2021-03-18 10:18:59 +00:00
|
|
|
# Title: Online Malicious URL Snort2 Ruleset
|
2021-11-11 12:10:39 +00:00
|
|
|
# Updated: Thu, 11 Nov 2021 12:10:31 +0000
|
2021-03-18 10:18:59 +00:00
|
|
|
# Expires: 1 day (update frequency)
|
|
|
|
# Homepage: https://gitlab.com/curben/urlhaus-filter
|
2021-03-19 00:12:51 +00:00
|
|
|
# License: https://gitlab.com/curben/urlhaus-filter#license
|
2021-03-18 10:18:59 +00:00
|
|
|
# Source: https://urlhaus.abuse.ch/api/
|
2021-11-08 00:10:51 +00:00
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.0.218.230"; content:"Host"; http_header; classtype:trojan-activity; sid:100000001; rev:1;)
|
2021-11-10 00:10:51 +00:00
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.10.146.148"; content:"Host"; http_header; classtype:trojan-activity; sid:100000002; rev:1;)
|
2021-11-11 12:10:39 +00:00
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.14.61.188"; content:"Host"; http_header; classtype:trojan-activity; sid:100000003; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.222.168.77"; content:"Host"; http_header; classtype:trojan-activity; sid:100000004; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.222.198.69"; content:"Host"; http_header; classtype:trojan-activity; sid:100000005; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.246.222.107"; content:"Host"; http_header; classtype:trojan-activity; sid:100000006; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.246.222.109"; content:"Host"; http_header; classtype:trojan-activity; sid:100000007; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.246.222.113"; content:"Host"; http_header; classtype:trojan-activity; sid:100000008; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.246.222.127"; content:"Host"; http_header; classtype:trojan-activity; sid:100000009; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.246.222.13"; content:"Host"; http_header; classtype:trojan-activity; sid:100000010; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.246.222.134"; content:"Host"; http_header; classtype:trojan-activity; sid:100000011; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.246.222.15"; content:"Host"; http_header; classtype:trojan-activity; sid:100000012; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.246.222.16"; content:"Host"; http_header; classtype:trojan-activity; sid:100000013; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.246.222.2"; content:"Host"; http_header; classtype:trojan-activity; sid:100000014; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.246.222.20"; content:"Host"; http_header; classtype:trojan-activity; sid:100000015; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.246.222.201"; content:"Host"; http_header; classtype:trojan-activity; sid:100000016; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.246.222.213"; content:"Host"; http_header; classtype:trojan-activity; sid:100000017; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.246.222.22"; content:"Host"; http_header; classtype:trojan-activity; sid:100000018; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.246.222.226"; content:"Host"; http_header; classtype:trojan-activity; sid:100000019; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.246.222.232"; content:"Host"; http_header; classtype:trojan-activity; sid:100000020; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.246.222.234"; content:"Host"; http_header; classtype:trojan-activity; sid:100000021; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.246.222.237"; content:"Host"; http_header; classtype:trojan-activity; sid:100000022; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.246.222.245"; content:"Host"; http_header; classtype:trojan-activity; sid:100000023; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.246.222.249"; content:"Host"; http_header; classtype:trojan-activity; sid:100000024; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.246.222.38"; content:"Host"; http_header; classtype:trojan-activity; sid:100000025; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.246.222.40"; content:"Host"; http_header; classtype:trojan-activity; sid:100000026; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.246.222.41"; content:"Host"; http_header; classtype:trojan-activity; sid:100000027; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.246.222.43"; content:"Host"; http_header; classtype:trojan-activity; sid:100000028; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.246.222.45"; content:"Host"; http_header; classtype:trojan-activity; sid:100000029; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.246.222.49"; content:"Host"; http_header; classtype:trojan-activity; sid:100000030; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.246.222.56"; content:"Host"; http_header; classtype:trojan-activity; sid:100000031; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.246.222.6"; content:"Host"; http_header; classtype:trojan-activity; sid:100000032; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.246.222.69"; content:"Host"; http_header; classtype:trojan-activity; sid:100000033; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.246.222.80"; content:"Host"; http_header; classtype:trojan-activity; sid:100000034; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.246.222.94"; content:"Host"; http_header; classtype:trojan-activity; sid:100000035; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.246.222.98"; content:"Host"; http_header; classtype:trojan-activity; sid:100000036; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.246.223.10"; content:"Host"; http_header; classtype:trojan-activity; sid:100000037; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.246.223.103"; content:"Host"; http_header; classtype:trojan-activity; sid:100000038; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.246.223.109"; content:"Host"; http_header; classtype:trojan-activity; sid:100000039; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.246.223.126"; content:"Host"; http_header; classtype:trojan-activity; sid:100000040; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.246.223.130"; content:"Host"; http_header; classtype:trojan-activity; sid:100000041; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.246.223.146"; content:"Host"; http_header; classtype:trojan-activity; sid:100000042; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.246.223.15"; content:"Host"; http_header; classtype:trojan-activity; sid:100000043; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.246.223.151"; content:"Host"; http_header; classtype:trojan-activity; sid:100000044; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.246.223.18"; content:"Host"; http_header; classtype:trojan-activity; sid:100000045; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.246.223.223"; content:"Host"; http_header; classtype:trojan-activity; sid:100000046; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.246.223.32"; content:"Host"; http_header; classtype:trojan-activity; sid:100000047; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.246.223.37"; content:"Host"; http_header; classtype:trojan-activity; sid:100000048; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.246.223.4"; content:"Host"; http_header; classtype:trojan-activity; sid:100000049; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.246.223.48"; content:"Host"; http_header; classtype:trojan-activity; sid:100000050; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.246.223.49"; content:"Host"; http_header; classtype:trojan-activity; sid:100000051; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.246.223.54"; content:"Host"; http_header; classtype:trojan-activity; sid:100000052; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.246.223.58"; content:"Host"; http_header; classtype:trojan-activity; sid:100000053; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.246.223.59"; content:"Host"; http_header; classtype:trojan-activity; sid:100000054; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.246.223.6"; content:"Host"; http_header; classtype:trojan-activity; sid:100000055; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.246.223.71"; content:"Host"; http_header; classtype:trojan-activity; sid:100000056; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.246.223.83"; content:"Host"; http_header; classtype:trojan-activity; sid:100000057; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.246.223.94"; content:"Host"; http_header; classtype:trojan-activity; sid:100000058; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.53.97.53"; content:"Host"; http_header; classtype:trojan-activity; sid:100000059; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.58.2.5"; content:"Host"; http_header; classtype:trojan-activity; sid:100000060; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.58.227.216"; content:"Host"; http_header; classtype:trojan-activity; sid:100000061; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.64.1.13"; content:"Host"; http_header; classtype:trojan-activity; sid:100000062; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.69.101.15"; content:"Host"; http_header; classtype:trojan-activity; sid:100000063; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"100.12.51.122"; content:"Host"; http_header; classtype:trojan-activity; sid:100000064; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"100.35.47.56"; content:"Host"; http_header; classtype:trojan-activity; sid:100000065; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"100.38.34.189"; content:"Host"; http_header; classtype:trojan-activity; sid:100000066; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1008691.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100000067; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"101.108.128.118"; content:"Host"; http_header; classtype:trojan-activity; sid:100000068; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"101.109.246.8"; content:"Host"; http_header; classtype:trojan-activity; sid:100000069; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"101.20.160.248"; content:"Host"; http_header; classtype:trojan-activity; sid:100000070; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"101.20.213.79"; content:"Host"; http_header; classtype:trojan-activity; sid:100000071; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"101.22.174.167"; content:"Host"; http_header; classtype:trojan-activity; sid:100000072; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"101.22.241.95"; content:"Host"; http_header; classtype:trojan-activity; sid:100000073; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"101.25.52.19"; content:"Host"; http_header; classtype:trojan-activity; sid:100000074; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"101.25.54.188"; content:"Host"; http_header; classtype:trojan-activity; sid:100000075; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"101.25.82.118"; content:"Host"; http_header; classtype:trojan-activity; sid:100000076; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"101.25.97.15"; content:"Host"; http_header; classtype:trojan-activity; sid:100000077; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"101.25.98.179"; content:"Host"; http_header; classtype:trojan-activity; sid:100000078; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"101.255.36.154"; content:"Host"; http_header; classtype:trojan-activity; sid:100000079; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"101.255.85.58"; content:"Host"; http_header; classtype:trojan-activity; sid:100000080; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"101.26.68.243"; content:"Host"; http_header; classtype:trojan-activity; sid:100000081; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"101.26.86.32"; content:"Host"; http_header; classtype:trojan-activity; sid:100000082; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"101.28.68.219"; content:"Host"; http_header; classtype:trojan-activity; sid:100000083; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"101.28.76.62"; content:"Host"; http_header; classtype:trojan-activity; sid:100000084; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"101.28.91.70"; content:"Host"; http_header; classtype:trojan-activity; sid:100000085; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"101.30.102.14"; content:"Host"; http_header; classtype:trojan-activity; sid:100000086; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"101.30.13.136"; content:"Host"; http_header; classtype:trojan-activity; sid:100000087; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"101.51.121.206"; content:"Host"; http_header; classtype:trojan-activity; sid:100000088; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"101.65.129.98"; content:"Host"; http_header; classtype:trojan-activity; sid:100000089; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"101.65.131.144"; content:"Host"; http_header; classtype:trojan-activity; sid:100000090; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"101.67.214.19"; content:"Host"; http_header; classtype:trojan-activity; sid:100000091; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"101.67.242.174"; content:"Host"; http_header; classtype:trojan-activity; sid:100000092; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"101.69.119.226"; content:"Host"; http_header; classtype:trojan-activity; sid:100000093; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"101.75.175.19"; content:"Host"; http_header; classtype:trojan-activity; sid:100000094; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"101.75.176.249"; content:"Host"; http_header; classtype:trojan-activity; sid:100000095; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"101.78.22.102"; content:"Host"; http_header; classtype:trojan-activity; sid:100000096; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"103.109.82.23"; content:"Host"; http_header; classtype:trojan-activity; sid:100000097; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"103.110.171.60"; content:"Host"; http_header; classtype:trojan-activity; sid:100000098; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"103.117.219.124"; content:"Host"; http_header; classtype:trojan-activity; sid:100000099; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"103.118.167.223"; content:"Host"; http_header; classtype:trojan-activity; sid:100000100; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"103.12.160.84"; content:"Host"; http_header; classtype:trojan-activity; sid:100000101; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"103.120.133.155"; content:"Host"; http_header; classtype:trojan-activity; sid:100000102; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"103.124.106.133"; content:"Host"; http_header; classtype:trojan-activity; sid:100000103; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"103.125.163.10"; content:"Host"; http_header; classtype:trojan-activity; sid:100000104; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"103.139.89.233"; content:"Host"; http_header; classtype:trojan-activity; sid:100000105; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"103.149.12.116"; content:"Host"; http_header; classtype:trojan-activity; sid:100000106; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"103.154.238.89"; content:"Host"; http_header; classtype:trojan-activity; sid:100000107; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"103.157.162.84"; content:"Host"; http_header; classtype:trojan-activity; sid:100000108; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"103.16.145.25"; content:"Host"; http_header; classtype:trojan-activity; sid:100000109; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"103.161.232.141"; content:"Host"; http_header; classtype:trojan-activity; sid:100000110; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"103.162.29.212"; content:"Host"; http_header; classtype:trojan-activity; sid:100000111; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"103.162.60.19"; content:"Host"; http_header; classtype:trojan-activity; sid:100000112; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"103.164.200.170"; content:"Host"; http_header; classtype:trojan-activity; sid:100000113; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"103.167.85.176"; content:"Host"; http_header; classtype:trojan-activity; sid:100000114; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"103.167.90.85"; content:"Host"; http_header; classtype:trojan-activity; sid:100000115; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"103.171.0.134"; content:"Host"; http_header; classtype:trojan-activity; sid:100000116; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"103.171.0.220"; content:"Host"; http_header; classtype:trojan-activity; sid:100000117; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"103.171.0.73"; content:"Host"; http_header; classtype:trojan-activity; sid:100000118; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"103.171.1.113"; content:"Host"; http_header; classtype:trojan-activity; sid:100000119; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"103.193.119.179"; content:"Host"; http_header; classtype:trojan-activity; sid:100000120; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"103.193.119.188"; content:"Host"; http_header; classtype:trojan-activity; sid:100000121; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"103.193.119.204"; content:"Host"; http_header; classtype:trojan-activity; sid:100000122; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"103.209.103.16"; content:"Host"; http_header; classtype:trojan-activity; sid:100000123; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"103.209.140.146"; content:"Host"; http_header; classtype:trojan-activity; sid:100000124; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"103.216.200.238"; content:"Host"; http_header; classtype:trojan-activity; sid:100000125; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"103.217.215.21"; content:"Host"; http_header; classtype:trojan-activity; sid:100000126; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"103.224.200.146"; content:"Host"; http_header; classtype:trojan-activity; sid:100000127; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"103.224.200.40"; content:"Host"; http_header; classtype:trojan-activity; sid:100000128; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"103.228.253.139"; content:"Host"; http_header; classtype:trojan-activity; sid:100000129; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"103.230.153.181"; content:"Host"; http_header; classtype:trojan-activity; sid:100000130; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"103.232.53.136"; content:"Host"; http_header; classtype:trojan-activity; sid:100000131; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"103.232.53.184"; content:"Host"; http_header; classtype:trojan-activity; sid:100000132; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"103.233.216.96"; content:"Host"; http_header; classtype:trojan-activity; sid:100000133; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"103.237.174.238"; content:"Host"; http_header; classtype:trojan-activity; sid:100000134; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"103.238.228.3"; content:"Host"; http_header; classtype:trojan-activity; sid:100000135; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"103.238.229.117"; content:"Host"; http_header; classtype:trojan-activity; sid:100000136; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"103.240.249.121"; content:"Host"; http_header; classtype:trojan-activity; sid:100000137; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"103.246.43.7"; content:"Host"; http_header; classtype:trojan-activity; sid:100000138; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"103.251.57.23"; content:"Host"; http_header; classtype:trojan-activity; sid:100000139; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"103.252.128.166"; content:"Host"; http_header; classtype:trojan-activity; sid:100000140; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"103.252.168.211"; content:"Host"; http_header; classtype:trojan-activity; sid:100000141; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"103.3.246.123"; content:"Host"; http_header; classtype:trojan-activity; sid:100000142; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"103.4.116.82"; content:"Host"; http_header; classtype:trojan-activity; sid:100000143; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"103.4.117.26"; content:"Host"; http_header; classtype:trojan-activity; sid:100000144; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"103.45.140.175"; content:"Host"; http_header; classtype:trojan-activity; sid:100000145; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"103.48.80.15"; content:"Host"; http_header; classtype:trojan-activity; sid:100000146; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"103.50.7.126"; content:"Host"; http_header; classtype:trojan-activity; sid:100000147; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"103.60.215.56"; content:"Host"; http_header; classtype:trojan-activity; sid:100000148; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"103.73.62.16"; content:"Host"; http_header; classtype:trojan-activity; sid:100000149; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"103.73.62.83"; content:"Host"; http_header; classtype:trojan-activity; sid:100000150; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"103.80.116.88"; content:"Host"; http_header; classtype:trojan-activity; sid:100000151; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"103.82.145.136"; content:"Host"; http_header; classtype:trojan-activity; sid:100000152; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"103.82.81.37"; content:"Host"; http_header; classtype:trojan-activity; sid:100000153; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"103.84.240.169"; content:"Host"; http_header; classtype:trojan-activity; sid:100000154; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"103.90.205.87"; content:"Host"; http_header; classtype:trojan-activity; sid:100000155; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"103.92.25.90"; content:"Host"; http_header; classtype:trojan-activity; sid:100000156; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"103.92.25.95"; content:"Host"; http_header; classtype:trojan-activity; sid:100000157; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"104.168.32.50"; content:"Host"; http_header; classtype:trojan-activity; sid:100000158; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"104.168.52.103"; content:"Host"; http_header; classtype:trojan-activity; sid:100000159; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"104.184.75.123"; content:"Host"; http_header; classtype:trojan-activity; sid:100000160; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"104.189.92.253"; content:"Host"; http_header; classtype:trojan-activity; sid:100000161; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"104.244.77.57"; content:"Host"; http_header; classtype:trojan-activity; sid:100000162; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"104.244.78.6"; content:"Host"; http_header; classtype:trojan-activity; sid:100000163; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"104.6.77.65"; content:"Host"; http_header; classtype:trojan-activity; sid:100000164; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"105.96.3.110"; content:"Host"; http_header; classtype:trojan-activity; sid:100000165; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"105.96.5.146"; content:"Host"; http_header; classtype:trojan-activity; sid:100000166; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"106.1.184.222"; content:"Host"; http_header; classtype:trojan-activity; sid:100000167; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"106.1.189.152"; content:"Host"; http_header; classtype:trojan-activity; sid:100000168; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"106.1.20.15"; content:"Host"; http_header; classtype:trojan-activity; sid:100000169; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"106.1.6.52"; content:"Host"; http_header; classtype:trojan-activity; sid:100000170; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"106.1.89.145"; content:"Host"; http_header; classtype:trojan-activity; sid:100000171; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"106.104.175.140"; content:"Host"; http_header; classtype:trojan-activity; sid:100000172; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"106.104.193.155"; content:"Host"; http_header; classtype:trojan-activity; sid:100000173; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"106.104.30.112"; content:"Host"; http_header; classtype:trojan-activity; sid:100000174; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"106.105.173.214"; content:"Host"; http_header; classtype:trojan-activity; sid:100000175; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"106.110.150.148"; content:"Host"; http_header; classtype:trojan-activity; sid:100000176; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"106.111.139.193"; content:"Host"; http_header; classtype:trojan-activity; sid:100000177; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"106.111.205.237"; content:"Host"; http_header; classtype:trojan-activity; sid:100000178; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"106.115.174.25"; content:"Host"; http_header; classtype:trojan-activity; sid:100000179; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"106.120.14.124"; content:"Host"; http_header; classtype:trojan-activity; sid:100000180; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"106.127.178.34"; content:"Host"; http_header; classtype:trojan-activity; sid:100000181; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"106.226.209.193"; content:"Host"; http_header; classtype:trojan-activity; sid:100000182; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"106.247.101.230"; content:"Host"; http_header; classtype:trojan-activity; sid:100000183; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"106.52.168.175"; content:"Host"; http_header; classtype:trojan-activity; sid:100000184; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"106.87.85.6"; content:"Host"; http_header; classtype:trojan-activity; sid:100000185; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"106.91.4.90"; content:"Host"; http_header; classtype:trojan-activity; sid:100000186; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"107.13.39.147"; content:"Host"; http_header; classtype:trojan-activity; sid:100000187; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"107.142.171.93"; content:"Host"; http_header; classtype:trojan-activity; sid:100000188; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"107.172.0.199"; content:"Host"; http_header; classtype:trojan-activity; sid:100000189; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"107.172.137.175"; content:"Host"; http_header; classtype:trojan-activity; sid:100000190; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"107.172.141.135"; content:"Host"; http_header; classtype:trojan-activity; sid:100000191; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"107.172.214.23"; content:"Host"; http_header; classtype:trojan-activity; sid:100000192; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"107.172.249.106"; content:"Host"; http_header; classtype:trojan-activity; sid:100000193; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"107.172.73.195"; content:"Host"; http_header; classtype:trojan-activity; sid:100000194; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"107.172.75.144"; content:"Host"; http_header; classtype:trojan-activity; sid:100000195; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"107.172.86.42"; content:"Host"; http_header; classtype:trojan-activity; sid:100000196; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"107.173.176.183"; content:"Host"; http_header; classtype:trojan-activity; sid:100000197; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"107.173.219.122"; content:"Host"; http_header; classtype:trojan-activity; sid:100000198; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"107.173.91.40"; content:"Host"; http_header; classtype:trojan-activity; sid:100000199; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"107.174.35.229"; content:"Host"; http_header; classtype:trojan-activity; sid:100000200; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"107.174.46.89"; content:"Host"; http_header; classtype:trojan-activity; sid:100000201; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"107.175.215.195"; content:"Host"; http_header; classtype:trojan-activity; sid:100000202; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"107.189.1.185"; content:"Host"; http_header; classtype:trojan-activity; sid:100000203; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"107.189.13.159"; content:"Host"; http_header; classtype:trojan-activity; sid:100000204; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"107.189.5.196"; content:"Host"; http_header; classtype:trojan-activity; sid:100000205; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"107.189.8.97"; content:"Host"; http_header; classtype:trojan-activity; sid:100000206; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"107.190.100.253"; content:"Host"; http_header; classtype:trojan-activity; sid:100000207; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"107.194.242.170"; content:"Host"; http_header; classtype:trojan-activity; sid:100000208; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"107.219.75.188"; content:"Host"; http_header; classtype:trojan-activity; sid:100000209; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"107.220.119.25"; content:"Host"; http_header; classtype:trojan-activity; sid:100000210; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"108.190.201.37"; content:"Host"; http_header; classtype:trojan-activity; sid:100000211; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"108.190.250.48"; content:"Host"; http_header; classtype:trojan-activity; sid:100000212; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"108.20.203.32"; content:"Host"; http_header; classtype:trojan-activity; sid:100000213; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"108.214.49.232"; content:"Host"; http_header; classtype:trojan-activity; sid:100000214; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"108.239.155.26"; content:"Host"; http_header; classtype:trojan-activity; sid:100000215; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"108.27.217.242"; content:"Host"; http_header; classtype:trojan-activity; sid:100000216; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"108.46.196.185"; content:"Host"; http_header; classtype:trojan-activity; sid:100000217; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"108.58.113.114"; content:"Host"; http_header; classtype:trojan-activity; sid:100000218; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"109.124.90.229"; content:"Host"; http_header; classtype:trojan-activity; sid:100000219; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"109.235.7.228"; content:"Host"; http_header; classtype:trojan-activity; sid:100000220; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"109.248.58.238"; content:"Host"; http_header; classtype:trojan-activity; sid:100000221; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"109.86.85.253"; content:"Host"; http_header; classtype:trojan-activity; sid:100000222; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"109.92.26.48"; content:"Host"; http_header; classtype:trojan-activity; sid:100000223; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"109.95.200.102"; content:"Host"; http_header; classtype:trojan-activity; sid:100000224; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"109.96.127.90"; content:"Host"; http_header; classtype:trojan-activity; sid:100000225; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"109.96.182.219"; content:"Host"; http_header; classtype:trojan-activity; sid:100000226; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"110.14.58.190"; content:"Host"; http_header; classtype:trojan-activity; sid:100000227; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"110.172.144.113"; content:"Host"; http_header; classtype:trojan-activity; sid:100000228; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"110.172.144.114"; content:"Host"; http_header; classtype:trojan-activity; sid:100000229; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"110.174.123.230"; content:"Host"; http_header; classtype:trojan-activity; sid:100000230; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"110.180.173.134"; content:"Host"; http_header; classtype:trojan-activity; sid:100000231; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"110.182.146.70"; content:"Host"; http_header; classtype:trojan-activity; sid:100000232; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"110.228.139.88"; content:"Host"; http_header; classtype:trojan-activity; sid:100000233; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"110.228.208.19"; content:"Host"; http_header; classtype:trojan-activity; sid:100000234; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"110.241.119.15"; content:"Host"; http_header; classtype:trojan-activity; sid:100000235; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"110.243.0.158"; content:"Host"; http_header; classtype:trojan-activity; sid:100000236; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"110.243.16.136"; content:"Host"; http_header; classtype:trojan-activity; sid:100000237; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"110.251.209.16"; content:"Host"; http_header; classtype:trojan-activity; sid:100000238; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"110.253.3.242"; content:"Host"; http_header; classtype:trojan-activity; sid:100000239; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"110.253.70.69"; content:"Host"; http_header; classtype:trojan-activity; sid:100000240; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"110.35.172.40"; content:"Host"; http_header; classtype:trojan-activity; sid:100000241; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"110.35.227.222"; content:"Host"; http_header; classtype:trojan-activity; sid:100000242; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"110.35.233.129"; content:"Host"; http_header; classtype:trojan-activity; sid:100000243; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"110.35.233.209"; content:"Host"; http_header; classtype:trojan-activity; sid:100000244; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"110.35.234.28"; content:"Host"; http_header; classtype:trojan-activity; sid:100000245; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"110.4.57.72"; content:"Host"; http_header; classtype:trojan-activity; sid:100000246; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"110.82.139.103"; content:"Host"; http_header; classtype:trojan-activity; sid:100000247; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"110.82.139.85"; content:"Host"; http_header; classtype:trojan-activity; sid:100000248; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"110.82.50.189"; content:"Host"; http_header; classtype:trojan-activity; sid:100000249; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"110.85.99.164"; content:"Host"; http_header; classtype:trojan-activity; sid:100000250; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"110.85.99.222"; content:"Host"; http_header; classtype:trojan-activity; sid:100000251; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"110.89.9.194"; content:"Host"; http_header; classtype:trojan-activity; sid:100000252; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"111.118.111.207"; content:"Host"; http_header; classtype:trojan-activity; sid:100000253; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"111.118.117.210"; content:"Host"; http_header; classtype:trojan-activity; sid:100000254; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"111.118.118.115"; content:"Host"; http_header; classtype:trojan-activity; sid:100000255; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"111.118.45.193"; content:"Host"; http_header; classtype:trojan-activity; sid:100000256; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"111.119.245.114"; content:"Host"; http_header; classtype:trojan-activity; sid:100000257; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"111.165.115.103"; content:"Host"; http_header; classtype:trojan-activity; sid:100000258; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"111.165.163.243"; content:"Host"; http_header; classtype:trojan-activity; sid:100000259; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"111.165.216.238"; content:"Host"; http_header; classtype:trojan-activity; sid:100000260; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"111.165.232.32"; content:"Host"; http_header; classtype:trojan-activity; sid:100000261; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"111.165.73.255"; content:"Host"; http_header; classtype:trojan-activity; sid:100000262; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"111.170.120.126"; content:"Host"; http_header; classtype:trojan-activity; sid:100000263; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"111.170.122.223"; content:"Host"; http_header; classtype:trojan-activity; sid:100000264; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"111.172.167.102"; content:"Host"; http_header; classtype:trojan-activity; sid:100000265; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"111.174.128.228"; content:"Host"; http_header; classtype:trojan-activity; sid:100000266; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"111.174.129.185"; content:"Host"; http_header; classtype:trojan-activity; sid:100000267; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"111.174.189.210"; content:"Host"; http_header; classtype:trojan-activity; sid:100000268; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"111.174.255.68"; content:"Host"; http_header; classtype:trojan-activity; sid:100000269; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"111.178.100.69"; content:"Host"; http_header; classtype:trojan-activity; sid:100000270; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"111.179.132.117"; content:"Host"; http_header; classtype:trojan-activity; sid:100000271; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"111.179.164.74"; content:"Host"; http_header; classtype:trojan-activity; sid:100000272; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"111.179.178.154"; content:"Host"; http_header; classtype:trojan-activity; sid:100000273; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"111.179.180.29"; content:"Host"; http_header; classtype:trojan-activity; sid:100000274; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"111.179.50.132"; content:"Host"; http_header; classtype:trojan-activity; sid:100000275; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"111.182.236.227"; content:"Host"; http_header; classtype:trojan-activity; sid:100000276; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"111.185.120.11"; content:"Host"; http_header; classtype:trojan-activity; sid:100000277; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"111.185.120.27"; content:"Host"; http_header; classtype:trojan-activity; sid:100000278; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"111.185.126.113"; content:"Host"; http_header; classtype:trojan-activity; sid:100000279; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"111.185.150.60"; content:"Host"; http_header; classtype:trojan-activity; sid:100000280; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"111.185.165.26"; content:"Host"; http_header; classtype:trojan-activity; sid:100000281; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"111.185.228.72"; content:"Host"; http_header; classtype:trojan-activity; sid:100000282; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"111.185.23.84"; content:"Host"; http_header; classtype:trojan-activity; sid:100000283; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"111.185.230.136"; content:"Host"; http_header; classtype:trojan-activity; sid:100000284; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"111.185.238.165"; content:"Host"; http_header; classtype:trojan-activity; sid:100000285; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"111.185.240.4"; content:"Host"; http_header; classtype:trojan-activity; sid:100000286; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"111.185.27.9"; content:"Host"; http_header; classtype:trojan-activity; sid:100000287; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"111.185.53.229"; content:"Host"; http_header; classtype:trojan-activity; sid:100000288; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"111.224.100.191"; content:"Host"; http_header; classtype:trojan-activity; sid:100000289; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"111.224.198.219"; content:"Host"; http_header; classtype:trojan-activity; sid:100000290; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"111.225.122.240"; content:"Host"; http_header; classtype:trojan-activity; sid:100000291; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"111.235.228.251"; content:"Host"; http_header; classtype:trojan-activity; sid:100000292; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"111.38.103.114"; content:"Host"; http_header; classtype:trojan-activity; sid:100000293; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"111.38.103.66"; content:"Host"; http_header; classtype:trojan-activity; sid:100000294; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"111.38.104.141"; content:"Host"; http_header; classtype:trojan-activity; sid:100000295; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"111.38.104.15"; content:"Host"; http_header; classtype:trojan-activity; sid:100000296; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"111.38.121.222"; content:"Host"; http_header; classtype:trojan-activity; sid:100000297; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"111.38.123.184"; content:"Host"; http_header; classtype:trojan-activity; sid:100000298; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"111.38.123.23"; content:"Host"; http_header; classtype:trojan-activity; sid:100000299; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"111.38.9.114"; content:"Host"; http_header; classtype:trojan-activity; sid:100000300; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"111.70.8.146"; content:"Host"; http_header; classtype:trojan-activity; sid:100000301; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"111.90.191.25"; content:"Host"; http_header; classtype:trojan-activity; sid:100000302; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"111.90.45.8"; content:"Host"; http_header; classtype:trojan-activity; sid:100000303; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.122.59.96"; content:"Host"; http_header; classtype:trojan-activity; sid:100000304; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.123.110.65"; content:"Host"; http_header; classtype:trojan-activity; sid:100000305; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.123.195.184"; content:"Host"; http_header; classtype:trojan-activity; sid:100000306; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.132.88.162"; content:"Host"; http_header; classtype:trojan-activity; sid:100000307; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.147.86.240"; content:"Host"; http_header; classtype:trojan-activity; sid:100000308; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.147.92.51"; content:"Host"; http_header; classtype:trojan-activity; sid:100000309; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.161.79.198"; content:"Host"; http_header; classtype:trojan-activity; sid:100000310; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.164.143.240"; content:"Host"; http_header; classtype:trojan-activity; sid:100000311; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.167.77.135"; content:"Host"; http_header; classtype:trojan-activity; sid:100000312; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.168.117.102"; content:"Host"; http_header; classtype:trojan-activity; sid:100000313; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.168.66.200"; content:"Host"; http_header; classtype:trojan-activity; sid:100000314; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.185.189.30"; content:"Host"; http_header; classtype:trojan-activity; sid:100000315; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.186.210.211"; content:"Host"; http_header; classtype:trojan-activity; sid:100000316; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.186.221.107"; content:"Host"; http_header; classtype:trojan-activity; sid:100000317; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.186.96.252"; content:"Host"; http_header; classtype:trojan-activity; sid:100000318; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.187.249.34"; content:"Host"; http_header; classtype:trojan-activity; sid:100000319; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.220.89.114"; content:"Host"; http_header; classtype:trojan-activity; sid:100000320; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.225.23.68"; content:"Host"; http_header; classtype:trojan-activity; sid:100000321; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.225.41.238"; content:"Host"; http_header; classtype:trojan-activity; sid:100000322; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.226.192.4"; content:"Host"; http_header; classtype:trojan-activity; sid:100000323; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.226.232.197"; content:"Host"; http_header; classtype:trojan-activity; sid:100000324; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.228.238.206"; content:"Host"; http_header; classtype:trojan-activity; sid:100000325; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.228.78.158"; content:"Host"; http_header; classtype:trojan-activity; sid:100000326; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.229.187.42"; content:"Host"; http_header; classtype:trojan-activity; sid:100000327; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.229.195.175"; content:"Host"; http_header; classtype:trojan-activity; sid:100000328; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.230.251.82"; content:"Host"; http_header; classtype:trojan-activity; sid:100000329; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.231.112.152"; content:"Host"; http_header; classtype:trojan-activity; sid:100000330; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.231.63.34"; content:"Host"; http_header; classtype:trojan-activity; sid:100000331; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.232.13.208"; content:"Host"; http_header; classtype:trojan-activity; sid:100000332; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.233.208.49"; content:"Host"; http_header; classtype:trojan-activity; sid:100000333; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.233.46.10"; content:"Host"; http_header; classtype:trojan-activity; sid:100000334; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.233.53.166"; content:"Host"; http_header; classtype:trojan-activity; sid:100000335; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.233.73.131"; content:"Host"; http_header; classtype:trojan-activity; sid:100000336; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.234.122.196"; content:"Host"; http_header; classtype:trojan-activity; sid:100000337; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.234.126.224"; content:"Host"; http_header; classtype:trojan-activity; sid:100000338; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.234.196.177"; content:"Host"; http_header; classtype:trojan-activity; sid:100000339; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.234.20.120"; content:"Host"; http_header; classtype:trojan-activity; sid:100000340; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.234.33.59"; content:"Host"; http_header; classtype:trojan-activity; sid:100000341; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.234.34.64"; content:"Host"; http_header; classtype:trojan-activity; sid:100000342; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.234.35.55"; content:"Host"; http_header; classtype:trojan-activity; sid:100000343; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.234.36.7"; content:"Host"; http_header; classtype:trojan-activity; sid:100000344; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.234.44.146"; content:"Host"; http_header; classtype:trojan-activity; sid:100000345; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.235.113.75"; content:"Host"; http_header; classtype:trojan-activity; sid:100000346; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.235.148.130"; content:"Host"; http_header; classtype:trojan-activity; sid:100000347; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.235.43.86"; content:"Host"; http_header; classtype:trojan-activity; sid:100000348; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.236.115.111"; content:"Host"; http_header; classtype:trojan-activity; sid:100000349; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.236.165.38"; content:"Host"; http_header; classtype:trojan-activity; sid:100000350; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.236.28.161"; content:"Host"; http_header; classtype:trojan-activity; sid:100000351; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.237.108.228"; content:"Host"; http_header; classtype:trojan-activity; sid:100000352; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.237.117.252"; content:"Host"; http_header; classtype:trojan-activity; sid:100000353; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.237.139.224"; content:"Host"; http_header; classtype:trojan-activity; sid:100000354; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.237.140.123"; content:"Host"; http_header; classtype:trojan-activity; sid:100000355; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.237.181.115"; content:"Host"; http_header; classtype:trojan-activity; sid:100000356; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.237.187.232"; content:"Host"; http_header; classtype:trojan-activity; sid:100000357; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.237.243.132"; content:"Host"; http_header; classtype:trojan-activity; sid:100000358; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.237.30.237"; content:"Host"; http_header; classtype:trojan-activity; sid:100000359; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.237.51.215"; content:"Host"; http_header; classtype:trojan-activity; sid:100000360; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.237.91.116"; content:"Host"; http_header; classtype:trojan-activity; sid:100000361; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.238.105.226"; content:"Host"; http_header; classtype:trojan-activity; sid:100000362; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.238.14.132"; content:"Host"; http_header; classtype:trojan-activity; sid:100000363; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.238.144.241"; content:"Host"; http_header; classtype:trojan-activity; sid:100000364; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.238.144.30"; content:"Host"; http_header; classtype:trojan-activity; sid:100000365; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.238.148.47"; content:"Host"; http_header; classtype:trojan-activity; sid:100000366; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.238.148.99"; content:"Host"; http_header; classtype:trojan-activity; sid:100000367; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.238.180.120"; content:"Host"; http_header; classtype:trojan-activity; sid:100000368; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.238.236.24"; content:"Host"; http_header; classtype:trojan-activity; sid:100000369; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.238.46.166"; content:"Host"; http_header; classtype:trojan-activity; sid:100000370; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.239.102.38"; content:"Host"; http_header; classtype:trojan-activity; sid:100000371; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.239.113.9"; content:"Host"; http_header; classtype:trojan-activity; sid:100000372; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.239.114.94"; content:"Host"; http_header; classtype:trojan-activity; sid:100000373; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.239.120.150"; content:"Host"; http_header; classtype:trojan-activity; sid:100000374; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.239.120.218"; content:"Host"; http_header; classtype:trojan-activity; sid:100000375; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.239.121.110"; content:"Host"; http_header; classtype:trojan-activity; sid:100000376; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.239.121.47"; content:"Host"; http_header; classtype:trojan-activity; sid:100000377; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.239.122.179"; content:"Host"; http_header; classtype:trojan-activity; sid:100000378; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.239.122.85"; content:"Host"; http_header; classtype:trojan-activity; sid:100000379; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.239.123.1"; content:"Host"; http_header; classtype:trojan-activity; sid:100000380; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.239.123.72"; content:"Host"; http_header; classtype:trojan-activity; sid:100000381; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.239.127.72"; content:"Host"; http_header; classtype:trojan-activity; sid:100000382; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.239.130.120"; content:"Host"; http_header; classtype:trojan-activity; sid:100000383; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.239.145.185"; content:"Host"; http_header; classtype:trojan-activity; sid:100000384; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.239.22.81"; content:"Host"; http_header; classtype:trojan-activity; sid:100000385; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.239.96.113"; content:"Host"; http_header; classtype:trojan-activity; sid:100000386; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.239.97.189"; content:"Host"; http_header; classtype:trojan-activity; sid:100000387; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.239.97.223"; content:"Host"; http_header; classtype:trojan-activity; sid:100000388; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.239.97.92"; content:"Host"; http_header; classtype:trojan-activity; sid:100000389; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.239.98.146"; content:"Host"; http_header; classtype:trojan-activity; sid:100000390; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.239.99.80"; content:"Host"; http_header; classtype:trojan-activity; sid:100000391; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.239.99.87"; content:"Host"; http_header; classtype:trojan-activity; sid:100000392; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.240.144.62"; content:"Host"; http_header; classtype:trojan-activity; sid:100000393; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.240.245.198"; content:"Host"; http_header; classtype:trojan-activity; sid:100000394; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.241.99.171"; content:"Host"; http_header; classtype:trojan-activity; sid:100000395; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.242.160.147"; content:"Host"; http_header; classtype:trojan-activity; sid:100000396; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.242.34.49"; content:"Host"; http_header; classtype:trojan-activity; sid:100000397; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.245.11.38"; content:"Host"; http_header; classtype:trojan-activity; sid:100000398; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.245.169.8"; content:"Host"; http_header; classtype:trojan-activity; sid:100000399; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.245.182.119"; content:"Host"; http_header; classtype:trojan-activity; sid:100000400; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.245.8.148"; content:"Host"; http_header; classtype:trojan-activity; sid:100000401; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.246.162.224"; content:"Host"; http_header; classtype:trojan-activity; sid:100000402; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.246.166.61"; content:"Host"; http_header; classtype:trojan-activity; sid:100000403; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.246.191.202"; content:"Host"; http_header; classtype:trojan-activity; sid:100000404; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.246.217.131"; content:"Host"; http_header; classtype:trojan-activity; sid:100000405; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.246.224.156"; content:"Host"; http_header; classtype:trojan-activity; sid:100000406; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.246.228.64"; content:"Host"; http_header; classtype:trojan-activity; sid:100000407; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.246.239.6"; content:"Host"; http_header; classtype:trojan-activity; sid:100000408; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.247.134.82"; content:"Host"; http_header; classtype:trojan-activity; sid:100000409; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.247.219.13"; content:"Host"; http_header; classtype:trojan-activity; sid:100000410; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.247.220.232"; content:"Host"; http_header; classtype:trojan-activity; sid:100000411; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.247.227.223"; content:"Host"; http_header; classtype:trojan-activity; sid:100000412; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.247.243.30"; content:"Host"; http_header; classtype:trojan-activity; sid:100000413; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.247.45.125"; content:"Host"; http_header; classtype:trojan-activity; sid:100000414; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.247.59.15"; content:"Host"; http_header; classtype:trojan-activity; sid:100000415; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.247.67.204"; content:"Host"; http_header; classtype:trojan-activity; sid:100000416; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.247.82.13"; content:"Host"; http_header; classtype:trojan