25475
e Port
Destin 10.17.210.65
ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent

dd    - 79
      f

Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;258& 41; - unsupported protocol
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc United States
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level

Attack Details
Item Value
Date 2023-01-10 00:03:34
&
Time
Log 20000016
ID
MSG 1775099731
ID
Main HTTP Connection Failure
Type

dd    - 80
      f

Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 40.77.167.63
e
Sourc 48000
e Port
Destin 10.17.210.65
ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc United States
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID

dd    - 81
      f

Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level

Attack Details
Item Value
Date 2023-01-10 00:03:35
&
Time
Log 20000016
ID
MSG 1775099736
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 40.77.167.63
e
Sourc 48001
e Port
Destin 10.17.210.65
ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass

dd    - 82
      f

Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc United States
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level

Attack Details
Item Value
Date 2023-01-10 00:04:28
&
Time
Log 20000016
ID
MSG 1775100221
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 206.189.127.129
e
Sourc 39588
e Port
Destin 10.17.210.12
ation
Destin 443
ation

dd    - 83
      f

Port
Policy Pol_delta
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc United Kingdom
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level

dd    - 84
      f

Attack Details
Item Value
Date 2023-01-10 00:04:59
&
Time
Log 20000016
ID
MSG 1775100462
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 157.55.39.10
e
Sourc 37248
e Port
Destin 10.17.210.65
ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc United States
e
Count
ry
Serve none
r Pool

dd    - 85
      f

User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level

Attack Details
Item Value
Date 2023-01-10 00:04:59
&
Time
Log 20000016
ID
MSG 1775100464
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 157.55.39.10
e
Sourc 37249
e Port
Destin 10.17.210.65
ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low

dd    - 86
      f

ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc United States
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level

Attack Details
Item Value
Date 2023-01-10 00:05:04
&
Time
Log 20000016
ID
MSG 1775100502
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert

dd    - 87
      f

y
Servic https/tls1.2
e
Sourc 157.55.39.201
e
Sourc 37696
e Port
Destin 10.17.210.65
ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc United States
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh

dd    - 88
      f

t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level

Attack Details
Item Value
Date 2023-01-10 00:05:04
&
Time
Log 20000016
ID
MSG 1775100503
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 157.55.39.201
e
Sourc 37697
e Port
Destin 10.17.210.65
ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure

dd    - 89
      f

Subcl
ass
Type
Signat N/A
ure ID
Sourc United States
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level

Attack Details
Item Value
Date 2023-01-10 00:05:11
&
Time
Log 20000016
ID
MSG 1775100610
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 66.249.76.7
e
Sourc 49760
e Port
Destin 10.17.210.65
ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert_Deny

dd    - 90
      f

Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc Belgium
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level

Attack Details
Item Value
Date 2023-01-10 00:05:31

dd    - 91
      f

&
Time
Log 20000016
ID
MSG 1775100826
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 37.97.137.40
e
Sourc 37986
e Port
Destin 10.17.210.12
ation
Destin 443
ation
Port
Policy Pol_delta
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc Netherlands
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none

dd    - 92
      f

Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level

Attack Details
Item Value
Date 2023-01-10 00:06:34
&
Time
Log 20000016
ID
MSG 1775101756
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 206.189.127.129
e
Sourc 47358
e Port
Destin 10.17.210.12
ation
Destin 443
ation
Port
Policy Pol_delta
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A

dd    - 93
      f

r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc United Kingdom
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level

Attack Details
Item Value
Date 2023-01-10 00:07:08
&
Time
Log 20000016
ID
MSG 1775102058
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e

dd    - 94
      f

Sourc 169.228.66.212
e
Sourc 49246
e Port
Destin 10.17.210.64
ation
Destin 443
ation
Port
Policy Pol_libreriavirtual
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc United States
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical

dd    - 95
      f

Threa
t
Weigh
t
Threa Off
t
Level

Attack Details
Item Value
Date 2023-01-10 00:07:29
&
Time
Log 20000016
ID
MSG 1775102231
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 157.55.39.10
e
Sourc 38912
e Port
Destin 10.17.210.65
ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type

dd    - 96
      f

Signat N/A
ure ID
Sourc United States
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level