-activity; sid:100000417; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.247.88.43"; content:"Host"; http_header; classtype:trojan-activity; sid:100000418; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.248.0.16"; content:"Host"; http_header; classtype:trojan-activity; sid:100000419; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.248.0.174"; content:"Host"; http_header; classtype:trojan-activity; sid:100000420; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.248.0.218"; content:"Host"; http_header; classtype:trojan-activity; sid:100000421; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.248.1.30"; content:"Host"; http_header; classtype:trojan-activity; sid:100000422; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.248.100.116"; content:"Host"; http_header; classtype:trojan-activity; sid:100000423; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.248.100.62"; content:"Host"; http_header; classtype:trojan-activity; sid:100000424; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.248.101.21"; content:"Host"; http_header; classtype:trojan-activity; sid:100000425; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.248.103.113"; content:"Host"; http_header; classtype:trojan-activity; sid:100000426; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.248.103.153"; content:"Host"; http_header; classtype:trojan-activity; sid:100000427; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.248.103.251"; content:"Host"; http_header; classtype:trojan-activity; sid:100000428; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.248.104.49"; content:"Host"; http_header; classtype:trojan-activity; sid:100000429; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.248.105.19"; content:"Host"; http_header; classtype:trojan-activity; sid:100000430; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.248.105.237"; content:"Host"; http_header; classtype:trojan-activity; sid:100000431; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.248.106.124"; content:"Host"; http_header; classtype:trojan-activity; sid:100000432; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.248.106.153"; content:"Host"; http_header; classtype:trojan-activity; sid:100000433; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.248.106.64"; content:"Host"; http_header; classtype:trojan-activity; sid:100000434; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.248.107.125"; content:"Host"; http_header; classtype:trojan-activity; sid:100000435; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.248.107.21"; content:"Host"; http_header; classtype:trojan-activity; sid:100000436; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.248.108.138"; content:"Host"; http_header; classtype:trojan-activity; sid:100000437; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.248.108.174"; content:"Host"; http_header; classtype:trojan-activity; sid:100000438; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.248.109.132"; content:"Host"; http_header; classtype:trojan-activity; sid:100000439; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.248.110.113"; content:"Host"; http_header; classtype:trojan-activity; sid:100000440; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.248.111.109"; content:"Host"; http_header; classtype:trojan-activity; sid:100000441; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.248.111.142"; content:"Host"; http_header; classtype:trojan-activity; sid:100000442; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.248.112.156"; content:"Host"; http_header; classtype:trojan-activity; sid:100000443; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.248.113.175"; content:"Host"; http_header; classtype:trojan-activity; sid:100000444; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.248.114.219"; content:"Host"; http_header; classtype:trojan-activity; sid:100000445; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.248.114.248"; content:"Host"; http_header; classtype:trojan-activity; sid:100000446; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.248.114.78"; content:"Host"; http_header; classtype:trojan-activity; sid:100000447; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.248.115.198"; content:"Host"; http_header; classtype:trojan-activity; sid:100000448; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.248.115.229"; content:"Host"; http_header; classtype:trojan-activity; sid:100000449; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.248.126.239"; content:"Host"; http_header; classtype:trojan-activity; sid:100000450; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.248.140.15"; content:"Host"; http_header; classtype:trojan-activity; sid:100000451; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.248.141.249"; content:"Host"; http_header; classtype:trojan-activity; sid:100000452; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.248.152.253"; content:"Host"; http_header; classtype:trojan-activity; sid:100000453; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.248.155.136"; content:"Host"; http_header; classtype:trojan-activity; sid:100000454; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.248.184.226"; content:"Host"; http_header; classtype:trojan-activity; sid:100000455; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.248.185.181"; content:"Host"; http_header; classtype:trojan-activity; sid:100000456; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.248.186.124"; content:"Host"; http_header; classtype:trojan-activity; sid:100000457; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.248.186.88"; content:"Host"; http_header; classtype:trojan-activity; sid:100000458; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.248.187.17"; content:"Host"; http_header; classtype:trojan-activity; sid:100000459; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.248.187.197"; content:"Host"; http_header; classtype:trojan-activity; sid:100000460; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.248.187.58"; content:"Host"; http_header; classtype:trojan-activity; sid:100000461; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.248.188.129"; content:"Host"; http_header; classtype:trojan-activity; sid:100000462; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.248.188.142"; content:"Host"; http_header; classtype:trojan-activity; sid:100000463; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.248.188.57"; content:"Host"; http_header; classtype:trojan-activity; sid:100000464; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.248.190.144"; content:"Host"; http_header; classtype:trojan-activity; sid:100000465; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.248.190.222"; content:"Host"; http_header; classtype:trojan-activity; sid:100000466; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.248.190.228"; content:"Host"; http_header; classtype:trojan-activity; sid:100000467; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.248.2.27"; content:"Host"; http_header; classtype:trojan-activity; sid:100000468; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.248.200.229"; content:"Host"; http_header; classtype:trojan-activity; sid:100000469; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.248.246.239"; content:"Host"; http_header; classtype:trojan-activity; sid:100000470; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.248.62.205"; content:"Host"; http_header; classtype:trojan-activity; sid:100000471; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.248.62.69"; content:"Host"; http_header; classtype:trojan-activity; sid:100000472; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.248.80.15"; content:"Host"; http_header; classtype:trojan-activity; sid:100000473; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.248.80.179"; content:"Host"; http_header; classtype:trojan-activity; sid:100000474; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.248.82.155"; content:"Host"; http_header; classtype:trojan-activity; sid:100000475; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.248.83.100"; content:"Host"; http_header; classtype:trojan-activity; sid:100000476; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.248.83.124"; content:"Host"; http_header; classtype:trojan-activity; sid:100000477; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.248.83.227"; content:"Host"; http_header; classtype:trojan-activity; sid:100000478; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.248.83.92"; content:"Host"; http_header; classtype:trojan-activity; sid:100000479; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.249.119.84"; content:"Host"; http_header; classtype:trojan-activity; sid:100000480; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.249.188.115"; content:"Host"; http_header; classtype:trojan-activity; sid:100000481; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.249.189.134"; content:"Host"; http_header; classtype:trojan-activity; sid:100000482; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.249.24.197"; content:"Host"; http_header; classtype:trojan-activity; sid:100000483; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.249.26.155"; content:"Host"; http_header; classtype:trojan-activity; sid:100000484; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.249.38.217"; content:"Host"; http_header; classtype:trojan-activity; sid:100000485; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.249.70.85"; content:"Host"; http_header; classtype:trojan-activity; sid:100000486; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.250.146.4"; content:"Host"; http_header; classtype:trojan-activity; sid:100000487; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.251.217.217"; content:"Host"; http_header; classtype:trojan-activity; sid:100000488; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.251.74.137"; content:"Host"; http_header; classtype:trojan-activity; sid:100000489; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.252.116.74"; content:"Host"; http_header; classtype:trojan-activity; sid:100000490; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.252.141.80"; content:"Host"; http_header; classtype:trojan-activity; sid:100000491; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.252.160.23"; content:"Host"; http_header; classtype:trojan-activity; sid:100000492; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.252.20.166"; content:"Host"; http_header; classtype:trojan-activity; sid:100000493; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.252.238.58"; content:"Host"; http_header; classtype:trojan-activity; sid:100000494; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.252.34.73"; content:"Host"; http_header; classtype:trojan-activity; sid:100000495; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.252.67.214"; content:"Host"; http_header; classtype:trojan-activity; sid:100000496; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.253.11.38"; content:"Host"; http_header; classtype:trojan-activity; sid:100000497; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.253.175.57"; content:"Host"; http_header; classtype:trojan-activity; sid:100000498; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.254.195.131"; content:"Host"; http_header; classtype:trojan-activity; sid:100000499; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.254.50.86"; content:"Host"; http_header; classtype:trojan-activity; sid:100000500; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.255.126.89"; content:"Host"; http_header; classtype:trojan-activity; sid:100000501; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.255.70.24"; content:"Host"; http_header; classtype:trojan-activity; sid:100000502; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.255.86.120"; content:"Host"; http_header; classtype:trojan-activity; sid:100000503; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.27.115.8"; content:"Host"; http_header; classtype:trojan-activity; sid:100000504; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.27.123.173"; content:"Host"; http_header; classtype:trojan-activity; sid:100000505; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.27.124.108"; content:"Host"; http_header; classtype:trojan-activity; sid:100000506; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.27.124.110"; content:"Host"; http_header; classtype:trojan-activity; sid:100000507; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.27.124.111"; content:"Host"; http_header; classtype:trojan-activity; sid:100000508; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.27.124.112"; content:"Host"; http_header; classtype:trojan-activity; sid:100000509; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.27.124.114"; content:"Host"; http_header; classtype:trojan-activity; sid:100000510; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.27.124.117"; content:"Host"; http_header; classtype:trojan-activity; sid:100000511; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.27.124.118"; content:"Host"; http_header; classtype:trojan-activity; sid:100000512; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.27.124.119"; content:"Host"; http_header; classtype:trojan-activity; sid:100000513; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.27.124.122"; content:"Host"; http_header; classtype:trojan-activity; sid:100000514; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.27.124.124"; content:"Host"; http_header; classtype:trojan-activity; sid:100000515; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.27.124.127"; content:"Host"; http_header; classtype:trojan-activity; sid:100000516; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.27.124.130"; content:"Host"; http_header; classtype:trojan-activity; sid:100000517; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.27.124.132"; content:"Host"; http_header; classtype:trojan-activity; sid:100000518; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.27.124.136"; content:"Host"; http_header; classtype:trojan-activity; sid:100000519; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.27.124.138"; content:"Host"; http_header; classtype:trojan-activity; sid:100000520; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.27.124.139"; content:"Host"; http_header; classtype:trojan-activity; sid:100000521; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.27.124.140"; content:"Host"; http_header; classtype:trojan-activity; sid:100000522; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.27.124.144"; content:"Host"; http_header; classtype:trojan-activity; sid:100000523; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.27.124.145"; content:"Host"; http_header; classtype:trojan-activity; sid:100000524; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.27.124.146"; content:"Host"; http_header; classtype:trojan-activity; sid:100000525; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.27.124.147"; content:"Host"; http_header; classtype:trojan-activity; sid:100000526; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.27.124.149"; content:"Host"; http_header; classtype:trojan-activity; sid:100000527; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.27.124.151"; content:"Host"; http_header; classtype:trojan-activity; sid:100000528; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.27.124.158"; content:"Host"; http_header; classtype:trojan-activity; sid:100000529; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.27.124.160"; content:"Host"; http_header; classtype:trojan-activity; sid:100000530; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.27.124.165"; content:"Host"; http_header; classtype:trojan-activity; sid:100000531; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.27.124.171"; content:"Host"; http_header; classtype:trojan-activity; sid:100000532; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.27.124.174"; content:"Host"; http_header; classtype:trojan-activity; sid:100000533; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.27.124.175"; content:"Host"; http_header; classtype:trojan-activity; sid:100000534; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.27.124.177"; content:"Host"; http_header; classtype:trojan-activity; sid:100000535; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.27.124.178"; content:"Host"; http_header; classtype:trojan-activity; sid:100000536; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.27.127.155"; content:"Host"; http_header; classtype:trojan-activity; sid:100000537; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.27.81.238"; content:"Host"; http_header; classtype:trojan-activity; sid:100000538; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.27.82.29"; content:"Host"; http_header; classtype:trojan-activity; sid:100000539; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.27.87.130"; content:"Host"; http_header; classtype:trojan-activity; sid:100000540; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.27.87.203"; content:"Host"; http_header; classtype:trojan-activity; sid:100000541; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.30.1.119"; content:"Host"; http_header; classtype:trojan-activity; sid:100000542; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.30.1.139"; content:"Host"; http_header; classtype:trojan-activity; sid:100000543; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.30.1.149"; content:"Host"; http_header; classtype:trojan-activity; sid:100000544; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.30.1.150"; content:"Host"; http_header; classtype:trojan-activity; sid:100000545; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.30.1.155"; content:"Host"; http_header; classtype:trojan-activity; sid:100000546; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.30.1.157"; content:"Host"; http_header; classtype:trojan-activity; sid:100000547; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.30.1.159"; content:"Host"; http_header; classtype:trojan-activity; sid:100000548; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.30.1.163"; content:"Host"; http_header; classtype:trojan-activity; sid:100000549; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.30.1.181"; content:"Host"; http_header; classtype:trojan-activity; sid:100000550; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.30.1.190"; content:"Host"; http_header; classtype:trojan-activity; sid:100000551; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.30.1.211"; content:"Host"; http_header; classtype:trojan-activity; sid:100000552; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.30.1.230"; content:"Host"; http_header; classtype:trojan-activity; sid:100000553; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.30.1.54"; content:"Host"; http_header; classtype:trojan-activity; sid:100000554; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.30.1.90"; content:"Host"; http_header; classtype:trojan-activity; sid:100000555; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.30.110.27"; content:"Host"; http_header; classtype:trojan-activity; sid:100000556; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.30.110.30"; content:"Host"; http_header; classtype:trojan-activity; sid:100000557; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.30.110.32"; content:"Host"; http_header; classtype:trojan-activity; sid:100000558; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.30.110.37"; content:"Host"; http_header; classtype:trojan-activity; sid:100000559; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.30.110.41"; content:"Host"; http_header; classtype:trojan-activity; sid:100000560; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.30.110.42"; content:"Host"; http_header; classtype:trojan-activity; sid:100000561; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.30.110.43"; content:"Host"; http_header; classtype:trojan-activity; sid:100000562; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.30.110.51"; content:"Host"; http_header; classtype:trojan-activity; sid:100000563; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.30.110.52"; content:"Host"; http_header; classtype:trojan-activity; sid:100000564; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.30.110.55"; content:"Host"; http_header; classtype:trojan-activity; sid:100000565; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.30.110.58"; content:"Host"; http_header; classtype:trojan-activity; sid:100000566; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.30.110.60"; content:"Host"; http_header; classtype:trojan-activity; sid:100000567; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.30.110.62"; content:"Host"; http_header; classtype:trojan-activity; sid:100000568; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.30.110.65"; content:"Host"; http_header; classtype:trojan-activity; sid:100000569; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.30.127.210"; content:"Host"; http_header; classtype:trojan-activity; sid:100000570; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.30.4.53"; content:"Host"; http_header; classtype:trojan-activity; sid:100000571; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.30.4.59"; content:"Host"; http_header; classtype:trojan-activity; sid:100000572; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.30.4.61"; content:"Host"; http_header; classtype:trojan-activity; sid:100000573; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.30.4.69"; content:"Host"; http_header; classtype:trojan-activity; sid:100000574; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.30.4.70"; content:"Host"; http_header; classtype:trojan-activity; sid:100000575; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.30.4.73"; content:"Host"; http_header; classtype:trojan-activity; sid:100000576; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.30.4.84"; content:"Host"; http_header; classtype:trojan-activity; sid:100000577; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.31.72.39"; content:"Host"; http_header; classtype:trojan-activity; sid:100000578; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.31.82.160"; content:"Host"; http_header; classtype:trojan-activity; sid:100000579; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.6.211.130"; content:"Host"; http_header; classtype:trojan-activity; sid:100000580; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.6.221.37"; content:"Host"; http_header; classtype:trojan-activity; sid:100000581; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.72.153.37"; content:"Host"; http_header; classtype:trojan-activity; sid:100000582; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.72.153.78"; content:"Host"; http_header; classtype:trojan-activity; sid:100000583; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.72.186.157"; content:"Host"; http_header; classtype:trojan-activity; sid:100000584; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.72.238.183"; content:"Host"; http_header; classtype:trojan-activity; sid:100000585; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.78.45.158"; content:"Host"; http_header; classtype:trojan-activity; sid:100000586; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.80.112.137"; content:"Host"; http_header; classtype:trojan-activity; sid:100000587; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.80.83.101"; content:"Host"; http_header; classtype:trojan-activity; sid:100000588; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.81.138.61"; content:"Host"; http_header; classtype:trojan-activity; sid:100000589; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.81.140.204"; content:"Host"; http_header; classtype:trojan-activity; sid:100000590; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.81.201.41"; content:"Host"; http_header; classtype:trojan-activity; sid:100000591; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.81.6.99"; content:"Host"; http_header; classtype:trojan-activity; sid:100000592; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.82.136.3"; content:"Host"; http_header; classtype:trojan-activity; sid:100000593; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.82.140.206"; content:"Host"; http_header; classtype:trojan-activity; sid:100000594; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.82.232.53"; content:"Host"; http_header; classtype:trojan-activity; sid:100000595; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.83.119.70"; content:"Host"; http_header; classtype:trojan-activity; sid:100000596; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.85.172.16"; content:"Host"; http_header; classtype:trojan-activity; sid:100000597; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.85.172.66"; content:"Host"; http_header; classtype:trojan-activity; sid:100000598; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.86.152.200"; content:"Host"; http_header; classtype:trojan-activity; sid:100000599; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.86.255.100"; content:"Host"; http_header; classtype:trojan-activity; sid:100000600; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.93.246.81"; content:"Host"; http_header; classtype:trojan-activity; sid:100000601; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.93.6.55"; content:"Host"; http_header; classtype:trojan-activity; sid:100000602; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.95.87.88"; content:"Host"; http_header; classtype:trojan-activity; sid:100000603; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.1.135.145"; content:"Host"; http_header; classtype:trojan-activity; sid:100000604; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.102.23.49"; content:"Host"; http_header; classtype:trojan-activity; sid:100000605; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.104.187.215"; content:"Host"; http_header; classtype:trojan-activity; sid:100000606; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.104.198.103"; content:"Host"; http_header; classtype:trojan-activity; sid:100000607; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.11.95.254"; content:"Host"; http_header; classtype:trojan-activity; sid:100000608; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.110.194.89"; content:"Host"; http_header; classtype:trojan-activity; sid:100000609; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.110.244.237"; content:"Host"; http_header; classtype:trojan-activity; sid:100000610; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.116.120.204"; content:"Host"; http_header; classtype:trojan-activity; sid:100000611; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.116.122.29"; content:"Host"; http_header; classtype:trojan-activity; sid:100000612; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.116.205.251"; content:"Host"; http_header; classtype:trojan-activity; sid:100000613; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.116.206.64"; content:"Host"; http_header; classtype:trojan-activity; sid:100000614; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.116.33.128"; content:"Host"; http_header; classtype:trojan-activity; sid:100000615; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.116.4.187"; content:"Host"; http_header; classtype:trojan-activity; sid:100000616; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.116.45.255"; content:"Host"; http_header; classtype:trojan-activity; sid:100000617; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.116.89.90"; content:"Host"; http_header; classtype:trojan-activity; sid:100000618; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.118.122.48"; content:"Host"; http_header; classtype:trojan-activity; sid:100000619; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.118.132.243"; content:"Host"; http_header; classtype:trojan-activity; sid:100000620; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.13.24.75"; content:"Host"; http_header; classtype:trojan-activity; sid:100000621; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.14.130.49"; content:"Host"; http_header; classtype:trojan-activity; sid:100000622; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.15.205.174"; content:"Host"; http_header; classtype:trojan-activity; sid:100000623; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.160.100.172"; content:"Host"; http_header; classtype:trojan-activity; sid:100000624; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.161.208.9"; content:"Host"; http_header; classtype:trojan-activity; sid:100000625; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.161.58.249"; content:"Host"; http_header; classtype:trojan-activity; sid:100000626; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.161.85.21"; content:"Host"; http_header; classtype:trojan-activity; sid:100000627; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.162.194.173"; content:"Host"; http_header; classtype:trojan-activity; sid:100000628; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.170.50.163"; content:"Host"; http_header; classtype:trojan-activity; sid:100000629; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.170.50.98"; content:"Host"; http_header; classtype:trojan-activity; sid:100000630; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.178.138.169"; content:"Host"; http_header; classtype:trojan-activity; sid:100000631; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.178.139.24"; content:"Host"; http_header; classtype:trojan-activity; sid:100000632; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.178.139.85"; content:"Host"; http_header; classtype:trojan-activity; sid:100000633; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.186.164.79"; content:"Host"; http_header; classtype:trojan-activity; sid:100000634; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.186.177.59"; content:"Host"; http_header; classtype:trojan-activity; sid:100000635; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.188.248.109"; content:"Host"; http_header; classtype:trojan-activity; sid:100000636; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.190.163.6"; content:"Host"; http_header; classtype:trojan-activity; sid:100000637; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.190.93.16"; content:"Host"; http_header; classtype:trojan-activity; sid:100000638; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.194.133.65"; content:"Host"; http_header; classtype:trojan-activity; sid:100000639; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.194.137.25"; content:"Host"; http_header; classtype:trojan-activity; sid:100000640; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.194.141.255"; content:"Host"; http_header; classtype:trojan-activity; sid:100000641; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.194.142.148"; content:"Host"; http_header; classtype:trojan-activity; sid:100000642; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.194.143.124"; content:"Host"; http_header; classtype:trojan-activity; sid:100000643; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.195.164.118"; content:"Host"; http_header; classtype:trojan-activity; sid:100000644; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.195.164.2"; content:"Host"; http_header; classtype:trojan-activity; sid:100000645; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.195.170.9"; content:"Host"; http_header; classtype:trojan-activity; sid:100000646; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.195.171.88"; content:"Host"; http_header; classtype:trojan-activity; sid:100000647; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.195.207.146"; content:"Host"; http_header; classtype:trojan-activity; sid:100000648; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.201.219.21"; content:"Host"; http_header; classtype:trojan-activity; sid:100000649; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.201.231.68"; content:"Host"; http_header; classtype:trojan-activity; sid:100000650; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.205.45.17"; content:"Host"; http_header; classtype:trojan-activity; sid:100000651; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.212.88.60"; content:"Host"; http_header; classtype:trojan-activity; sid:100000652; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.215.222.172"; content:"Host"; http_header; classtype:trojan-activity; sid:100000653; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.218.217.152"; content:"Host"; http_header; classtype:trojan-activity; sid:100000654; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.219.61.253"; content:"Host"; http_header; classtype:trojan-activity; sid:100000655; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.225.5.159"; content:"Host"; http_header; classtype:trojan-activity; sid:100000656; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.226.10.121"; content:"Host"; http_header; classtype:trojan-activity; sid:100000657; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.226.40.211"; content:"Host"; http_header; classtype:trojan-activity; sid:100000658; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.227.153.109"; content:"Host"; http_header; classtype:trojan-activity; sid:100000659; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.227.55.220"; content:"Host"; http_header; classtype:trojan-activity; sid:100000660; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.228.114.177"; content:"Host"; http_header; classtype:trojan-activity; sid:100000661; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.228.117.214"; content:"Host"; http_header; classtype:trojan-activity; sid:100000662; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.232.129.9"; content:"Host"; http_header; classtype:trojan-activity; sid:100000663; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.232.245.97"; content:"Host"; http_header; classtype:trojan-activity; sid:100000664; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.232.7.138"; content:"Host"; http_header; classtype:trojan-activity; sid:100000665; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.234.177.239"; content:"Host"; http_header; classtype:trojan-activity; sid:100000666; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.234.188.201"; content:"Host"; http_header; classtype:trojan-activity; sid:100000667; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.234.197.127"; content:"Host"; http_header; classtype:trojan-activity; sid:100000668; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.234.197.75"; content:"Host"; http_header; classtype:trojan-activity; sid:100000669; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.234.201.90"; content:"Host"; http_header; classtype:trojan-activity; sid:100000670; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.236.67.32"; content:"Host"; http_header; classtype:trojan-activity; sid:100000671; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.239.213.68"; content:"Host"; http_header; classtype:trojan-activity; sid:100000672; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.243.103.80"; content:"Host"; http_header; classtype:trojan-activity; sid:100000673; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.245.186.237"; content:"Host"; http_header; classtype:trojan-activity; sid:100000674; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.245.191.196"; content:"Host"; http_header; classtype:trojan-activity; sid:100000675; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.246.130.246"; content:"Host"; http_header; classtype:trojan-activity; sid:100000676; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.246.133.199"; content:"Host"; http_header; classtype:trojan-activity; sid:100000677; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.248.192.47"; content:"Host"; http_header; classtype:trojan-activity; sid:100000678; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.53.228.47"; content:"Host"; http_header; classtype:trojan-activity; sid:100000679; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.53.30.234"; content:"Host"; http_header; classtype:trojan-activity; sid:100000680; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.56.89.108"; content:"Host"; http_header; classtype:trojan-activity; sid:100000681; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.57.149.117"; content:"Host"; http_header; classtype:trojan-activity; sid:100000682; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.58.237.53"; content:"Host"; http_header; classtype:trojan-activity; sid:100000683; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.7.53.63"; content:"Host"; http_header; classtype:trojan-activity; sid:100000684; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.75.31.119"; content:"Host"; http_header; classtype:trojan-activity; sid:100000685; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.86.204.59"; content:"Host"; http_header; classtype:trojan-activity; sid:100000686; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.87.172.138"; content:"Host"; http_header; classtype:trojan-activity; sid:100000687; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.87.248.106"; content:"Host"; http_header; classtype:trojan-activity; sid:100000688; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.87.250.26"; content:"Host"; http_header; classtype:trojan-activity; sid:100000689; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.87.251.241"; content:"Host"; http_header; classtype:trojan-activity; sid:100000690; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.87.96.9"; content:"Host"; http_header; classtype:trojan-activity; sid:100000691; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.88.208.29"; content:"Host"; http_header; classtype:trojan-activity; sid:100000692; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.88.209.51"; content:"Host"; http_header; classtype:trojan-activity; sid:100000693; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.88.211.185"; content:"Host"; http_header; classtype:trojan-activity; sid:100000694; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.88.241.234"; content:"Host"; http_header; classtype:trojan-activity; sid:100000695; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.88.243.157"; content:"Host"; http_header; classtype:trojan-activity; sid:100000696; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.88.243.22"; content:"Host"; http_header; classtype:trojan-activity; sid:100000697; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.88.85.8"; content:"Host"; http_header; classtype:trojan-activity; sid:100000698; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.89.42.76"; content:"Host"; http_header; classtype:trojan-activity; sid:100000699; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.89.43.45"; content:"Host"; http_header; classtype:trojan-activity; sid:100000700; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.89.54.91"; content:"Host"; http_header; classtype:trojan-activity; sid:100000701; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.9.81.235"; content:"Host"; http_header; classtype:trojan-activity; sid:100000702; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.90.190.206"; content:"Host"; http_header; classtype:trojan-activity; sid:100000703; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.90.190.65"; content:"Host"; http_header; classtype:trojan-activity; sid:100000704; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.90.190.97"; content:"Host"; http_header; classtype:trojan-activity; sid:100000705; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.90.221.147"; content:"Host"; http_header; classtype:trojan-activity; sid:100000706; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.90.225.165"; content:"Host"; http_header; classtype:trojan-activity; sid:100000707; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.90.28.149"; content:"Host"; http_header; classtype:trojan-activity; sid:100000708; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.91.169.222"; content:"Host"; http_header; classtype:trojan-activity; sid:100000709; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.92.156.86"; content:"Host"; http_header; classtype:trojan-activity; sid:100000710; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.92.222.27"; content:"Host"; http_header; classtype:trojan-activity; sid:100000711; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.99.78.15"; content:"Host"; http_header; classtype:trojan-activity; sid:100000712; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.99.80.141"; content:"Host"; http_header; classtype:trojan-activity; sid:100000713; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.199.240.249"; content:"Host"; http_header; classtype:trojan-activity; sid:100000714; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.219.131.201"; content:"Host"; http_header; classtype:trojan-activity; sid:100000715; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.219.57.24"; content:"Host"; http_header; classtype:trojan-activity; sid:100000716; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.220.177.58"; content:"Host"; http_header; classtype:trojan-activity; sid:100000717; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.220.211.145"; content:"Host"; http_header; classtype:trojan-activity; sid:100000718; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.222.11.17"; content:"Host"; http_header; classtype:trojan-activity; sid:100000719; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.226.115.73"; content:"Host"; http_header; classtype:trojan-activity; sid:100000720; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.226.119.139"; content:"Host"; http_header; classtype:trojan-activity; sid:100000721; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.226.171.97"; content:"Host"; http_header; classtype:trojan-activity; sid:100000722; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.226.203.113"; content:"Host"; http_header; classtype:trojan-activity; sid:100000723; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.226.213.78"; content:"Host"; http_header; classtype:trojan-activity; sid:100000724; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.226.220.77"; content:"Host"; http_header; classtype:trojan-activity; sid:100000725; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.226.252.245"; content:"Host"; http_header; classtype:trojan-activity; sid:100000726; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.226.254.121"; content:"Host"; http_header; classtype:trojan-activity; sid:100000727; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.227.191.150"; content:"Host"; http_header; classtype:trojan-activity; sid:100000728; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.227.8.23"; content:"Host"; http_header; classtype:trojan-activity; sid:100000729; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.228.129.202"; content:"Host"; http_header; classtype:trojan-activity; sid:100000730; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.228.142.203"; content:"Host"; http_header; classtype:trojan-activity; sid:100000731; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.228.201.232"; content:"Host"; http_header; classtype:trojan-activity; sid:100000732; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.228.248.169"; content:"Host"; http_header; classtype:trojan-activity; sid:100000733; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.232.182.159"; content:"Host"; http_header; classtype:trojan-activity; sid:100000734; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.234.165.17"; content:"Host"; http_header; classtype:trojan-activity; sid:100000735; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.234.239.248"; content:"Host"; http_header; classtype:trojan-activity; sid:100000736; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.235.230.135"; content:"Host"; http_header; classtype:trojan-activity; sid:100000737; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.236.30.67"; content:"Host"; http_header; classtype:trojan-activity; sid:100000738; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.238.119.17"; content:"Host"; http_header; classtype:trojan-activity; sid:100000739; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.238.154.79"; content:"Host"; http_header; classtype:trojan-activity; sid:100000740; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.239.10.38"; content:"Host"; http_header; classtype:trojan-activity; sid:100000741; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.239.111.2"; content:"Host"; http_header; classtype:trojan-activity; sid:100000742; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.239.111.46"; content:"Host"; http_header; classtype:trojan-activity; sid:100000743; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.239.111.54"; content:"Host"; http_header; classtype:trojan-activity; sid:100000744; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.239.141.115"; content:"Host"; http_header; classtype:trojan-activity; sid:100000745; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.239.164.37"; content:"Host"; http_header; classtype:trojan-activity; sid:100000746; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.239.176.175"; content:"Host"; http_header; classtype:trojan-activity; sid:100000747; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.239.178.156"; content:"Host"; http_header; classtype:trojan-activity; sid:100000748; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.239.180.225"; content:"Host"; http_header; classtype:trojan-activity; sid:100000749; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.239.180.73"; content:"Host"; http_header; classtype:trojan-activity; sid:100000750; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.239.181.35"; content:"Host"; http_header; classtype:trojan-activity; sid:100000751; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.239.182.173"; content:"Host"; http_header; classtype:trojan-activity; sid:100000752; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.239.182.233"; content:"Host"; http_header; classtype:trojan-activity; sid:100000753; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.239.182.245"; content:"Host"; http_header; classtype:trojan-activity; sid:100000754; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.239.182.252"; content:"Host"; http_header; classtype:trojan-activity; sid:100000755; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.239.183.3"; content:"Host"; http_header; classtype:trojan-activity; sid:100000756; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.239.27.46"; content:"Host"; http_header; classtype:trojan-activity; sid:100000757; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.239.34.90"; content:"Host"; http_header; classtype:trojan-activity; sid:100000758; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.239.48.11"; content:"Host"; http_header; classtype:trojan-activity; sid:100000759; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.239.8.2"; content:"Host"; http_header; classtype:trojan-activity; sid:100000760; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.29.38.221"; content:"Host"; http_header; classtype:trojan-activity; sid:100000761; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.30.54.64"; content:"Host"; http_header; classtype:trojan-activity; sid:100000762; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.86.165.220"; content:"Host"; http_header; classtype:trojan-activity; sid:100000763; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.92.243.218"; content:"Host"; http_header; classtype:trojan-activity; sid:100000764; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.165.200.130"; content:"Host"; http_header; classtype:trojan-activity; sid:100000765; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.165.211.89"; content:"Host"; http_header; classtype:trojan-activity; sid:100000766; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.165.216.112"; content:"Host"; http_header; classtype:trojan-activity; sid:100000767; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.197.86.81"; content:"Host"; http_header; classtype:trojan-activity; sid:100000768; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.199.245.31"; content:"Host"; http_header; classtype:trojan-activity; sid:100000769; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.201.116.61"; content:"Host"; http_header; classtype:trojan-activity; sid:100000770; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.201.35.181"; content:"Host"; http_header; classtype:trojan-activity; sid:100000771; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.201.50.245"; content:"Host"; http_header; classtype:trojan-activity; sid:100000772; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.201.54.151"; content:"Host"; http_header; classtype:trojan-activity; sid:100000773; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.202.235.66"; content:"Host"; http_header; classtype:trojan-activity; sid:100000774; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.204.209.237"; content:"Host"; http_header; classtype:trojan-activity; sid:100000775; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.207.172.120"; content:"Host"; http_header; classtype:trojan-activity; sid:100000776; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.207.196.73"; content:"Host"; http_header; classtype:trojan-activity; sid:100000777; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.213.179.145"; content:"Host"; http_header; classtype:trojan-activity; sid:100000778; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.213.185.73"; content:"Host"; http_header; classtype:trojan-activity; sid:100000779; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.215.134.184"; content:"Host"; http_header; classtype:trojan-activity; sid:100000780; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.215.92.2"; content:"Host"; http_header; classtype:trojan-activity; sid:100000781; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.216.209.77"; content:"Host"; http_header; classtype:trojan-activity; sid:100000782; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.220.238.10"; content:"Host"; http_header; classtype:trojan-activity; sid:100000783; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.223.128.51"; content:"Host"; http_header; classtype:trojan-activity; sid:100000784; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.225.115.80"; content:"Host"; http_header; classtype:trojan-activity; sid:100000785; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.226.108.137"; content:"Host"; http_header; classtype:trojan-activity; sid:100000786; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.226.11.184"; content:"Host"; http_header; classtype:trojan-activity; sid:100000787; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.226.15.51"; content:"Host"; http_header; classtype:trojan-activity; sid:100000788; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.23.112.218"; content:"Host"; http_header; classtype:trojan-activity; sid:100000789; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.237.188.211"; content:"Host"; http_header; classtype:trojan-activity; sid:100000790; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.238.97.218"; content:"Host"; http_header; classtype:trojan-activity; sid:100000791; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.42.32.124"; content:"Host"; http_header; classtype:trojan-activity; sid:100000792; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.45.178.12"; content:"Host"; http_header; classtype:trojan-activity; sid:100000793; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.45.67.61"; content:"Host"; http_header; classtype:trojan-activity; sid:100000794; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.48.139.197"; content:"Host"; http_header; classtype:trojan-activity; sid:100000795; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.48.145.109"; content:"Host"; http_header; classtype:trojan-activity; sid:100000796; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.48.145.203"; content:"Host"; http_header; classtype:trojan-activity; sid:100000797; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.48.148.175"; content:"Host"; http_header; classtype:trojan-activity; sid:100000798; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.48.161.47"; content:"Host"; http_header; classtype:trojan-activity; sid:100000799; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.48.176.127"; content:"Host"; http_header; classtype:trojan-activity; sid:100000800; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.48.19.144"; content:"Host"; http_header; classtype:trojan-activity; sid:100000801; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.48.193.226"; content:"Host"; http_header; classtype:trojan-activity; sid:100000802; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.48.201.149"; content:"Host"; http_header; classtype:trojan-activity; sid:100000803; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.48.46.8"; content:"Host"; http_header; classtype:trojan-activity; sid:100000804; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.48.7.148"; content:"Host"; http_header; classtype:trojan-activity; sid:100000805; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.48.8.63"; content:"Host"; http_header; classtype:trojan-activity; sid:100000806; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.49.194.23"; content:"Host"; http_header; classtype:trojan-activity; sid:100000807; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.49.21.177"; content:"Host"; http_header; classtype:trojan-activity; sid:100000808; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.49.22.99"; content:"Host"; http_header; classtype:trojan-activity; sid:100000809; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.49.243.137"; content:"Host"; http_header; classtype:trojan-activity; sid:100000810; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.49.251.25"; content:"Host"; http_header; classtype:trojan-activity; sid:100000811; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.49.7.182"; content:"Host"; http_header; classtype:trojan-activity; sid:100000812; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.50.0.48"; content:"Host"; http_header; classtype:trojan-activity; sid:100000813; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.50.0.69"; content:"Host"; http_header; classtype:trojan-activity; sid:100000814; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.50.1.26"; content:"Host"; http_header; classtype:trojan-activity; sid:100000815; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.50.104.102"; content:"Host"; http_header; classtype:trojan-activity; sid:100000816; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.50.13.71"; content:"Host"; http_header; classtype:trojan-activity; sid:100000817; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.50.132.23"; content:"Host"; http_header; classtype:trojan-activity; sid:100000818; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.50.144.157"; content:"Host"; http_header; classtype:trojan-activity; sid:100000819; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.50.147.86"; content:"Host"; http_header; classtype:trojan-activity; sid:100000820; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.50.148.96"; content:"Host"; http_header; classtype:trojan-activity; sid:100000821; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.50.151.145"; content:"Host"; http_header; classtype:trojan-activity; sid:100000822; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.50.153.206"; content:"Host"; http_header; classtype:trojan-activity; sid:100000823; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.50.155.128"; content:"Host"; http_header; classtype:trojan-activity; sid:100000824; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.50.160.161"; content:"Host"; http_header; classtype:trojan-activity; sid:100000825; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.50.170.12"; content:"Host"; http_header; classtype:trojan-activity; sid:100000826; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.50.170.143"; content:"Host"; http_header; classtype:trojan-activity; sid:100000827; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.50.173.160"; content:"Host"; http_header; classtype:trojan-activity; sid:100000828; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.50.185.160"; content:"Host"; http_header; classtype:trojan-activity; sid:100000829; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.50.186.194"; content:"Host"; http_header; classtype:trojan-activity; sid:100000830; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.50.205.116"; content:"Host"; http_header; classtype:trojan-activity; sid:100000831; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.50.209.65"; content:"Host"; http_header; classtype:trojan-activity; sid:100000832; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.50.239.245"; content:"Host"; http_header; classtype:trojan-activity; sid:100000833; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.50.239.43"; content:"Host"; http_header; classtype:trojan-activity; sid:100000834; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.50.245.48"; content:"Host"; http_header; classtype:trojan-activity; sid:100000835; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.50.36.69"; content:"Host"; http_header; classtype:trojan-activity; sid:100000836; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.50.38.242"; content:"Host"; http_header; classtype:trojan-activity; sid:100000837; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.50.4.180"; content:"Host"; http_header; classtype:trojan-activity; sid:100000838; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.50.52.248"; content:"Host"; http_header; classtype:trojan-activity; sid:100000839; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.50.58.101"; content:"Host"; http_header; classtype:trojan-activity; sid:100000840; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.50.59.197"; content:"Host"; http_header; classtype:trojan-activity; sid:100000841; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.50.64.222"; content:"Host"; http_header; classtype:trojan-activity; sid:100000842; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.50.69.246"; content:"Host"; http_header; classtype:trojan-activity; sid:100000843; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.50.71.107"; content:"Host"; http_header; classtype:trojan-activity; sid:100000844; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.50.96.89"; content:"Host"; http_header; classtype:trojan-activity; sid:100000845; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