Attack Details
Item Value
Date 2023-01-10 00:07:29
&
Time
Log 20000016
ID
MSG 1775102232
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 157.55.39.10
e
Sourc 38913
e Port
Destin 10.17.210.65
ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert_Deny
Http none
Metho
d

dd    - 97
      f

URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc United States
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level

Attack Details
Item Value
Date 2023-01-10 00:07:39
&
Time
Log 20000016

dd    - 98
      f

ID
MSG 1775102333
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 213.180.203.77
e
Sourc 64414
e Port
Destin 10.17.210.65
ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc Russian Federation
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x

dd    - 99
      f

Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level

Attack Details
Item Value
Date 2023-01-10 00:07:39
&
Time
Log 20000016
ID
MSG 1775102334
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 213.180.203.77
e
Sourc 64490
e Port
Destin 10.17.210.65
ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername

dd    - 100
      f

ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc Russian Federation
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level

Attack Details
Item Value
Date 2023-01-10 00:07:39
&
Time
Log 20000016
ID
MSG 1775102335
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.1
e
Sourc 213.180.203.77
e
Sourc 64566

dd    - 101
      f

e Port
Destin 10.17.210.65
ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;258& 41; - unsupported protocol
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc Russian Federation
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh

dd    - 102
      f

t
Threa Off
t
Level

Attack Details
Item Value
Date 2023-01-10 00:07:40
&
Time
Log 20000016
ID
MSG 1775102346
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.0
e
Sourc 213.180.203.77
e
Sourc 64656
e Port
Destin 10.17.210.65
ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;258& 41; - unsupported protocol
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc Russian Federation

dd    - 103
      f

e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level

Attack Details
Item Value
Date 2023-01-10 00:07:42
&
Time
Log 20000016
ID
MSG 1775102440
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 37.97.137.40
e
Sourc 50248
e Port
Destin 10.17.210.12
ation
Destin 443
ation
Port
Policy Pol_delta
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host

dd    - 104
      f

Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc Netherlands
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level

Attack Details
Item Value
Date 2023-01-10 00:08:21
&
Time
Log 20000016
ID
MSG 1775102832
ID

dd    - 105
      f

Main HTTP Connection Failure


Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 40.77.167.40
e
Sourc 2880
e Port
Destin 10.17.210.65
ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc United States
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none

dd    - 106
      f

Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level

Attack Details
Item Value
Date 2023-01-10 00:08:22
&
Time
Log 20000016
ID
MSG 1775102834
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 40.77.167.40
e
Sourc 2881
e Port
Destin 10.17.210.65
ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure

dd    - 107
      f

Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc United States
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level

Attack Details
Item Value
Date 2023-01-10 00:08:48
&
Time
Log 20000016
ID
MSG 1775103099
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 206.189.127.129
e
Sourc 56172
e Port
Destin 10.17.210.12
ation

dd    - 108
      f

Destin 443
ation
Port
Policy Pol_delta
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc United Kingdom
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t

dd    - 109
      f

Level

Attack Details
Item Value
Date 2023-01-10 00:08:50
&
Time
Log 20000016
ID
MSG 1775103180
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 157.55.39.201
e
Sourc 37376
e Port
Destin 10.17.210.65
ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc United States
e
Count
ry

dd    - 110
      f

Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level

Attack Details
Item Value
Date 2023-01-10 00:08:51
&
Time
Log 20000016
ID
MSG 1775103183
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 157.55.39.201
e
Sourc 37377
e Port
Destin 10.17.210.65
ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none

dd    - 111
      f

n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc United States
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level