.51.104.72"; content:"Host"; http_header; classtype:trojan-activity; sid:100000846; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.51.110.198"; content:"Host"; http_header; classtype:trojan-activity; sid:100000847; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.51.120.108"; content:"Host"; http_header; classtype:trojan-activity; sid:100000848; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.51.92.238"; content:"Host"; http_header; classtype:trojan-activity; sid:100000849; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.51.95.133"; content:"Host"; http_header; classtype:trojan-activity; sid:100000850; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.52.130.244"; content:"Host"; http_header; classtype:trojan-activity; sid:100000851; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.52.17.103"; content:"Host"; http_header; classtype:trojan-activity; sid:100000852; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.52.172.70"; content:"Host"; http_header; classtype:trojan-activity; sid:100000853; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.52.176.117"; content:"Host"; http_header; classtype:trojan-activity; sid:100000854; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.52.199.12"; content:"Host"; http_header; classtype:trojan-activity; sid:100000855; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.54.122.219"; content:"Host"; http_header; classtype:trojan-activity; sid:100000856; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.54.174.212"; content:"Host"; http_header; classtype:trojan-activity; sid:100000857; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.54.195.44"; content:"Host"; http_header; classtype:trojan-activity; sid:100000858; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.54.207.109"; content:"Host"; http_header; classtype:trojan-activity; sid:100000859; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.54.211.162"; content:"Host"; http_header; classtype:trojan-activity; sid:100000860; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.54.221.128"; content:"Host"; http_header; classtype:trojan-activity; sid:100000861; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.54.231.84"; content:"Host"; http_header; classtype:trojan-activity; sid:100000862; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.54.238.106"; content:"Host"; http_header; classtype:trojan-activity; sid:100000863; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.54.238.70"; content:"Host"; http_header; classtype:trojan-activity; sid:100000864; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.54.96.145"; content:"Host"; http_header; classtype:trojan-activity; sid:100000865; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.54.99.79"; content:"Host"; http_header; classtype:trojan-activity; sid:100000866; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.55.113.214"; content:"Host"; http_header; classtype:trojan-activity; sid:100000867; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.55.115.248"; content:"Host"; http_header; classtype:trojan-activity; sid:100000868; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.55.125.70"; content:"Host"; http_header; classtype:trojan-activity; sid:100000869; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.55.126.108"; content:"Host"; http_header; classtype:trojan-activity; sid:100000870; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.55.140.129"; content:"Host"; http_header; classtype:trojan-activity; sid:100000871; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.55.144.119"; content:"Host"; http_header; classtype:trojan-activity; sid:100000872; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.55.146.167"; content:"Host"; http_header; classtype:trojan-activity; sid:100000873; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.55.155.72"; content:"Host"; http_header; classtype:trojan-activity; sid:100000874; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.55.179.228"; content:"Host"; http_header; classtype:trojan-activity; sid:100000875; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.55.183.179"; content:"Host"; http_header; classtype:trojan-activity; sid:100000876; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.55.191.69"; content:"Host"; http_header; classtype:trojan-activity; sid:100000877; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.55.200.236"; content:"Host"; http_header; classtype:trojan-activity; sid:100000878; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.55.205.149"; content:"Host"; http_header; classtype:trojan-activity; sid:100000879; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.55.218.49"; content:"Host"; http_header; classtype:trojan-activity; sid:100000880; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.55.28.190"; content:"Host"; http_header; classtype:trojan-activity; sid:100000881; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.55.49.209"; content:"Host"; http_header; classtype:trojan-activity; sid:100000882; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.55.51.43"; content:"Host"; http_header; classtype:trojan-activity; sid:100000883; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.55.55.64"; content:"Host"; http_header; classtype:trojan-activity; sid:100000884; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.55.57.43"; content:"Host"; http_header; classtype:trojan-activity; sid:100000885; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.55.60.69"; content:"Host"; http_header; classtype:trojan-activity; sid:100000886; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.55.8.190"; content:"Host"; http_header; classtype:trojan-activity; sid:100000887; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.55.91.204"; content:"Host"; http_header; classtype:trojan-activity; sid:100000888; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.55.96.209"; content:"Host"; http_header; classtype:trojan-activity; sid:100000889; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.56.128.75"; content:"Host"; http_header; classtype:trojan-activity; sid:100000890; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.56.129.113"; content:"Host"; http_header; classtype:trojan-activity; sid:100000891; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.56.133.13"; content:"Host"; http_header; classtype:trojan-activity; sid:100000892; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.56.133.88"; content:"Host"; http_header; classtype:trojan-activity; sid:100000893; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.56.135.115"; content:"Host"; http_header; classtype:trojan-activity; sid:100000894; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.56.140.56"; content:"Host"; http_header; classtype:trojan-activity; sid:100000895; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.56.141.2"; content:"Host"; http_header; classtype:trojan-activity; sid:100000896; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.56.143.114"; content:"Host"; http_header; classtype:trojan-activity; sid:100000897; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.56.152.176"; content:"Host"; http_header; classtype:trojan-activity; sid:100000898; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.56.158.52"; content:"Host"; http_header; classtype:trojan-activity; sid:100000899; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.56.159.29"; content:"Host"; http_header; classtype:trojan-activity; sid:100000900; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.56.168.79"; content:"Host"; http_header; classtype:trojan-activity; sid:100000901; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.56.176.9"; content:"Host"; http_header; classtype:trojan-activity; sid:100000902; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.56.182.171"; content:"Host"; http_header; classtype:trojan-activity; sid:100000903; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.56.184.195"; content:"Host"; http_header; classtype:trojan-activity; sid:100000904; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.56.185.83"; content:"Host"; http_header; classtype:trojan-activity; sid:100000905; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.56.189.202"; content:"Host"; http_header; classtype:trojan-activity; sid:100000906; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.56.189.207"; content:"Host"; http_header; classtype:trojan-activity; sid:100000907; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.56.99.74"; content:"Host"; http_header; classtype:trojan-activity; sid:100000908; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.58.100.235"; content:"Host"; http_header; classtype:trojan-activity; sid:100000909; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.58.101.239"; content:"Host"; http_header; classtype:trojan-activity; sid:100000910; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.58.106.142"; content:"Host"; http_header; classtype:trojan-activity; sid:100000911; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.58.107.177"; content:"Host"; http_header; classtype:trojan-activity; sid:100000912; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.58.110.142"; content:"Host"; http_header; classtype:trojan-activity; sid:100000913; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.58.110.162"; content:"Host"; http_header; classtype:trojan-activity; sid:100000914; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.58.129.166"; content:"Host"; http_header; classtype:trojan-activity; sid:100000915; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.58.130.32"; content:"Host"; http_header; classtype:trojan-activity; sid:100000916; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.58.132.117"; content:"Host"; http_header; classtype:trojan-activity; sid:100000917; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.58.134.213"; content:"Host"; http_header; classtype:trojan-activity; sid:100000918; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.58.135.16"; content:"Host"; http_header; classtype:trojan-activity; sid:100000919; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.58.143.5"; content:"Host"; http_header; classtype:trojan-activity; sid:100000920; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.58.162.43"; content:"Host"; http_header; classtype:trojan-activity; sid:100000921; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.58.168.64"; content:"Host"; http_header; classtype:trojan-activity; sid:100000922; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.58.32.84"; content:"Host"; http_header; classtype:trojan-activity; sid:100000923; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.58.53.235"; content:"Host"; http_header; classtype:trojan-activity; sid:100000924; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.58.8.226"; content:"Host"; http_header; classtype:trojan-activity; sid:100000925; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.58.83.120"; content:"Host"; http_header; classtype:trojan-activity; sid:100000926; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.58.9.106"; content:"Host"; http_header; classtype:trojan-activity; sid:100000927; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.59.11.13"; content:"Host"; http_header; classtype:trojan-activity; sid:100000928; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.59.11.220"; content:"Host"; http_header; classtype:trojan-activity; sid:100000929; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.59.201.197"; content:"Host"; http_header; classtype:trojan-activity; sid:100000930; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.59.212.99"; content:"Host"; http_header; classtype:trojan-activity; sid:100000931; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.59.218.20"; content:"Host"; http_header; classtype:trojan-activity; sid:100000932; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.59.247.152"; content:"Host"; http_header; classtype:trojan-activity; sid:100000933; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.59.252.103"; content:"Host"; http_header; classtype:trojan-activity; sid:100000934; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.59.26.28"; content:"Host"; http_header; classtype:trojan-activity; sid:100000935; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.59.5.246"; content:"Host"; http_header; classtype:trojan-activity; sid:100000936; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.59.63.215"; content:"Host"; http_header; classtype:trojan-activity; sid:100000937; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.59.79.73"; content:"Host"; http_header; classtype:trojan-activity; sid:100000938; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.59.86.57"; content:"Host"; http_header; classtype:trojan-activity; sid:100000939; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.59.92.63"; content:"Host"; http_header; classtype:trojan-activity; sid:100000940; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.60.210.14"; content:"Host"; http_header; classtype:trojan-activity; sid:100000941; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.61.101.171"; content:"Host"; http_header; classtype:trojan-activity; sid:100000942; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.61.104.59"; content:"Host"; http_header; classtype:trojan-activity; sid:100000943; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.61.113.126"; content:"Host"; http_header; classtype:trojan-activity; sid:100000944; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.61.113.90"; content:"Host"; http_header; classtype:trojan-activity; sid:100000945; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.61.114.245"; content:"Host"; http_header; classtype:trojan-activity; sid:100000946; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.61.119.24"; content:"Host"; http_header; classtype:trojan-activity; sid:100000947; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.61.129.232"; content:"Host"; http_header; classtype:trojan-activity; sid:100000948; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.61.133.201"; content:"Host"; http_header; classtype:trojan-activity; sid:100000949; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.61.144.216"; content:"Host"; http_header; classtype:trojan-activity; sid:100000950; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.61.166.15"; content:"Host"; http_header; classtype:trojan-activity; sid:100000951; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.61.172.91"; content:"Host"; http_header; classtype:trojan-activity; sid:100000952; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.62.178.18"; content:"Host"; http_header; classtype:trojan-activity; sid:100000953; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.63.112.176"; content:"Host"; http_header; classtype:trojan-activity; sid:100000954; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.63.130.225"; content:"Host"; http_header; classtype:trojan-activity; sid:100000955; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.63.131.165"; content:"Host"; http_header; classtype:trojan-activity; sid:100000956; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.63.131.52"; content:"Host"; http_header; classtype:trojan-activity; sid:100000957; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.63.160.253"; content:"Host"; http_header; classtype:trojan-activity; sid:100000958; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.63.186.228"; content:"Host"; http_header; classtype:trojan-activity; sid:100000959; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.63.204.127"; content:"Host"; http_header; classtype:trojan-activity; sid:100000960; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.63.250.149"; content:"Host"; http_header; classtype:trojan-activity; sid:100000961; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.63.26.134"; content:"Host"; http_header; classtype:trojan-activity; sid:100000962; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.63.49.199"; content:"Host"; http_header; classtype:trojan-activity; sid:100000963; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.63.53.158"; content:"Host"; http_header; classtype:trojan-activity; sid:100000964; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.63.57.168"; content:"Host"; http_header; classtype:trojan-activity; sid:100000965; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.75.191.22"; content:"Host"; http_header; classtype:trojan-activity; sid:100000966; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.75.217.79"; content:"Host"; http_header; classtype:trojan-activity; sid:100000967; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.97.7.140"; content:"Host"; http_header; classtype:trojan-activity; sid:100000968; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"116.112.31.171"; content:"Host"; http_header; classtype:trojan-activity; sid:100000969; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"116.131.238.12"; content:"Host"; http_header; classtype:trojan-activity; sid:100000970; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"116.132.168.86"; content:"Host"; http_header; classtype:trojan-activity; sid:100000971; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"116.132.194.136"; content:"Host"; http_header; classtype:trojan-activity; sid:100000972; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"116.149.240.145"; content:"Host"; http_header; classtype:trojan-activity; sid:100000973; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"116.149.243.67"; content:"Host"; http_header; classtype:trojan-activity; sid:100000974; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"116.16.72.83"; content:"Host"; http_header; classtype:trojan-activity; sid:100000975; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"116.17.199.118"; content:"Host"; http_header; classtype:trojan-activity; sid:100000976; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"116.177.15.105"; content:"Host"; http_header; classtype:trojan-activity; sid:100000977; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"116.193.172.181"; content:"Host"; http_header; classtype:trojan-activity; sid:100000978; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"116.193.173.30"; content:"Host"; http_header; classtype:trojan-activity; sid:100000979; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"116.2.125.167"; content:"Host"; http_header; classtype:trojan-activity; sid:100000980; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"116.2.163.28"; content:"Host"; http_header; classtype:trojan-activity; sid:100000981; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"116.2.55.157"; content:"Host"; http_header; classtype:trojan-activity; sid:100000982; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"116.2.70.173"; content:"Host"; http_header; classtype:trojan-activity; sid:100000983; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"116.209.190.62"; content:"Host"; http_header; classtype:trojan-activity; sid:100000984; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"116.211.100.26"; content:"Host"; http_header; classtype:trojan-activity; sid:100000985; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"116.212.132.128"; content:"Host"; http_header; classtype:trojan-activity; sid:100000986; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"116.212.132.188"; content:"Host"; http_header; classtype:trojan-activity; sid:100000987; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"116.212.142.18"; content:"Host"; http_header; classtype:trojan-activity; sid:100000988; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"116.212.142.215"; content:"Host"; http_header; classtype:trojan-activity; sid:100000989; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"116.212.152.11"; content:"Host"; http_header; classtype:trojan-activity; sid:100000990; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"116.212.152.123"; content:"Host"; http_header; classtype:trojan-activity; sid:100000991; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"116.212.152.91"; content:"Host"; http_header; classtype:trojan-activity; sid:100000992; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"116.212.155.166"; content:"Host"; http_header; classtype:trojan-activity; sid:100000993; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"116.212.156.31"; content:"Host"; http_header; classtype:trojan-activity; sid:100000994; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"116.212.156.44"; content:"Host"; http_header; classtype:trojan-activity; sid:100000995; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"116.225.83.235"; content:"Host"; http_header; classtype:trojan-activity; sid:100000996; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"116.24.103.23"; content:"Host"; http_header; classtype:trojan-activity; sid:100000997; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"116.24.107.17"; content:"Host"; http_header; classtype:trojan-activity; sid:100000998; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"116.24.32.228"; content:"Host"; http_header; classtype:trojan-activity; sid:100000999; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"116.24.59.134"; content:"Host"; http_header; classtype:trojan-activity; sid:100001000; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"116.24.82.168"; content:"Host"; http_header; classtype:trojan-activity; sid:100001001; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"116.241.176.181"; content:"Host"; http_header; classtype:trojan-activity; sid:100001002; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"116.241.193.247"; content:"Host"; http_header; classtype:trojan-activity; sid:100001003; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"116.241.49.123"; content:"Host"; http_header; classtype:trojan-activity; sid:100001004; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"116.25.227.158"; content:"Host"; http_header; classtype:trojan-activity; sid:100001005; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"116.252.107.92"; content:"Host"; http_header; classtype:trojan-activity; sid:100001006; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"116.30.162.162"; content:"Host"; http_header; classtype:trojan-activity; sid:100001007; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"116.75.206.253"; content:"Host"; http_header; classtype:trojan-activity; sid:100001008; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.10.39.51"; content:"Host"; http_header; classtype:trojan-activity; sid:100001009; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.11.232.7"; content:"Host"; http_header; classtype:trojan-activity; sid:100001010; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.11.95.181"; content:"Host"; http_header; classtype:trojan-activity; sid:100001011; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.123.40.74"; content:"Host"; http_header; classtype:trojan-activity; sid:100001012; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.132.163.89"; content:"Host"; http_header; classtype:trojan-activity; sid:100001013; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.132.4.248"; content:"Host"; http_header; classtype:trojan-activity; sid:100001014; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.176.115.16"; content:"Host"; http_header; classtype:trojan-activity; sid:100001015; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.193.104.158"; content:"Host"; http_header; classtype:trojan-activity; sid:100001016; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.194.165.193"; content:"Host"; http_header; classtype:trojan-activity; sid:100001017; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.194.166.166"; content:"Host"; http_header; classtype:trojan-activity; sid:100001018; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.194.167.148"; content:"Host"; http_header; classtype:trojan-activity; sid:100001019; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.194.168.135"; content:"Host"; http_header; classtype:trojan-activity; sid:100001020; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.194.170.144"; content:"Host"; http_header; classtype:trojan-activity; sid:100001021; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.194.174.174"; content:"Host"; http_header; classtype:trojan-activity; sid:100001022; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.194.175.204"; content:"Host"; http_header; classtype:trojan-activity; sid:100001023; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.196.16.157"; content:"Host"; http_header; classtype:trojan-activity; sid:100001024; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.196.17.157"; content:"Host"; http_header; classtype:trojan-activity; sid:100001025; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.196.18.11"; content:"Host"; http_header; classtype:trojan-activity; sid:100001026; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.196.21.27"; content:"Host"; http_header; classtype:trojan-activity; sid:100001027; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.196.23.198"; content:"Host"; http_header; classtype:trojan-activity; sid:100001028; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.196.27.120"; content:"Host"; http_header; classtype:trojan-activity; sid:100001029; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.196.52.231"; content:"Host"; http_header; classtype:trojan-activity; sid:100001030; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.198.161.72"; content:"Host"; http_header; classtype:trojan-activity; sid:100001031; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.198.164.167"; content:"Host"; http_header; classtype:trojan-activity; sid:100001032; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.198.167.255"; content:"Host"; http_header; classtype:trojan-activity; sid:100001033; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.198.168.227"; content:"Host"; http_header; classtype:trojan-activity; sid:100001034; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.198.172.106"; content:"Host"; http_header; classtype:trojan-activity; sid:100001035; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.198.241.20"; content:"Host"; http_header; classtype:trojan-activity; sid:100001036; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.198.254.148"; content:"Host"; http_header; classtype:trojan-activity; sid:100001037; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.198.255.163"; content:"Host"; http_header; classtype:trojan-activity; sid:100001038; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.2.49.141"; content:"Host"; http_header; classtype:trojan-activity; sid:100001039; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.20.243.40"; content:"Host"; http_header; classtype:trojan-activity; sid:100001040; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.201.193.177"; content:"Host"; http_header; classtype:trojan-activity; sid:100001041; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.201.201.124"; content:"Host"; http_header; classtype:trojan-activity; sid:100001042; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.201.201.34"; content:"Host"; http_header; classtype:trojan-activity; sid:100001043; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.201.203.74"; content:"Host"; http_header; classtype:trojan-activity; sid:100001044; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.204.159.152"; content:"Host"; http_header; classtype:trojan-activity; sid:100001045; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.207.235.201"; content:"Host"; http_header; classtype:trojan-activity; sid:100001046; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.213.12.51"; content:"Host"; http_header; classtype:trojan-activity; sid:100001047; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.213.13.26"; content:"Host"; http_header; classtype:trojan-activity; sid:100001048; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.213.46.208"; content:"Host"; http_header; classtype:trojan-activity; sid:100001049; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.213.46.221"; content:"Host"; http_header; classtype:trojan-activity; sid:100001050; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.213.8.157"; content:"Host"; http_header; classtype:trojan-activity; sid:100001051; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.213.9.44"; content:"Host"; http_header; classtype:trojan-activity; sid:100001052; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.215.214.230"; content:"Host"; http_header; classtype:trojan-activity; sid:100001053; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.215.243.16"; content:"Host"; http_header; classtype:trojan-activity; sid:100001054; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.216.136.233"; content:"Host"; http_header; classtype:trojan-activity; sid:100001055; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.217.153.116"; content:"Host"; http_header; classtype:trojan-activity; sid:100001056; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.217.155.241"; content:"Host"; http_header; classtype:trojan-activity; sid:100001057; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.221.176.123"; content:"Host"; http_header; classtype:trojan-activity; sid:100001058; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.221.183.28"; content:"Host"; http_header; classtype:trojan-activity; sid:100001059; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.221.184.210"; content:"Host"; http_header; classtype:trojan-activity; sid:100001060; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.221.186.0"; content:"Host"; http_header; classtype:trojan-activity; sid:100001061; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.221.187.144"; content:"Host"; http_header; classtype:trojan-activity; sid:100001062; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.221.189.33"; content:"Host"; http_header; classtype:trojan-activity; sid:100001063; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.222.163.184"; content:"Host"; http_header; classtype:trojan-activity; sid:100001064; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.222.163.42"; content:"Host"; http_header; classtype:trojan-activity; sid:100001065; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.222.165.69"; content:"Host"; http_header; classtype:trojan-activity; sid:100001066; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.222.167.99"; content:"Host"; http_header; classtype:trojan-activity; sid:100001067; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.222.170.71"; content:"Host"; http_header; classtype:trojan-activity; sid:100001068; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.222.172.54"; content:"Host"; http_header; classtype:trojan-activity; sid:100001069; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.222.175.233"; content:"Host"; http_header; classtype:trojan-activity; sid:100001070; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.223.86.254"; content:"Host"; http_header; classtype:trojan-activity; sid:100001071; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.223.93.29"; content:"Host"; http_header; classtype:trojan-activity; sid:100001072; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.223.95.23"; content:"Host"; http_header; classtype:trojan-activity; sid:100001073; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.251.29.186"; content:"Host"; http_header; classtype:trojan-activity; sid:100001074; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.251.30.247"; content:"Host"; http_header; classtype:trojan-activity; sid:100001075; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.251.48.240"; content:"Host"; http_header; classtype:trojan-activity; sid:100001076; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.26.124.76"; content:"Host"; http_header; classtype:trojan-activity; sid:100001077; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.26.125.224"; content:"Host"; http_header; classtype:trojan-activity; sid:100001078; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.26.228.28"; content:"Host"; http_header; classtype:trojan-activity; sid:100001079; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.26.230.34"; content:"Host"; http_header; classtype:trojan-activity; sid:100001080; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.26.238.231"; content:"Host"; http_header; classtype:trojan-activity; sid:100001081; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.27.180.177"; content:"Host"; http_header; classtype:trojan-activity; sid:100001082; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.60.204.64"; content:"Host"; http_header; classtype:trojan-activity; sid:100001083; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.60.206.130"; content:"Host"; http_header; classtype:trojan-activity; sid:100001084; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.60.206.145"; content:"Host"; http_header; classtype:trojan-activity; sid:100001085; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.60.206.149"; content:"Host"; http_header; classtype:trojan-activity; sid:100001086; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.60.206.162"; content:"Host"; http_header; classtype:trojan-activity; sid:100001087; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.60.206.174"; content:"Host"; http_header; classtype:trojan-activity; sid:100001088; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.60.206.178"; content:"Host"; http_header; classtype:trojan-activity; sid:100001089; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.60.206.180"; content:"Host"; http_header; classtype:trojan-activity; sid:100001090; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.60.206.200"; content:"Host"; http_header; classtype:trojan-activity; sid:100001091; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.60.206.221"; content:"Host"; http_header; classtype:trojan-activity; sid:100001092; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.60.206.225"; content:"Host"; http_header; classtype:trojan-activity; sid:100001093; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.60.206.243"; content:"Host"; http_header; classtype:trojan-activity; sid:100001094; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.60.206.249"; content:"Host"; http_header; classtype:trojan-activity; sid:100001095; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.60.206.252"; content:"Host"; http_header; classtype:trojan-activity; sid:100001096; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.60.206.4"; content:"Host"; http_header; classtype:trojan-activity; sid:100001097; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.60.206.52"; content:"Host"; http_header; classtype:trojan-activity; sid:100001098; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.60.206.58"; content:"Host"; http_header; classtype:trojan-activity; sid:100001099; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.60.206.70"; content:"Host"; http_header; classtype:trojan-activity; sid:100001100; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.60.206.91"; content:"Host"; http_header; classtype:trojan-activity; sid:100001101; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.63.0.179"; content:"Host"; http_header; classtype:trojan-activity; sid:100001102; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.63.130.238"; content:"Host"; http_header; classtype:trojan-activity; sid:100001103; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.63.151.211"; content:"Host"; http_header; classtype:trojan-activity; sid:100001104; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.86.187.254"; content:"Host"; http_header; classtype:trojan-activity; sid:100001105; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.87.139.100"; content:"Host"; http_header; classtype:trojan-activity; sid:100001106; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.89.14.15"; content:"Host"; http_header; classtype:trojan-activity; sid:100001107; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.9.137.96"; content:"Host"; http_header; classtype:trojan-activity; sid:100001108; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.9.176.253"; content:"Host"; http_header; classtype:trojan-activity; sid:100001109; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.9.3.138"; content:"Host"; http_header; classtype:trojan-activity; sid:100001110; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.90.10.14"; content:"Host"; http_header; classtype:trojan-activity; sid:100001111; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.91.139.63"; content:"Host"; http_header; classtype:trojan-activity; sid:100001112; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.93.118.131"; content:"Host"; http_header; classtype:trojan-activity; sid:100001113; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.95.195.138"; content:"Host"; http_header; classtype:trojan-activity; sid:100001114; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.95.242.201"; content:"Host"; http_header; classtype:trojan-activity; sid:100001115; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"118.151.221.74"; content:"Host"; http_header; classtype:trojan-activity; sid:100001116; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"118.173.232.205"; content:"Host"; http_header; classtype:trojan-activity; sid:100001117; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"118.176.157.64"; content:"Host"; http_header; classtype:trojan-activity; sid:100001118; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"118.190.211.34"; content:"Host"; http_header; classtype:trojan-activity; sid:100001119; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"118.223.32.74"; content:"Host"; http_header; classtype:trojan-activity; sid:100001120; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"118.232.12.130"; content:"Host"; http_header; classtype:trojan-activity; sid:100001121; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"118.232.127.52"; content:"Host"; http_header; classtype:trojan-activity; sid:100001122; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"118.232.128.147"; content:"Host"; http_header; classtype:trojan-activity; sid:100001123; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"118.232.130.200"; content:"Host"; http_header; classtype:trojan-activity; sid:100001124; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"118.232.131.1"; content:"Host"; http_header; classtype:trojan-activity; sid:100001125; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"118.232.136.84"; content:"Host"; http_header; classtype:trojan-activity; sid:100001126; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"118.232.170.68"; content:"Host"; http_header; classtype:trojan-activity; sid:100001127; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"118.232.194.190"; content:"Host"; http_header; classtype:trojan-activity; sid:100001128; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"118.232.208.215"; content:"Host"; http_header; classtype:trojan-activity; sid:100001129; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"118.232.209.108"; content:"Host"; http_header; classtype:trojan-activity; sid:100001130; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"118.232.212.161"; content:"Host"; http_header; classtype:trojan-activity; sid:100001131; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"118.232.214.72"; content:"Host"; http_header; classtype:trojan-activity; sid:100001132; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"118.232.88.146"; content:"Host"; http_header; classtype:trojan-activity; sid:100001133; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"118.232.96.6"; content:"Host"; http_header; classtype:trojan-activity; sid:100001134; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"118.232.99.141"; content:"Host"; http_header; classtype:trojan-activity; sid:100001135; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"118.233.165.213"; content:"Host"; http_header; classtype:trojan-activity; sid:100001136; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"118.233.221.162"; content:"Host"; http_header; classtype:trojan-activity; sid:100001137; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"118.233.243.14"; content:"Host"; http_header; classtype:trojan-activity; sid:100001138; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"118.233.63.194"; content:"Host"; http_header; classtype:trojan-activity; sid:100001139; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"118.233.93.72"; content:"Host"; http_header; classtype:trojan-activity; sid:100001140; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"118.249.176.116"; content:"Host"; http_header; classtype:trojan-activity; sid:100001141; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"118.249.22.29"; content:"Host"; http_header; classtype:trojan-activity; sid:100001142; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"118.250.106.178"; content:"Host"; http_header; classtype:trojan-activity; sid:100001143; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"118.250.3.115"; content:"Host"; http_header; classtype:trojan-activity; sid:100001144; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"118.250.48.175"; content:"Host"; http_header; classtype:trojan-activity; sid:100001145; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"118.251.155.191"; content:"Host"; http_header; classtype:trojan-activity; sid:100001146; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"118.252.83.219"; content:"Host"; http_header; classtype:trojan-activity; sid:100001147; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"118.255.88.136"; content:"Host"; http_header; classtype:trojan-activity; sid:100001148; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"118.36.48.250"; content:"Host"; http_header; classtype:trojan-activity; sid:100001149; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"118.40.94.152"; content:"Host"; http_header; classtype:trojan-activity; sid:100001150; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"118.43.180.33"; content:"Host"; http_header; classtype:trojan-activity; sid:100001151; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"118.75.104.173"; content:"Host"; http_header; classtype:trojan-activity; sid:100001152; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"118.75.141.88"; content:"Host"; http_header; classtype:trojan-activity; sid:100001153; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"118.75.148.150"; content:"Host"; http_header; classtype:trojan-activity; sid:100001154; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"118.75.227.219"; content:"Host"; http_header; classtype:trojan-activity; sid:100001155; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"118.75.255.184"; content:"Host"; http_header; classtype:trojan-activity; sid:100001156; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"118.75.49.230"; content:"Host"; http_header; classtype:trojan-activity; sid:100001157; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"118.76.140.190"; content:"Host"; http_header; classtype:trojan-activity; sid:100001158; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"118.77.188.235"; content:"Host"; http_header; classtype:trojan-activity; sid:100001159; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"118.79.111.12"; content:"Host"; http_header; classtype:trojan-activity; sid:100001160; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"118.79.144.190"; content:"Host"; http_header; classtype:trojan-activity; sid:100001161; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"118.79.155.229"; content:"Host"; http_header; classtype:trojan-activity; sid:100001162; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"118.79.160.44"; content:"Host"; http_header; classtype:trojan-activity; sid:100001163; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"118.79.189.208"; content:"Host"; http_header; classtype:trojan-activity; sid:100001164; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"118.79.201.113"; content:"Host"; http_header; classtype:trojan-activity; sid:100001165; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"118.79.214.79"; content:"Host"; http_header; classtype:trojan-activity; sid:100001166; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"118.79.231.132"; content:"Host"; http_header; classtype:trojan-activity; sid:100001167; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"118.79.236.89"; content:"Host"; http_header; classtype:trojan-activity; sid:100001168; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"118.79.72.194"; content:"Host"; http_header; classtype:trojan-activity; sid:100001169; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"118.79.75.72"; content:"Host"; http_header; classtype:trojan-activity; sid:100001170; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"118.79.80.56"; content:"Host"; http_header; classtype:trojan-activity; sid:100001171; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"118.79.83.239"; content:"Host"; http_header; classtype:trojan-activity; sid:100001172; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"118.99.183.235"; content:"Host"; http_header; classtype:trojan-activity; sid:100001173; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"118.99.207.107"; content:"Host"; http_header; classtype:trojan-activity; sid:100001174; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.100.196.96"; content:"Host"; http_header; classtype:trojan-activity; sid:100001175; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.102.20.29"; content:"Host"; http_header; classtype:trojan-activity; sid:100001176; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.102.22.26"; content:"Host"; http_header; classtype:trojan-activity; sid:100001177; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.102.4.112"; content:"Host"; http_header; classtype:trojan-activity; sid:100001178; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.102.74.236"; content:"Host"; http_header; classtype:trojan-activity; sid:100001179; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.108.188.0"; content:"Host"; http_header; classtype:trojan-activity; sid:100001180; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.108.240.29"; content:"Host"; http_header; classtype:trojan-activity; sid:100001181; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.108.242.43"; content:"Host"; http_header; classtype:trojan-activity; sid:100001182; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.108.55.235"; content:"Host"; http_header; classtype:trojan-activity; sid:100001183; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.112.120.70"; content:"Host"; http_header; classtype:trojan-activity; sid:100001184; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.112.55.195"; content:"Host"; http_header; classtype:trojan-activity; sid:100001185; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.113.141.67"; content:"Host"; http_header; classtype:trojan-activity; sid:100001186; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.116.121.162"; content:"Host"; http_header; classtype:trojan-activity; sid:100001187; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.117.150.161"; content:"Host"; http_header; classtype:trojan-activity; sid:100001188; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.117.153.136"; content:"Host"; http_header; classtype:trojan-activity; sid:100001189; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.118.32.15"; content:"Host"; http_header; classtype:trojan-activity; sid:100001190; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.119.165.127"; content:"Host"; http_header; classtype:trojan-activity; sid:100001191; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.119.165.85"; content:"Host"; http_header; classtype:trojan-activity; sid:100001192; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.119.59.192"; content:"Host"; http_header; classtype:trojan-activity; sid:100001193; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.122.114.201"; content:"Host"; http_header; classtype:trojan-activity; sid:100001194; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.123.175.204"; content:"Host"; http_header; classtype:trojan-activity; sid:100001195; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.123.209.71"; content:"Host"; http_header; classtype:trojan-activity; sid:100001196; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.123.224.157"; content:"Host"; http_header; classtype:trojan-activity; sid:100001197; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.123.224.74"; content:"Host"; http_header; classtype:trojan-activity; sid:100001198; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.123.227.103"; content:"Host"; http_header; classtype:trojan-activity; sid:100001199; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.123.227.144"; content:"Host"; http_header; classtype:trojan-activity; sid:100001200; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.123.227.159"; content:"Host"; http_header; classtype:trojan-activity; sid:100001201; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.123.227.222"; content:"Host"; http_header; classtype:trojan-activity; sid:100001202; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.123.238.72"; content:"Host"; http_header; classtype:trojan-activity; sid:100001203; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.123.76.59"; content:"Host"; http_header; classtype:trojan-activity; sid:100001204; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.134.224.9"; content:"Host"; http_header; classtype:trojan-activity; sid:100001205; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.134.225.28"; content:"Host"; http_header; classtype:trojan-activity; sid:100001206; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.136.87.163"; content:"Host"; http_header; classtype:trojan-activity; sid:100001207; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.136.87.84"; content:"Host"; http_header; classtype:trojan-activity; sid:100001208; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.14.143.145"; content:"Host"; http_header; classtype:trojan-activity; sid:100001209; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.14.168.84"; content:"Host"; http_header; classtype:trojan-activity; sid:100001210; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.162.195.194"; content:"Host"; http_header; classtype:trojan-activity; sid:100001211; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.165.244.51"; content:"Host"; http_header; classtype:trojan-activity; sid:100001212; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.165.253.110"; content:"Host"; http_header; classtype:trojan-activity; sid:100001213; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.166.194.24"; content:"Host"; http_header; classtype:trojan-activity; sid:100001214; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.166.41.53"; content:"Host"; http_header; classtype:trojan-activity; sid:100001215; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.167.26.177"; content:"Host"; http_header; classtype:trojan-activity; sid:100001216; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.167.31.19"; content:"Host"; http_header; classtype:trojan-activity; sid:100001217; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.177.151.156"; content:"Host"; http_header; classtype:trojan-activity; sid:100001218; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.178.173.88"; content:"Host"; http_header; classtype:trojan-activity; sid:100001219; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.178.216.77"; content:"Host"; http_header; classtype:trojan-activity; sid:100001220; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.178.241.105"; content:"Host"; http_header; classtype:trojan-activity; sid:100001221; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.179.11.187"; content:"Host"; http_header; classtype:trojan-activity; sid:100001222; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.179.121.226"; content:"Host"; http_header; classtype:trojan-activity; sid:100001223; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.179.2.189"; content:"Host"; http_header; classtype:trojan-activity; sid:100001224; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.179.205.71"; content:"Host"; http_header; classtype:trojan-activity; sid:100001225; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.179.214.255"; content:"Host"; http_header; classtype:trojan-activity; sid:100001226; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.179.214.26"; content:"Host"; http_header; classtype:trojan-activity; sid:100001227; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.179.214.49"; content:"Host"; http_header; classtype:trojan-activity; sid:100001228; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.179.215.203"; content:"Host"; http_header; classtype:trojan-activity; sid:100001229; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.179.237.13"; content:"Host"; http_header; classtype:trojan-activity; sid:100001230; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.179.238.100"; content:"Host"; http_header; classtype:trojan-activity; sid:100001231; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.179.239.199"; content:"Host"; http_header; classtype:trojan-activity; sid:100001232; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.179.239.50"; content:"Host"; http_header; classtype:trojan-activity; sid:100001233; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.179.248.180"; content:"Host"; http_header; classtype:trojan-activity; sid:100001234; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.179.249.249"; content:"Host"; http_header; classtype:trojan-activity; sid:100001235; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.179.250.99"; content:"Host"; http_header; classtype:trojan-activity; sid:100001236; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.179.252.231"; content:"Host"; http_header; classtype:trojan-activity; sid:100001237; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.179.252.94"; content:"Host"; http_header; classtype:trojan-activity; sid:100001238; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.179.253.233"; content:"Host"; http_header; classtype:trojan-activity; sid:100001239; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.179.253.88"; content:"Host"; http_header; classtype:trojan-activity; sid:100001240; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.179.253.99"; content:"Host"; http_header; classtype:trojan-activity; sid:100001241; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.179.254.23"; content:"Host"; http_header; classtype:trojan-activity; sid:100001242; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.179.254.41"; content:"Host"; http_header; classtype:trojan-activity; sid:100001243; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.179.255.204"; content:"Host"; http_header; classtype:trojan-activity; sid:100001244; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.179.47.97"; content:"Host"; http_header; classtype:trojan-activity; sid:100001245; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.179.82.234"; content:"Host"; http_header; classtype:trojan-activity; sid:100001246; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.179.84.255"; content:"Host"; http_header; classtype:trojan-activity; sid:100001247; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.180.110.201"; content:"Host"; http_header; classtype:trojan-activity; sid:100001248; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.180.63.149"; content:"Host"; http_header; classtype:trojan-activity; sid:100001249; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.180.68.99"; content:"Host"; http_header; classtype:trojan-activity; sid:100001250; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.180.75.254"; content:"Host"; http_header; classtype:trojan-activity; sid:100001251; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.180.93.204"; content:"Host"; http_header; classtype:trojan-activity; sid:100001252; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.181.126.40"; content:"Host"; http_header; classtype:trojan-activity; sid:100001253; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.181.41.183"; content:"Host"; http_header; classtype:trojan-activity; sid:100001254; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.182.89.124"; content:"Host"; http_header; classtype:trojan-activity; sid:100001255; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.183.125.177"; content:"Host"; http_header; classtype:trojan-activity; sid:100001256; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.183.98.155"; content:"Host"; http_header; classtype:trojan-activity; sid:100001257; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.184.14.35"; content:"Host"; http_header; classtype:trojan-activity; sid:100001258; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.184.73.110"; content:"Host"; http_header; classtype:trojan-activity; sid:100001259; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.184.92.4"; content:"Host"; http_header; classtype:trojan-activity; sid:100001260; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.185.164.157"; content:"Host"; http_header; classtype:trojan-activity; sid:100001261; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.185.236.253"; content:"Host"; http_header; classtype:trojan-activity; sid:100001262; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.185.64.204"; content:"Host"; http_header; classtype:trojan-activity; sid:100001263; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.185.64.31"; content:"Host"; http_header; classtype:trojan-activity; sid:100001264; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.185.91.21"; content:"Host"; http_header; classtype:trojan-activity; sid:100001265; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.185.95.247"; content:"Host"; http_header; classtype:trojan-activity; sid:100001266; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.186.100.111"; content:"Host"; http_header; classtype:trojan-activity; sid:100001267; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.186.112.99"; content:"Host"; http_header; classtype:trojan-activity; sid:100001268; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.186.205.244"; content:"Host"; http_header; classtype:trojan-activity; sid:100001269; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.186.206.126"; content:"Host"; http_header; classtype:trojan-activity; sid:100001270; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.186.209.215"; content:"Host