Attack Details
Item Value
Date 2023-01-10 00:09:40
&
Time
Log 20000037
ID
MSG 1775103873
ID
Main Machine Learning
Type
Sub Model test failed

dd    - 112
      f

Type
Priorit alert
y
Servic tcp
e
Sourc 0.0.0.0
e
Sourc 0
e Port
Destin 0.0.0.0
ation
Destin 0
ation
Port
Policy Pol_expinterweb
Action Alert
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi informative
ty
Level
Trigge N/A
r
Policy
Messa The mathematical model of argument& 60;idDivProv& 62;& 40;2228& 41; in *.mites.gob.es
ge failed. Model
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc Unknown
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http unknown
Versio
n
Client none
Devic
e ID
Threa 0

dd    - 113
      f

t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Low
t
Level

Attack Details
Item Value
Date 2023-01-10 00:09:40
&
Time
Log 20000037
ID
MSG 1775103874
ID
Main Machine Learning
Type
Sub Model test failed
Type
Priorit alert
y
Servic tcp
e
Sourc 0.0.0.0
e
Sourc 0
e Port
Destin 0.0.0.0
ation
Destin 0
ation
Port
Policy Pol_expinterweb
Action Alert
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi informative
ty
Level
Trigge N/A
r
Policy
Messa The mathematical model of argument& 60;hayConvenios& 62;& 40;2231& 41; in
ge *.mites.gob.es failed. Model
Signat Unknown
ure
Maincl
ass
Type

dd    - 114
      f

Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc Unknown
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http unknown
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Low
t
Level

Attack Details
Item Value
Date 2023-01-10 00:09:40
&
Time
Log 20000037
ID
MSG 1775103875
ID
Main Machine Learning
Type
Sub Model test failed
Type
Priorit alert
y
Servic tcp
e
Sourc 0.0.0.0
e
Sourc 0
e Port
Destin 0.0.0.0
ation
Destin 0
ation
Port

dd    - 115
      f

Policy Pol_expinterweb
Action Alert
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi informative
ty
Level
Trigge N/A
r
Policy
Messa The mathematical model of argument& 60;detalleProvincia& 62;& 40;2232& 41; in
ge *.mites.gob.es failed. Model
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc Unknown
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http unknown
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Low
t
Level

Attack Details

dd    - 116
      f

Item Value
Date 2023-01-10 00:09:40
&
Time
Log 20000037
ID
MSG 1775103876
ID
Main Machine Learning
Type
Sub Model test failed
Type
Priorit alert
y
Servic tcp
e
Sourc 0.0.0.0
e
Sourc 0
e Port
Destin 0.0.0.0
ation
Destin 0
ation
Port
Policy Pol_expinterweb
Action Alert
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi informative
ty
Level
Trigge N/A
r
Policy
Messa The mathematical model of argument& 60;provinciaId& 62;& 40;2233& 41; in
ge *.mites.gob.es failed. Model
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc Unknown
e
Count
ry
Serve none
r Pool
User Unknown

dd    - 117
      f

Name
Http none
Refer
er
Http unknown
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Low
t
Level

Attack Details
Item Value
Date 2023-01-10 00:09:48
&
Time
Log 20000016
ID
MSG 1775104025
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 157.55.39.86
e
Sourc 3648
e Port
Destin 10.17.210.65
ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty

dd    - 118
      f

Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc United States
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level

Attack Details
Item Value
Date 2023-01-10 00:09:48
&
Time
Log 20000016
ID
MSG 1775104026
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y

dd    - 119
      f

Servic https/tls1.2
e
Sourc 157.55.39.86
e
Sourc 3393
e Port
Destin 10.17.210.65
ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc United States
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t

dd    - 120
      f

Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level

Attack Details
Item Value
Date 2023-01-10 00:09:49
&
Time
Log 20000051
ID
MSG 1775104053
ID
Main Known Bots Detection
Type
Sub Crawler
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 23.59.168.230
e
Sourc 52950
e Port
Destin 10.17.210.40
ation
Destin 443
ation
Port
Policy Pol_Prensa_https_SNI
Action Alert_Deny
Http get
Metho
d
URL /WebPrensa/img/noticias/principal/20220525_17_52_25_photo_2022-05-25_17-04-05.jpg
Http prensa.mites.gob.es
Host
Http Mozilla/5.0 (Linux; Android 7.0;) AppleWebKit/537.36 (KHTML, like Gecko) Mobile
Agent Safari/537.36 (compatible; PetalBot;+https://webmaster.petalsearch.com/site/petalbot)
Sessio none
n ID
Severi high
ty
Level
Trigge N/A
r
Policy
Messa Known Bots triggered Malicious Bot PetalBot in category Crawler of Known Bots policy
ge Predefined - Known Bots
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl

dd    - 121
      f

ass
Type
Signat N/A
ure ID
Sourc Singapore
e
Count
ry
Serve Prensa_https_SNI
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client 76EE5589BFEC42394E3A3C4AEE666FB90AF9
Devic
e ID
Threa 25
t
Weigh
t
Histor 75
ical
Threa
t
Weigh
t
Threa Moderate
t
Level

Attack Details
Item Value
Date 2023-01-10 00:09:55
&
Time
Log 20000016
ID
MSG 1775104166
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 37.97.137.40
e
Sourc 60968
e Port
Destin 10.17.210.12
ation
Destin 443
ation
Port
Policy Pol_delta
Action Alert_Deny
Http none

dd    - 122
      f

Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc Netherlands
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level

Attack Details
Item Value
Date 2023-01-10 00:10:28
&

dd    - 123
      f

Time
Log 20000016
ID
MSG 1775104443
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 66.249.76.7
e
Sourc 57613
e Port
Destin 10.17.210.65
ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc Belgium
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer

dd    - 124
      f

er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level

Attack Details
Item Value
Date 2023-01-10 00:10:36
&
Time
Log 20000008
ID
MSG 1775104537
ID
Main Signature Detection
Type
Sub Generic Attacks
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 10.179.34.146
e
Sourc 64465
e Port
Destin 10.17.210.12
ation
Destin 443
ation
Port
Policy Pol_delta
Action Alert_Deny
Http get
Metho
d
URL /Delta2Web/gusu/../gpat/CritConsultaPat.jsp
Http delta.mites.gob.es
Host
Http Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Firefox/60.0 Java/1.8.0_221
Agent
Sessio 678B28691B115C687C4FFDEE23388403
n ID
Severi high
ty
Level
Trigge N/A
r

dd    - 125
      f

Policy
Messa URI triggered signature ID 050180008 of Signatures policy MEYSS_Signature_MEDIUM
ge
Signat Unknown
ure
Maincl
ass
Type
Signat Directory Traversal
ure
Subcl
ass
Type
Signat 050180008
ure ID
Sourc Reserved
e
Count
ry
Serve Delta_PRO
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client 8688CC67609208AACEF0D65DB7F40ED625B7
Devic
e ID
Threa 100
t
Weigh
t
Histor 100
ical
Threa
t
Weigh
t
Threa Severe
t
Level

Attack Details
Item Value
Date 2023-01-10 00:10:37
&
Time
Log 20000016
ID
MSG 1775104556
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 173.252.83.20

dd    - 126
      f

e
Sourc 39480
e Port
Destin 10.17.210.65
ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc United States
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa

dd    - 127
      f

t
Weigh
t
Threa Off
t
Level

Attack Details
Item Value
Date 2023-01-10 00:10:38
&
Time
Log 20000016
ID
MSG 1775104561
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 173.252.79.14
e
Sourc 45718
e Port
Destin 10.17.210.65
ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A

dd    - 128
      f

ure ID
Sourc United States
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level

Attack Details
Item Value
Date 2023-01-10 00:10:55
&
Time
Log 20000016
ID
MSG 1775104736
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 216.244.66.232
e
Sourc 45424
e Port
Destin 10.17.210.65
ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert_Deny
Http none
Metho
d
URL none

dd    - 129
      f

Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc United States
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level

Attack Details
Item Value
Date 2023-01-10 00:10:58
&
Time
Log 20000016
ID

dd    - 130
      f

MSG 1775104743
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 206.189.127.129
e
Sourc 37780
e Port
Destin 10.17.210.12
ation
Destin 443
ation
Port
Policy Pol_delta
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc United Kingdom
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio

dd    - 131
      f

n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level

Attack Details
Item Value
Date 2023-01-10 00:11:06
&
Time
Log 20000016
ID
MSG 1775104819
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 216.244.66.232
e
Sourc 47258
e Port
Destin 10.17.210.65
ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge

dd    - 132
      f

Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc United States
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level