"; http_header; classtype:trojan-activity; sid:100001271; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.186.210.102"; content:"Host"; http_header; classtype:trojan-activity; sid:100001272; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.186.210.103"; content:"Host"; http_header; classtype:trojan-activity; sid:100001273; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.186.210.205"; content:"Host"; http_header; classtype:trojan-activity; sid:100001274; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.186.210.73"; content:"Host"; http_header; classtype:trojan-activity; sid:100001275; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.186.210.96"; content:"Host"; http_header; classtype:trojan-activity; sid:100001276; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.186.23.46"; content:"Host"; http_header; classtype:trojan-activity; sid:100001277; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.187.104.228"; content:"Host"; http_header; classtype:trojan-activity; sid:100001278; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.187.206.106"; content:"Host"; http_header; classtype:trojan-activity; sid:100001279; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.187.235.138"; content:"Host"; http_header; classtype:trojan-activity; sid:100001280; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.187.239.34"; content:"Host"; http_header; classtype:trojan-activity; sid:100001281; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.187.253.137"; content:"Host"; http_header; classtype:trojan-activity; sid:100001282; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.189.136.206"; content:"Host"; http_header; classtype:trojan-activity; sid:100001283; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.189.231.225"; content:"Host"; http_header; classtype:trojan-activity; sid:100001284; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.190.134.28"; content:"Host"; http_header; classtype:trojan-activity; sid:100001285; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.190.143.4"; content:"Host"; http_header; classtype:trojan-activity; sid:100001286; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.190.198.4"; content:"Host"; http_header; classtype:trojan-activity; sid:100001287; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.190.239.59"; content:"Host"; http_header; classtype:trojan-activity; sid:100001288; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.190.248.13"; content:"Host"; http_header; classtype:trojan-activity; sid:100001289; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.190.251.168"; content:"Host"; http_header; classtype:trojan-activity; sid:100001290; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.191.120.97"; content:"Host"; http_header; classtype:trojan-activity; sid:100001291; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.191.195.144"; content:"Host"; http_header; classtype:trojan-activity; sid:100001292; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.191.209.119"; content:"Host"; http_header; classtype:trojan-activity; sid:100001293; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.191.216.242"; content:"Host"; http_header; classtype:trojan-activity; sid:100001294; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.196.115.20"; content:"Host"; http_header; classtype:trojan-activity; sid:100001295; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.197.141.101"; content:"Host"; http_header; classtype:trojan-activity; sid:100001296; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.201.196.37"; content:"Host"; http_header; classtype:trojan-activity; sid:100001297; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.202.255.162"; content:"Host"; http_header; classtype:trojan-activity; sid:100001298; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.204.30.144"; content:"Host"; http_header; classtype:trojan-activity; sid:100001299; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.206.86.8"; content:"Host"; http_header; classtype:trojan-activity; sid:100001300; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.207.227.167"; content:"Host"; http_header; classtype:trojan-activity; sid:100001301; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.207.94.234"; content:"Host"; http_header; classtype:trojan-activity; sid:100001302; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.250.139.114"; content:"Host"; http_header; classtype:trojan-activity; sid:100001303; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.250.50.156"; content:"Host"; http_header; classtype:trojan-activity; sid:100001304; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.250.90.106"; content:"Host"; http_header; classtype:trojan-activity; sid:100001305; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.36.252.247"; content:"Host"; http_header; classtype:trojan-activity; sid:100001306; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.36.45.80"; content:"Host"; http_header; classtype:trojan-activity; sid:100001307; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.4.197.209"; content:"Host"; http_header; classtype:trojan-activity; sid:100001308; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.54.119.198"; content:"Host"; http_header; classtype:trojan-activity; sid:100001309; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.56.142.2"; content:"Host"; http_header; classtype:trojan-activity; sid:100001310; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.75.137.226"; content:"Host"; http_header; classtype:trojan-activity; sid:100001311; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.77.164.181"; content:"Host"; http_header; classtype:trojan-activity; sid:100001312; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.99.183.173"; content:"Host"; http_header; classtype:trojan-activity; sid:100001313; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.99.183.218"; content:"Host"; http_header; classtype:trojan-activity; sid:100001314; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.99.201.16"; content:"Host"; http_header; classtype:trojan-activity; sid:100001315; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.99.240.238"; content:"Host"; http_header; classtype:trojan-activity; sid:100001316; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.99.55.215"; content:"Host"; http_header; classtype:trojan-activity; sid:100001317; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"12.207.39.227"; content:"Host"; http_header; classtype:trojan-activity; sid:100001318; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"12.220.237.114"; content:"Host"; http_header; classtype:trojan-activity; sid:100001319; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.0.127.11"; content:"Host"; http_header; classtype:trojan-activity; sid:100001320; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.1.101.225"; content:"Host"; http_header; classtype:trojan-activity; sid:100001321; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.1.88.96"; content:"Host"; http_header; classtype:trojan-activity; sid:100001322; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.11.228.223"; content:"Host"; http_header; classtype:trojan-activity; sid:100001323; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.12.130.91"; content:"Host"; http_header; classtype:trojan-activity; sid:100001324; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.12.138.229"; content:"Host"; http_header; classtype:trojan-activity; sid:100001325; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.12.182.233"; content:"Host"; http_header; classtype:trojan-activity; sid:100001326; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.142.93.74"; content:"Host"; http_header; classtype:trojan-activity; sid:100001327; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.192.177.38"; content:"Host"; http_header; classtype:trojan-activity; sid:100001328; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.193.91.177"; content:"Host"; http_header; classtype:trojan-activity; sid:100001329; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.193.91.179"; content:"Host"; http_header; classtype:trojan-activity; sid:100001330; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.193.91.181"; content:"Host"; http_header; classtype:trojan-activity; sid:100001331; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.193.91.184"; content:"Host"; http_header; classtype:trojan-activity; sid:100001332; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.193.91.194"; content:"Host"; http_header; classtype:trojan-activity; sid:100001333; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.193.91.198"; content:"Host"; http_header; classtype:trojan-activity; sid:100001334; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.193.91.203"; content:"Host"; http_header; classtype:trojan-activity; sid:100001335; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.193.91.205"; content:"Host"; http_header; classtype:trojan-activity; sid:100001336; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.193.91.209"; content:"Host"; http_header; classtype:trojan-activity; sid:100001337; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.193.91.212"; content:"Host"; http_header; classtype:trojan-activity; sid:100001338; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.193.91.214"; content:"Host"; http_header; classtype:trojan-activity; sid:100001339; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.209.126.206"; content:"Host"; http_header; classtype:trojan-activity; sid:100001340; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.209.126.225"; content:"Host"; http_header; classtype:trojan-activity; sid:100001341; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.209.126.228"; content:"Host"; http_header; classtype:trojan-activity; sid:100001342; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.209.126.235"; content:"Host"; http_header; classtype:trojan-activity; sid:100001343; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.209.126.240"; content:"Host"; http_header; classtype:trojan-activity; sid:100001344; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.238.187.71"; content:"Host"; http_header; classtype:trojan-activity; sid:100001345; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.238.189.11"; content:"Host"; http_header; classtype:trojan-activity; sid:100001346; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.238.189.6"; content:"Host"; http_header; classtype:trojan-activity; sid:100001347; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.37.236.251"; content:"Host"; http_header; classtype:trojan-activity; sid:100001348; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.57.217.133"; content:"Host"; http_header; classtype:trojan-activity; sid:100001349; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.59.255.158"; content:"Host"; http_header; classtype:trojan-activity; sid:100001350; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.6.157.180"; content:"Host"; http_header; classtype:trojan-activity; sid:100001351; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.6.234.214"; content:"Host"; http_header; classtype:trojan-activity; sid:100001352; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.7.107.187"; content:"Host"; http_header; classtype:trojan-activity; sid:100001353; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.7.145.128"; content:"Host"; http_header; classtype:trojan-activity; sid:100001354; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.7.153.227"; content:"Host"; http_header; classtype:trojan-activity; sid:100001355; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.84.105.53"; content:"Host"; http_header; classtype:trojan-activity; sid:100001356; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.84.111.143"; content:"Host"; http_header; classtype:trojan-activity; sid:100001357; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.84.117.229"; content:"Host"; http_header; classtype:trojan-activity; sid:100001358; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.84.228.135"; content:"Host"; http_header; classtype:trojan-activity; sid:100001359; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.84.228.76"; content:"Host"; http_header; classtype:trojan-activity; sid:100001360; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.84.230.231"; content:"Host"; http_header; classtype:trojan-activity; sid:100001361; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.84.231.14"; content:"Host"; http_header; classtype:trojan-activity; sid:100001362; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.84.231.50"; content:"Host"; http_header; classtype:trojan-activity; sid:100001363; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.85.165.15"; content:"Host"; http_header; classtype:trojan-activity; sid:100001364; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.85.166.246"; content:"Host"; http_header; classtype:trojan-activity; sid:100001365; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.85.167.57"; content:"Host"; http_header; classtype:trojan-activity; sid:100001366; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.85.168.15"; content:"Host"; http_header; classtype:trojan-activity; sid:100001367; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.85.168.151"; content:"Host"; http_header; classtype:trojan-activity; sid:100001368; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.85.168.193"; content:"Host"; http_header; classtype:trojan-activity; sid:100001369; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.85.168.231"; content:"Host"; http_header; classtype:trojan-activity; sid:100001370; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.85.170.234"; content:"Host"; http_header; classtype:trojan-activity; sid:100001371; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.85.171.200"; content:"Host"; http_header; classtype:trojan-activity; sid:100001372; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.85.172.179"; content:"Host"; http_header; classtype:trojan-activity; sid:100001373; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.85.172.247"; content:"Host"; http_header; classtype:trojan-activity; sid:100001374; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.85.172.72"; content:"Host"; http_header; classtype:trojan-activity; sid:100001375; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.85.174.25"; content:"Host"; http_header; classtype:trojan-activity; sid:100001376; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.85.174.53"; content:"Host"; http_header; classtype:trojan-activity; sid:100001377; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.85.175.234"; content:"Host"; http_header; classtype:trojan-activity; sid:100001378; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.85.210.223"; content:"Host"; http_header; classtype:trojan-activity; sid:100001379; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.85.239.31"; content:"Host"; http_header; classtype:trojan-activity; sid:100001380; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.86.144.25"; content:"Host"; http_header; classtype:trojan-activity; sid:100001381; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.86.146.103"; content:"Host"; http_header; classtype:trojan-activity; sid:100001382; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.86.248.188"; content:"Host"; http_header; classtype:trojan-activity; sid:100001383; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.86.251.98"; content:"Host"; http_header; classtype:trojan-activity; sid:100001384; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.87.32.77"; content:"Host"; http_header; classtype:trojan-activity; sid:100001385; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.87.33.142"; content:"Host"; http_header; classtype:trojan-activity; sid:100001386; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.9.136.166"; content:"Host"; http_header; classtype:trojan-activity; sid:100001387; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.9.34.170"; content:"Host"; http_header; classtype:trojan-activity; sid:100001388; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"121.121.113.144"; content:"Host"; http_header; classtype:trojan-activity; sid:100001389; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"121.121.76.99"; content:"Host"; http_header; classtype:trojan-activity; sid:100001390; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"121.128.103.44"; content:"Host"; http_header; classtype:trojan-activity; sid:100001391; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"121.129.5.221"; content:"Host"; http_header; classtype:trojan-activity; sid:100001392; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"121.138.193.41"; content:"Host"; http_header; classtype:trojan-activity; sid:100001393; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"121.141.11.56"; content:"Host"; http_header; classtype:trojan-activity; sid:100001394; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"121.146.19.128"; content:"Host"; http_header; classtype:trojan-activity; sid:100001395; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"121.147.178.116"; content:"Host"; http_header; classtype:trojan-activity; sid:100001396; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"121.148.94.142"; content:"Host"; http_header; classtype:trojan-activity; sid:100001397; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"121.154.226.39"; content:"Host"; http_header; classtype:trojan-activity; sid:100001398; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"121.154.85.239"; content:"Host"; http_header; classtype:trojan-activity; sid:100001399; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"121.158.219.89"; content:"Host"; http_header; classtype:trojan-activity; sid:100001400; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"121.159.241.80"; content:"Host"; http_header; classtype:trojan-activity; sid:100001401; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"121.169.103.66"; content:"Host"; http_header; classtype:trojan-activity; sid:100001402; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"121.170.8.146"; content:"Host"; http_header; classtype:trojan-activity; sid:100001403; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"121.177.219.59"; content:"Host"; http_header; classtype:trojan-activity; sid:100001404; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"121.178.107.199"; content:"Host"; http_header; classtype:trojan-activity; sid:100001405; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"121.179.124.109"; content:"Host"; http_header; classtype:trojan-activity; sid:100001406; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"121.179.60.188"; content:"Host"; http_header; classtype:trojan-activity; sid:100001407; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"121.182.196.147"; content:"Host"; http_header; classtype:trojan-activity; sid:100001408; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"121.183.115.154"; content:"Host"; http_header; classtype:trojan-activity; sid:100001409; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"121.183.96.184"; content:"Host"; http_header; classtype:trojan-activity; sid:100001410; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"121.186.60.63"; content:"Host"; http_header; classtype:trojan-activity; sid:100001411; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"121.20.246.36"; content:"Host"; http_header; classtype:trojan-activity; sid:100001412; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"121.205.231.228"; content:"Host"; http_header; classtype:trojan-activity; sid:100001413; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"121.21.89.22"; content:"Host"; http_header; classtype:trojan-activity; sid:100001414; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"121.226.114.41"; content:"Host"; http_header; classtype:trojan-activity; sid:100001415; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"121.226.124.112"; content:"Host"; http_header; classtype:trojan-activity; sid:100001416; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"121.226.190.145"; content:"Host"; http_header; classtype:trojan-activity; sid:100001417; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"121.226.190.17"; content:"Host"; http_header; classtype:trojan-activity; sid:100001418; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"121.226.210.104"; content:"Host"; http_header; classtype:trojan-activity; sid:100001419; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"121.226.210.49"; content:"Host"; http_header; classtype:trojan-activity; sid:100001420; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"121.226.211.172"; content:"Host"; http_header; classtype:trojan-activity; sid:100001421; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"121.226.211.185"; content:"Host"; http_header; classtype:trojan-activity; sid:100001422; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"121.226.224.158"; content:"Host"; http_header; classtype:trojan-activity; sid:100001423; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"121.226.226.75"; content:"Host"; http_header; classtype:trojan-activity; sid:100001424; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"121.226.253.175"; content:"Host"; http_header; classtype:trojan-activity; sid:100001425; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"121.226.253.23"; content:"Host"; http_header; classtype:trojan-activity; sid:100001426; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"121.231.118.52"; content:"Host"; http_header; classtype:trojan-activity; sid:100001427; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"121.231.128.174"; content:"Host"; http_header; classtype:trojan-activity; sid:100001428; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"121.231.130.196"; content:"Host"; http_header; classtype:trojan-activity; sid:100001429; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"121.231.148.23"; content:"Host"; http_header; classtype:trojan-activity; sid:100001430; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"121.231.148.244"; content:"Host"; http_header; classtype:trojan-activity; sid:100001431; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"121.231.16.107"; content:"Host"; http_header; classtype:trojan-activity; sid:100001432; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"121.231.176.40"; content:"Host"; http_header; classtype:trojan-activity; sid:100001433; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"121.231.99.46"; content:"Host"; http_header; classtype:trojan-activity; sid:100001434; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"121.233.59.111"; content:"Host"; http_header; classtype:trojan-activity; sid:100001435; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"121.233.87.203"; content:"Host"; http_header; classtype:trojan-activity; sid:100001436; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"121.234.175.210"; content:"Host"; http_header; classtype:trojan-activity; sid:100001437; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"121.234.190.128"; content:"Host"; http_header; classtype:trojan-activity; sid:100001438; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"121.234.190.17"; content:"Host"; http_header; classtype:trojan-activity; sid:100001439; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"121.234.201.240"; content:"Host"; http_header; classtype:trojan-activity; sid:100001440; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"121.234.224.28"; content:"Host"; http_header; classtype:trojan-activity; sid:100001441; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"121.234.245.212"; content:"Host"; http_header; classtype:trojan-activity; sid:100001442; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"121.234.86.14"; content:"Host"; http_header; classtype:trojan-activity; sid:100001443; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"121.25.108.229"; content:"Host"; http_header; classtype:trojan-activity; sid:100001444; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"121.25.120.106"; content:"Host"; http_header; classtype:trojan-activity; sid:100001445; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"121.25.201.245"; content:"Host"; http_header; classtype:trojan-activity; sid:100001446; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"121.254.76.17"; content:"Host"; http_header; classtype:trojan-activity; sid:100001447; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"121.61.100.103"; content:"Host"; http_header; classtype:trojan-activity; sid:100001448; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"121.61.29.130"; content:"Host"; http_header; classtype:trojan-activity; sid:100001449; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"121.61.41.234"; content:"Host"; http_header; classtype:trojan-activity; sid:100001450; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"121.61.68.144"; content:"Host"; http_header; classtype:trojan-activity; sid:100001451; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"121.61.98.129"; content:"Host"; http_header; classtype:trojan-activity; sid:100001452; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"121.61.98.22"; content:"Host"; http_header; classtype:trojan-activity; sid:100001453; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"121.62.195.11"; content:"Host"; http_header; classtype:trojan-activity; sid:100001454; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"121.67.99.220"; content:"Host"; http_header; classtype:trojan-activity; sid:100001455; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"121.8.107.214"; content:"Host"; http_header; classtype:trojan-activity; sid:100001456; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"122.100.105.199"; content:"Host"; http_header; classtype:trojan-activity; sid:100001457; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"122.100.64.223"; content:"Host"; http_header; classtype:trojan-activity; sid:100001458; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"122.138.130.164"; content:"Host"; http_header; classtype:trojan-activity; sid:100001459; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"122.142.203.91"; content:"Host"; http_header; classtype:trojan-activity; sid:100001460; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"122.147.25.229"; content:"Host"; http_header; classtype:trojan-activity; sid:100001461; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"122.15.40.170"; content:"Host"; http_header; classtype:trojan-activity; sid:100001462; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"122.157.78.175"; content:"Host"; http_header; classtype:trojan-activity; sid:100001463; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"122.160.10.209"; content:"Host"; http_header; classtype:trojan-activity; sid:100001464; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"122.160.147.53"; content:"Host"; http_header; classtype:trojan-activity; sid:100001465; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"122.165.33.131"; content:"Host"; http_header; classtype:trojan-activity; sid:100001466; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"122.177.164.86"; content:"Host"; http_header; classtype:trojan-activity; sid:100001467; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"122.188.128.22"; content:"Host"; http_header; classtype:trojan-activity; sid:100001468; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"122.188.147.241"; content:"Host"; http_header; classtype:trojan-activity; sid:100001469; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"122.191.191.31"; content:"Host"; http_header; classtype:trojan-activity; sid:100001470; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"122.191.26.223"; content:"Host"; http_header; classtype:trojan-activity; sid:100001471; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"122.191.30.253"; content:"Host"; http_header; classtype:trojan-activity; sid:100001472; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"122.192.183.243"; content:"Host"; http_header; classtype:trojan-activity; sid:100001473; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"122.192.194.25"; content:"Host"; http_header; classtype:trojan-activity; sid:100001474; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"122.193.124.115"; content:"Host"; http_header; classtype:trojan-activity; sid:100001475; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"122.194.51.141"; content:"Host"; http_header; classtype:trojan-activity; sid:100001476; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"122.194.51.241"; content:"Host"; http_header; classtype:trojan-activity; sid:100001477; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"122.194.75.139"; content:"Host"; http_header; classtype:trojan-activity; sid:100001478; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"122.232.250.9"; content:"Host"; http_header; classtype:trojan-activity; sid:100001479; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"122.236.195.226"; content:"Host"; http_header; classtype:trojan-activity; sid:100001480; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"122.241.245.208"; content:"Host"; http_header; classtype:trojan-activity; sid:100001481; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"122.254.28.2"; content:"Host"; http_header; classtype:trojan-activity; sid:100001482; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"122.6.254.201"; content:"Host"; http_header; classtype:trojan-activity; sid:100001483; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"122.96.77.4"; content:"Host"; http_header; classtype:trojan-activity; sid:100001484; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.0.193.181"; content:"Host"; http_header; classtype:trojan-activity; sid:100001485; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.0.240.58"; content:"Host"; http_header; classtype:trojan-activity; sid:100001486; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.0.243.169"; content:"Host"; http_header; classtype:trojan-activity; sid:100001487; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.10.11.242"; content:"Host"; http_header; classtype:trojan-activity; sid:100001488; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.10.139.210"; content:"Host"; http_header; classtype:trojan-activity; sid:100001489; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.10.144.58"; content:"Host"; http_header; classtype:trojan-activity; sid:100001490; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.10.199.106"; content:"Host"; http_header; classtype:trojan-activity; sid:100001491; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.109.250.53"; content:"Host"; http_header; classtype:trojan-activity; sid:100001492; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.11.152.93"; content:"Host"; http_header; classtype:trojan-activity; sid:100001493; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.11.169.165"; content:"Host"; http_header; classtype:trojan-activity; sid:100001494; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.11.170.246"; content:"Host"; http_header; classtype:trojan-activity; sid:100001495; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.11.241.24"; content:"Host"; http_header; classtype:trojan-activity; sid:100001496; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.11.37.49"; content:"Host"; http_header; classtype:trojan-activity; sid:100001497; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.11.69.12"; content:"Host"; http_header; classtype:trojan-activity; sid:100001498; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.11.7.211"; content:"Host"; http_header; classtype:trojan-activity; sid:100001499; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.11.76.22"; content:"Host"; http_header; classtype:trojan-activity; sid:100001500; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.110.100.199"; content:"Host"; http_header; classtype:trojan-activity; sid:100001501; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.110.116.52"; content:"Host"; http_header; classtype:trojan-activity; sid:100001502; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.110.124.238"; content:"Host"; http_header; classtype:trojan-activity; sid:100001503; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.110.124.244"; content:"Host"; http_header; classtype:trojan-activity; sid:100001504; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.110.155.10"; content:"Host"; http_header; classtype:trojan-activity; sid:100001505; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.110.170.237"; content:"Host"; http_header; classtype:trojan-activity; sid:100001506; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.110.176.246"; content:"Host"; http_header; classtype:trojan-activity; sid:100001507; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.110.182.187"; content:"Host"; http_header; classtype:trojan-activity; sid:100001508; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.110.19.248"; content:"Host"; http_header; classtype:trojan-activity; sid:100001509; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.110.192.92"; content:"Host"; http_header; classtype:trojan-activity; sid:100001510; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.110.195.93"; content:"Host"; http_header; classtype:trojan-activity; sid:100001511; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.110.200.98"; content:"Host"; http_header; classtype:trojan-activity; sid:100001512; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.116.12.186"; content:"Host"; http_header; classtype:trojan-activity; sid:100001513; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.116.185.171"; content:"Host"; http_header; classtype:trojan-activity; sid:100001514; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.12.115.167"; content:"Host"; http_header; classtype:trojan-activity; sid:100001515; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.12.235.11"; content:"Host"; http_header; classtype:trojan-activity; sid:100001516; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.12.33.210"; content:"Host"; http_header; classtype:trojan-activity; sid:100001517; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.128.127.157"; content:"Host"; http_header; classtype:trojan-activity; sid:100001518; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.128.131.199"; content:"Host"; http_header; classtype:trojan-activity; sid:100001519; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.128.177.143"; content:"Host"; http_header; classtype:trojan-activity; sid:100001520; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.128.19.224"; content:"Host"; http_header; classtype:trojan-activity; sid:100001521; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.128.59.54"; content:"Host"; http_header; classtype:trojan-activity; sid:100001522; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.128.64.181"; content:"Host"; http_header; classtype:trojan-activity; sid:100001523; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.129.108.22"; content:"Host"; http_header; classtype:trojan-activity; sid:100001524; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.129.130.165"; content:"Host"; http_header; classtype:trojan-activity; sid:100001525; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.129.130.70"; content:"Host"; http_header; classtype:trojan-activity; sid:100001526; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.129.130.83"; content:"Host"; http_header; classtype:trojan-activity; sid:100001527; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.129.131.140"; content:"Host"; http_header; classtype:trojan-activity; sid:100001528; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.129.131.95"; content:"Host"; http_header; classtype:trojan-activity; sid:100001529; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.129.132.69"; content:"Host"; http_header; classtype:trojan-activity; sid:100001530; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.129.134.104"; content:"Host"; http_header; classtype:trojan-activity; sid:100001531; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.129.134.69"; content:"Host"; http_header; classtype:trojan-activity; sid:100001532; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.129.135.201"; content:"Host"; http_header; classtype:trojan-activity; sid:100001533; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.129.135.250"; content:"Host"; http_header; classtype:trojan-activity; sid:100001534; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.129.153.60"; content:"Host"; http_header; classtype:trojan-activity; sid:100001535; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.129.16.187"; content:"Host"; http_header; classtype:trojan-activity; sid:100001536; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.129.4.219"; content:"Host"; http_header; classtype:trojan-activity; sid:100001537; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.129.82.23"; content:"Host"; http_header; classtype:trojan-activity; sid:100001538; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.13.151.152"; content:"Host"; http_header; classtype:trojan-activity; sid:100001539; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.13.166.112"; content:"Host"; http_header; classtype:trojan-activity; sid:100001540; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.13.21.31"; content:"Host"; http_header; classtype:trojan-activity; sid:100001541; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.13.29.177"; content:"Host"; http_header; classtype:trojan-activity; sid:100001542; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.13.55.238"; content:"Host"; http_header; classtype:trojan-activity; sid:100001543; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.130.134.220"; content:"Host"; http_header; classtype:trojan-activity; sid:100001544; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.130.147.10"; content:"Host"; http_header; classtype:trojan-activity; sid:100001545; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.130.148.40"; content:"Host"; http_header; classtype:trojan-activity; sid:100001546; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.130.164.136"; content:"Host"; http_header; classtype:trojan-activity; sid:100001547; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.130.167.75"; content:"Host"; http_header; classtype:trojan-activity; sid:100001548; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.130.187.161"; content:"Host"; http_header; classtype:trojan-activity; sid:100001549; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.130.187.201"; content:"Host"; http_header; classtype:trojan-activity; sid:100001550; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.130.238.178"; content:"Host"; http_header; classtype:trojan-activity; sid:100001551; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.131.176.153"; content:"Host"; http_header; classtype:trojan-activity; sid:100001552; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.132.26.183"; content:"Host"; http_header; classtype:trojan-activity; sid:100001553; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.135.156.244"; content:"Host"; http_header; classtype:trojan-activity; sid:100001554; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.135.237.135"; content:"Host"; http_header; classtype:trojan-activity; sid:100001555; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.139.36.242"; content:"Host"; http_header; classtype:trojan-activity; sid:100001556; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.139.45.76"; content:"Host"; http_header; classtype:trojan-activity; sid:100001557; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.14.187.15"; content:"Host"; http_header; classtype:trojan-activity; sid:100001558; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.14.195.222"; content:"Host"; http_header; classtype:trojan-activity; sid:100001559; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.14.214.195"; content:"Host"; http_header; classtype:trojan-activity; sid:100001560; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.14.36.84"; content:"Host"; http_header; classtype:trojan-activity; sid:100001561; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.14.80.45"; content:"Host"; http_header; classtype:trojan-activity; sid:100001562; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.14.89.79"; content:"Host"; http_header; classtype:trojan-activity; sid:100001563; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.14.93.147"; content:"Host"; http_header; classtype:trojan-activity; sid:100001564; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.14.94.120"; content:"Host"; http_header; classtype:trojan-activity; sid:100001565; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.154.29.71"; content:"Host"; http_header; classtype:trojan-activity; sid:100001566; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.158.235.241"; content:"Host"; http_header; classtype:trojan-activity; sid:100001567; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.159.125.46"; content:"Host"; http_header; classtype:trojan-activity; sid:100001568; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.159.167.71"; content:"Host"; http_header; classtype:trojan-activity; sid:100001569; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.16.2.190"; content:"Host"; http_header; classtype:trojan-activity; sid:100001570; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.17.231.240"; content:"Host"; http_header; classtype:trojan-activity; sid:100001571; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.180.180.6"; content:"Host"; http_header; classtype:trojan-activity; sid:100001572; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.183.18.12"; content:"Host"; http_header; classtype:trojan-activity; sid:100001573; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.188.255.7"; content:"Host"; http_header; classtype:trojan-activity; sid:100001574; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.188.66.170"; content:"Host"; http_header; classtype:trojan-activity; sid:100001575; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.191.137.90"; content:"Host"; http_header; classtype:trojan-activity; sid:100001576; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.192.253.100"; content:"Host"; http_header; classtype:trojan-activity; sid:100001577; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.193.224.18"; content:"Host"; http_header; classtype:trojan-activity; sid:100001578; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.193.226.2"; content:"Host"; http_header; classtype:trojan-activity; sid:100001579; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.193.229.118"; content:"Host"; http_header; classtype:trojan-activity; sid:100001580; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.193.24.121"; content:"Host"; http_header; classtype:trojan-activity; sid:100001581; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.193.53.237"; content:"Host"; http_header; classtype:trojan-activity; sid:100001582; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.194.235.37"; content:"Host"; http_header; classtype:trojan-activity; sid:100001583; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.194.32.140"; content:"Host"; http_header; classtype:trojan-activity; sid:100001584; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.194.32.157"; content:"Host"; http_header; classtype:trojan-activity; sid:100001585; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.194.35.146"; content:"Host"; http_header; classtype:trojan-activity; sid:100001586; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.194.60.238"; content:"Host"; http_header; classtype:trojan-activity; sid:100001587; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.194.80.69"; content:"Host"; http_header; classtype:trojan-activity; sid:100001588; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.194.80.71"; content:"Host"; http_header; classtype:trojan-activity; sid:100001589; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.195.107.73"; content:"Host"; http_header; classtype:trojan-activity; sid:100001590; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.195.134.42"; content:"Host"; http_header; classtype:trojan-activity; sid:100001591; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.195.184.191"; content:"Host"; http_header; classtype:trojan-activity; sid:100001592; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.195.197.185"; content:"Host"; http_header; classtype:trojan-activity; sid:100001593; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.195.60.199"; content:"Host"; http_header; classtype:trojan-activity; sid:100001594; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.195.84.170"; content:"Host"; http_header; classtype:trojan-activity; sid:100001595; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.195.87.10"; content:"Host"; http_header; classtype:trojan-activity; sid:100001596; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.195.87.198"; content:"Host"; http_header; classtype:trojan-activity; sid:100001597; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.204.88.10"; content:"Host"; http_header; classtype:trojan-activity; sid:100001598; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.204.89.138"; content:"Host"; http_header; classtype:trojan-activity; sid:100001599; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.233.110.200"; content:"Host"; http_header; classtype:trojan-activity; sid:100001600; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.234.240.184"; content:"Host"; http_header; classtype:trojan-activity; sid:100001601; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.234.55.14"; content:"Host"; http_header; classtype:trojan-activity; sid:100001602; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.235.110.219"; content:"Host"; http_header; classtype:trojan-activity; sid:100001603; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.235.15.36"; content:"Host"; http_header; classtype:trojan-activity; sid:100001604; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.235.176.173"; content:"Host"; http_header; classtype:trojan-activity; sid:100001605; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.235.21.97"; content:"Host"; http_header; classtype:trojan-activity; sid:100001606; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.240.103.89"; content:"Host"; http_header; classtype:trojan-activity; sid:100001607; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.240.143.236"; content:"Host"; http_header; classtype:trojan-activity; sid:100001608; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.240.181.57"; content:"Host"; http_header; classtype:trojan-activity; sid:100001609; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.240.20.187"; content:"Host"; http_header; classtype:trojan-activity; sid:100001610; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.240.23.243"; content:"Host"; http_header; classtype:trojan-activity; sid:100001611; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.240.36.247"; content:"Host"; http_header; classtype:trojan-activity; sid:100001612; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.240.47.251"; content:"Host"; http_header; classtype:trojan-activity; sid:100001613; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.240.72.181"; content:"Host"; http_header; classtype:trojan-activity; sid:100001614; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.240.79.54"; content:"Host"; http_header; classtype:trojan-activity; sid:100001615; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.240.79.61"; content:"Host"; http_header; classtype:trojan-activity; sid:100001616; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.241.11.41"; content:"Host"; http_header; classtype:trojan-activity; sid:100001617; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.241.123.185"; content:"Host"; http_header; classtype:trojan-activity; sid:100001618; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.241.127.181"; content:"Host"; http_header; classtype:trojan-activity; sid:100001619; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.241.148.58"; content:"Host"; http_header; classtype:trojan-activity; sid:100001620; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.241.184.124"; content:"Host"; http_header; classtype:trojan-activity; sid:100001621; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.241.185.249"; content:"Host"; http_header; classtype:trojan-activity; sid:100001622; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.241.60.240"; content:"Host"; http_header; classtype:trojan-activity; sid:100001623; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.4.146.7"; content:"Host"; http_header; classtype:trojan-activity; sid:100001624; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.4.148.142"; content:"Host"; http_header; classtype:trojan-activity; sid:100001625; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.4.199.72"; content:"Host"; http_header; classtype:trojan-activity; sid:100001626; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.4.213.87"; content:"Host"; http_header; classtype:trojan-activity; sid:100001627; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.4.214.215"; content:"Host"; http_header; classtype:trojan-activity; sid:100001628; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.4.216.205"; content:"Host"; http_header; classtype:trojan-activity; sid:100001629; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.4.218.84"; content:"Host"; http_header; classtype:trojan-activity; sid:100001630; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.4.222.3"; content:"Host"; http_header; classtype:trojan-activity; sid:100001631; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.4.246.7"; content:"Host"; http_header; classtype:trojan-activity; sid:100001632; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.4.251.188"; content:"Host"; http_header; classtype:trojan-activity; sid:100001633; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.4.252.80"; content:"Host"; http_header; classtype:trojan-activity; sid:100001634; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.4.66.105"; content:"Host"; http_header; classtype:trojan-activity; sid:100001635; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.4.73.132"; content:"Host"; http_header; classtype:trojan-activity; sid:100001636; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.4.84.212"; content:"Host"; http_header; classtype:trojan-activity; sid:100001637; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.4.85.234"; content:"Host"; http_header; classtype:trojan-activity; sid:100001638; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.5.10.87"; content:"Host"; http_header; classtype:trojan-activity; sid:100001639; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.5.120.17"; content:"Host"; http_header; classtype:trojan-activity; sid:100001640; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.5.126.247"; content:"Host"; http_header; classtype:trojan-activity; sid:100001641; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.5.141.203"; content:"Host"; http_header; classtype:trojan-activity; sid:100001642; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.5.177.21"; content:"Host"; http_header; classtype:trojan-activity; sid:100001643; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.5.18.100"; content:"Host"; http_header; classtype:trojan-activity; sid:100001644; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.5.186.108"; content:"Host"; http_header; classtype:trojan-activity; sid:100001645; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.5.22.216"; content:"Host"; http_header; classtype:trojan-activity; sid:100001646; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.7.43.89"; content:"Host"; http_header; classtype:trojan-activity; sid:100001647; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.8.139.14"; content:"Host"; http_header; classtype:trojan-activity; sid:100001648; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.8.14.58"; content:"Host"; http_header; classtype:trojan-activity; sid:100001649; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.8.216.118"; content:"Host"; http_header; classtype:trojan-activity; sid:100001650; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.8.243.193"; content:"Host"; http_header; classtype:trojan-activity; sid:100001651; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.8.3.68"; content:"Host"; http_header; classtype:trojan-activity; sid:100001652; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.8.30.27"; content:"Host"; http_header; classtype:trojan-activity; sid:100001653; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.8.89.110"; content:"Host"; http_header; classtype:trojan-activity; sid:100001654; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.8.89.135"; content:"Host"; http_header; classtype:trojan-activity; sid:100001655; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.8.9.132"; content:"Host"; http_header; classtype:trojan-activity; sid:100001656; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.9.194.129"; content:"Host"; http_header; classtype:trojan-activity; sid:100001657; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.9.233.230"; content:"Host"; http_header; classtype:trojan-activity; sid:100001658; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.9.253.168"; content:"Host"; http_header; classtype:trojan-activity; sid:100001659; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.9.61.22"; content:"Host"; http_header; classtype:trojan-activity; sid:100001660; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"124.105.105.222"; content:"Host"; http_header; classtype:trojan-activity; sid:100001661; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"124.120.52.134"; content:"Host"; http_header; classtype:trojan-activity; sid:100001662; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"124.130.22.97"; content:"Host"; http_header; classtype:trojan-activity; sid:100001663; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"124.131.106.190"; content:"Host"; http_header; classtype:trojan-activity; sid:100001664; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"124.131.141.195"; content:"Host"; http_header; classtype:trojan-activity; sid:100001665; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"124.131.144.174"; content:"Host"; http_header; classtype:trojan-activity; sid:100001666; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"124.131.144.60"; content:"Host"; http_header; classtype:trojan-activity; sid:100001667; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"124.131.147.150"; content:"Host"; http_header; classtype:trojan-activity; sid:100001668; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"124.131.150.84"; content:"Host"; http_header; classtype:trojan-activity; sid:100001669; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"124.131.153.235"; content:"Host"; http_header; classtype:trojan-activity; sid:100001670; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"124.131.181.198"; content:"Host"; http_header; classtype:trojan-activity; sid:100001671; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"124.131.41.197"; content:"Host"; http_header; classtype:trojan-activity; sid:100001672; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"124.131.42.13"; content:"Host"; http_header; classtype:trojan-activity; sid:100001673; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"124.131.6.142"; content:"Host"; http_header; classtype:trojan-activity; sid:100001674; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"124.131.66.219"; content:"Host"; http_header; classtype:trojan-activity; sid:100001675; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"124.131.96.57"; content:"Host"; http_header; classtype:trojan-activity; sid:100001676; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"124.132.3.214"; content:"Host"; http_header; classtype:trojan-activity; sid:100001677; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"124.132.77.95"; content:"Host"; http_header; classtype:trojan-activity; sid:100001678; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"124.132.88.86"; content:"Host"; http_header; classtype:trojan-activity; sid:100001679; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"124.133.147.179"; content:"Host"; http_header; classtype:trojan-activity; sid:100001680; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"124.133.173.11"; content:"Host"; http_header; classtype:trojan-activity; sid:100001681; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"124.153.136.175"; content:"Host"; http_header; classtype:trojan-activity; sid:100001682; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"124.153.236.6"; content:"Host"; http_header; classtype:trojan-activity; sid:100001683; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"124.160.126.238"; content:"Host"; http_header; classtype:trojan-activity; sid:100001684; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"124.163.128.3"; content:"Host"; http_header; classtype:trojan-activity; sid:100001685; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"124.163.80.183"; content:"Host"; http_header; classtype:trojan-activity; sid:100001686; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"124.163.85.191"; content:"Host"; http_header; classtype:trojan-activity; sid:100001687; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"124.163.88.93"; content:"Host"; http_header; classtype:trojan-activity; sid:100001688; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"124.165.140.229"; content:"Host"; http_header; classtype:trojan-activity; sid:100001689; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"124.218.130.57"; content:"Host"; http_header; classtype:trojan-activity; sid:100001690; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"124.228.109.58"; content:"Host"; http_header; classtype:trojan-activity; sid:100001691; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"124.228.202.191"; content:"Host"; http_header; classtype:trojan-activity; sid:100001692; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"124.230.172.63"; content:"Host"; http_header; classtype:trojan-activity; sid:100001693; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"124.32.68.43"; content:"Host"; http_header; classtype:trojan-activity; sid:100001694; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"124.44.91.1"; content:"Host"; http_header; classtype:trojan-activity; sid:100001695; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"124.6.14.122"; content:"Host"; http_header; classtype:trojan-activity; sid:100001696; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"124.66.10.239"; content:"Host"; http_header; classtype:trojan-activity; sid:100001697; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"124.66.70.107"; content:"Host"; http_header; classtype:trojan-activity; sid:100001698; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"124.89.223.96"; content:"Host"; http_header; classtype:trojan-activity; sid:100001699; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"124.91.187.75"; content:"Host"; http_header; classtype:trojan-activity; sid:100001700; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"124.91.227.2"; content:"Host"; http_header; classtype:trojan-activity; sid:100001701; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"124.91.236.255"; content:"Host"; http_header; classtype:trojan-activity; sid:100001702; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"124.91.4.170"; content:"Host"; http_header; classtype:trojan-activity; sid:100001703; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.104.108.249"; content:"Host"; http_header; classtype:trojan-activity; sid:100001704; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.105.149.28"; content:"Host"; http_header; classtype:trojan-activity; sid:100001705; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.105.79.130"; content:"Host"; http_header; classtype:trojan-activity; sid:100001706; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.106.109.132"; content:"Host"; http_header; classtype:trojan-activity; sid:100001707; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.106.145.157"; content:"Host"; http_header; classtype:trojan-activity; sid:100001708; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.106.178.210"; content:"Host"; http_header; classtype:trojan-activity; sid:100001709; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.106.221.103"; content:"Host"; http_header; classtype:trojan-activity; sid:100001710; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.111.16.245"; content:"Host"; http_header; classtype:trojan-activity; sid:100001711; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.125.199.49"; content:"Host"; http_header; classtype:trojan-activity; sid:100001712; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.133.201.225"; content:"Host"; http_header; classtype:trojan-activity; sid:100001713; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.135.124.62"; content:"Host"; http_header; classtype:trojan-activity; sid:100001714; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.138.113.137"; content:"Host"; http_header; classtype:trojan-activity; sid:100001715; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.138.58.177"; content:"Host"; http_header; classtype:trojan-activity; sid:100001716; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.139.76.85"; content:"Host"; http_header; classtype:trojan-activity; sid:100001717; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.139.81.178"; content:"Host"; http_header; classtype:trojan-activity; sid:100001718; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.140.189.95"; content:"Host"; http_header; classtype:trojan-activity; sid:100001719; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.168.248.100"; content:"Host"; http_header; classtype:trojan-activity; sid:100001720; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.180.158.50"; content:"Host"; http_header; classtype:trojan-activity; sid:100001721; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.25.183.64"; content:"Host"; http_header; classtype:trojan-activity; sid:100001722; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.40.114.3"; content:"Host"; http_header; classtype:trojan-activity; sid:100001723; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.40.115.1"; content:"Host"; http_header; classtype:trojan-activity; sid:100001724; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.40.121.155"; content:"Host"; http_header; classtype:trojan-activity; sid:100001725; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.40.153.131"; content:"Host"; http_header; classtype:trojan-activity; sid:100001726; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.40.162.13"; content:"Host"; http_header; classtype:trojan-activity; sid:100001727; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.40.18.137"; content:"Host"; http_header; classtype:trojan-activity; sid:100001728; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.40.226.40"; content:"Host"; http_header; classtype:trojan-activity; sid:100001729; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.40.33.204"; content:"Host"; http_header; classtype:trojan-activity; sid:100001730; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.40.72.128"; content:"Host"; http_header; classtype:trojan-activity; sid:100001731; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.40.73.195"; content:"Host"; http_header; classtype:trojan-activity; sid:100001732; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.40.74.190"; content:"Host"; http_header; classtype:trojan-activity; sid:100001733; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.40.75.0"; content:"Host"; http_header; classtype:trojan-activity; sid:100001734; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.41.102.132"; content:"Host"; http_header; classtype:trojan-activity; sid:100001735; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.41.102.162"; content:"Host"; http_header; classtype:trojan-activity; sid:100001736; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.41.13.246"; content:"Host"; http_header; classtype:trojan-activity; sid:100001737; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.41.138.96"; content:"Host"; http_header; classtype:trojan-activity; sid:100001738; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.41.14.53"; content:"Host"; http_header; classtype:trojan-activity; sid:100001739; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.41.188.222"; content:"Host"; http_header; classtype:trojan-activity; sid:100001740; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.41.196.124"; content:"Host"; http_header; classtype:trojan-activity; sid:100001741; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.41.224.13"; content:"Host"; http_header; classtype:trojan-activity; sid:100001742; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.41.245.171"; content:"Host"; http_header; classtype:trojan-activity; sid:100001743; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.41.76.96"; content:"Host"; http_header; classtype:trojan-activity; sid:100001744; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.41.8.39"; content:"Host"; http_header; classtype:trojan-activity; sid:100001745; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.41.9.213"; content:"Host"; http_header; classtype:trojan-activity; sid:100001746; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.41.96.17"; content:"Host"; http_header; classtype:trojan-activity; sid:100001747; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.41.96.197"; content:"Host"; http_header; classtype:trojan-activity; sid:100001748; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.41.97.131"; content:"Host"; http_header; classtype:trojan-activity; sid:100001749; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.42.122.223"; content:"Host"; http_header; classtype:trojan-activity; sid:100001750; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.42.124.136"; content:"Host"; http_header; classtype:trojan-activity; sid:100001751; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.42.126.219"; content:"Host"; http_header; classtype:trojan-activity; sid:100001752; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.42.198.118"; content:"Host"; http_header; classtype:trojan-activity; sid:100001753; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.42.200.34"; content:"Host"; http_header; classtype:trojan-activity; sid:100001754; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.42.200.89"; content:"Host"; http_header; classtype:trojan-activity; sid:100001755; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.42.228.28"; content:"Host"; http_header; classtype:trojan-activity; sid:100001756; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.42.96.24"; content:"Host"; http_header; classtype:trojan-activity; sid:100001757; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.42.97.196"; content:"Host"; http_header; classtype:trojan-activity; sid:100001758; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.42.97.72"; content:"Host"; http_header; classtype:trojan-activity; sid:100001759; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.42.97.9"; content:"Host"; http_header; classtype:trojan-activity; sid:100001760; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.42.99.180"; content:"Host"; http_header; classtype:trojan-activity; sid:100001761; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.42.99.196"; content:"Host"; http_header; classtype:trojan-activity; sid:100001762; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.43.1.2"; content:"Host"; http_header; classtype:trojan-activity; sid:100001763; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.43.10.0"; content:"Host"; http_header; classtype:trojan-activity; sid:100001764; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.43.10.84"; content:"Host"; http_header; classtype:trojan-activity; sid:100001765; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.43.112.213"; content:"Host"; http_header; classtype:trojan-activity; sid:100001766; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.43.117.97"; content:"Host"; http_header; classtype:trojan-activity; sid:100001767; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.43.124.191"; content:"Host"; http_header; classtype:trojan-activity; sid:100001768; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.43.133.246"; content:"Host"; http_header; classtype:trojan-activity; sid:100001769; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.43.20.210"; content:"Host"; http_header; classtype:trojan-activity; sid:100001770; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.43.20.3"; content:"Host"; http_header; classtype:trojan-activity; sid:100001771; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.43.207.143"; content:"Host"; http_header; classtype:trojan-activity; sid:100001772; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.43.21.21"; content:"Host"; http_header; classtype:trojan-activity; sid:100001773; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.43.34.133"; content:"Host"; http_header; classtype:trojan-activity; sid:100001774; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.43.36.40"; content:"Host"; http_header; classtype:trojan-activity; sid:100001775; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.43.58.255"; content:"Host"; http_header; classtype:trojan-activity; sid:100001776; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.43.6.88"; content:"Host"; http_header; classtype:trojan-activity; sid:100001777; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.43.72.87"; content:"Host"; http_header; classtype:trojan-activity; sid:100001778; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.43.8.131"; content:"Host"; http_header; classtype:trojan-activity; sid:100001779; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.43.91.181"; content:"Host"; http_header; classtype:trojan-activity; sid:100001780; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.43.93.233"; content:"Host"; http_header; classtype:trojan-activity; sid:100001781; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.44.124.86"; content:"Host"; http_header; classtype:trojan-activity; sid:100001782; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.44.14.62"; content:"Host"; http_header; classtype:trojan-activity; sid:100001783; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.44.159.248"; content:"Host"; http_header; classtype:trojan-activity; sid:100001784; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.44.16.114"; content:"Host"; http_header; classtype:trojan-activity; sid:100001785; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.44.205.29"; content:"Host"; http_header; classtype:trojan-activity; sid:100001786; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.44.206.75"; content:"Host"; http_header; classtype:trojan-activity; sid:100001787; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.44.215.233"; content:"Host"; http_header; classtype:trojan-activity; sid:100001788; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.44.242.251"; content:"Host"; http_header; classtype:trojan-activity; sid:100001789; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.44.245.176"; content:"Host"; http_header; classtype:trojan-activity; sid:100001790; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.44.44.197"; content:"Host"; http_header; classtype:trojan-activity; sid:100001791; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.44.46.2"; content:"Host"; http_header; classtype:trojan-activity; sid:100001792; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.44.52.62"; content:"Host"; http_header; classtype:trojan-activity; sid:100001793; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.44.71.8"; content:"Host"; http_header; classtype:trojan-activity; sid:100001794; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.44.8.231"; content:"Host"; http_header; classtype:trojan-activity; sid:100001795; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.44.8.63"; content:"Host"; http_header; classtype:trojan-activity; sid:100001796; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.45.121.47"; content:"Host"; http_header; classtype:trojan-activity; sid:100001797; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.45.147.165"; content:"Host"; http_header; classtype:trojan-activity; sid:100001798; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.45.35.8"; content:"Host"; http_header; classtype:trojan-activity; sid:100001799; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.45.43.198"; content:"Host"; http_header; classtype:trojan-activity; sid:100001800; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.45.43.27"; content:"Host"; http_header; classtype:trojan-activity; sid:100001801; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.45.60.236"; content:"Host"; http_header; classtype:trojan-activity; sid:100001802; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.45.66.125"; content:"Host"; http_header; classtype:trojan-activity; sid:100001803; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.46.159.59"; content:"Host"; http_header; classtype:trojan-activity; sid:100001804; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.46.184.225"; content:"Host"; http_header; classtype:trojan-activity; sid:100001805; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.46.188.71"; content:"Host"; http_header; classtype:trojan-activity; sid:100001806; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.46.245.142"; content:"Host"; http_header; classtype:trojan-activity; sid:100001807; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.46.252.174"; content:"Host"; http_header; classtype:trojan-activity; sid:100001808; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.47.100.55"; content:"Host"; http_header; classtype:trojan-activity; sid:100001809; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.47.142.174"; content:"Host"; http_header; classtype:trojan-activity; sid:100001810; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.47.204.79"; content:"Host"; http_header; classtype:trojan-activity; sid:100001811; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.47.212.36"; content:"Host"; http_header; classtype:trojan-activity; sid:100001812; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.47.217.3"; content:"Host"; http_header; classtype:trojan-activity; sid:100001813; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.47.240.133"; content:"Host"; http_header; classtype:trojan-activity; sid:100001814; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.47.241.116"; content:"Host"; http_header; classtype:trojan-activity; sid:100001815; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.47.242.82"; content:"Host"; http_header; classtype:trojan-activity; sid:100001816; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.47.243.232"; content:"Host"; http_header; classtype:trojan-activity; sid:100001817; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.47.247.238"; content:"Host"; http_header; classtype:trojan-activity; sid:100001818; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.47.249.18"; content:"Host"; http_header; classtype:trojan-activity; sid:100001819; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.47.36.177"; content:"Host"; http_header; classtype:trojan-activity; sid:100001820; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.47.38.152"; content:"Host"; http_header; classtype:trojan-activity; sid:100001821; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.47.44.222"; content:"Host"; http_header; classtype:trojan-activity; sid:100001822; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.47.55.238"; content:"Host"; http_header; classtype:trojan-activity; sid:100001823; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.47.60.139"; content:"Host"; http_header; classtype:trojan-activity; sid:100001824; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.47.64.96"; content:"Host"; http_header; classtype:trojan-activity; sid:100001825; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.47.65.175"; content:"Host"; http_header; classtype:trojan-activity; sid:100001826; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.47.88.216"; content:"Host"; http_header; classtype:trojan-activity; sid:100001827; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.47.88.222"; content:"Host"; http_header; classtype:trojan-activity; sid:100001828; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.47.92.197"; content:"Host"; http_header; classtype:trojan-activity; sid:100001829; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.47.94.117"; content:"Host"; http_header; classtype:trojan-activity; sid:100001830; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.47.99.45"; content:"Host"; http_header; classtype:trojan-activity; sid:100001831; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.65.36.112"; content:"Host"; http_header; classtype:trojan-activity; sid:100001832; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.72.166.214"; content:"Host"; http_header; classtype:trojan-activity; sid:100001833; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.78.224.7"; content:"Host"; http_header; classtype:trojan-activity; sid:100001834; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.86.176.68"; content:"Host"; http_header; classtype:trojan-activity; sid:100001835; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.94.2.24"; content:"Host"; http_header; classtype:trojan-activity; sid:100001836; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.99.243.142"; content:"Host"; http_header; classtype:trojan-activity; sid:100001837; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"128.116.228.168"; content:"Host"; http_header; classtype:trojan-activity; sid:100001838; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"128.69.86.205"; content:"Host"; http_header; classtype:trojan-activity; sid:100001839; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"130.255.159.133"; content:"Host"; http_header; classtype:trojan-activity; sid:100001840; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"131.0.48.165"; content:"Host"; http_header; classtype:trojan-activity; sid:100001841; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"134.19.177.40"; content:"Host"; http_header; classtype:trojan-activity; sid:100001842; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"135.125.205.204"; content:"Host"; http_header; classtype:trojan-activity; sid:100001843; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"136.144.41.117"; content:"Host"; http_header; classtype:trojan-activity; sid:100001844; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"137.103.60.75"; content:"Host"; http_header; classtype:trojan-activity; sid:100001845; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"137.175.56.104"; content:"Host"; http_header; classtype:trojan-activity; sid:100001846; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"137.59.195.10"; content:"Host"; http_header; classtype:trojan-activity; sid:100001847; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"138.99.204.224"; content:"Host"; http_header; classtype:trojan-activity; sid:100001848; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"139.216.102.151"; content:"Host"; http_header; classtype:trojan-activity; sid:100001849; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"139.216.232.124"; content:"Host"; http_header; classtype:trojan-activity; sid:100001850; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"14.127.242.71"; content:"Host"; http_header; classtype:trojan-activity; sid:100001851; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"14.138.109.129"; content:"Host"; http_header; classtype:trojan-activity; sid:100001852; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"14.138.109.26"; content:"Host"; http_header; classtype:trojan-activity; sid:100001853; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"14.154.29.232"; content:"Host"; http_header; classtype:trojan-activity; sid:100001854; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"14.160.188.212"; content:"Host"; http_header; classtype:trojan-activity; sid:100001855; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"14.161.114.225"; content:"Host"; http_header; classtype:trojan-activity; sid:100001856; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"14.161.197.224"; content:"Host"; http_header; classtype:trojan-activity; sid:100001857; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"14.161.197.254"; content:"Host"; http_header; classtype:trojan-activity; sid:100001858; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"14.176.140.158"; content:"Host"; http_header; classtype:trojan-activity; sid:100001859; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"14.180.117.124"; content:"Host"; http_header; classtype:trojan-activity; sid:100001860; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"14.191.23.162"; content:"Host"; http_header; classtype:trojan-activity; sid:100001861; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"14.193.253.224"; content:"Host"; http_header; classtype:trojan-activity; sid:100001862; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"14.229.153.77"; content:"Host"; http_header; classtype:trojan-activity; sid:100001863; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"14.230.120.95"; content:"Host"; http_header; classtype:trojan-activity; sid:100001864; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"14.230.173.225"; content:"Host"; http_header; classtype:trojan-activity; sid:100001865; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"14.230.43.196"; content:"Host"; http_header; classtype:trojan-activity; sid:100001866; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"14.240.125.75"; content:"Host"; http_header; classtype:trojan-activity; sid:100001867; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"14.240.28.94"; content:"Host"; http_header; classtype:trojan-activity; sid:100001868; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"14.240.50.227"; content:"Host"; http_header; classtype:trojan-activity; sid:100001869; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"14.241.227.216"; content:"Host"; http_header; classtype:trojan-activity; sid:100001870; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"14.241.244.250"; content:"Host"; http_header; classtype:trojan-activity; sid:100001871; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"14.246.163.149"; content:"Host"; http_header; classtype:trojan-activity; sid:100001872; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"14.37.24.72"; content:"Host"; http_header; classtype:trojan-activity; sid:100001873; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"14.42.160.123"; content:"Host"; http_header; classtype:trojan-activity; sid:100001874; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"14.45.127.110"; content:"Host"; http_header; classtype:trojan-activity; sid:100001875; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"14.45.20.130"; content:"Host"; http_header; classtype:trojan-activity; sid:100001876; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"14.46.25.17"; content:"Host"; http_header; classtype:trojan-activity; sid:100001877; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"14.50.129.248"; content:"Host"; http_header; classtype:trojan-activity; sid:100001878; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"14.54.91.154"; content:"Host"; http_header; classtype:trojan-activity; sid:100001879; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"140.237.15.22"; content:"Host"; http_header; classtype:trojan-activity; sid:100001880; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"140.255.10.36"; content:"Host"; http_header; classtype:trojan-activity; sid:100001881; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"142.255.48.233"; content:"Host"; http_header; classtype:trojan-activity; sid:100001882; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"143.255.167.37"; content:"Host"; http_header; classtype:trojan-activity; sid:100001883; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"143.255.167.42"; content:"Host"; http_header; classtype:trojan-activity; sid:100001884; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"144.129.175.204"; content:"Host"; http_header; classtype:trojan-activity; sid:100001885; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"144.139.130.6"; content:"Host"; http_header; classtype:trojan-activity; sid:100001886; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"144.91.81.180"; content:"Host"; http_header; classtype:trojan-activity; sid:100001887; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"147.124.212.189"; content:"Host"; http_header; classtype:trojan-activity; sid:100001888; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"149.3.73.242"; content:"Host"; http_header; classtype:trojan-activity; sid:100001889; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"149.56.35.183"; content:"Host"; http_header; classtype:trojan-activity; sid:100001890; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"15.237.96.112"; content:"Host"; http_header; classtype:trojan-activity; sid:100001891; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"150.129.248.112"; content:"Host"; http_header; classtype:trojan-activity; sid:100001892; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"150.255.32.140"; content:"Host"; http_header; classtype:trojan-activity; sid:100001893; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"151.213.216.237"; content:"Host"; http_header; classtype:trojan-activity; sid:100001894; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"152.67.63.150"; content:"Host"; http_header; classtype:trojan-activity; sid:100001895; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"153.101.139.161"; content:"Host"; http_header; classtype:trojan-activity; sid:100001896; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"153.101.253.170"; content:"Host"; http_header; classtype:trojan-activity; sid:100001897; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"153.101.39.92"; content:"Host"; http_header; classtype:trojan-activity; sid:100001898; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"153.3.130.65"; content:"Host"; http_header; classtype:trojan-activity; sid:100001899; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"153.3.207.38"; content:"Host"; http_header; classtype:trojan-activity; sid:100001900; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"153.3.5.231"; content:"Host"; http_header; classtype:trojan-activity; sid:100001901; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"153.3.81.34"; content:"Host"; http_header; classtype:trojan-activity; sid:100001902; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"153.34.13.95"; content:"Host"; http_header; classtype:trojan-activity; sid:100001903; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"153.34.18.154"; content:"Host"; http_header; classtype:trojan-activity; sid:100001904; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"153.34.205.32"; content:"Host"; http_header; classtype:trojan-activity; sid:100001905; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"153.34.58.239"; content:"Host"; http_header; classtype:trojan-activity; sid:100001906; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"153.35.70.93"; content:"Host"; http_header; classtype:trojan-activity; sid:100001907; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"153.36.118.230"; content:"Host"; http_header; classtype:trojan-activity; sid:100001908; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"153.36.17.84"; content:"Host"; http_header; classtype:trojan-activity; sid:100001909; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"153.37.187.37"; content:"Host"; http_header; classtype:trojan-activity; sid:100001910; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"153.37.202.215"; content:"Host"; http_header; classtype:trojan-activity; sid:100001911; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"154.16.118.104"; content:"Host"; http_header; classtype:trojan-activity; sid:100001912; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"155.94.228.223"; content:"Host"; http_header; classtype:trojan-activity; sid:100001913; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"157.0.180.240"; content:"Host"; http_header; classtype:trojan-activity; sid:100001914; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"157.122.104.115"; content:"Host"; http_header; classtype:trojan-activity; sid:100001915; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"157.122.105.201"; content:"Host"; http_header; classtype:trojan-activity; sid:100001916; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"157.122.107.155"; content:"Host"; http_header; classtype:trojan-activity; sid:100001917; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"157.25.189.65"; content:"Host"; http_header; classtype:trojan-activity; sid:100001918; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"158.101.165.14"; content:"Host"; http_header; classtype:trojan-activity; sid:100001919; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"158.174.218.29"; content:"Host"; http_header; classtype:trojan-activity; sid:100001920; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"158.222.165.33"; content:"Host"; http_header; classtype:trojan-activity; sid:100001921; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"160.155.16.204"; content:"Host"; http_header; classtype:trojan-activity; sid:100001922; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"162.155.192.189"; content:"Host"; http_header; classtype:trojan-activity; sid:100001923; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"162.191.249.195"; content:"Host"; http_header; classtype:trojan-activity; sid:100001924; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"162.194.28.60"; content:"Host"; http_header; classtype:trojan-activity; sid:100001925; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"162.209.98.174"; content:"Host"; http_header; classtype:trojan-activity; sid:100001926; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"162.224.157.135"; content:"Host"; http_header; classtype:trojan-activity; sid:100001927; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"162.231.198.11"; content:"Host"; http_header; classtype:trojan-activity; sid:100001928; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"162.238.152.19"; content:"Host"; http_header; classtype:trojan-activity; sid:100001929; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"162.84.168.150"; content:"Host"; http_header; classtype:trojan-activity; sid:100001930; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"163.125.17.124"; content:"Host"; http_header; classtype:trojan-activity; sid:100001931; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"163.125.175.3"; content:"Host"; http_header; classtype:trojan-activity; sid:100001932; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"163.125.181.79"; content:"Host"; http_header; classtype:trojan-activity; sid:100001933; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"163.125.182.163"; content:"Host"; http_header; classtype:trojan-activity; sid:100001934; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"163.125.185.5"; content:"Host"; http_header; classtype:trojan-activity; sid:100001935; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"163.125.221.181"; content:"Host"; http_header; classtype:trojan-activity; sid:100001936; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"163.125.222.69"; content:"Host"; http_header; classtype:trojan-activity; sid:100001937; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"163.125.223.50"; content:"Host"; http_header; classtype:trojan-activity; sid:100001938; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"163.125.244.180"; content:"Host"; http_header; classtype:trojan-activity; sid:100001939; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"163.125.249.100"; content:"Host"; http_header; classtype:trojan-activity; sid:100001940; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"163.125.251.112"; content:"Host"; http_header; classtype:trojan-activity; sid:100001941; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"163.125.251.167"; content:"Host"; http_header; classtype:trojan-activity; sid:100001942; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"163.125.28.106"; content:"Host"; http_header; classtype:trojan-activity; sid:100001943; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"163.125.28.150"; content:"Host"; http_header; classtype:trojan-activity; sid:100001944; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"163.125.28.201"; content:"Host"; http_header; classtype:trojan-activity; sid:100001945; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"163.125.28.227"; content:"Host"; http_header; classtype:trojan-activity; sid:100001946; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"163.125.30.168"; content:"Host"; http_header; classtype:trojan-activity; sid:100001947; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"163.125.61.189"; content:"Host"; http_header; classtype:trojan-activity; sid:100001948; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"163.125.7.42"; content:"Host"; http_header; classtype:trojan-activity; sid:100001949; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"163.125.80.48"; content:"Host"; http_header; classtype:trojan-activity; sid:100001950; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"163.125.95.135"; content:"Host"; http_header; classtype:trojan-activity; sid:100001951; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"163.125.97.58"; content:"Host"; http_header; classtype:trojan-activity; sid:100001952; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"163.142.121.34"; content:"Host"; http_header; classtype:trojan-activity; sid:100001953; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"163.142.122.16"; content:"Host"; http_header; classtype:trojan-activity; sid:100001954; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"163.142.123.217"; content:"Host"; http_header; classtype:trojan-activity; sid:100001955; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"163.142.84.5"; content:"Host"; http_header; classtype:trojan-activity; sid:100001956; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"163.172.46.83"; content:"Host"; http_header; classtype:trojan-activity; sid:100001957; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"163.179.160.171"; content:"Host"; http_header; classtype:trojan-activity; sid:100001958; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"163.179.160.55"; content:"Host"; http_header; classtype:trojan-activity; sid:100001959; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"163.179.161.243"; content:"Host"; http_header; classtype:trojan-activity; sid:100001960; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"163.179.161.49"; content:"Host"; http_header; classtype:trojan-activity; sid:100001961; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"163.179.166.13"; content:"Host"; http_header; classtype:trojan-activity; sid:100001962; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"163.179.166.176"; content:"Host"; http_header; classtype:trojan-activity; sid:100001963; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"163.179.166.227"; content:"Host"; http_header; classtype:trojan-activity; sid:100001964; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"163.179.168.120"; content:"Host"; http_header; classtype:trojan-activity; sid:100001965; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"163.179.168.151"; content:"Host"; http_header; classtype:trojan-activity; sid:100001966; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"163.179.172.106"; content:"Host"; http_header; classtype:trojan-activity; sid:100001967; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"163.179.174.59"; content:"Host"; http_header; classtype:trojan-activity; sid:100001968; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"163.179.175.114"; content:"Host"; http_header; classtype:trojan-activity; sid:100001969; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"163.179.175.145"; content:"Host"; http_header; classtype:trojan-activity; sid:100001970; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"163.179.175.159"; content:"Host"; http_header; classtype:trojan-activity; sid:100001971; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"163.179.217.182"; content:"Host"; http_header; classtype:trojan-activity; sid:100001972; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"163.204.210.251"; content:"Host"; http_header; classtype:trojan-activity; sid:100001973; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"163.204.211.192"; content:"Host"; http_header; classtype:trojan-activity; sid:100001974; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"163.204.216.105"; content:"Host"; http_header; classtype:trojan-activity; sid:100001975; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"163.204.217.15"; content:"Host"; http_header; classtype:trojan-activity; sid:100001976; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"163.204.217.193"; content:"Host"; http_header; classtype:trojan-activity; sid:100001977; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"163.204.217.241"; content:"Host"; http_header; classtype:trojan-activity; sid:100001978; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"163.204.218.42"; content:"Host"; http_header; classtype:trojan-activity; sid:100001979; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"163.204.219.192"; content:"Host"; http_header; classtype:trojan-activity; sid:100001980; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"163.204.219.231"; content:"Host"; http_header; classtype:trojan-activity; sid:100001981; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"163.204.219.239"; content:"Host"; http_header; classtype:trojan-activity; sid:100001982; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"163.204.219.3"; content:"Host"; http_header; classtype:trojan-activity; sid:100001983; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"163.204.220.23"; content:"Host"; http_header; classtype:trojan-activity; sid:100001984; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"163.204.221.122"; content:"Host"; http_header; classtype:trojan-activity; sid:100001985; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"163.204.222.74"; content:"Host"; http_header; classtype:trojan-activity; sid:100001986; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"163.204.223.193"; content:"Host"; http_header; classtype:trojan-activity; sid:100001987; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"163.47.214.186"; content:"Host"; http_header; classtype:trojan-activity; sid:100001988; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"165.90.16.5"; content:"Host"; http_header; classtype:trojan-activity; sid:100001989; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"168.121.239.172"; content:"Host"; http_header; classtype:trojan-activity; sid:100001990; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"168.90.205.46"; content:"Host"; http_header; classtype:trojan-activity; sid:100001991; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"170.78.39.82"; content:"Host"; http_header; classtype:trojan-activity; sid:100001992; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"170.82.72.116"; content:"Host"; http_header; classtype:trojan-activity; sid:100001993; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"171.104.127.28"; content:"Host"; http_header; classtype:trojan-activity; sid:100001994; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"171.112.33.250"; content:"Host"; http_header; classtype:trojan-activity; sid:100001995; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"171.116.233.198"; content:"Host"; http_header; classtype:trojan-activity; sid:100001996; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"171.118.61.180"; content:"Host"; http_header; classtype:trojan-activity; sid:100001997; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"171.119.197.80"; content:"Host"; http_header; classtype:trojan-activity; sid:100001998; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"171.119.224.37"; content:"Host"; http_header; classtype:trojan-activity; sid:100001999; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"171.119.255.190"; content:"Host"; http_header; classtype:trojan-activity; sid:100002000; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"171.120.34.142"; content:"Host"; http_header; classtype:trojan-activity; sid:100002001; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"171.124.96.30"; content:"Host"; http_header; classtype:trojan-activity; sid:100002002; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"171.125.124.42"; content:"Host"; http_header; classtype:trojan-activity; sid:100002003; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"171.125.137.216"; content:"Host"; http_header; classtype:trojan-activity; sid:100002004; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"171.125.14.94"; content:"Host"; http_header; classtype:trojan-activity; sid:100002005; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"171.125.164.117"; content:"Host"; http_header; classtype:trojan-activity; sid:100002006; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"171.125.184.39"; content:"Host"; http_header; classtype:trojan-activity; sid:100002007; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"171.125.233.14"; content:"Host"; http_header; classtype:trojan-activity; sid:100002008; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"171.125.35.25"; content:"Host"; http_header; classtype:trojan-activity; sid:100002009; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"171.125.41.243"; content:"Host"; http_header; classtype:trojan-activity; sid:100002010; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"171.125.50.45"; content:"Host"; http_header; classtype:trojan-activity; sid:100002011; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"171.125.80.91"; content:"Host"; http_header; classtype:trojan-activity; sid:100002012; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"171.125.90.251"; content:"Host"; http_header; classtype:trojan-activity; sid:100002013; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"171.126.27.94"; content:"Host"; http_header; classtype:trojan-activity; sid:100002014; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"171.227.71.75"; content:"Host"; http_header; classtype:trojan-activity; sid:100002015; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"171.249.0.35"; content:"Host"; http_header; classtype:trojan-activity; sid:100002016; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"171.249.126.218"; content:"Host"; http_header; classtype:trojan-activity; sid:100002017; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"171.25.252.65"; content:"Host"; http_header; classtype:trojan-activity; sid:100002018; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"171.35.161.247"; content:"Host"; http_header; classtype:trojan-activity; sid:100002019; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"171.35.163.15"; content:"Host"; http_header; classtype:trojan-activity; sid:100002020; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"171.35.168.75"; content:"Host"; http_header; classtype:trojan-activity; sid:100002021; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"171.35.169.13"; content:"Host"; http_header; classtype:trojan-activity; sid:100002022; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"171.35.169.177"; content:"Host"; http_header; classtype:trojan-activity; sid:100002023; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"171.35.170.110"; content:"Host"; http_header; classtype:trojan-activity; sid:100002024; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"171.35.172.44"; content:"Host"; http_header; classtype:trojan-activity; sid:100002025; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"171.35.173.51"; content:"Host"; http_header; classtype:trojan-activity; sid:100002026; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"171.36.137.141"; content:"Host"; http_header; classtype:trojan-activity; sid:100002027; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"171.36.47.139"; content:"Host"; http_header; classtype:trojan-activity; sid:100002028; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"171.38.144.178"; content:"Host"; http_header; classtype:trojan-activity; sid:100002029; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"171.38.144.215"; content:"Host"; http_header; classtype:trojan-activity; sid:100002030; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"171.38.223.220"; content:"Host"; http_header; classtype:trojan-activity; sid:100002031; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"171.40.7.13"; content:"Host"; http_header; classtype:trojan-activity; sid:100002032; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"171.42.164.167"; content:"Host"; http_header; classtype:trojan-activity; sid:100002033; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"171.42.56.254"; content:"Host"; http_header; classtype:trojan-activity; sid:100002034; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"171.44.224.244"; content:"Host"; http_header; classtype:trojan-activity; sid:100002035; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"171.44.242.26"; content:"Host"; http_header; classtype:trojan-activity; sid:100002036; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"171.44.252.97"; content:"Host"; http_header; classtype:trojan-activity; sid:100002037; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"171.80.248.28"; content:"Host"; http_header; classtype:trojan-activity; sid:100002038; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"171.81.124.105"; content:"Host"; http_header; classtype:trojan-activity; sid:100002039; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"172.105.36.168"; content:"Host"; http_header; classtype:trojan-activity; sid:100002040; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"172.245.163.170"; content:"Host"; http_header; classtype:trojan-activity; sid:100002041; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"172.88.228.41"; content:"Host"; http_header; classtype:trojan-activity; sid:100002042; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"173.14.69.161"; content:"Host"; http_header; classtype:trojan-activity; sid:100002043; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"173.166.207.109"; content:"Host"; http_header; classtype:trojan-activity; sid:100002044; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"173.169.46.85"; content:"Host"; http_header; classtype:trojan-activity; sid:100002045; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"173.220.222.227"; content:"Host"; http_header; classtype:trojan-activity; sid:100002046; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"173.25.113.8"; content:"Host"; http_header; classtype:trojan-activity; sid:100002047; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"173.52.95.134"; content:"Host"; http_header; classtype:trojan-activity; sid:100002048; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"173.52.97.25"; content:"Host"; http_header; classtype:trojan-activity; sid:100002049; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"173.56.92.166"; content:"Host"; http_header; classtype:trojan-activity; sid:100002050; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"173.61.12.69"; content:"Host"; http_header; classtype:trojan-activity; sid:100002051; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"173.63.39.192"; content:"Host"; http_header; classtype:trojan-activity; sid:100002052; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"173.68.158.62"; content:"Host"; http_header; classtype:trojan-activity; sid:100002053; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"173.77.217.250"; content:"Host"; http_header; classtype:trojan-activity; sid:100002054; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"173.81.200.18"; content:"Host"; http_header; classtype:trojan-activity; sid:100002055; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"173.90.91.124"; content:"Host"; http_header; classtype:trojan-activity; sid:100002056; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"174.106.33.85"; content:"Host"; http_header; classtype:trojan-activity; sid:100002057; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"174.61.3.149"; content:"Host"; http_header; classtype:trojan-activity; sid:100002058; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"174.81.78.7"; content:"Host"; http_header; classtype:trojan-activity; sid:100002059; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.0.60.149"; content:"Host"; http_header; classtype:trojan-activity; sid:100002060; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.0.62.33"; content:"Host"; http_header; classtype:trojan-activity; sid:100002061; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.10.100.135"; content:"Host"; http_header; classtype:trojan-activity; sid:100002062; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.10.109.32"; content:"Host"; http_header; classtype:trojan-activity; sid:100002063; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.10.18.12"; content:"Host"; http_header; classtype:trojan-activity; sid:100002064; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.10.18.144"; content:"Host"; http_header; classtype:trojan-activity; sid:100002065; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.10.18.166"; content:"Host"; http_header; classtype:trojan-activity; sid:100002066; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.10.188.89"; content:"Host"; http_header; classtype:trojan-activity; sid:100002067; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.10.19.147"; content:"Host"; http_header; classtype:trojan-activity; sid:100002068; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.10.212.67"; content:"Host"; http_header; classtype:trojan-activity; sid:100002069; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.10.213.185"; content:"Host"; http_header; classtype:trojan-activity; sid:100002070; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.10.213.29"; content:"Host"; http_header; classtype:trojan-activity; sid:100002071; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.10.243.83"; content:"Host"; http_header; classtype:trojan-activity; sid:100002072; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.10.32.249"; content:"Host"; http_header; classtype:trojan-activity; sid:100002073; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.10.49.205"; content:"Host"; http_header; classtype:trojan-activity; sid:100002074; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.10.50.121"; content:"Host"; http_header; classtype:trojan-activity; sid:100002075; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.10.76.203"; content:"Host"; http_header; classtype:trojan-activity; sid:100002076; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.10.87.143"; content:"Host"; http_header; classtype:trojan-activity; sid:100002077; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.10.89.224"; content:"Host"; http_header; classtype:trojan-activity; sid:100002078; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.11.133.147"; content:"Host"; http_header; classtype:trojan-activity; sid:100002079; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.11.169.159"; content:"Host"; http_header; classtype:trojan-activity; sid:100002080; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.11.195.127"; content:"Host"; http_header; classtype:trojan-activity; sid:100002081; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.11.20.137"; content:"Host"; http_header; classtype:trojan-activity; sid:100002082; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.11.200.79"; content:"Host"; http_header; classtype:trojan-activity; sid:100002083; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.11.201.167"; content:"Host"; http_header; classtype:trojan-activity; sid:100002084; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.11.201.214"; content:"Host"; http_header; classtype:trojan-activity; sid:100002085; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.11.201.60"; content:"Host"; http_header; classtype:trojan-activity; sid:100002086; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.11.204.51"; content:"Host"; http_header; classtype:trojan-activity; sid:100002087; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.11.53.6"; content:"Host"; http_header; classtype:trojan-activity; sid:100002088; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.11.71.57"; content:"Host"; http_header; classtype:trojan-activity; sid:100002089; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.11.8.117"; content:"Host"; http_header; classtype:trojan-activity; sid:100002090; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.113.50.233"; content:"Host"; http_header; classtype:trojan-activity; sid:100002091; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.113.50.236"; content:"Host"; http_header; classtype:trojan-activity; sid:100002092; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.118.220.183"; content:"Host"; http_header; classtype:trojan-activity; sid:100002093; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.146.19.46"; content:"Host"; http_header; classtype:trojan-activity; sid:100002094; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.150.155.191"; content:"Host"; http_header; classtype:trojan-activity; sid:100002095; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.151.11.77"; content:"Host"; http_header; classtype:trojan-activity; sid:100002096; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.155.174.65"; content:"Host"; http_header; classtype:trojan-activity; sid:100002097; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.160.41.128"; content:"Host"; http_header; classtype:trojan-activity; sid:100002098; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.162.11.189"; content:"Host"; http_header; classtype:trojan-activity; sid:100002099; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.162.208.114"; content:"Host"; http_header; classtype:trojan-activity; sid:100002100; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.162.73.226"; content:"Host"; http_header; classtype:trojan-activity; sid:100002101; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.162.8.101"; content:"Host"; http_header; classtype:trojan-activity; sid:100002102; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.163.84.151"; content:"Host"; http_header; classtype:trojan-activity; sid:100002103; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.164.178.118"; content:"Host"; http_header; classtype:trojan-activity; sid:100002104; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.165.14.122"; content:"Host"; http_header; classtype:trojan-activity; sid:100002105; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.167.1.23"; content:"Host"; http_header; classtype:trojan-activity; sid:100002106; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.168.38.144"; content:"Host"; http_header; classtype:trojan-activity; sid:100002107; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.168.94.155"; content:"Host"; http_header; classtype:trojan-activity; sid:100002108; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.169.18.47"; content:"Host"; http_header; classtype:trojan-activity; sid:100002109; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.169.193.51"; content:"Host"; http_header; classtype:trojan-activity; sid:100002110; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.171.190.51"; content:"Host"; http_header; classtype:trojan-activity; sid:100002111; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.172.11.188"; content:"Host"; http_header; classtype:trojan-activity; sid:100002112; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.172.49.115"; content:"Host"; http_header; classtype:trojan-activity; sid:100002113; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.174.84.20"; content:"Host"; http_header; classtype:trojan-activity; sid:100002114; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.176.185.223"; content:"Host"; http_header; classtype:trojan-activity; sid:100002115; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.180.142.157"; content:"Host"; http_header; classtype:trojan-activity; sid:100002116; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.182.254.177"; content:"Host"; http_header; classtype:trojan-activity; sid:100002117; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.182.71.20"; content:"Host"; http_header; classtype:trojan-activity; sid:100002118; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.202.73.59"; content:"Host"; http_header; classtype:trojan-activity; sid:100002119; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.203.192.16"; content:"Host"; http_header; classtype:trojan-activity; sid:100002120; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.211.131.1"; content:"Host"; http_header; classtype:trojan-activity; sid:100002121; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.212.104.29"; content:"Host"; http_header; classtype:trojan-activity; sid:100002122; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.212.195.193"; content:"Host"; http_header; classtype:trojan-activity; sid:100002123; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.213.25.192"; content:"Host"; http_header; classtype:trojan-activity; sid:100002124; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.30.135.72"; content:"Host"; http_header; classtype:trojan-activity; sid:100002125; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.42.45.159"; content:"Host"; http_header; classtype:trojan-activity; sid:100002126; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.7.184.42"; content:"Host"; http_header; classtype:trojan-activity; sid:100002127; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.7.196.37"; content:"Host"; http_header; classtype:trojan-activity; sid:100002128; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.8.114.249"; content:"Host"; http_header; classtype:trojan-activity; sid:100002129; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.8.146.37"; content:"Host"; http_header; classtype:trojan-activity; sid:100002130; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.8.31.2"; content:"Host"; http_header; classtype:trojan-activity; sid:100002131; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.8.93.135"; content:"Host"; http_header; classtype:trojan-activity; sid:100002132; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.9.132.101"; content:"Host"; http_header; classtype:trojan-activity; sid:100002133; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.9.171.142"; content:"Host"; http_header; classtype:trojan-activity; sid:100002134; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.9.186.14"; content:"Host"; http_header; classtype:trojan-activity; sid:100002135; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.9.218.210"; content:"Host"; http_header; classtype:trojan-activity; sid:100002136; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.9.221.14"; content:"Host"; http_header; classtype:trojan-activity; sid:100002137; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.9.221.65"; content:"Host"; http_header; classtype:trojan-activity; sid:100002138; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.9.88.50"; content:"Host"; http_header; classtype:trojan-activity; sid:100002139; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.9.88.88"; content:"Host"; http_header; classtype:trojan-activity; sid:100002140; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"176.103.16.188"; content:"Host"; http_header; classtype:trojan-activity; sid:100002141; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"176.111.208.88"; content:"Host"; http_header; classtype:trojan-activity; sid:100002142; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"176.12.117.66"; content:"Host"; http_header; classtype:trojan-activity; sid:100002143; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"176.12.117.70"; content:"Host"; http_header; classtype:trojan-activity; sid:100002144; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"176.120.63.5"; content:"Host"; http_header; classtype:trojan-activity; sid:100002145; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"176.121.14.151"; content:"Host"; http_header; classtype:trojan-activity; sid:100002146; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"176.123.6.196"; content:"Host"; http_header; classtype:trojan-activity; sid:100002147; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"176.123.7.127"; content:"Host"; http_header; classtype:trojan-activity; sid:100002148; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"176.20.174.94"; content:"Host"; http_header; classtype:trojan-activity; sid:100002149; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"176.221.206.115"; content:"Host"; http_header; classtype:trojan-activity; sid:100002150; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"176.221.220.216"; content:"Host"; http_header; classtype:trojan-activity; sid:100002151; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"176.221.251.147"; content:"Host"; http_header; classtype:trojan-activity; sid:100002152; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"176.240.18.92"; content:"Host"; http_header; classtype:trojan-activity; sid:100002153; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"176.35.202.86"; content:"Host"; http_header; classtype:trojan-activity; sid:100002154; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"176.63.243.18"; content:"Host"; http_header; classtype:trojan-activity; sid:100002155; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"177.131.226.235"; content:"Host"; http_header; classtype:trojan-activity; sid:100002156; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"177.54.82.154"; content:"Host"; http_header; classtype:trojan-activity; sid:100002157; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"177.67.165.174"; content:"Host"; http_header; classtype:trojan-activity; sid:100002158; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"177.67.5.139"; content:"Host"; http_header; classtype:trojan-activity; sid:100002159; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"177.84.218.135"; content:"Host"; http_header; classtype:trojan-activity; sid:100002160; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"178.118.210.151"; content:"Host"; http_header; classtype:trojan-activity; sid:100002161; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"178.124.210.45"; content:"Host"; http_header; classtype:trojan-activity; sid:100002162; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"178.141.58.47"; content:"Host"; http_header; classtype:trojan-activity; sid:100002163; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"178.141.64.169"; content:"Host"; http_header; classtype:trojan-activity; sid:100002164; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"178.150.174.65"; content:"Host"; http_header; classtype:trojan-activity; sid:100002165; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"178.151.143.2"; content:"Host"; http_header; classtype:trojan-activity; sid:100002166; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"178.160.13.103"; content:"Host"; http_header; classtype:trojan-activity; sid:100002167; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"178.19.183.14"; content:"Host"; http_header; classtype:trojan-activity; sid:100002168; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"178.21.164.68"; content:"Host"; http_header; classtype:trojan-activity; sid:100002169; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"178.214.220.106"; content:"Host"; http_header; classtype:trojan-activity; sid:100002170; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"178.222.252.130"; content:"Host"; http_header; classtype:trojan-activity; sid:100002171; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"178.34.183.30"; content:"Host"; http_header; classtype:trojan-activity; sid:100002172; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"178.95.197.63"; content:"Host"; http_header; classtype:trojan-activity; sid:100002173; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"179.165.36.109"; content:"Host"; http_header; classtype:trojan-activity; sid:100002174; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"179.43.100.24"; content:"Host"; http_header; classtype:trojan-activity; sid:100002175; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"179.43.175.58"; content:"Host"; http_header; classtype:trojan-activity; sid:100002176; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"179.43.187.131"; content:"Host"; http_header; classtype:trojan-activity; sid:100002177; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"180.104.194.99"; content:"Host"; http_header; classtype:trojan-activity; sid:100002178; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"180.112.19.91"; content:"Host"; http_header; classtype:trojan-activity; sid:100002179; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"180.113.8.2"; content:"Host"; http_header; classtype:trojan-activity; sid:100002180; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"180.115.106.176"; content:"Host"; http_header; classtype:trojan-activity; sid:100002181; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"180.115.115.226"; content:"Host"; http_header; classtype:trojan-activity; sid:100002182; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"180.115.173.203"; content:"Host"; http_header; classtype:trojan-activity; sid:100002183; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"180.115.201.177"; content:"Host"; http_header; classtype:trojan-activity; sid:100002184; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"180.115.250.110"; content:"Host"; http_header; classtype:trojan-activity; sid:100002185; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"180.115.45.220"; content:"Host"; http_header; classtype:trojan-activity; sid:100002186; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"180.115.80.212"; content:"Host"; http_header; classtype:trojan-activity; sid:100002187; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"180.116.157.175"; content:"Host"; http_header; classtype:trojan-activity; sid:100002188; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"180.116.185.197"; content:"Host"; http_header; classtype:trojan-activity; sid:100002189; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"180.116.193.207"; content:"Host"; http_header; classtype:trojan-activity; sid:100002190; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"180.116.248.179"; content:"Host"; http_header; classtype:trojan-activity; sid:100002191; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"180.116.44.40"; content:"Host"; http_header; classtype:trojan-activity; sid:100002192; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"180.120.42.237"; content:"Host"; http_header; classtype:trojan-activity; sid:100002193; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"180.123.86.163"; content:"Host"; http_header; classtype:trojan-activity; sid:100002194; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"180.124.234.91"; content:"Host"; http_header; classtype:trojan-activity; sid:100002195; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"180.125.143.30"; content:"Host"; http_header; classtype:trojan-activity; sid:100002196; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"180.125.146.172"; content:"Host"; http_header; classtype:trojan-activity; sid:100002197; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"180.163.61.172"; content:"Host"; http_header; classtype:trojan-activity; sid:100002198; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"180.165.113.116"; content:"Host"; http_header; classtype:trojan-activity; sid:100002199; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"180.176.105.41"; content:"Host"; http_header; classtype:trojan-activity; sid:100002200; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"180.176.165.230"; content:"Host"; http_header; classtype:trojan-activity; sid:100002201; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"180.176.214.171"; content:"Host"; http_header; classtype:trojan-activity; sid:100002202; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"180.176.244.14"; content:"Host"; http_header; classtype:trojan-activity; sid:100002203; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"180.176.245.147"; content:"Host"; http_header; classtype:trojan-activity; sid:100002204; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"180.176.96.248"; content:"Host"; http_header; classtype:trojan-activity; sid:100002205; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"180.177.104.65"; content:"Host"; http_header; classtype:trojan-activity; sid:100002206; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"180.177.128.116"; content:"Host"; http_header; classtype:trojan-activity; sid:100002207; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"180.177.180.6"; content:"Host"; http_header; classtype:trojan-activity; sid:100002208; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"180.177.190.153"; content:"Host"; http_header; classtype:trojan-activity; sid:100002209; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"180.177.212.149"; content:"Host"; http_header; classtype:trojan-activity; sid:100002210; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"180.177.241.113"; content:"Host"; http_header; classtype:trojan-activity; sid:100002211; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"180.177.242.73"; content:"Host"; http_header; classtype:trojan-activity; sid:100002212; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"180.177.82.113"; content:"Host"; http_header; classtype:trojan-activity; sid:100002213; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"180.180.151.36"; content:"Host"; http_header; classtype:trojan-activity; sid:100002214; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"180.214.237.39"; content:"Host"; http_header; classtype:trojan-activity; sid:100002215; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"180.218.153.71"; content:"Host"; http_header; classtype:trojan-activity; sid:100002216; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"180.218.160.4"; content:"Host"; http_header; classtype:trojan-activity; sid:100002217; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"180.218.5.171"; content:"Host"; http_header; classtype:trojan-activity; sid:100002218; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"180.218.97.53"; content:"Host"; http_header; classtype:trojan-activity; sid:100002219; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"180.248.80.38"; content:"Host"; http_header; classtype:trojan-activity; sid:100002220; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"181.112.138.154"; content:"Host"; http_header; classtype:trojan-activity; sid:100002221; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"181.112.218.238"; content:"Host"; http_header; classtype:trojan-activity; sid:100002222; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"181.112.218.6"; content:"Host"; http_header; classtype:trojan-activity; sid:100002223; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"181.129.124.42"; content:"Host"; http_header; classtype:trojan-activity; sid:100002224; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"181.129.137.29"; content:"Host"; http_header; classtype:trojan-activity; sid:100002225; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"181.143.60.163"; content:"Host"; http_header; classtype:trojan-activity; sid:100002226; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"181.188.105.127"; content:"Host"; http_header; classtype:trojan-activity; sid:100002227; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"181.211.190.10"; content:"Host"; http_header; classtype:trojan-activity; sid:100002228; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"181.224.242.131"; content:"Host"; http_header; classtype:trojan-activity; sid:100002229; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"181.48.241.226"; content:"Host"; http_header; classtype:trojan-activity; sid:100002230; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"181.49.225.83"; content:"Host"; http_header; classtype:trojan-activity; sid:100002231; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"181.49.236.4"; content:"Host"; http_header; classtype:trojan-activity; sid:100002232; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"181.59.166.73"; content:"Host"; http_header; classtype:trojan-activity; sid:100002233; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.101.132.39"; content:"Host"; http_header; classtype:trojan-activity; sid:100002234; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.105.38.32"; content:"Host"; http_header; classtype:trojan-activity; sid:100002235; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.112.2.254"; content:"Host"; http_header; classtype:trojan-activity; sid:100002236; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.112.4.18"; content:"Host"; http_header; classtype:trojan-activity; sid:100002237; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.112.5.231"; content:"Host"; http_header; classtype:trojan-activity; sid:100002238; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.112.54.90"; content:"Host"; http_header; classtype:trojan-activity; sid:100002239; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.112.61.171"; content:"Host"; http_header; classtype:trojan-activity; sid:100002240; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.112.9.12"; content:"Host"; http_header; classtype:trojan-activity; sid:100002241; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.113.137.159"; content:"Host"; http_header; classtype:trojan-activity; sid:100002242; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.113.140.61"; content:"Host"; http_header; classtype:trojan-activity; sid:100002243; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.113.18.22"; content:"Host"; http_header; classtype:trojan-activity; sid:100002244; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.113.2.236"; content:"Host"; http_header; classtype:trojan-activity; sid:100002245; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.113.29.57"; content:"Host"; http_header; classtype:trojan-activity; sid:100002246; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.113.30.229"; content:"Host"; http_header; classtype:trojan-activity; sid:100002247; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.114.121.109"; content:"Host"; http_header; classtype:trojan-activity; sid:100002248; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.114.164.173"; content:"Host"; http_header; classtype:trojan-activity; sid:100002249; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.114.190.86"; content:"Host"; http_header; classtype:trojan-activity; sid:100002250; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.114.203.153"; content:"Host"; http_header; classtype:trojan-activity; sid:100002251; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.114.248.248"; content:"Host"; http_header; classtype:trojan-activity; sid:100002252; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.114.78.45"; content:"Host"; http_header; classtype:trojan-activity; sid:100002253; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.114.86.169"; content:"Host"; http_header; classtype:trojan-activity; sid:100002254; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.114.90.211"; content:"Host"; http_header; classtype:trojan-activity; sid:100002255; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.114.96.7"; content:"Host"; http_header; classtype:trojan-activity; sid:100002256; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.114.97.22"; content:"Host"; http_header; classtype:trojan-activity; sid:100002257; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.115.237.117"; content:"Host"; http_header; classtype:trojan-activity; sid:100002258; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.116.100.75"; content:"Host"; http_header; classtype:trojan-activity; sid:100002259; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.116.104.15"; content:"Host"; http_header; classtype:trojan-activity; sid:100002260; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.116.104.54"; content:"Host"; http_header; classtype:trojan-activity; sid:100002261; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.116.104.80"; content:"Host"; http_header; classtype:trojan-activity; sid:100002262; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.116.106.17"; content:"Host"; http_header; classtype:trojan-activity; sid:100002263; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.116.107.197"; content:"Host"; http_header; classtype:trojan-activity; sid:100002264; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.116.107.230"; content:"Host"; http_header; classtype:trojan-activity; sid:100002265; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.116.75.232"; content:"Host"; http_header; classtype:trojan-activity; sid:100002266; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.116.84.149"; content:"Host"; http_header; classtype:trojan-activity; sid:100002267; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.116.97.174"; content:"Host"; http_header; classtype:trojan-activity; sid:100002268; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.116.99.204"; content:"Host"; http_header; classtype:trojan-activity; sid:100002269; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.117.117.166"; content:"Host"; http_header; classtype:trojan-activity; sid:100002270; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.117.159.175"; content:"Host"; http_header; classtype:trojan-activity; sid:100002271; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.117.168.144"; content:"Host"; http_header; classtype:trojan-activity; sid:100002272; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.117.196.149"; content:"Host"; http_header; classtype:trojan-activity; sid:100002273; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.117.24.207"; content:"Host"; http_header; classtype:trojan-activity; sid:100002274; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.117.24.23"; content:"Host"; http_header; classtype:trojan-activity; sid:100002275; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.117.251.39"; content:"Host"; http_header; classtype:trojan-activity; sid:100002276; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.117.39.179"; content:"Host"; http_header; classtype:trojan-activity; sid:100002277; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.117.49.87"; content:"Host"; http_header; classtype:trojan-activity; sid:100002278; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.117.50.137"; content:"Host"; http_header; classtype:trojan-activity; sid:100002279; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.117.51.34"; content:"Host"; http_header; classtype:trojan-activity; sid:100002280; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.117.81.183"; content:"Host"; http_header; classtype:trojan-activity; sid:100002281; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.117.81.69"; content:"Host"; http_header; classtype:trojan-activity; sid:100002282; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.119.104.106"; content:"Host"; http_header; classtype:trojan-activity; sid:100002283; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.119.108.74"; content:"Host"; http_header; classtype:trojan-activity; sid:100002284; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.119.116.139"; content:"Host"; http_header; classtype:trojan-activity; sid:100002285; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.119.120.21"; content:"Host"; http_header; classtype:trojan-activity; sid:100002286; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.119.165.205"; content:"Host"; http_header; classtype:trojan-activity; sid:100002287; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.119.165.26"; content:"Host"; http_header; classtype:trojan-activity; sid:100002288; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.119.177.116"; content:"Host"; http_header; classtype:trojan-activity; sid:100002289; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.119.18.104"; content:"Host"; http_header; classtype:trojan-activity; sid:100002290; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.119.182.110"; content:"Host"; http_header; classtype:trojan-activity; sid:100002291; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.119.184.209"; content:"Host"; http_header; classtype:trojan-activity; sid:100002292; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.119.198.51"; content:"Host"; http_header; classtype:trojan-activity; sid:100002293; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.119.203.84"; content:"Host"; http_header; classtype:trojan-activity; sid:100002294; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.119.208.184"; content:"Host"; http_header; classtype:trojan-activity; sid:100002295; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.119.220.128"; content:"Host"; http_header; classtype:trojan-activity; sid:100002296; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.119.220.153"; content:"Host"; http_header; classtype:trojan-activity; sid:100002297; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.119.224.41"; content:"Host"; http_header; classtype:trojan-activity; sid:100002298; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.119.228.251"; content:"Host"; http_header; classtype:trojan-activity; sid:100002299; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.119.254.67"; content:"Host"; http_header; classtype:trojan-activity; sid:100002300; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.119.33.229"; content:"Host"; http_header; classtype:trojan-activity; sid:100002301; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.119.48.176"; content:"Host"; http_header; classtype:trojan-activity; sid:100002302; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.119.77.157"; content:"Host"; http_header; classtype:trojan-activity; sid:100002303; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.120.13.28"; content:"Host"; http_header; classtype:trojan-activity; sid:100002304; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.120.198.84"; content:"Host"; http_header; classtype:trojan-activity; sid:100002305; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.120.34.174"; content:"Host"; http_header; classtype:trojan-activity; sid:100002306; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.120.36.32"; content:"Host"; http_header; classtype:trojan-activity; sid:100002307; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.120.48.50"; content:"Host"; http_header; classtype:trojan-activity; sid:100002308; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.120.49.172"; content:"Host"; http_header; classtype:trojan-activity; sid:100002309; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.120.50.33"; content:"Host"; http_header; classtype:trojan-activity; sid:100002310; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.120.50.56"; content:"Host"; http_header; classtype:trojan-activity; sid:100002311; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.120.6.168"; content:"Host"; http_header; classtype:trojan-activity; sid:100002312; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.121.10.172"; content:"Host"; http_header; classtype:trojan-activity; sid:100002313; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.121.10.3"; content:"Host"; http_header; classtype:trojan-activity; sid:100002314; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.121.106.58"; content:"Host"; http_header; classtype:trojan-activity; sid:100002315; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.121.118.24"; content:"Host"; http_header; classtype:trojan-activity; sid:100002316; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.121.118.76"; content:"Host"; http_header; classtype:trojan-activity; sid:100002317; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.121.124.168"; content:"Host"; http_header; classtype:trojan-activity; sid:100002318; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.121.130.237"; content:"Host"; http_header; classtype:trojan-activity; sid:100002319; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.121.144.31"; content:"Host"; http_header; classtype:trojan-activity; sid:100002320; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.121.152.204"; content:"Host"; http_header; classtype:trojan-activity; sid:100002321; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.121.154.109"; content:"Host"; http_header; classtype:trojan-activity; sid:100002322; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.121.156.193"; content:"Host"; http_header; classtype:trojan-activity; sid:100002323; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.121.16.120"; content:"Host"; http_header; classtype:trojan-activity; sid:100002324; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.121.167.175"; content:"Host"; http_header; classtype:trojan-activity; sid:100002325; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.121.186.4"; content:"Host"; http_header; classtype:trojan-activity; sid:100002326; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.121.187.130"; content:"Host"; http_header; classtype:trojan-activity; sid:100002327; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.121.20.134"; content:"Host"; http_header; classtype:trojan-activity; sid:100002328; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.121.211.170"; content:"Host"; http_header; classtype:trojan-activity; sid:100002329; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.121.212.193"; content:"Host"; http_header; classtype:trojan-activity; sid:100002330; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.121.216.146"; content:"Host"; http_header; classtype:trojan-activity; sid:100002331; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.121.225.238"; content:"Host"; http_header; classtype:trojan-activity; sid:100002332; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.121.239.87"; content:"Host"; http_header; classtype:trojan-activity; sid:100002333; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.121.252.135"; content:"Host"; http_header; classtype:trojan-activity; sid:100002334; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.121.27.82"; content:"Host"; http_header; classtype:trojan-activity; sid:100002335; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.121.30.31"; content:"Host"; http_header; classtype:trojan-activity; sid:100002336; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.121.47.35"; content:"Host"; http_header; classtype:trojan-activity; sid:100002337; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.121.66.89"; content:"Host"; http_header; classtype:trojan-activity; sid:100002338; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.121.85.0"; content:"Host"; http_header; classtype:trojan-activity; sid:100002339; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.121.89.231"; content:"Host"; http_header; classtype:trojan-activity; sid:100002340; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.122.151.99"; content:"Host"; http_header; classtype:trojan-activity; sid:100002341; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.122.209.37"; content:"Host"; http_header; classtype:trojan-activity; sid:100002342; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.122.210.25"; content:"Host"; http_header; classtype:trojan-activity; sid:100002343; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.122.210.72"; content:"Host"; http_header; classtype:trojan-activity; sid:100002344; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.122.251.164"; content:"Host"; http_header; classtype:trojan-activity; sid:100002345; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.122.253.147"; content:"Host"; http_header; classtype:trojan-activity; sid:100002346; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.123.210.162"; content:"Host"; http_header; classtype:trojan-activity; sid:100002347; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.123.241.246"; content:"Host"; http_header; classtype:trojan-activity; sid:100002348; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.123.244.1"; content:"Host"; http_header; classtype:trojan-activity; sid:100002349; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.124.0.118"; content:"Host"; http_header; classtype:trojan-activity; sid:100002350; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.124.127.63"; content:"Host"; http_header; classtype:trojan-activity; sid:100002351; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.124.135.232"; content:"Host"; http_header; classtype:trojan-activity; sid:100002352; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.124.160.27"; content:"Host"; http_header; classtype:trojan-activity; sid:100002353; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.124.188.60"; content:"Host"; http_header; classtype:trojan-activity; sid:100002354; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.124.22.69"; content:"Host"; http_header; classtype:trojan-activity; sid:100002355; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.124.36.197"; content:"Host"; http_header; classtype:trojan-activity; sid:100002356; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.124.59.23"; content:"Host"; http_header; classtype:trojan-activity; sid:100002357; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.124.82.152"; content:"Host"; http_header; classtype:trojan-activity; sid:100002358; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.126.112.77"; content:"Host"; http_header; classtype:trojan-activity; sid:100002359; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.126.114.100"; content:"Host"; http_header; classtype:trojan-activity; sid:100002360; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.126.116.233"; content:"Host"; http_header; classtype:trojan-activity; sid:100002361; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.126.120.177"; content:"Host"; http_header; classtype:trojan-activity; sid:100002362; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.126.123.183"; content:"Host"; http_header; classtype:trojan-activity; sid:100002363; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.126.126.163"; content:"Host"; http_header; classtype:trojan-activity; sid:100002364; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.126.128.47"; content:"Host"; http_header; classtype:trojan-activity; sid:100002365; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.126.243.239"; content:"Host"; http_header; classtype:trojan-activity; sid:100002366; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.126.79.223"; content:"Host"; http_header; classtype:trojan-activity; sid:100002367; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.126.79.32"; content:"Host"; http_header; classtype:trojan-activity; sid:100002368; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.126.83.42"; content:"Host"; http_header; classtype:trojan-activity; sid:100002369; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.126.86.56"; content:"Host"; http_header; classtype:trojan-activity; sid:100002370; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.126.88.193"; content:"Host"; http_header; classtype:trojan-activity; sid:100002371; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.126.90.1"; content:"Host"; http_header; classtype:trojan-activity; sid:100002372; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.126.90.167"; content:"Host"; http_header; classtype:trojan-activity; sid:100002373; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.126.90.194"; content:"Host"; http_header; classtype:trojan-activity; sid:100002374; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.127.109.45"; content:"Host"; http_header; classtype:trojan-activity; sid:100002375; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.127.111.66"; content:"Host"; http_header; classtype:trojan-activity; sid:100002376; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.127.128.121"; content:"Host"; http_header; classtype:trojan-activity; sid:100002377; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.127.139.219"; content:"Host"; http_header; classtype:trojan-activity; sid:100002378; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.127.153.63"; content:"Host"; http_header; classtype:trojan-activity; sid:100002379; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.127.154.21"; content:"Host"; http_header; classtype:trojan-activity; sid:100002380; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.127.156.198"; content:"Host"; http_header; classtype:trojan-activity; sid:100002381; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.127.179.27"; content:"Host"; http_header; classtype:trojan-activity; sid:100002382; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.127.200.238"; content:"Host"; http_header; classtype:trojan-activity; sid:100002383; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.127.208.173"; content:"Host"; http_header; classtype:trojan-activity; sid:100002384; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.127.209.108"; content:"Host"; http_header; classtype:trojan-activity; sid:100002385; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.127.214.254"; content:"Host"; http_header; classtype:trojan-activity; sid:100002386; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.127.223.161"; content:"Host"; http_header; classtype:trojan-activity; sid:100002387; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.127.4.196"; content:"Host"; http_header; classtype:trojan-activity; sid:100002388; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.127.47.67"; content:"Host"; http_header; classtype:trojan-activity; sid:100002389; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.127.53.87"; content:"Host"; http_header; classtype:trojan-activity; sid:100002390; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.127.66.126"; content:"Host"; http_header; classtype:trojan-activity; sid:100002391; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.127.66.168"; content:"Host"; http_header; classtype:trojan-activity; sid:100002392; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.127.66.194"; content:"Host"; http_header; classtype:trojan-activity; sid:100002393; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.127.70.203"; content:"Host"; http_header; classtype:trojan-activity; sid:100002394; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.127.86.47"; content:"Host"; http_header; classtype:trojan-activity; sid:100002395; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.142.126.250"; content:"Host"; http_header; classtype:trojan-activity; sid:100002396; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.155.216.15"; content:"Host"; http_header; classtype:trojan-activity; sid:100002397; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.160.98.250"; content:"Host"; http_header; classtype:trojan-activity; sid:100002398; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.191.81.254"; content:"Host"; http_header; classtype:trojan-activity; sid:100002399; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.207.218.6"; content:"Host"; http_header; classtype:trojan-activity; sid:100002400; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.207.219.245"; content:"Host"; http_header; classtype:trojan-activity; sid:100002401; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.207.222.240"; content:"Host"; http_header; classtype:trojan-activity; sid:100002402; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.235.248.190"; content:"Host"; http_header; classtype:trojan-activity; sid:100002403; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.235.248.204"; content:"Host"; http_header; classtype:trojan-activity; sid:100002404; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.235.250.223"; content:"Host"; http_header; classtype:trojan-activity; sid:100002405; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.235.252.91"; content:"Host"; http_header; classtype:trojan-activity; sid:100002406; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.253.205.235"; content:"Host"; http_header; classtype:trojan-activity; sid:100002407; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.46.54.95"; content:"Host"; http_header; classtype:trojan-activity; sid:100002408; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.52.51.215"; content:"Host"; http_header; classtype:trojan-activity; sid:100002409; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.53.197.62"; content:"Host"; http_header; classtype:trojan-activity; sid:100002410; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.56.2.241"; content:"Host"; http_header; classtype:trojan-activity; sid:100002411; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.59.165.203"; content:"Host"; http_header; classtype:trojan-activity; sid:100002412; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.93.54.42"; content:"Host"; http_header; classtype:trojan-activity; sid:100002413; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"183.104.255.139"; content:"Host"; http_header; classtype:trojan-activity; sid:100002414; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"183.108.201.171"; content:"Host"; http_header; classtype:trojan-activity; sid:100002415; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"183.109.144.84"; content:"Host"; http_header; classtype:trojan-activity; sid:100002416; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"183.109.169.45"; content:"Host"; http_header; classtype:trojan-activity; sid:100002417; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"183.109.212.28"; content:"Host"; http_header; classtype:trojan-activity; sid:100002418; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"183.135.153.218"; content:"Host"; http_header; classtype:trojan-activity; sid:100002419; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"183.143.75.249"; content:"Host"; http_header; classtype:trojan-activity; sid:100002420; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"183.145.14.210"; content:"Host"; http_header; classtype:trojan-activity; sid:100002421; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"183.146.225.122"; content:"Host"; http_header; classtype:trojan-activity; sid:100002422; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"183.148.55.58"; content:"Host"; http_header; classtype:trojan-activity; sid:100002423; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"183.15.88.87"; content:"Host"; http_header; classtype:trojan-activity; sid:100002424; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"183.15.89.81"; content:"Host"; http_header; classtype:trojan-activity; sid:100002425; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"183.15.91.187"; content:"Host"; http_header; classtype:trojan-activity; sid:100002426; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"183.16.210.232"; content:"Host"; http_header; classtype:trojan-activity; sid:100002427; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"183.17.144.172"; content:"Host"; http_header; classtype:trojan-activity; sid:100002428; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"183.186.157.99"; content:"Host"; http_header; classtype:trojan-activity; sid:100002429; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"183.186.195.75"; content:"Host"; http_header; classtype:trojan-activity; sid:100002430; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"183.188.101.252"; content:"Host"; http_header; classtype:trojan-activity; sid:100002431; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"183.188.115.104"; content:"Host"; http_header; classtype:trojan-activity; sid:100002432; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"183.188.140.90"; content:"Host"; http_header; classtype:trojan-activity; sid:100002433; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"183.188.182.229"; content:"Host"; http_header; classtype:trojan-activity; sid:100002434; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"183.188.213.16"; content:"Host"; http_header; classtype:trojan-activity; sid:100002435; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"183.188.242.157"; content:"Host"; http_header; classtype:trojan-activity; sid:100002436; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"183.188.50.112"; content:"Host"; http_header; classtype:trojan-activity; sid:100002437; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"183.233.173.186"; content:"Host"; http_header; classtype:trojan-activity; sid:100002438; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"183.4.224.73"; content:"Host"; http_header; classtype:trojan-activity; sid:100002439; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"183.49.85.175"; content:"Host"; http_header; classtype:trojan-activity; sid:100002440; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"183.49.87.10"; content:"Host"; http_header; classtype:trojan-activity; sid:100002441; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"183.95.26.25"; content:"Host"; http_header; classtype:trojan-activity; sid:100002442; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"183.95.27.44"; content:"Host"; http_header; classtype:trojan-activity; sid:100002443; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"183.95.27.75"; content:"Host"; http_header; classtype:trojan-activity; sid:100002444; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"183.95.8.101"; content:"Host"; http_header; classtype:trojan-activity; sid:100002445; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"183.97.139.14"; content:"Host"; http_header; classtype:trojan-activity; sid:100002446; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"183.99.18.203"; content:"Host"; http_header; classtype:trojan-activity; sid:100002447; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"184.175.115.10"; content:"Host"; http_header; classtype:trojan-activity; sid:100002448; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"185.106.209.68"; content:"Host"; http_header; classtype:trojan-activity; sid:100002449; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"185.107.0.213"; content:"Host"; http_header; classtype:trojan-activity; sid:100002450; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"185.107.96.180"; content:"Host"; http_header; classtype:trojan-activity; sid:100002451; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"185.12.78.161"; content:"Host"; http_header; classtype:trojan-activity; sid:100002452; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"185.138.123.179"; content:"Host"; http_header; classtype:trojan-activity; sid:100002453; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"185.153.199.169"; content:"Host"; http_header; classtype:trojan-activity; sid:100002454; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"185.154.196.87"; content:"Host"; http_header; classtype:trojan-activity; sid:100002455; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"185.157.168.198"; content:"Host"; http_header; classtype:trojan-activity; sid:100002456; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"185.18.7.19"; content:"Host"; http_header; classtype:trojan-activity; sid:100002457; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"185.190.152.39"; content:"Host"; http_header; classtype:trojan-activity; sid:100002458; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"185.191.246.45"; content:"Host"; http_header; classtype:trojan-activity; sid:100002459; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"185.198.57.75"; content:"Host"; http_header; classtype:trojan-activity; sid:100002460; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"185.215.113.25"; content:"Host"; http_header; classtype:trojan-activity; sid:100002461; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"185.215.113.77"; content:"Host"; http_header; classtype:trojan-activity; sid:100002462; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"185.215.113.84"; content:"Host"; http_header; classtype:trojan-activity; sid:100002463; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"185.221.3.244"; content:"Host"; http_header; classtype:trojan-activity; sid:100002464; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"185.222.57.162"; content:"Host"; http_header; classtype:trojan-activity; sid:100002465; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"185.222.57.177"; content:"Host"; http_header; classtype:trojan-activity; sid:100002466; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"185.222.57.190"; content:"Host"; http_header; classtype:trojan-activity; sid:100002467; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"185.228.141.74"; content:"Host"; http_header; classtype:trojan-activity; sid:100002468; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"185.238.123.74"; content:"Host"; http_header; classtype:trojan-activity; sid:100002469; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"185.243.56.167"; content:"Host"; http_header; classtype:trojan-activity; sid:100002470; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"185.245.96.31"; content:"Host"; http_header; classtype:trojan-activity; sid:100002471; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"185.254.240.239"; content:"Host"; http_header; classtype:trojan-activity; sid:100002472; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"185.26.113.95"; content:"Host"; http_header; classtype:trojan-activity; sid:100002473; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"185.29.8.159"; content:"Host"; http_header; classtype:trojan-activity; sid:100002474; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"185.68.230.207"; content:"Host"; http_header; classtype:trojan-activity; sid:100002475; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"185.70.186.138"; content:"Host"; http_header; classtype:trojan-activity; sid:100002476; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"185.81.157.186"; content:"Host"; http_header; classtype:trojan-activity; sid:100002477; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"186.120.114.44"; content:"Host"; http_header; classtype:trojan-activity; sid:100002478; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"186.136.101.237"; content:"Host"; http_header; classtype:trojan-activity; sid:100002479; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"186.145.254.233"; content:"Host"; http_header; classtype:trojan-activity; sid:100002480; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"186.179.219.164"; content:"Host"; http_header; classtype:trojan-activity; sid:100002481; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"186.179.243.112"; content:"Host"; http_header; classtype:trojan-activity; sid:100002482; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"186.179.243.77"; content:"Host"; http_header; classtype:trojan-activity; sid:100002483; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"186.179.253.150"; content:"Host"; http_header; classtype:trojan-activity; sid:100002484; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"186.230.39.13"; content:"Host"; http_header; classtype:trojan-activity; sid:100002485; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"186.33.65.99"; content:"Host"; http_header; classtype:trojan-activity; sid:100002486; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"186.33.68.11"; content:"Host"; http_header; classtype:trojan-activity; sid:100002487; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"186.33.68.166"; content:"Host"; http_header; classtype:trojan-activity; sid:100002488; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"186.33.68.18"; content:"Host"; http_header; classtype:trojan-activity; sid:100002489; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"186.33.68.82"; content:"Host"; http_header; classtype:trojan-activity; sid:100002490; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"186.33.69.251"; content:"Host"; http_header; classtype:trojan-activity; sid:100002491; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"186.33.70.130"; content:"Host"; http_header; classtype:trojan-activity; sid:100002492; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"186.33.70.224"; content:"Host"; http_header; classtype:trojan-activity; sid:100002493; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"186.33.70.60"; content:"Host"; http_header; classtype:trojan-activity; sid:100002494; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"186.33.71.19"; content:"Host"; http_header; classtype:trojan-activity; sid:100002495; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"186.33.72.100"; content:"Host"; http_header; classtype:trojan-activity; sid:100002496; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"186.33.72.77"; content:"Host"; http_header; classtype:trojan-activity; sid:100002497; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"186.33.73.121"; content:"Host"; http_header; classtype:trojan-activity; sid:100002498; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"186.33.73.131"; content:"Host"; http_header; classtype:trojan-activity; sid:100002499; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"186.33.73.133"; content:"Host"; http_header; classtype:trojan-activity; sid:100002500; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"186.33.73.60"; content:"Host"; http_header; classtype:trojan-activity; sid:100002501; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"186.33.74.249"; content:"Host"; http_header; classtype:trojan-activity; sid:100002502; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"186.33.74.65"; content:"Host"; http_header; classtype:trojan-activity; sid:100002503; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"186.33.75.175"; content:"Host"; http_header; classtype:trojan-activity; sid:100002504; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"186.33.75.206"; content:"Host"; http_header; classtype:trojan-activity; sid:100002505; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"186.33.75.98"; content:"Host"; http_header; classtype:trojan-activity; sid:100002506; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"186.33.76.86"; content:"Host"; http_header; classtype:trojan-activity; sid:100002507; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"186.33.76.9"; content:"Host"; http_header; classtype:trojan-activity; sid:100002508; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"186.33.77.155"; content:"Host"; http_header; classtype:trojan-activity; sid:100002509; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"186.33.77.205"; content:"Host"; http_header; classtype:trojan-activity; sid:100002510; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"186.33.77.57"; content:"Host"; http_header; classtype:trojan-activity; sid:100002511; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"186.33.77.76"; content:"Host"; http_header; classtype:trojan-activity; sid:100002512; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"186.33.77.88"; content:"Host"; http_header; classtype:trojan-activity; sid:100002513; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"186.33.79.7"; content:"Host"; http_header; classtype:trojan-activity; sid:100002514; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"186.33.80.20"; content:"Host"; http_header; classtype:trojan-activity; sid:100002515; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"186.33.80.200"; content:"Host"; http_header; classtype:trojan-activity; sid:100002516; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"186.33.80.62"; content:"Host"; http_header; classtype:trojan-activity; sid:100002517; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"186.33.81.71"; content:"Host"; http_header; classtype:trojan-activity; sid:100002518; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"186.33.82.192"; content:"Host"; http_header; classtype:trojan-activity; sid:100002519; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"186.33.83.154"; content:"Host"; http_header; classtype:trojan-activity; sid:100002520; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"186.33.83.248"; content:"Host"; http_header; classtype:trojan-activity; sid:100002521; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"186.33.84.134"; content:"Host"; http_header; classtype:trojan-activity; sid:100002522; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"186.33.84.171"; content:"Host"; http_header; classtype:trojan-activity; sid:100002523; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"186.33.85.120"; content:"Host"; http_header; classtype:trojan-activity; sid:100002524; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"186.33.85.211"; content:"Host"; http_header; classtype:trojan-activity; sid:100002525; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"186.33.85.89"; content:"Host"; http_header; classtype:trojan-activity; sid:100002526; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"186.33.86.138"; content:"Host"; http_header; classtype:trojan-activity; sid:100002527; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"186.33.86.53"; content:"Host"; http_header; classtype:trojan-activity; sid:100002528; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"186.33.88.128"; content:"Host"; http_header; classtype:trojan-activity; sid:100002529; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"186.33.88.232"; content:"Host"; http_header; classtype:trojan-activity; sid:100002530; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"186.33.89.113"; content:"Host"; http_header; classtype:trojan-activity; sid:100002531; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"186.33.89.14"; content:"Host"; http_header; classtype:trojan-activity; sid:100002532; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"186.33.89.173"; content:"Host"; http_header; classtype:trojan-activity; sid:100002533; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"186.33.89.252"; content:"Host"; http_header; classtype:trojan-activity; sid:100002534; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"186.33.90.114"; content:"Host"; http_header; classtype:trojan-activity; sid:100002535; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"186.33.90.255"; content:"Host"; http_header; classtype:trojan-activity; sid:100002536; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"186.33.91.101"; content:"Host"; http_header; classtype:trojan-activity; sid:100002537; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"186.33.91.183"; content:"Host"; http_header; classtype:trojan-activity; sid:100002538; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"186.33.91.68"; content:"Host"; http_header; classtype:trojan-activity; sid:100002539; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