Attack Details
Item Value
Date 2023-01-10 00:11:08
&
Time
Log 20000008
ID
MSG 1775104888
ID
Main Signature Detection
Type
Sub Generic Attacks(Extended)
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 81.202.2.92
e
Sourc 53595
e Port

dd    - 133
      f

Destin 10.17.210.65
ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert
Http post
Metho
d
URL /rb_672bda62-27f5-4ac5-a713-9fda56ef7959
Http expinterweb.mites.gob.es
Host
Http Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko)
Agent Chrome/108.0.0.0 Safari/537.36 Edg/108.0.1462.76
Sessio 678B286A9FA9E88E201C127571A29158
n ID
Severi medium
ty
Level
Trigge N/A
r
Policy
Messa Parameter& 40;rf& 41; triggered signature ID 060140003 of Signatures policy
ge WP_Signature_EXPINTERWEB_ALL
Signat Unknown
ure
Maincl
ass
Type
Signat RFI Injection
ure
Subcl
ass
Type
Signat 060140003
ure ID
Sourc Spain
e
Count
ry
Serve EXPINTERWEB
r Pool
User Unknown
Name
Http https://expinterweb.mites.gob.es/regcon/
Refer
er
Http 1.x
Versio
n
Client 1D25B0660503EADC894F8B9953B3EF07BF4B
Devic
e ID
Threa 25
t
Weigh
t
Histor 25
ical
Threa
t
Weigh
t

dd    - 134
      f

Threa Moderate
t
Level

Attack Details
Item Value
Date 2023-01-10 00:11:22
&
Time
Log 20000016
ID
MSG 1775105004
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 46.26.248.1
e
Sourc 53774
e Port
Destin 10.17.210.65
ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc Spain
e

dd    - 135
      f

Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level

Attack Details
Item Value
Date 2023-01-10 00:11:22
&
Time
Log 20000016
ID
MSG 1775105005
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 46.26.248.1
e
Sourc 53776
e Port
Destin 10.17.210.65
ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none

dd    - 136
      f

Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc Spain
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level

Attack Details
Item Value
Date 2023-01-10 00:11:22
&
Time
Log 20000016
ID
MSG 1775105049
ID
Main HTTP Connection Failure

dd    - 137
      f

Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 46.26.248.1
e
Sourc 53778
e Port
Destin 10.17.210.65
ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc Spain
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic

dd    - 138
      f

e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level

Attack Details
Item Value
Date 2023-01-10 00:11:22
&
Time
Log 20000016
ID
MSG 1775105050
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 46.26.248.1
e
Sourc 53780
e Port
Destin 10.17.210.65
ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl

dd    - 139
      f

ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc Spain
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level

Attack Details
Item Value
Date 2023-01-10 00:11:39
&
Time
Log 20000016
ID
MSG 1775105168
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 185.191.171.39
e
Sourc 12008
e Port
Destin 10.17.210.65
ation
Destin 443

dd    - 140
      f

ation
Port
Policy Pol_expinterweb
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc United States
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level

dd    - 141
      f

Attack Details
Item Value
Date 2023-01-10 00:11:39
&
Time
Log 20000016
ID
MSG 1775105171
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 185.191.171.39
e
Sourc 13496
e Port
Destin 10.17.210.65
ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc United States
e
Count
ry
Serve none

dd    - 142
      f

r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level

Attack Details
Item Value
Date 2023-01-10 00:12:00
&
Time
Log 20000016
ID
MSG 1775105394
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 37.97.137.40
e
Sourc 42562
e Port
Destin 10.17.210.12
ation
Destin 443
ation
Port
Policy Pol_delta
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID

dd    - 143
      f

Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc Netherlands
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level

Attack Details
Item Value
Date 2023-01-10 00:12:14
&
Time
Log 20000016
ID
MSG 1775105462
ID
Main HTTP Connection Failure
Type
Sub N/A
Type

dd    - 144
      f

Priorit alert
y
Servic https/tls1.2
e
Sourc 40.77.167.63
e
Sourc 47872
e Port
Destin 10.17.210.65
ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc United States
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t

dd    - 145
      f

Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level

Attack Details
Item Value
Date 2023-01-10 00:12:15
&
Time
Log 20000016
ID
MSG 1775105464
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 40.77.167.63
e
Sourc 47873
e Port
Destin 10.17.210.65
ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A

dd    - 146
      f

ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc United States
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level