"186.33.92.0"; content:"Host"; http_header; classtype:trojan-activity; sid:100002540; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"186.33.92.203"; content:"Host"; http_header; classtype:trojan-activity; sid:100002541; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"186.33.92.223"; content:"Host"; http_header; classtype:trojan-activity; sid:100002542; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"186.33.94.48"; content:"Host"; http_header; classtype:trojan-activity; sid:100002543; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"186.33.95.116"; content:"Host"; http_header; classtype:trojan-activity; sid:100002544; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"186.33.95.160"; content:"Host"; http_header; classtype:trojan-activity; sid:100002545; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"186.33.95.165"; content:"Host"; http_header; classtype:trojan-activity; sid:100002546; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"186.4.125.48"; content:"Host"; http_header; classtype:trojan-activity; sid:100002547; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"186.45.242.80"; content:"Host"; http_header; classtype:trojan-activity; sid:100002548; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"186.72.254.131"; content:"Host"; http_header; classtype:trojan-activity; sid:100002549; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"186.96.217.226"; content:"Host"; http_header; classtype:trojan-activity; sid:100002550; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"187.12.218.66"; content:"Host"; http_header; classtype:trojan-activity; sid:100002551; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"187.188.124.229"; content:"Host"; http_header; classtype:trojan-activity; sid:100002552; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"187.84.35.79"; content:"Host"; http_header; classtype:trojan-activity; sid:100002553; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"188.0.148.132"; content:"Host"; http_header; classtype:trojan-activity; sid:100002554; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"188.0.148.223"; content:"Host"; http_header; classtype:trojan-activity; sid:100002555; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"188.10.231.246"; content:"Host"; http_header; classtype:trojan-activity; sid:100002556; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"188.113.105.122"; content:"Host"; http_header; classtype:trojan-activity; sid:100002557; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"188.113.81.17"; content:"Host"; http_header; classtype:trojan-activity; sid:100002558; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"188.12.87.231"; content:"Host"; http_header; classtype:trojan-activity; sid:100002559; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"188.120.253.161"; content:"Host"; http_header; classtype:trojan-activity; sid:100002560; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"188.127.174.213"; content:"Host"; http_header; classtype:trojan-activity; sid:100002561; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"188.13.179.87"; content:"Host"; http_header; classtype:trojan-activity; sid:100002562; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"188.134.18.36"; content:"Host"; http_header; classtype:trojan-activity; sid:100002563; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"188.148.227.78"; content:"Host"; http_header; classtype:trojan-activity; sid:100002564; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"188.151.77.225"; content:"Host"; http_header; classtype:trojan-activity; sid:100002565; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"188.152.246.130"; content:"Host"; http_header; classtype:trojan-activity; sid:100002566; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"188.169.178.50"; content:"Host"; http_header; classtype:trojan-activity; sid:100002567; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"188.169.199.59"; content:"Host"; http_header; classtype:trojan-activity; sid:100002568; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"188.169.30.11"; content:"Host"; http_header; classtype:trojan-activity; sid:100002569; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"188.169.30.30"; content:"Host"; http_header; classtype:trojan-activity; sid:100002570; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"188.19.187.107"; content:"Host"; http_header; classtype:trojan-activity; sid:100002571; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"188.234.112.48"; content:"Host"; http_header; classtype:trojan-activity; sid:100002572; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"188.234.214.19"; content:"Host"; http_header; classtype:trojan-activity; sid:100002573; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"188.242.167.159"; content:"Host"; http_header; classtype:trojan-activity; sid:100002574; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"188.242.242.144"; content:"Host"; http_header; classtype:trojan-activity; sid:100002575; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"188.64.205.249"; content:"Host"; http_header; classtype:trojan-activity; sid:100002576; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"189.203.214.232"; content:"Host"; http_header; classtype:trojan-activity; sid:100002577; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"189.39.197.96"; content:"Host"; http_header; classtype:trojan-activity; sid:100002578; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"189.85.33.42"; content:"Host"; http_header; classtype:trojan-activity; sid:100002579; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"189.85.33.74"; content:"Host"; http_header; classtype:trojan-activity; sid:100002580; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"189.85.33.83"; content:"Host"; http_header; classtype:trojan-activity; sid:100002581; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"189.85.35.136"; content:"Host"; http_header; classtype:trojan-activity; sid:100002582; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"189.85.35.238"; content:"Host"; http_header; classtype:trojan-activity; sid:100002583; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"190.0.42.106"; content:"Host"; http_header; classtype:trojan-activity; sid:100002584; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"190.109.178.139"; content:"Host"; http_header; classtype:trojan-activity; sid:100002585; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"190.110.161.252"; content:"Host"; http_header; classtype:trojan-activity; sid:100002586; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"190.110.222.174"; content:"Host"; http_header; classtype:trojan-activity; sid:100002587; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"190.12.99.194"; content:"Host"; http_header; classtype:trojan-activity; sid:100002588; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"190.121.34.7"; content:"Host"; http_header; classtype:trojan-activity; sid:100002589; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"190.122.112.13"; content:"Host"; http_header; classtype:trojan-activity; sid:100002590; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"190.122.112.16"; content:"Host"; http_header; classtype:trojan-activity; sid:100002591; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"190.122.112.22"; content:"Host"; http_header; classtype:trojan-activity; sid:100002592; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"190.122.112.32"; content:"Host"; http_header; classtype:trojan-activity; sid:100002593; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"190.122.112.4"; content:"Host"; http_header; classtype:trojan-activity; sid:100002594; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"190.122.112.45"; content:"Host"; http_header; classtype:trojan-activity; sid:100002595; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"190.122.112.46"; content:"Host"; http_header; classtype:trojan-activity; sid:100002596; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"190.122.112.5"; content:"Host"; http_header; classtype:trojan-activity; sid:100002597; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"190.122.112.55"; content:"Host"; http_header; classtype:trojan-activity; sid:100002598; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"190.122.112.6"; content:"Host"; http_header; classtype:trojan-activity; sid:100002599; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"190.122.112.67"; content:"Host"; http_header; classtype:trojan-activity; sid:100002600; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"190.122.112.7"; content:"Host"; http_header; classtype:trojan-activity; sid:100002601; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"190.122.112.74"; content:"Host"; http_header; classtype:trojan-activity; sid:100002602; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"190.122.112.79"; content:"Host"; http_header; classtype:trojan-activity; sid:100002603; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"190.122.112.82"; content:"Host"; http_header; classtype:trojan-activity; sid:100002604; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"190.122.112.84"; content:"Host"; http_header; classtype:trojan-activity; sid:100002605; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"190.130.15.212"; content:"Host"; http_header; classtype:trojan-activity; sid:100002606; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"190.147.16.184"; content:"Host"; http_header; classtype:trojan-activity; sid:100002607; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"190.15.248.17"; content:"Host"; http_header; classtype:trojan-activity; sid:100002608; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"190.159.240.9"; content:"Host"; http_header; classtype:trojan-activity; sid:100002609; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"190.214.24.194"; content:"Host"; http_header; classtype:trojan-activity; sid:100002610; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"190.216.140.123"; content:"Host"; http_header; classtype:trojan-activity; sid:100002611; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"190.219.6.150"; content:"Host"; http_header; classtype:trojan-activity; sid:100002612; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"190.59.6.132"; content:"Host"; http_header; classtype:trojan-activity; sid:100002613; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"190.79.199.114"; content:"Host"; http_header; classtype:trojan-activity; sid:100002614; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"190.85.106.42"; content:"Host"; http_header; classtype:trojan-activity; sid:100002615; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"190.85.213.51"; content:"Host"; http_header; classtype:trojan-activity; sid:100002616; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"190.98.37.135"; content:"Host"; http_header; classtype:trojan-activity; sid:100002617; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"190.98.37.200"; content:"Host"; http_header; classtype:trojan-activity; sid:100002618; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"190.98.41.33"; content:"Host"; http_header; classtype:trojan-activity; sid:100002619; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"191.209.82.96"; content:"Host"; http_header; classtype:trojan-activity; sid:100002620; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"191.243.186.246"; content:"Host"; http_header; classtype:trojan-activity; sid:100002621; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"191.255.248.220"; content:"Host"; http_header; classtype:trojan-activity; sid:100002622; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"191.33.171.242"; content:"Host"; http_header; classtype:trojan-activity; sid:100002623; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"192.227.158.101"; content:"Host"; http_header; classtype:trojan-activity; sid:100002624; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"192.227.158.116"; content:"Host"; http_header; classtype:trojan-activity; sid:100002625; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"192.227.158.118"; content:"Host"; http_header; classtype:trojan-activity; sid:100002626; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"192.227.225.170"; content:"Host"; http_header; classtype:trojan-activity; sid:100002627; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"192.227.228.37"; content:"Host"; http_header; classtype:trojan-activity; sid:100002628; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"192.227.228.38"; content:"Host"; http_header; classtype:trojan-activity; sid:100002629; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"192.3.118.107"; content:"Host"; http_header; classtype:trojan-activity; sid:100002630; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"192.3.121.153"; content:"Host"; http_header; classtype:trojan-activity; sid:100002631; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"192.3.121.164"; content:"Host"; http_header; classtype:trojan-activity; sid:100002632; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"192.3.122.180"; content:"Host"; http_header; classtype:trojan-activity; sid:100002633; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"192.3.80.137"; content:"Host"; http_header; classtype:trojan-activity; sid:100002634; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"193.56.146.36"; content:"Host"; http_header; classtype:trojan-activity; sid:100002635; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"193.93.77.186"; content:"Host"; http_header; classtype:trojan-activity; sid:100002636; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"194.152.35.139"; content:"Host"; http_header; classtype:trojan-activity; sid:100002637; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"194.158.222.30"; content:"Host"; http_header; classtype:trojan-activity; sid:100002638; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"194.190.49.103"; content:"Host"; http_header; classtype:trojan-activity; sid:100002639; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"194.38.20.199"; content:"Host"; http_header; classtype:trojan-activity; sid:100002640; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"194.38.20.232"; content:"Host"; http_header; classtype:trojan-activity; sid:100002641; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"194.38.20.31"; content:"Host"; http_header; classtype:trojan-activity; sid:100002642; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"194.54.160.248"; content:"Host"; http_header; classtype:trojan-activity; sid:100002643; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"194.85.250.141"; content:"Host"; http_header; classtype:trojan-activity; sid:100002644; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"194.87.138.20"; content:"Host"; http_header; classtype:trojan-activity; sid:100002645; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"194.88.153.71"; content:"Host"; http_header; classtype:trojan-activity; sid:100002646; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"195.133.18.213"; content:"Host"; http_header; classtype:trojan-activity; sid:100002647; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"195.144.235.42"; content:"Host"; http_header; classtype:trojan-activity; sid:100002648; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"195.162.70.104"; content:"Host"; http_header; classtype:trojan-activity; sid:100002649; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"195.228.231.218"; content:"Host"; http_header; classtype:trojan-activity; sid:100002650; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"195.239.7.250"; content:"Host"; http_header; classtype:trojan-activity; sid:100002651; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"196.2.11.215"; content:"Host"; http_header; classtype:trojan-activity; sid:100002652; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"196.202.26.182"; content:"Host"; http_header; classtype:trojan-activity; sid:100002653; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"196.218.214.7"; content:"Host"; http_header; classtype:trojan-activity; sid:100002654; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"196.221.208.149"; content:"Host"; http_header; classtype:trojan-activity; sid:100002655; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"198.12.107.112"; content:"Host"; http_header; classtype:trojan-activity; sid:100002656; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"198.12.127.139"; content:"Host"; http_header; classtype:trojan-activity; sid:100002657; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"198.23.207.126"; content:"Host"; http_header; classtype:trojan-activity; sid:100002658; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"198.23.212.136"; content:"Host"; http_header; classtype:trojan-activity; sid:100002659; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"198.46.132.212"; content:"Host"; http_header; classtype:trojan-activity; sid:100002660; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"198.46.136.245"; content:"Host"; http_header; classtype:trojan-activity; sid:100002661; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"198.46.199.226"; content:"Host"; http_header; classtype:trojan-activity; sid:100002662; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"198.46.233.46"; content:"Host"; http_header; classtype:trojan-activity; sid:100002663; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"199.203.204.116"; content:"Host"; http_header; classtype:trojan-activity; sid:100002664; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1stcreditsg.qnotice.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100002665; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1wayfoods.in"; content:"Host"; http_header; classtype:trojan-activity; sid:100002666; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"2.106.156.53"; content:"Host"; http_header; classtype:trojan-activity; sid:100002667; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"2.196.130.225"; content:"Host"; http_header; classtype:trojan-activity; sid:100002668; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"2.249.178.144"; content:"Host"; http_header; classtype:trojan-activity; sid:100002669; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"2.32.205.162"; content:"Host"; http_header; classtype:trojan-activity; sid:100002670; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"2.36.231.201"; content:"Host"; http_header; classtype:trojan-activity; sid:100002671; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"2.37.203.65"; content:"Host"; http_header; classtype:trojan-activity; sid:100002672; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"2.55.84.45"; content:"Host"; http_header; classtype:trojan-activity; sid:100002673; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"2.55.85.242"; content:"Host"; http_header; classtype:trojan-activity; sid:100002674; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"2.56.59.215"; content:"Host"; http_header; classtype:trojan-activity; sid:100002675; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"2.56.59.237"; content:"Host"; http_header; classtype:trojan-activity; sid:100002676; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"2.56.59.38"; content:"Host"; http_header; classtype:trojan-activity; sid:100002677; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"2.56.59.42"; content:"Host"; http_header; classtype:trojan-activity; sid:100002678; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"2.62.113.142"; content:"Host"; http_header; classtype:trojan-activity; sid:100002679; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"2.83.152.16"; content:"Host"; http_header; classtype:trojan-activity; sid:100002680; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"2.indexsinas.me"; content:"Host"; http_header; classtype:trojan-activity; sid:100002681; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"20.199.96.7"; content:"Host"; http_header; classtype:trojan-activity; sid:100002682; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"200.111.189.70"; content:"Host"; http_header; classtype:trojan-activity; sid:100002683; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"200.125.165.178"; content:"Host"; http_header; classtype:trojan-activity; sid:100002684; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"200.151.167.118"; content:"Host"; http_header; classtype:trojan-activity; sid:100002685; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"200.2.161.171"; content:"Host"; http_header; classtype:trojan-activity; sid:100002686; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"200.30.132.50"; content:"Host"; http_header; classtype:trojan-activity; sid:100002687; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"200.31.19.179"; content:"Host"; http_header; classtype:trojan-activity; sid:100002688; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"201.157.212.29"; content:"Host"; http_header; classtype:trojan-activity; sid:100002689; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"201.172.206.60"; content:"Host"; http_header; classtype:trojan-activity; sid:100002690; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"201.184.163.170"; content:"Host"; http_header; classtype:trojan-activity; sid:100002691; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"201.187.102.73"; content:"Host"; http_header; classtype:trojan-activity; sid:100002692; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"201.192.160.106"; content:"Host"; http_header; classtype:trojan-activity; sid:100002693; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"201.200.4.44"; content:"Host"; http_header; classtype:trojan-activity; sid:100002694; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"201.206.146.33"; content:"Host"; http_header; classtype:trojan-activity; sid:100002695; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"201.209.63.134"; content:"Host"; http_header; classtype:trojan-activity; sid:100002696; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"202.107.233.41"; content:"Host"; http_header; classtype:trojan-activity; sid:100002697; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"202.124.229.232"; content:"Host"; http_header; classtype:trojan-activity; sid:100002698; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"202.150.186.35"; content:"Host"; http_header; classtype:trojan-activity; sid:100002699; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"202.169.232.202"; content:"Host"; http_header; classtype:trojan-activity; sid:100002700; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"202.178.113.23"; content:"Host"; http_header; classtype:trojan-activity; sid:100002701; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"202.178.113.240"; content:"Host"; http_header; classtype:trojan-activity; sid:100002702; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"202.178.113.243"; content:"Host"; http_header; classtype:trojan-activity; sid:100002703; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"202.178.113.65"; content:"Host"; http_header; classtype:trojan-activity; sid:100002704; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"202.178.113.81"; content:"Host"; http_header; classtype:trojan-activity; sid:100002705; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"202.29.95.12"; content:"Host"; http_header; classtype:trojan-activity; sid:100002706; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"202.4.124.58"; content:"Host"; http_header; classtype:trojan-activity; sid:100002707; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"202.51.176.114"; content:"Host"; http_header; classtype:trojan-activity; sid:100002708; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"202.51.181.238"; content:"Host"; http_header; classtype:trojan-activity; sid:100002709; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"202.55.132.106"; content:"Host"; http_header; classtype:trojan-activity; sid:100002710; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"202.55.132.29"; content:"Host"; http_header; classtype:trojan-activity; sid:100002711; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"202.55.135.190"; content:"Host"; http_header; classtype:trojan-activity; sid:100002712; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"203.109.201.243"; content:"Host"; http_header; classtype:trojan-activity; sid:100002713; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"203.128.169.86"; content:"Host"; http_header; classtype:trojan-activity; sid:100002714; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"203.170.105.8"; content:"Host"; http_header; classtype:trojan-activity; sid:100002715; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"203.176.129.115"; content:"Host"; http_header; classtype:trojan-activity; sid:100002716; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"203.176.129.73"; content:"Host"; http_header; classtype:trojan-activity; sid:100002717; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"203.176.129.97"; content:"Host"; http_header; classtype:trojan-activity; sid:100002718; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"203.187.95.132"; content:"Host"; http_header; classtype:trojan-activity; sid:100002719; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"203.202.248.22"; content:"Host"; http_header; classtype:trojan-activity; sid:100002720; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"203.203.34.107"; content:"Host"; http_header; classtype:trojan-activity; sid:100002721; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"203.204.193.17"; content:"Host"; http_header; classtype:trojan-activity; sid:100002722; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"203.204.232.18"; content:"Host"; http_header; classtype:trojan-activity; sid:100002723; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"203.204.245.89"; content:"Host"; http_header; classtype:trojan-activity; sid:100002724; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"203.212.215.125"; content:"Host"; http_header; classtype:trojan-activity; sid:100002725; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"203.217.118.61"; content:"Host"; http_header; classtype:trojan-activity; sid:100002726; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"203.223.44.206"; content:"Host"; http_header; classtype:trojan-activity; sid:100002727; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"203.229.21.56"; content:"Host"; http_header; classtype:trojan-activity; sid:100002728; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"203.236.190.28"; content:"Host"; http_header; classtype:trojan-activity; sid:100002729; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"203.70.166.107"; content:"Host"; http_header; classtype:trojan-activity; sid:100002730; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"203.77.69.82"; content:"Host"; http_header; classtype:trojan-activity; sid:100002731; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"203.77.80.159"; content:"Host"; http_header; classtype:trojan-activity; sid:100002732; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"203.80.119.166"; content:"Host"; http_header; classtype:trojan-activity; sid:100002733; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"203.80.171.138"; content:"Host"; http_header; classtype:trojan-activity; sid:100002734; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"203.82.36.34"; content:"Host"; http_header; classtype:trojan-activity; sid:100002735; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"204.157.136.206"; content:"Host"; http_header; classtype:trojan-activity; sid:100002736; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"205.185.114.157"; content:"Host"; http_header; classtype:trojan-activity; sid:100002737; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"205.185.114.71"; content:"Host"; http_header; classtype:trojan-activity; sid:100002738; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"205.185.115.164"; content:"Host"; http_header; classtype:trojan-activity; sid:100002739; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"205.185.119.11"; content:"Host"; http_header; classtype:trojan-activity; sid:100002740; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"205.185.121.185"; content:"Host"; http_header; classtype:trojan-activity; sid:100002741; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"206.47.41.175"; content:"Host"; http_header; classtype:trojan-activity; sid:100002742; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"207.144.22.78"; content:"Host"; http_header; classtype:trojan-activity; sid:100002743; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"207.237.12.108"; content:"Host"; http_header; classtype:trojan-activity; sid:100002744; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"207.44.28.234"; content:"Host"; http_header; classtype:trojan-activity; sid:100002745; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"207.5.32.6"; content:"Host"; http_header; classtype:trojan-activity; sid:100002746; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"208.163.58.18"; content:"Host"; http_header; classtype:trojan-activity; sid:100002747; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"209.141.42.149"; content:"Host"; http_header; classtype:trojan-activity; sid:100002748; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"209.141.46.12"; content:"Host"; http_header; classtype:trojan-activity; sid:100002749; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"209.141.50.127"; content:"Host"; http_header; classtype:trojan-activity; sid:100002750; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"209.141.62.214"; content:"Host"; http_header; classtype:trojan-activity; sid:100002751; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"209.150.33.127"; content:"Host"; http_header; classtype:trojan-activity; sid:100002752; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"209.53.154.202"; content:"Host"; http_header; classtype:trojan-activity; sid:100002753; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"210.113.211.169"; content:"Host"; http_header; classtype:trojan-activity; sid:100002754; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"210.126.78.204"; content:"Host"; http_header; classtype:trojan-activity; sid:100002755; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"210.180.237.212"; content:"Host"; http_header; classtype:trojan-activity; sid:100002756; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"210.182.101.144"; content:"Host"; http_header; classtype:trojan-activity; sid:100002757; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"210.201.120.150"; content:"Host"; http_header; classtype:trojan-activity; sid:100002758; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"210.205.1.151"; content:"Host"; http_header; classtype:trojan-activity; sid:100002759; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"210.205.1.161"; content:"Host"; http_header; classtype:trojan-activity; sid:100002760; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"210.209.175.157"; content:"Host"; http_header; classtype:trojan-activity; sid:100002761; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"210.97.100.16"; content:"Host"; http_header; classtype:trojan-activity; sid:100002762; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"211.180.62.113"; content:"Host"; http_header; classtype:trojan-activity; sid:100002763; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"211.194.58.50"; content:"Host"; http_header; classtype:trojan-activity; sid:100002764; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"211.198.209.51"; content:"Host"; http_header; classtype:trojan-activity; sid:100002765; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"211.210.93.93"; content:"Host"; http_header; classtype:trojan-activity; sid:100002766; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"211.219.6.5"; content:"Host"; http_header; classtype:trojan-activity; sid:100002767; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"211.220.110.171"; content:"Host"; http_header; classtype:trojan-activity; sid:100002768; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"211.220.35.82"; content:"Host"; http_header; classtype:trojan-activity; sid:100002769; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"211.225.158.43"; content:"Host"; http_header; classtype:trojan-activity; sid:100002770; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"211.227.199.94"; content:"Host"; http_header; classtype:trojan-activity; sid:100002771; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"211.227.227.182"; content:"Host"; http_header; classtype:trojan-activity; sid:100002772; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"211.230.105.92"; content:"Host"; http_header; classtype:trojan-activity; sid:100002773; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"211.237.113.250"; content:"Host"; http_header; classtype:trojan-activity; sid:100002774; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"211.238.83.238"; content:"Host"; http_header; classtype:trojan-activity; sid:100002775; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"211.243.212.34"; content:"Host"; http_header; classtype:trojan-activity; sid:100002776; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"211.250.243.131"; content:"Host"; http_header; classtype:trojan-activity; sid:100002777; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"211.250.48.238"; content:"Host"; http_header; classtype:trojan-activity; sid:100002778; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"211.32.30.48"; content:"Host"; http_header; classtype:trojan-activity; sid:100002779; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"211.47.100.182"; content:"Host"; http_header; classtype:trojan-activity; sid:100002780; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"211.47.83.200"; content:"Host"; http_header; classtype:trojan-activity; sid:100002781; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"211.47.99.88"; content:"Host"; http_header; classtype:trojan-activity; sid:100002782; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"211.50.17.115"; content:"Host"; http_header; classtype:trojan-activity; sid:100002783; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"211.50.54.124"; content:"Host"; http_header; classtype:trojan-activity; sid:100002784; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"211.51.181.106"; content:"Host"; http_header; classtype:trojan-activity; sid:100002785; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"211.76.32.237"; content:"Host"; http_header; classtype:trojan-activity; sid:100002786; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"212.107.239.43"; content:"Host"; http_header; classtype:trojan-activity; sid:100002787; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"212.143.128.213"; content:"Host"; http_header; classtype:trojan-activity; sid:100002788; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"212.150.218.226"; content:"Host"; http_header; classtype:trojan-activity; sid:100002789; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"212.156.143.242"; content:"Host"; http_header; classtype:trojan-activity; sid:100002790; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"212.164.221.214"; content:"Host"; http_header; classtype:trojan-activity; sid:100002791; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"212.192.241.44"; content:"Host"; http_header; classtype:trojan-activity; sid:100002792; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"212.200.115.20"; content:"Host"; http_header; classtype:trojan-activity; sid:100002793; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"212.46.197.114"; content:"Host"; http_header; classtype:trojan-activity; sid:100002794; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"213.101.190.120"; content:"Host"; http_header; classtype:trojan-activity; sid:100002795; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"213.103.155.153"; content:"Host"; http_header; classtype:trojan-activity; sid:100002796; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"213.14.173.117"; content:"Host"; http_header; classtype:trojan-activity; sid:100002797; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"213.149.182.113"; content:"Host"; http_header; classtype:trojan-activity; sid:100002798; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"213.149.190.193"; content:"Host"; http_header; classtype:trojan-activity; sid:100002799; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"213.16.63.103"; content:"Host"; http_header; classtype:trojan-activity; sid:100002800; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"213.195.118.108"; content:"Host"; http_header; classtype:trojan-activity; sid:100002801; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"213.207.178.31"; content:"Host"; http_header; classtype:trojan-activity; sid:100002802; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"213.235.183.42"; content:"Host"; http_header; classtype:trojan-activity; sid:100002803; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"213.243.216.3"; content:"Host"; http_header; classtype:trojan-activity; sid:100002804; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"213.27.8.6"; content:"Host"; http_header; classtype:trojan-activity; sid:100002805; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"213.94.59.206"; content:"Host"; http_header; classtype:trojan-activity; sid:100002806; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"216.170.240.98"; content:"Host"; http_header; classtype:trojan-activity; sid:100002807; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"216.183.54.169"; content:"Host"; http_header; classtype:trojan-activity; sid:100002808; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"216.36.12.98"; content:"Host"; http_header; classtype:trojan-activity; sid:100002809; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"216.66.185.54"; content:"Host"; http_header; classtype:trojan-activity; sid:100002810; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"216.98.89.228"; content:"Host"; http_header; classtype:trojan-activity; sid:100002811; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"217.11.75.162"; content:"Host"; http_header; classtype:trojan-activity; sid:100002812; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"217.125.131.13"; content:"Host"; http_header; classtype:trojan-activity; sid:100002813; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"217.133.100.91"; content:"Host"; http_header; classtype:trojan-activity; sid:100002814; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"217.145.193.216"; content:"Host"; http_header; classtype:trojan-activity; sid:100002815; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"217.210.104.187"; content:"Host"; http_header; classtype:trojan-activity; sid:100002816; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"218.12.172.10"; content:"Host"; http_header; classtype:trojan-activity; sid:100002817; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"218.155.136.57"; content:"Host"; http_header; classtype:trojan-activity; sid:100002818; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"218.2.71.20"; content:"Host"; http_header; classtype:trojan-activity; sid:100002819; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"218.214.102.125"; content:"Host"; http_header; classtype:trojan-activity; sid:100002820; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"218.214.241.2"; content:"Host"; http_header; classtype:trojan-activity; sid:100002821; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"218.255.226.166"; content:"Host"; http_header; classtype:trojan-activity; sid:100002822; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"218.28.150.84"; content:"Host"; http_header; classtype:trojan-activity; sid:100002823; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"218.29.29.172"; content:"Host"; http_header; classtype:trojan-activity; sid:100002824; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"218.32.105.27"; content:"Host"; http_header; classtype:trojan-activity; sid:100002825; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"218.35.210.194"; content:"Host"; http_header; classtype:trojan-activity; sid:100002826; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"218.35.227.133"; content:"Host"; http_header; classtype:trojan-activity; sid:100002827; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"218.35.81.81"; content:"Host"; http_header; classtype:trojan-activity; sid:100002828; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"218.38.241.103"; content:"Host"; http_header; classtype:trojan-activity; sid:100002829; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"218.38.241.105"; content:"Host"; http_header; classtype:trojan-activity; sid:100002830; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"218.57.37.223"; content:"Host"; http_header; classtype:trojan-activity; sid:100002831; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"218.58.1.164"; content:"Host"; http_header; classtype:trojan-activity; sid:100002832; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"218.58.93.52"; content:"Host"; http_header; classtype:trojan-activity; sid:100002833; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"218.59.26.213"; content:"Host"; http_header; classtype:trojan-activity; sid:100002834; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"218.59.46.64"; content:"Host"; http_header; classtype:trojan-activity; sid:100002835; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"218.69.71.212"; content:"Host"; http_header; classtype:trojan-activity; sid:100002836; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"218.9.28.117"; content:"Host"; http_header; classtype:trojan-activity; sid:100002837; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"218.90.38.178"; content:"Host"; http_header; classtype:trojan-activity; sid:100002838; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"218.90.79.74"; content:"Host"; http_header; classtype:trojan-activity; sid:100002839; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"218.93.102.5"; content:"Host"; http_header; classtype:trojan-activity; sid:100002840; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"218.93.108.233"; content:"Host"; http_header; classtype:trojan-activity; sid:100002841; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"218.93.154.97"; content:"Host"; http_header; classtype:trojan-activity; sid:100002842; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"218.93.80.224"; content:"Host"; http_header; classtype:trojan-activity; sid:100002843; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.114.210.105"; content:"Host"; http_header; classtype:trojan-activity; sid:100002844; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.140.125.236"; content:"Host"; http_header; classtype:trojan-activity; sid:100002845; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.144.151.175"; content:"Host"; http_header; classtype:trojan-activity; sid:100002846; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.154.101.188"; content:"Host"; http_header; classtype:trojan-activity; sid:100002847; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.154.102.86"; content:"Host"; http_header; classtype:trojan-activity; sid:100002848; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.154.116.66"; content:"Host"; http_header; classtype:trojan-activity; sid:100002849; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.154.117.75"; content:"Host"; http_header; classtype:trojan-activity; sid:100002850; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.154.120.32"; content:"Host"; http_header; classtype:trojan-activity; sid:100002851; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.154.121.9"; content:"Host"; http_header; classtype:trojan-activity; sid:100002852; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.154.124.101"; content:"Host"; http_header; classtype:trojan-activity; sid:100002853; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.154.125.93"; content:"Host"; http_header; classtype:trojan-activity; sid:100002854; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.154.153.10"; content:"Host"; http_header; classtype:trojan-activity; sid:100002855; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.154.173.241"; content:"Host"; http_header; classtype:trojan-activity; sid:100002856; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.154.19.86"; content:"Host"; http_header; classtype:trojan-activity; sid:100002857; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.155.159.106"; content:"Host"; http_header; classtype:trojan-activity; sid:100002858; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.155.168.135"; content:"Host"; http_header; classtype:trojan-activity; sid:100002859; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.155.170.211"; content:"Host"; http_header; classtype:trojan-activity; sid:100002860; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.155.172.93"; content:"Host"; http_header; classtype:trojan-activity; sid:100002861; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.155.210.188"; content:"Host"; http_header; classtype:trojan-activity; sid:100002862; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.155.211.66"; content:"Host"; http_header; classtype:trojan-activity; sid:100002863; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.155.237.78"; content:"Host"; http_header; classtype:trojan-activity; sid:100002864; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.155.244.28"; content:"Host"; http_header; classtype:trojan-activity; sid:100002865; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.155.31.60"; content:"Host"; http_header; classtype:trojan-activity; sid:100002866; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.155.6.18"; content:"Host"; http_header; classtype:trojan-activity; sid:100002867; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.155.62.44"; content:"Host"; http_header; classtype:trojan-activity; sid:100002868; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.155.75.205"; content:"Host"; http_header; classtype:trojan-activity; sid:100002869; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.155.84.50"; content:"Host"; http_header; classtype:trojan-activity; sid:100002870; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.155.86.207"; content:"Host"; http_header; classtype:trojan-activity; sid:100002871; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.155.96.202"; content:"Host"; http_header; classtype:trojan-activity; sid:100002872; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.156.124.72"; content:"Host"; http_header; classtype:trojan-activity; sid:100002873; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.156.125.152"; content:"Host"; http_header; classtype:trojan-activity; sid:100002874; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.156.22.153"; content:"Host"; http_header; classtype:trojan-activity; sid:100002875; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.156.27.245"; content:"Host"; http_header; classtype:trojan-activity; sid:100002876; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.156.61.245"; content:"Host"; http_header; classtype:trojan-activity; sid:100002877; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.156.62.200"; content:"Host"; http_header; classtype:trojan-activity; sid:100002878; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.156.82.125"; content:"Host"; http_header; classtype:trojan-activity; sid:100002879; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.156.94.242"; content:"Host"; http_header; classtype:trojan-activity; sid:100002880; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.156.96.37"; content:"Host"; http_header; classtype:trojan-activity; sid:100002881; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.157.136.80"; content:"Host"; http_header; classtype:trojan-activity; sid:100002882; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.157.140.60"; content:"Host"; http_header; classtype:trojan-activity; sid:100002883; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.157.147.51"; content:"Host"; http_header; classtype:trojan-activity; sid:100002884; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.157.160.209"; content:"Host"; http_header; classtype:trojan-activity; sid:100002885; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.157.175.193"; content:"Host"; http_header; classtype:trojan-activity; sid:100002886; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.157.189.183"; content:"Host"; http_header; classtype:trojan-activity; sid:100002887; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.157.202.213"; content:"Host"; http_header; classtype:trojan-activity; sid:100002888; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.157.203.177"; content:"Host"; http_header; classtype:trojan-activity; sid:100002889; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.157.204.147"; content:"Host"; http_header; classtype:trojan-activity; sid:100002890; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.157.205.208"; content:"Host"; http_header; classtype:trojan-activity; sid:100002891; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.157.214.204"; content:"Host"; http_header; classtype:trojan-activity; sid:100002892; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.157.221.138"; content:"Host"; http_header; classtype:trojan-activity; sid:100002893; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.157.239.171"; content:"Host"; http_header; classtype:trojan-activity; sid:100002894; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.157.242.114"; content:"Host"; http_header; classtype:trojan-activity; sid:100002895; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.157.25.9"; content:"Host"; http_header; classtype:trojan-activity; sid:100002896; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.157.32.21"; content:"Host"; http_header; classtype:trojan-activity; sid:100002897; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.157.37.171"; content:"Host"; http_header; classtype:trojan-activity; sid:100002898; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.157.43.129"; content:"Host"; http_header; classtype:trojan-activity; sid:100002899; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.157.43.182"; content:"Host"; http_header; classtype:trojan-activity; sid:100002900; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.157.61.157"; content:"Host"; http_header; classtype:trojan-activity; sid:100002901; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.68.1.84"; content:"Host"; http_header; classtype:trojan-activity; sid:100002902; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.68.13.193"; content:"Host"; http_header; classtype:trojan-activity; sid:100002903; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.68.163.7"; content:"Host"; http_header; classtype:trojan-activity; sid:100002904; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.68.2.83"; content:"Host"; http_header; classtype:trojan-activity; sid:100002905; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.68.244.6"; content:"Host"; http_header; classtype:trojan-activity; sid:100002906; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.68.245.160"; content:"Host"; http_header; classtype:trojan-activity; sid:100002907; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.68.245.35"; content:"Host"; http_header; classtype:trojan-activity; sid:100002908; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.68.245.63"; content:"Host"; http_header; classtype:trojan-activity; sid:100002909; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.68.251.184"; content:"Host"; http_header; classtype:trojan-activity; sid:100002910; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.68.5.140"; content:"Host"; http_header; classtype:trojan-activity; sid:100002911; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.69.101.7"; content:"Host"; http_header; classtype:trojan-activity; sid:100002912; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.70.238.66"; content:"Host"; http_header; classtype:trojan-activity; sid:100002913; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.70.239.115"; content:"Host"; http_header; classtype:trojan-activity; sid:100002914; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.70.254.144"; content:"Host"; http_header; classtype:trojan-activity; sid:100002915; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.71.217.73"; content:"Host"; http_header; classtype:trojan-activity; sid:100002916; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.80.160.101"; content:"Host"; http_header; classtype:trojan-activity; sid:100002917; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.80.217.209"; content:"Host"; http_header; classtype:trojan-activity; sid:100002918; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.84.189.18"; content:"Host"; http_header; classtype:trojan-activity; sid:100002919; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.84.190.235"; content:"Host"; http_header; classtype:trojan-activity; sid:100002920; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.85.185.238"; content:"Host"; http_header; classtype:trojan-activity; sid:100002921; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.85.56.111"; content:"Host"; http_header; classtype:trojan-activity; sid:100002922; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.86.240.145"; content:"Host"; http_header; classtype:trojan-activity; sid:100002923; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"220.125.119.239"; content:"Host"; http_header; classtype:trojan-activity; sid:100002924; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"220.125.119.250"; content:"Host"; http_header; classtype:trojan-activity; sid:100002925; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"220.125.33.169"; content:"Host"; http_header; classtype:trojan-activity; sid:100002926; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"220.158.140.178"; content:"Host"; http_header; classtype:trojan-activity; sid:100002927; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"220.161.163.124"; content:"Host"; http_header; classtype:trojan-activity; sid:100002928; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"220.161.252.234"; content:"Host"; http_header; classtype:trojan-activity; sid:100002929; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"220.173.160.38"; content:"Host"; http_header; classtype:trojan-activity; sid:100002930; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"220.176.39.224"; content:"Host"; http_header; classtype:trojan-activity; sid:100002931; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"220.233.69.182"; content:"Host"; http_header; classtype:trojan-activity; sid:100002932; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"220.244.124.53"; content:"Host"; http_header; classtype:trojan-activity; sid:100002933; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"220.79.180.243"; content:"Host"; http_header; classtype:trojan-activity; sid:100002934; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"220.80.187.75"; content:"Host"; http_header; classtype:trojan-activity; sid:100002935; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"220.81.123.35"; content:"Host"; http_header; classtype:trojan-activity; sid:100002936; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"220.83.177.93"; content:"Host"; http_header; classtype:trojan-activity; sid:100002937; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"220.90.61.48"; content:"Host"; http_header; classtype:trojan-activity; sid:100002938; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"220.93.239.104"; content:"Host"; http_header; classtype:trojan-activity; sid:100002939; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"220.95.54.147"; content:"Host"; http_header; classtype:trojan-activity; sid:100002940; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.0.229.99"; content:"Host"; http_header; classtype:trojan-activity; sid:100002941; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.1.224.223"; content:"Host"; http_header; classtype:trojan-activity; sid:100002942; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.1.224.80"; content:"Host"; http_header; classtype:trojan-activity; sid:100002943; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.1.226.124"; content:"Host"; http_header; classtype:trojan-activity; sid:100002944; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.1.226.60"; content:"Host"; http_header; classtype:trojan-activity; sid:100002945; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.1.227.114"; content:"Host"; http_header; classtype:trojan-activity; sid:100002946; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.135.97.211"; content:"Host"; http_header; classtype:trojan-activity; sid:100002947; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.14.106.2"; content:"Host"; http_header; classtype:trojan-activity; sid:100002948; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.14.107.120"; content:"Host"; http_header; classtype:trojan-activity; sid:100002949; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.14.123.32"; content:"Host"; http_header; classtype:trojan-activity; sid:100002950; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.14.129.56"; content:"Host"; http_header; classtype:trojan-activity; sid:100002951; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.14.169.126"; content:"Host"; http_header; classtype:trojan-activity; sid:100002952; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.14.46.119"; content:"Host"; http_header; classtype:trojan-activity; sid:100002953; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.14.53.106"; content:"Host"; http_header; classtype:trojan-activity; sid:100002954; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.14.53.27"; content:"Host"; http_header; classtype:trojan-activity; sid:100002955; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.14.62.187"; content:"Host"; http_header; classtype:trojan-activity; sid:100002956; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.144.51.33"; content:"Host"; http_header; classtype:trojan-activity; sid:100002957; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.15.105.174"; content:"Host"; http_header; classtype:trojan-activity; sid:100002958; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.15.117.149"; content:"Host