Attack Details
Item Value
Date 2023-01-10 00:12:47
&
Time
Log 20000016
ID
MSG 1775105721
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 157.55.39.86
e
Sourc 3648
e Port
Destin 10.17.210.9
ation
Destin 443
ation
Port
Policy Pol_bibliotecavirtual

dd    - 147
      f

Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc United States
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level

Attack Details
Item Value

dd    - 148
      f

Date 2023-01-10 00:12:48


&
Time
Log 20000016
ID
MSG 1775105723
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 157.55.39.86
e
Sourc 3584
e Port
Destin 10.17.210.9
ation
Destin 443
ation
Port
Policy Pol_bibliotecavirtual
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc United States
e
Count
ry
Serve none
r Pool
User Unknown
Name

dd    - 149
      f

Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level

Attack Details
Item Value
Date 2023-01-10 00:13:06
&
Time
Log 20000016
ID
MSG 1775105813
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 206.189.127.129
e
Sourc 45658
e Port
Destin 10.17.210.12
ation
Destin 443
ation
Port
Policy Pol_delta
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level

dd    - 150
      f

Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc United Kingdom
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level

Attack Details
Item Value
Date 2023-01-10 00:13:21
&
Time
Log 20000016
ID
MSG 1775105918
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2

dd    - 151
      f

e
Sourc 216.244.66.232
e
Sourc 36098
e Port
Destin 10.17.210.65
ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc United States
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0

dd    - 152
      f

ical
Threa
t
Weigh
t
Threa Off
t
Level

Attack Details
Item Value
Date 2023-01-10 00:13:22
&
Time
Log 20000016
ID
MSG 1775105935
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 157.55.39.201
e
Sourc 37376
e Port
Destin 10.17.210.65
ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass

dd    - 153
      f

Type
Signat N/A
ure ID
Sourc United States
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level

Attack Details
Item Value
Date 2023-01-10 00:13:22
&
Time
Log 20000016
ID
MSG 1775105953
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 157.55.39.201
e
Sourc 37377
e Port
Destin 10.17.210.65
ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert_Deny
Http none
Metho

dd    - 154
      f

d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc United States
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level

Attack Details
Item Value
Date 2023-01-10 00:14:09
&
Time

dd    - 155
      f

Log 20000016
ID
MSG 1775106424
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 37.97.137.40
e
Sourc 53076
e Port
Destin 10.17.210.12
ation
Destin 443
ation
Port
Policy Pol_delta
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc Netherlands
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er

dd    - 156
      f

Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level

Attack Details
Item Value
Date 2023-01-10 00:14:10
&
Time
Log 20000008
ID
MSG 1775106426
ID
Main Signature Detection
Type
Sub Generic Attacks(Extended)
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 83.44.52.242
e
Sourc 60935
e Port
Destin 10.17.210.65
ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert
Http post
Metho
d
URL /rb_672bda62-27f5-4ac5-a713-9fda56ef7959
Http expinterweb.mites.gob.es
Host
Http Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko)
Agent Chrome/108.0.0.0 Safari/537.36
Sessio 678B286AF889F3A3DA9CD88CC7CCB083
n ID
Severi medium
ty
Level
Trigge N/A
r
Policy

dd    - 157
      f

Messa Parameter& 40;rf& 41; triggered signature ID 060140003 of Signatures policy


ge WP_Signature_EXPINTERWEB_ALL
Signat Unknown
ure
Maincl
ass
Type
Signat RFI Injection
ure
Subcl
ass
Type
Signat 060140003
ure ID
Sourc Spain
e
Count
ry
Serve EXPINTERWEB
r Pool
User Unknown
Name
Http https://expinterweb.mites.gob.es/regcon/index.htm
Refer
er
Http 1.x
Versio
n
Client 89745709D2DFC5DA260E017145D16793FB06
Devic
e ID
Threa 25
t
Weigh
t
Histor 25
ical
Threa
t
Weigh
t
Threa Moderate
t
Level

Attack Details
Item Value
Date 2023-01-10 00:14:10
&
Time
Log 20000008
ID
MSG 1775106427
ID
Main Signature Detection
Type
Sub Generic Attacks(Extended)
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 83.44.52.242
e

dd    - 158
      f

Sourc 60935
e Port
Destin 10.17.210.65
ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert
Http post
Metho
d
URL /rb_672bda62-27f5-4ac5-a713-9fda56ef7959
Http expinterweb.mites.gob.es
Host
Http Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko)
Agent Chrome/108.0.0.0 Safari/537.36
Sessio 678B286AF889F3A3DA9CD88CC7CCB083
n ID
Severi medium
ty
Level
Trigge N/A
r
Policy
Messa Parameter& 40;$a& 41; triggered signature ID 060140003 of Signatures policy
ge WP_Signature_EXPINTERWEB_ALL
Signat Unknown
ure
Maincl
ass
Type
Signat RFI Injection
ure
Subcl
ass
Type
Signat 060140003
ure ID
Sourc Spain
e
Count
ry
Serve EXPINTERWEB
r Pool
User Unknown
Name
Http https://expinterweb.mites.gob.es/regcon/index.htm
Refer
er
Http 1.x
Versio
n
Client 89745709D2DFC5DA260E017145D16793FB06
Devic
e ID
Threa 25
t
Weigh
t
Histor 50
ical
Threa
t

dd    - 159
      f

Weigh
t
Threa Moderate
t
Level

Attack Details
Item Value
Date 2023-01-10 00:15:14
&
Time
Log 20000016
ID
MSG 1775106924
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 206.189.127.129
e
Sourc 54256
e Port
Destin 10.17.210.12
ation
Destin 443
ation
Port
Policy Pol_delta
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID

dd    - 160
      f

Sourc United Kingdom


e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level

Attack Details
Item Value
Date 2023-01-10 00:15:18
&
Time
Log 20000016
ID
MSG 1775106946
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 157.55.39.86
e
Sourc 2624
e Port
Destin 10.17.210.65
ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert_Deny
Http none
Metho
d
URL none
Http none

dd    - 161
      f

Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc United States
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level

Attack Details
Item Value
Date 2023-01-10 00:15:18
&
Time
Log 20000016
ID
MSG 1775106965

dd    - 162
      f

ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 157.55.39.86
e
Sourc 2625
e Port
Destin 10.17.210.65
ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc United States
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n

dd    - 163
      f

Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level

Attack Details
Item Value
Date 2023-01-10 00:16:11
&
Time
Log 20000016
ID
MSG 1775107559
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 40.77.167.40
e
Sourc 1600
e Port
Destin 10.17.210.65
ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown

dd    - 164
      f

ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc United States
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level

Attack Details
Item Value
Date 2023-01-10 00:16:11
&
Time
Log 20000016
ID
MSG 1775107560
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 40.77.167.40
e
Sourc 1601
e Port
Destin 10.17.210.65

dd    - 165
      f

ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc United States
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off

dd    - 166
      f

t
Level

Attack Details
Item Value
Date 2023-01-10 00:16:16
&
Time
Log 20000016
ID
MSG 1775107649
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 157.55.39.89
e
Sourc 64640
e Port
Destin 10.17.210.65
ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc United States
e
Count

dd    - 167
      f

ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level

Attack Details
Item Value
Date 2023-01-10 00:16:16
&
Time
Log 20000016
ID
MSG 1775107650
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 157.55.39.89
e
Sourc 64641
e Port
Destin 10.17.210.65
ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent

dd    - 168
      f

Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc United States
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level

Attack Details
Item Value
Date 2023-01-10 00:16:18
&
Time
Log 20000016
ID
MSG 1775107656
ID
Main HTTP Connection Failure
Type

dd    - 169
      f

Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 37.97.137.40
e
Sourc 33012
e Port
Destin 10.17.210.12
ation
Destin 443
ation
Port
Policy Pol_delta
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc Netherlands
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID

dd    - 170
      f

Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level

Attack Details
Item Value
Date 2023-01-10 00:16:22
&
Time
Log 20000016
ID
MSG 1775107693
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 173.252.95.10
e
Sourc 62572
e Port
Destin 10.17.210.65
ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass

dd    - 171
      f

Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc United States
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level

Attack Details
Item Value
Date 2023-01-10 00:16:28
&
Time
Log 20000016
ID
MSG 1775107737
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 185.191.171.45
e
Sourc 30946
e Port
Destin 10.17.210.65
ation
Destin 443
ation

dd    - 172
      f

Port
Policy Pol_expinterweb
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc United States
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level

dd    - 173
      f

Attack Details
Item Value
Date 2023-01-10 00:16:28
&
Time
Log 20000016
ID
MSG 1775107738
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 185.191.171.45
e
Sourc 31038
e Port
Destin 10.17.210.65
ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc United States
e
Count
ry
Serve none
r Pool

dd    - 174
      f

User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level

Attack Details
Item Value
Date 2023-01-10 00:16:40
&
Time
Log 20000016
ID
MSG 1775107887
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 130.211.54.158
e
Sourc 43512
e Port
Destin 10.17.210.64
ation
Destin 443
ation
Port
Policy Pol_libreriavirtual
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low

dd    - 175
      f

ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc Belgium
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level

Attack Details
Item Value
Date 2023-01-10 00:16:42
&
Time
Log 20000016
ID
MSG 1775107900
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert

dd    - 176
      f

y
Servic https/tls1.2
e
Sourc 35.233.62.116
e
Sourc 50122
e Port
Destin 10.17.210.64
ation
Destin 443
ation
Port
Policy Pol_libreriavirtual
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc Belgium
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh

dd    - 177
      f

t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level

Attack Details
Item Value
Date 2023-01-10 00:16:46
&
Time
Log 20000016
ID
MSG 1775107907
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 35.233.62.116
e
Sourc 43786
e Port
Destin 10.17.210.64
ation
Destin 443
ation
Port
Policy Pol_libreriavirtual
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure

dd    - 178
      f

Subcl
ass
Type
Signat N/A
ure ID
Sourc Belgium
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level

Attack Details
Item Value
Date 2023-01-10 00:16:53
&
Time
Log 20000016
ID
MSG 1775107996
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 157.55.39.89
e
Sourc 64642
e Port
Destin 10.17.210.65
ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert_Deny

dd    - 179
      f

Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc United States
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level

Attack Details
Item Value
Date 2023-01-10 00:16:53

dd    - 180
      f

&
Time
Log 20000016
ID
MSG 1775108011
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 157.55.39.89
e
Sourc 64643
e Port
Destin 10.17.210.65
ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc United States
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none

dd    - 181
      f

Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level

Attack Details
Item Value
Date 2023-01-10 00:17:01
&
Time
Log 20000016
ID
MSG 1775108072
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e
Sourc 88.20.206.206
e
Sourc 51255
e Port
Destin 10.17.210.65
ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A

dd    - 182
      f

r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc Spain
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical
Threa
t
Weigh
t
Threa Off
t
Level

Attack Details
Item Value
Date 2023-01-10 00:17:01
&
Time
Log 20000016
ID
MSG 1775108073
ID
Main HTTP Connection Failure
Type
Sub N/A
Type
Priorit alert
y
Servic https/tls1.2
e

dd    - 183
      f

Sourc 88.20.206.206
e
Sourc 51256
e Port
Destin 10.17.210.65
ation
Destin 443
ation
Port
Policy Pol_expinterweb
Action Alert_Deny
Http none
Metho
d
URL none
Http none
Host
Http none
Agent
Sessio none
n ID
Severi low
ty
Level
Trigge N/A
r
Policy
Messa SSL Error& 40;319& 41; - ssl3 ext invalid servername
ge
Signat Unknown
ure
Maincl
ass
Type
Signat N/A
ure
Subcl
ass
Type
Signat N/A
ure ID
Sourc Spain
e
Count
ry
Serve none
r Pool
User Unknown
Name
Http none
Refer
er
Http 1.x
Versio
n
Client none
Devic
e ID
Threa 0
t
Weigh
t
Histor 0
ical

dd    - 184
      f

Threa
t
Weigh
t
Threa Off
t
Level

dd    - 185

You might also like