"; http_header; classtype:trojan-activity; sid:100002959; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.15.125.94"; content:"Host"; http_header; classtype:trojan-activity; sid:100002960; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.15.127.129"; content:"Host"; http_header; classtype:trojan-activity; sid:100002961; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.15.144.106"; content:"Host"; http_header; classtype:trojan-activity; sid:100002962; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.15.171.53"; content:"Host"; http_header; classtype:trojan-activity; sid:100002963; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.15.176.116"; content:"Host"; http_header; classtype:trojan-activity; sid:100002964; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.15.182.11"; content:"Host"; http_header; classtype:trojan-activity; sid:100002965; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.15.185.122"; content:"Host"; http_header; classtype:trojan-activity; sid:100002966; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.15.192.67"; content:"Host"; http_header; classtype:trojan-activity; sid:100002967; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.15.193.253"; content:"Host"; http_header; classtype:trojan-activity; sid:100002968; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.15.199.127"; content:"Host"; http_header; classtype:trojan-activity; sid:100002969; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.15.217.33"; content:"Host"; http_header; classtype:trojan-activity; sid:100002970; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.15.22.115"; content:"Host"; http_header; classtype:trojan-activity; sid:100002971; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.15.233.184"; content:"Host"; http_header; classtype:trojan-activity; sid:100002972; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.15.235.222"; content:"Host"; http_header; classtype:trojan-activity; sid:100002973; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.15.237.184"; content:"Host"; http_header; classtype:trojan-activity; sid:100002974; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.15.252.3"; content:"Host"; http_header; classtype:trojan-activity; sid:100002975; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.15.252.50"; content:"Host"; http_header; classtype:trojan-activity; sid:100002976; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.15.4.101"; content:"Host"; http_header; classtype:trojan-activity; sid:100002977; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.15.76.202"; content:"Host"; http_header; classtype:trojan-activity; sid:100002978; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.15.85.40"; content:"Host"; http_header; classtype:trojan-activity; sid:100002979; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.15.88.110"; content:"Host"; http_header; classtype:trojan-activity; sid:100002980; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.15.89.127"; content:"Host"; http_header; classtype:trojan-activity; sid:100002981; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.15.91.197"; content:"Host"; http_header; classtype:trojan-activity; sid:100002982; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.155.229.103"; content:"Host"; http_header; classtype:trojan-activity; sid:100002983; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.157.191.178"; content:"Host"; http_header; classtype:trojan-activity; sid:100002984; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.157.205.105"; content:"Host"; http_header; classtype:trojan-activity; sid:100002985; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.159.216.138"; content:"Host"; http_header; classtype:trojan-activity; sid:100002986; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.160.177.101"; content:"Host"; http_header; classtype:trojan-activity; sid:100002987; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.160.177.119"; content:"Host"; http_header; classtype:trojan-activity; sid:100002988; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.160.177.17"; content:"Host"; http_header; classtype:trojan-activity; sid:100002989; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.160.177.179"; content:"Host"; http_header; classtype:trojan-activity; sid:100002990; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.160.177.181"; content:"Host"; http_header; classtype:trojan-activity; sid:100002991; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.160.177.196"; content:"Host"; http_header; classtype:trojan-activity; sid:100002992; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.160.177.198"; content:"Host"; http_header; classtype:trojan-activity; sid:100002993; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.160.177.204"; content:"Host"; http_header; classtype:trojan-activity; sid:100002994; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.160.177.209"; content:"Host"; http_header; classtype:trojan-activity; sid:100002995; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.160.177.224"; content:"Host"; http_header; classtype:trojan-activity; sid:100002996; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.160.177.30"; content:"Host"; http_header; classtype:trojan-activity; sid:100002997; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.160.177.48"; content:"Host"; http_header; classtype:trojan-activity; sid:100002998; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.160.177.49"; content:"Host"; http_header; classtype:trojan-activity; sid:100002999; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.160.177.83"; content:"Host"; http_header; classtype:trojan-activity; sid:100003000; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.165.86.45"; content:"Host"; http_header; classtype:trojan-activity; sid:100003001; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.167.61.157"; content:"Host"; http_header; classtype:trojan-activity; sid:100003002; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.198.231.66"; content:"Host"; http_header; classtype:trojan-activity; sid:100003003; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.201.99.18"; content:"Host"; http_header; classtype:trojan-activity; sid:100003004; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.202.43.231"; content:"Host"; http_header; classtype:trojan-activity; sid:100003005; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.214.158.195"; content:"Host"; http_header; classtype:trojan-activity; sid:100003006; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.214.193.196"; content:"Host"; http_header; classtype:trojan-activity; sid:100003007; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.214.196.108"; content:"Host"; http_header; classtype:trojan-activity; sid:100003008; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.215.116.149"; content:"Host"; http_header; classtype:trojan-activity; sid:100003009; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.216.31.92"; content:"Host"; http_header; classtype:trojan-activity; sid:100003010; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.228.163.143"; content:"Host"; http_header; classtype:trojan-activity; sid:100003011; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.228.186.97"; content:"Host"; http_header; classtype:trojan-activity; sid:100003012; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.232.177.79"; content:"Host"; http_header; classtype:trojan-activity; sid:100003013; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.232.19.56"; content:"Host"; http_header; classtype:trojan-activity; sid:100003014; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.232.30.188"; content:"Host"; http_header; classtype:trojan-activity; sid:100003015; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.232.88.90"; content:"Host"; http_header; classtype:trojan-activity; sid:100003016; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.234.150.220"; content:"Host"; http_header; classtype:trojan-activity; sid:100003017; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.235.143.106"; content:"Host"; http_header; classtype:trojan-activity; sid:100003018; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.3.119.149"; content:"Host"; http_header; classtype:trojan-activity; sid:100003019; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.3.35.199"; content:"Host"; http_header; classtype:trojan-activity; sid:100003020; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.3.55.208"; content:"Host"; http_header; classtype:trojan-activity; sid:100003021; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.3.71.147"; content:"Host"; http_header; classtype:trojan-activity; sid:100003022; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.3.82.48"; content:"Host"; http_header; classtype:trojan-activity; sid:100003023; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.5.62.30"; content:"Host"; http_header; classtype:trojan-activity; sid:100003024; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.6.57.219"; content:"Host"; http_header; classtype:trojan-activity; sid:100003025; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.102.109.245"; content:"Host"; http_header; classtype:trojan-activity; sid:100003026; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.102.16.22"; content:"Host"; http_header; classtype:trojan-activity; sid:100003027; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.103.144.210"; content:"Host"; http_header; classtype:trojan-activity; sid:100003028; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.103.181.173"; content:"Host"; http_header; classtype:trojan-activity; sid:100003029; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.105.145.190"; content:"Host"; http_header; classtype:trojan-activity; sid:100003030; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.107.29.75"; content:"Host"; http_header; classtype:trojan-activity; sid:100003031; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.114.215.49"; content:"Host"; http_header; classtype:trojan-activity; sid:100003032; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.114.95.114"; content:"Host"; http_header; classtype:trojan-activity; sid:100003033; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.121.112.246"; content:"Host"; http_header; classtype:trojan-activity; sid:100003034; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.132.107.122"; content:"Host"; http_header; classtype:trojan-activity; sid:100003035; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.133.158.16"; content:"Host"; http_header; classtype:trojan-activity; sid:100003036; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.133.171.228"; content:"Host"; http_header; classtype:trojan-activity; sid:100003037; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.133.68.254"; content:"Host"; http_header; classtype:trojan-activity; sid:100003038; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.133.69.19"; content:"Host"; http_header; classtype:trojan-activity; sid:100003039; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.134.162.32"; content:"Host"; http_header; classtype:trojan-activity; sid:100003040; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.134.163.90"; content:"Host"; http_header; classtype:trojan-activity; sid:100003041; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.134.172.197"; content:"Host"; http_header; classtype:trojan-activity; sid:100003042; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.134.173.70"; content:"Host"; http_header; classtype:trojan-activity; sid:100003043; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.134.175.124"; content:"Host"; http_header; classtype:trojan-activity; sid:100003044; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.134.175.78"; content:"Host"; http_header; classtype:trojan-activity; sid:100003045; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.135.136.33"; content:"Host"; http_header; classtype:trojan-activity; sid:100003046; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.135.221.74"; content:"Host"; http_header; classtype:trojan-activity; sid:100003047; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.135.25.210"; content:"Host"; http_header; classtype:trojan-activity; sid:100003048; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.135.61.179"; content:"Host"; http_header; classtype:trojan-activity; sid:100003049; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.135.81.152"; content:"Host"; http_header; classtype:trojan-activity; sid:100003050; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.136.21.97"; content:"Host"; http_header; classtype:trojan-activity; sid:100003051; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.136.48.13"; content:"Host"; http_header; classtype:trojan-activity; sid:100003052; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.137.115.151"; content:"Host"; http_header; classtype:trojan-activity; sid:100003053; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.137.117.112"; content:"Host"; http_header; classtype:trojan-activity; sid:100003054; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.137.122.234"; content:"Host"; http_header; classtype:trojan-activity; sid:100003055; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.137.136.61"; content:"Host"; http_header; classtype:trojan-activity; sid:100003056; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.137.137.193"; content:"Host"; http_header; classtype:trojan-activity; sid:100003057; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.137.140.147"; content:"Host"; http_header; classtype:trojan-activity; sid:100003058; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.137.170.105"; content:"Host"; http_header; classtype:trojan-activity; sid:100003059; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.137.19.0"; content:"Host"; http_header; classtype:trojan-activity; sid:100003060; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.137.198.43"; content:"Host"; http_header; classtype:trojan-activity; sid:100003061; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.137.202.23"; content:"Host"; http_header; classtype:trojan-activity; sid:100003062; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.137.23.241"; content:"Host"; http_header; classtype:trojan-activity; sid:100003063; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.137.232.181"; content:"Host"; http_header; classtype:trojan-activity; sid:100003064; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.137.235.160"; content:"Host"; http_header; classtype:trojan-activity; sid:100003065; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.137.238.71"; content:"Host"; http_header; classtype:trojan-activity; sid:100003066; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.137.24.89"; content:"Host"; http_header; classtype:trojan-activity; sid:100003067; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.137.42.222"; content:"Host"; http_header; classtype:trojan-activity; sid:100003068; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.137.5.154"; content:"Host"; http_header; classtype:trojan-activity; sid:100003069; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.137.70.147"; content:"Host"; http_header; classtype:trojan-activity; sid:100003070; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.137.73.148"; content:"Host"; http_header; classtype:trojan-activity; sid:100003071; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.137.83.136"; content:"Host"; http_header; classtype:trojan-activity; sid:100003072; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.137.83.176"; content:"Host"; http_header; classtype:trojan-activity; sid:100003073; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.138.100.8"; content:"Host"; http_header; classtype:trojan-activity; sid:100003074; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.138.101.146"; content:"Host"; http_header; classtype:trojan-activity; sid:100003075; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.138.103.26"; content:"Host"; http_header; classtype:trojan-activity; sid:100003076; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.138.117.53"; content:"Host"; http_header; classtype:trojan-activity; sid:100003077; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.138.117.75"; content:"Host"; http_header; classtype:trojan-activity; sid:100003078; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.138.118.177"; content:"Host"; http_header; classtype:trojan-activity; sid:100003079; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.138.185.250"; content:"Host"; http_header; classtype:trojan-activity; sid:100003080; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.138.201.27"; content:"Host"; http_header; classtype:trojan-activity; sid:100003081; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.138.90.140"; content:"Host"; http_header; classtype:trojan-activity; sid:100003082; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.138.96.46"; content:"Host"; http_header; classtype:trojan-activity; sid:100003083; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.139.32.162"; content:"Host"; http_header; classtype:trojan-activity; sid:100003084; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.139.58.195"; content:"Host"; http_header; classtype:trojan-activity; sid:100003085; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.140.11.0"; content:"Host"; http_header; classtype:trojan-activity; sid:100003086; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.140.14.96"; content:"Host"; http_header; classtype:trojan-activity; sid:100003087; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.140.161.110"; content:"Host"; http_header; classtype:trojan-activity; sid:100003088; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.140.176.69"; content:"Host"; http_header; classtype:trojan-activity; sid:100003089; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.140.188.40"; content:"Host"; http_header; classtype:trojan-activity; sid:100003090; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.140.190.129"; content:"Host"; http_header; classtype:trojan-activity; sid:100003091; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.140.192.247"; content:"Host"; http_header; classtype:trojan-activity; sid:100003092; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.140.202.120"; content:"Host"; http_header; classtype:trojan-activity; sid:100003093; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.140.208.254"; content:"Host"; http_header; classtype:trojan-activity; sid:100003094; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.140.248.90"; content:"Host"; http_header; classtype:trojan-activity; sid:100003095; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.140.36.250"; content:"Host"; http_header; classtype:trojan-activity; sid:100003096; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.141.116.49"; content:"Host"; http_header; classtype:trojan-activity; sid:100003097; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.141.146.89"; content:"Host"; http_header; classtype:trojan-activity; sid:100003098; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.141.148.168"; content:"Host"; http_header; classtype:trojan-activity; sid:100003099; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.141.15.136"; content:"Host"; http_header; classtype:trojan-activity; sid:100003100; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.141.15.182"; content:"Host"; http_header; classtype:trojan-activity; sid:100003101; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.141.15.87"; content:"Host"; http_header; classtype:trojan-activity; sid:100003102; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.141.168.220"; content:"Host"; http_header; classtype:trojan-activity; sid:100003103; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.141.22.223"; content:"Host"; http_header; classtype:trojan-activity; sid:100003104; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.141.24.230"; content:"Host"; http_header; classtype:trojan-activity; sid:100003105; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.141.41.48"; content:"Host"; http_header; classtype:trojan-activity; sid:100003106; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.141.42.165"; content:"Host"; http_header; classtype:trojan-activity; sid:100003107; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.141.44.67"; content:"Host"; http_header; classtype:trojan-activity; sid:100003108; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.141.45.235"; content:"Host"; http_header; classtype:trojan-activity; sid:100003109; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.141.8.137"; content:"Host"; http_header; classtype:trojan-activity; sid:100003110; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.142.123.125"; content:"Host"; http_header; classtype:trojan-activity; sid:100003111; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.142.200.118"; content:"Host"; http_header; classtype:trojan-activity; sid:100003112; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.142.206.153"; content:"Host"; http_header; classtype:trojan-activity; sid:100003113; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.142.209.185"; content:"Host"; http_header; classtype:trojan-activity; sid:100003114; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.142.241.15"; content:"Host"; http_header; classtype:trojan-activity; sid:100003115; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.142.94.237"; content:"Host"; http_header; classtype:trojan-activity; sid:100003116; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.160.138.252"; content:"Host"; http_header; classtype:trojan-activity; sid:100003117; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.162.28.153"; content:"Host"; http_header; classtype:trojan-activity; sid:100003118; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.162.28.166"; content:"Host"; http_header; classtype:trojan-activity; sid:100003119; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.174.167.82"; content:"Host"; http_header; classtype:trojan-activity; sid:100003120; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.182.58.33"; content:"Host"; http_header; classtype:trojan-activity; sid:100003121; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.185.106.46"; content:"Host"; http_header; classtype:trojan-activity; sid:100003122; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.185.138.162"; content:"Host"; http_header; classtype:trojan-activity; sid:100003123; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.185.221.31"; content:"Host"; http_header; classtype:trojan-activity; sid:100003124; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.185.62.131"; content:"Host"; http_header; classtype:trojan-activity; sid:100003125; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.185.96.84"; content:"Host"; http_header; classtype:trojan-activity; sid:100003126; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.187.9.178"; content:"Host"; http_header; classtype:trojan-activity; sid:100003127; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.188.218.199"; content:"Host"; http_header; classtype:trojan-activity; sid:100003128; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.212.152.139"; content:"Host"; http_header; classtype:trojan-activity; sid:100003129; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.241.195.64"; content:"Host"; http_header; classtype:trojan-activity; sid:100003130; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.243.14.67"; content:"Host"; http_header; classtype:trojan-activity; sid:100003131; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.245.54.104"; content:"Host"; http_header; classtype:trojan-activity; sid:100003132; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.248.36.3"; content:"Host"; http_header; classtype:trojan-activity; sid:100003133; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.253.45.141"; content:"Host"; http_header; classtype:trojan-activity; sid:100003134; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.76.244.186"; content:"Host"; http_header; classtype:trojan-activity; sid:100003135; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.77.213.39"; content:"Host"; http_header; classtype:trojan-activity; sid:100003136; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.82.134.157"; content:"Host"; http_header; classtype:trojan-activity; sid:100003137; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.90.10.137"; content:"Host"; http_header; classtype:trojan-activity; sid:100003138; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.95.8.106"; content:"Host"; http_header; classtype:trojan-activity; sid:100003139; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"223.11.63.127"; content:"Host"; http_header; classtype:trojan-activity; sid:100003140; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"223.12.154.155"; content:"Host"; http_header; classtype:trojan-activity; sid:100003141; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"223.146.72.102"; content:"Host"; http_header; classtype:trojan-activity; sid:100003142; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"223.156.86.169"; content:"Host"; http_header; classtype:trojan-activity; sid:100003143; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"223.159.88.8"; content:"Host"; http_header; classtype:trojan-activity; sid:100003144; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"223.212.75.105"; content:"Host"; http_header; classtype:trojan-activity; sid:100003145; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"223.213.135.46"; content:"Host"; http_header; classtype:trojan-activity; sid:100003146; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"223.247.88.180"; content:"Host"; http_header; classtype:trojan-activity; sid:100003147; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"223.72.113.164"; content:"Host"; http_header; classtype:trojan-activity; sid:100003148; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"23.115.118.232"; content:"Host"; http_header; classtype:trojan-activity; sid:100003149; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"23.118.190.23"; content:"Host"; http_header; classtype:trojan-activity; sid:100003150; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"23.121.154.175"; content:"Host"; http_header; classtype:trojan-activity; sid:100003151; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"23.124.203.20"; content:"Host"; http_header; classtype:trojan-activity; sid:100003152; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"23.125.186.135"; content:"Host"; http_header; classtype:trojan-activity; sid:100003153; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"23.126.120.25"; content:"Host"; http_header; classtype:trojan-activity; sid:100003154; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"23.228.143.58"; content:"Host"; http_header; classtype:trojan-activity; sid:100003155; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"23.254.226.52"; content:"Host"; http_header; classtype:trojan-activity; sid:100003156; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"23.94.159.207"; content:"Host"; http_header; classtype:trojan-activity; sid:100003157; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"23.94.159.208"; content:"Host"; http_header; classtype:trojan-activity; sid:100003158; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"23.94.26.138"; content:"Host"; http_header; classtype:trojan-activity; sid:100003159; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"23.95.254.69"; content:"Host"; http_header; classtype:trojan-activity; sid:100003160; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"23noticias.com.ar"; content:"Host"; http_header; classtype:trojan-activity; sid:100003161; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"24.102.110.151"; content:"Host"; http_header; classtype:trojan-activity; sid:100003162; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"24.103.74.180"; content:"Host"; http_header; classtype:trojan-activity; sid:100003163; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"24.11.141.134"; content:"Host"; http_header; classtype:trojan-activity; sid:100003164; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"24.119.158.74"; content:"Host"; http_header; classtype:trojan-activity; sid:100003165; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"24.123.182.218"; content:"Host"; http_header; classtype:trojan-activity; sid:100003166; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"24.139.39.207"; content:"Host"; http_header; classtype:trojan-activity; sid:100003167; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"24.145.18.45"; content:"Host"; http_header; classtype:trojan-activity; sid:100003168; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"24.151.66.229"; content:"Host"; http_header; classtype:trojan-activity; sid:100003169; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"24.152.45.189"; content:"Host"; http_header; classtype:trojan-activity; sid:100003170; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"24.152.46.183"; content:"Host"; http_header; classtype:trojan-activity; sid:100003171; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"24.158.25.98"; content:"Host"; http_header; classtype:trojan-activity; sid:100003172; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"24.176.184.138"; content:"Host"; http_header; classtype:trojan-activity; sid:100003173; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"24.176.206.12"; content:"Host"; http_header; classtype:trojan-activity; sid:100003174; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"24.184.1.41"; content:"Host"; http_header; classtype:trojan-activity; sid:100003175; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"24.187.189.68"; content:"Host"; http_header; classtype:trojan-activity; sid:100003176; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"24.189.237.246"; content:"Host"; http_header; classtype:trojan-activity; sid:100003177; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"24.190.0.37"; content:"Host"; http_header; classtype:trojan-activity; sid:100003178; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"24.192.191.109"; content:"Host"; http_header; classtype:trojan-activity; sid:100003179; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"24.30.95.55"; content:"Host"; http_header; classtype:trojan-activity; sid:100003180; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"24.39.181.18"; content:"Host"; http_header; classtype:trojan-activity; sid:100003181; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"24.39.34.242"; content:"Host"; http_header; classtype:trojan-activity; sid:100003182; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"24.42.229.143"; content:"Host"; http_header; classtype:trojan-activity; sid:100003183; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"24.53.163.10"; content:"Host"; http_header; classtype:trojan-activity; sid:100003184; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"24.53.163.9"; content:"Host"; http_header; classtype:trojan-activity; sid:100003185; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"24.68.127.176"; content:"Host"; http_header; classtype:trojan-activity; sid:100003186; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"24.85.246.47"; content:"Host"; http_header; classtype:trojan-activity; sid:100003187; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"24.85.29.177"; content:"Host"; http_header; classtype:trojan-activity; sid:100003188; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"24.88.169.93"; content:"Host"; http_header; classtype:trojan-activity; sid:100003189; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"24.90.65.75"; content:"Host"; http_header; classtype:trojan-activity; sid:100003190; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"24.90.88.77"; content:"Host"; http_header; classtype:trojan-activity; sid:100003191; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.1.245.16"; content:"Host"; http_header; classtype:trojan-activity; sid:100003192; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.1.245.7"; content:"Host"; http_header; classtype:trojan-activity; sid:100003193; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.105.106.201"; content:"Host"; http_header; classtype:trojan-activity; sid:100003194; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.11.73.129"; content:"Host"; http_header; classtype:trojan-activity; sid:100003195; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.12.0.142"; content:"Host"; http_header; classtype:trojan-activity; sid:100003196; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.147.29.52"; content:"Host"; http_header; classtype:trojan-activity; sid:100003197; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.147.40.128"; content:"Host"; http_header; classtype:trojan-activity; sid:100003198; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.159.173.239"; content:"Host"; http_header; classtype:trojan-activity; sid:100003199; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.184.115.43"; content:"Host"; http_header; classtype:trojan-activity; sid:100003200; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.187.248.156"; content:"Host"; http_header; classtype:trojan-activity; sid:100003201; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.187.248.59"; content:"Host"; http_header; classtype:trojan-activity; sid:100003202; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.187.251.190"; content:"Host"; http_header; classtype:trojan-activity; sid:100003203; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.19.208.78"; content:"Host"; http_header; classtype:trojan-activity; sid:100003204; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.19.84.31"; content:"Host"; http_header; classtype:trojan-activity; sid:100003205; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.190.194.137"; content:"Host"; http_header; classtype:trojan-activity; sid:100003206; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.191.54.194"; content:"Host"; http_header; classtype:trojan-activity; sid:100003207; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.192.249.51"; content:"Host"; http_header; classtype:trojan-activity; sid:100003208; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.193.213.208"; content:"Host"; http_header; classtype:trojan-activity; sid:100003209; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.194.107.135"; content:"Host"; http_header; classtype:trojan-activity; sid:100003210; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.194.132.163"; content:"Host"; http_header; classtype:trojan-activity; sid:100003211; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.194.156.243"; content:"Host"; http_header; classtype:trojan-activity; sid:100003212; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.194.166.184"; content:"Host"; http_header; classtype:trojan-activity; sid:100003213; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.194.2.53"; content:"Host"; http_header; classtype:trojan-activity; sid:100003214; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.194.202.74"; content:"Host"; http_header; classtype:trojan-activity; sid:100003215; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.194.242.218"; content:"Host"; http_header; classtype:trojan-activity; sid:100003216; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.194.32.184"; content:"Host"; http_header; classtype:trojan-activity; sid:100003217; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.194.89.189"; content:"Host"; http_header; classtype:trojan-activity; sid:100003218; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.194.90.225"; content:"Host"; http_header; classtype:trojan-activity; sid:100003219; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.197.218.102"; content:"Host"; http_header; classtype:trojan-activity; sid:100003220; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.197.23.240"; content:"Host"; http_header; classtype:trojan-activity; sid:100003221; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.197.24.197"; content:"Host"; http_header; classtype:trojan-activity; sid:100003222; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.197.24.223"; content:"Host"; http_header; classtype:trojan-activity; sid:100003223; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.197.242.194"; content:"Host"; http_header; classtype:trojan-activity; sid:100003224; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.197.26.181"; content:"Host"; http_header; classtype:trojan-activity; sid:100003225; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.197.29.96"; content:"Host"; http_header; classtype:trojan-activity; sid:100003226; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.197.77.59"; content:"Host"; http_header; classtype:trojan-activity; sid:100003227; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.198.31.229"; content:"Host"; http_header; classtype:trojan-activity; sid:100003228; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.198.42.84"; content:"Host"; http_header; classtype:trojan-activity; sid:100003229; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.198.52.145"; content:"Host"; http_header; classtype:trojan-activity; sid:100003230; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.199.0.244"; content:"Host"; http_header; classtype:trojan-activity; sid:100003231; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.199.152.212"; content:"Host"; http_header; classtype:trojan-activity; sid:100003232; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.199.214.21"; content:"Host"; http_header; classtype:trojan-activity; sid:100003233; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.200.1.142"; content:"Host"; http_header; classtype:trojan-activity; sid:100003234; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.201.164.92"; content:"Host"; http_header; classtype:trojan-activity; sid:100003235; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.201.168.99"; content:"Host"; http_header; classtype:trojan-activity; sid:100003236; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.202.129.224"; content:"Host"; http_header; classtype:trojan-activity; sid:100003237; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.202.234.54"; content:"Host"; http_header; classtype:trojan-activity; sid:100003238; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.202.247.66"; content:"Host"; http_header; classtype:trojan-activity; sid:100003239; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.202.47.54"; content:"Host"; http_header; classtype:trojan-activity; sid:100003240; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.202.5.130"; content:"Host"; http_header; classtype:trojan-activity; sid:100003241; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.203.159.142"; content:"Host"; http_header; classtype:trojan-activity; sid:100003242; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.203.162.252"; content:"Host"; http_header; classtype:trojan-activity; sid:100003243; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.203.169.132"; content:"Host"; http_header; classtype:trojan-activity; sid:100003244; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.203.170.10"; content:"Host"; http_header; classtype:trojan-activity; sid:100003245; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.203.205.239"; content:"Host"; http_header; classtype:trojan-activity; sid:100003246; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.203.227.237"; content:"Host"; http_header; classtype:trojan-activity; sid:100003247; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.203.231.120"; content:"Host"; http_header; classtype:trojan-activity; sid:100003248; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.203.231.72"; content:"Host"; http_header; classtype:trojan-activity; sid:100003249; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.203.233.132"; content:"Host"; http_header; classtype:trojan-activity; sid:100003250; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.203.248.253"; content:"Host"; http_header; classtype:trojan-activity; sid:100003251; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.203.26.27"; content:"Host"; http_header; classtype:trojan-activity; sid:100003252; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.203.37.4"; content:"Host"; http_header; classtype:trojan-activity; sid:100003253; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.203.40.65"; content:"Host"; http_header; classtype:trojan-activity; sid:100003254; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.204.238.44"; content:"Host"; http_header; classtype:trojan-activity; sid:100003255; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.206.188.99"; content:"Host"; http_header; classtype:trojan-activity; sid:100003256; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.206.208.213"; content:"Host"; http_header; classtype:trojan-activity; sid:100003257; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.206.23.101"; content:"Host"; http_header; classtype:trojan-activity; sid:100003258; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.206.255.76"; content:"Host"; http_header; classtype:trojan-activity; sid:100003259; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.206.93.151"; content:"Host"; http_header; classtype:trojan-activity; sid:100003260; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.207.139.225"; content:"Host"; http_header; classtype:trojan-activity; sid:100003261; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.207.178.25"; content:"Host"; http_header; classtype:trojan-activity; sid:100003262; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.207.189.23"; content:"Host"; http_header; classtype:trojan-activity; sid:100003263; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.207.193.112"; content:"Host"; http_header; classtype:trojan-activity; sid:100003264; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.207.193.35"; content:"Host"; http_header; classtype:trojan-activity; sid:100003265; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.207.66.213"; content:"Host"; http_header; classtype:trojan-activity; sid:100003266; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.208.102.148"; content:"Host"; http_header; classtype:trojan-activity; sid:100003267; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.208.142.193"; content:"Host"; http_header; classtype:trojan-activity; sid:100003268; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.208.159.161"; content:"Host"; http_header; classtype:trojan-activity; sid:100003269; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.208.206.153"; content:"Host"; http_header; classtype:trojan-activity; sid:100003270; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.208.82.9"; content:"Host"; http_header; classtype:trojan-activity; sid:100003271; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.209.147.149"; content:"Host"; http_header; classtype:trojan-activity; sid:100003272; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.209.210.130"; content:"Host"; http_header; classtype:trojan-activity; sid:100003273; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.209.84.43"; content:"Host"; http_header; classtype:trojan-activity; sid:100003274; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.209.97.29"; content:"Host"; http_header; classtype:trojan-activity; sid:100003275; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.21.147.209"; content:"Host"; http_header; classtype:trojan-activity; sid:100003276; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.21.157.108"; content:"Host"; http_header; classtype:trojan-activity; sid:100003277; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.21.168.62"; content:"Host"; http_header; classtype:trojan-activity; sid:100003278; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.210.119.170"; content:"Host"; http_header; classtype:trojan-activity; sid:100003279; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.210.146.141"; content:"Host"; http_header; classtype:trojan-activity; sid:100003280; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.210.204.91"; content:"Host"; http_header; classtype:trojan-activity; sid:100003281; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.210.252.26"; content:"Host"; http_header; classtype:trojan-activity; sid:100003282; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.210.39.7"; content:"Host"; http_header; classtype:trojan-activity; sid:100003283; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.210.74.135"; content:"Host"; http_header; classtype:trojan-activity; sid:100003284; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.211.125.176"; content:"Host"; http_header; classtype:trojan-activity; sid:100003285; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.213.15.238"; content:"Host"; http_header; classtype:trojan-activity; sid:100003286; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.213.158.251"; content:"Host"; http_header; classtype:trojan-activity; sid:100003287; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.213.175.106"; content:"Host"; http_header; classtype:trojan-activity; sid:100003288; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.213.175.75"; content:"Host"; http_header; classtype:trojan-activity; sid:100003289; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.213.19.130"; content:"Host"; http_header; classtype:trojan-activity; sid:100003290; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.213.2.85"; content:"Host"; http_header; classtype:trojan-activity; sid:100003291; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.213.208.144"; content:"Host"; http_header; classtype:trojan-activity; sid:100003292; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.213.209.178"; content:"Host"; http_header; classtype:trojan-activity; sid:100003293; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.213.232.72"; content:"Host"; http_header; classtype:trojan-activity; sid:100003294; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.213.59.245"; content:"Host"; http_header; classtype:trojan-activity; sid:100003295; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.213.61.107"; content:"Host"; http_header; classtype:trojan-activity; sid:100003296; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.213.64.213"; content:"Host"; http_header; classtype:trojan-activity; sid:100003297; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.213.66.38"; content:"Host"; http_header; classtype:trojan-activity; sid:100003298; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.213.69.70"; content:"Host"; http_header; classtype:trojan-activity; sid:100003299; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.213.85.104"; content:"Host"; http_header; classtype:trojan-activity; sid:100003300; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.213.9.231"; content:"Host"; http_header; classtype:trojan-activity; sid:100003301; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.213.98.101"; content:"Host"; http_header; classtype:trojan-activity; sid:100003302; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.213.98.67"; content:"Host"; http_header; classtype:trojan-activity; sid:100003303; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.215.108.130"; content:"Host"; http_header; classtype:trojan-activity; sid:100003304; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.215.108.181"; content:"Host"; http_header; classtype:trojan-activity; sid:100003305; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.215.109.175"; content:"Host"; http_header; classtype:trojan-activity; sid:100003306; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.215.111.183"; content:"Host"; http_header; classtype:trojan-activity; sid:100003307; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.215.115.202"; content:"Host"; http_header; classtype:trojan-activity; sid:100003308; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.215.116.11"; content:"Host"; http_header; classtype:trojan-activity; sid:100003309; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.215.116.98"; content:"Host"; http_header; classtype:trojan-activity; sid:100003310; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.215.122.214"; content:"Host"; http_header; classtype:trojan-activity; sid:100003311; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.215.122.26"; content:"Host"; http_header; classtype:trojan-activity; sid:100003312; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.215.122.95"; content:"Host"; http_header; classtype:trojan-activity; sid:100003313; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.215.126.18"; content:"Host"; http_header; classtype:trojan-activity; sid:100003314; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.215.127.142"; content:"Host"; http_header; classtype:trojan-activity; sid:100003315; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.215.127.223"; content:"Host"; http_header; classtype:trojan-activity; sid:100003316; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.215.139.82"; content:"Host"; http_header; classtype:trojan-activity; sid:100003317; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.215.139.91"; content:"Host"; http_header; classtype:trojan-activity; sid:100003318; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.215.141.70"; content:"Host"; http_header; classtype:trojan-activity; sid:100003319; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.215.142.19"; content:"Host"; http_header; classtype:trojan-activity; sid:100003320; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.215.152.201"; content:"Host"; http_header; classtype:trojan-activity; sid:100003321; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.215.178.86"; content:"Host"; http_header; classtype:trojan-activity; sid:100003322; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.215.179.43"; content:"Host"; http_header; classtype:trojan-activity; sid:100003323; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.215.179.86"; content:"Host"; http_header; classtype:trojan-activity; sid:100003324; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.215.180.249"; content:"Host"; http_header; classtype:trojan-activity; sid:100003325; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.215.182.77"; content:"Host"; http_header; classtype:trojan-activity; sid:100003326; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.215.192.135"; content:"Host"; http_header; classtype:trojan-activity; sid:100003327; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.215.212.78"; content:"Host"; http_header; classtype:trojan-activity; sid:100003328; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.215.213.119"; content:"Host"; http_header; classtype:trojan-activity; sid:100003329; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.215.214.236"; content:"Host"; http_header; classtype:trojan-activity; sid:100003330; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.215.215.0"; content:"Host"; http_header; classtype:trojan-activity; sid:100003331; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.215.225.150"; content:"Host"; http_header; classtype:trojan-activity; sid:100003332; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.215.30.197"; content:"Host"; http_header; classtype:trojan-activity; sid:100003333; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.215.48.83"; content:"Host"; http_header; classtype:trojan-activity; sid:100003334; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.215.51.0"; content:"Host"; http_header; classtype:trojan-activity; sid:100003335; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.215.52.131"; content:"Host"; http_header; classtype:trojan-activity; sid:100003336; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.215.54.252"; content:"Host"; http_header; classtype:trojan-activity; sid:100003337; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.215.55.171"; content:"Host"; http_header; classtype:trojan-activity; sid:100003338; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.215.55.205"; content:"Host"; http_header; classtype:trojan-activity; sid:100003339; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.215.55.62"; content:"Host"; http_header; classtype:trojan-activity; sid:100003340; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.215.77.49"; content:"Host"; http_header; classtype:trojan-activity; sid:100003341; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.215.77.64"; content:"Host"; http_header; classtype:trojan-activity; sid:100003342; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.215.81.5"; content:"Host"; http_header; classtype:trojan-activity; sid:100003343; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.215.82.110"; content:"Host"; http_header; classtype:trojan-activity; sid:100003344; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.215.82.215"; content:"Host"; http_header; classtype:trojan-activity; sid:100003345; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.215.83.140"; content:"Host"; http_header; classtype:trojan-activity; sid:100003346; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.215.84.142"; content:"Host"; http_header; classtype:trojan-activity; sid:100003347; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.215.85.79"; content:"Host"; http_header; classtype:trojan-activity; sid:100003348; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.215.86.132"; content:"Host"; http_header; classtype:trojan-activity; sid:100003349; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.215.98.134"; content:"Host"; http_header; classtype:trojan-activity; sid:100003350; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.215.99.231"; content:"Host"; http_header; classtype:trojan-activity; sid:100003351; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.216.101.3"; content:"Host"; http_header; classtype:trojan-activity; sid:100003352; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.216.123.58"; content:"Host"; http_header; classtype:trojan-activity; sid:100003353; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.216.143.134"; content:"Host"; http_header; classtype:trojan-activity; sid:100003354; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.216.191.93"; content:"Host"; http_header; classtype:trojan-activity; sid:100003355; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.216.39.176"; content:"Host"; http_header; classtype:trojan-activity; sid:100003356; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.216.89.63"; content:"Host"; http_header; classtype:trojan-activity; sid:100003357; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.217.123.177"; content:"Host"; http_header; classtype:trojan-activity; sid:100003358; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.217.239.164"; content:"Host"; http_header; classtype:trojan-activity; sid:100003359; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.217.243.163"; content:"Host"; http_header; classtype:trojan-activity; sid:100003360; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.217.67.53"; content:"Host"; http_header; classtype:trojan-activity; sid:100003361; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.217.70.74"; content:"Host"; http_header; classtype:trojan-activity; sid:100003362; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.218.181.88"; content:"Host"; http_header; classtype:trojan-activity; sid:100003363; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.219.127.142"; content:"Host"; http_header; classtype:trojan-activity; sid:100003364; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.219.135.26"; content:"Host"; http_header; classtype:trojan-activity; sid:100003365; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.219.190.121"; content:"Host"; http_header; classtype:trojan-activity; sid:100003366; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.219.201.140"; content:"Host"; http_header; classtype:trojan-activity; sid:100003367; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.219.98.55"; content:"Host"; http_header; classtype:trojan-activity; sid:100003368; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.219.99.69"; content:"Host"; http_header; classtype:trojan-activity; sid:100003369; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.220.180.48"; content:"Host"; http_header; classtype:trojan-activity; sid:100003370; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.220.79.232"; content:"Host"; http_header; classtype:trojan-activity; sid:100003371; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.220.86.198"; content:"Host"; http_header; classtype:trojan-activity; sid:100003372; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.220.92.4"; content:"Host"; http_header; classtype:trojan-activity; sid:100003373; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.221.188.108"; content:"Host"; http_header; classtype:trojan-activity; sid:100003374; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.221.227.24"; content:"Host"; http_header; classtype:trojan-activity; sid:100003375; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.221.244.153"; content:"Host"; http_header; classtype:trojan-activity; sid:100003376; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.221.247.235"; content:"Host"; http_header; classtype:trojan-activity; sid:100003377; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.222.152.22"; content:"Host"; http_header; classtype:trojan-activity; sid:100003378; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.223.151.245"; content:"Host"; http_header; classtype:trojan-activity; sid:100003379; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.23.68.84"; content:"Host"; http_header; classtype:trojan-activity; sid:100003380; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.35.122.65"; content:"Host"; http_header; classtype:trojan-activity; sid:100003381; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.35.154.75"; content:"Host"; http_header; classtype:trojan-activity; sid:100003382; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.35.58.5"; content:"Host"; http_header; classtype:trojan-activity; sid:100003383; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.36.152.229"; content:"Host"; http_header; classtype:trojan-activity; sid:100003384; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.37.10.53"; content:"Host"; http_header; classtype:trojan-activity; sid:100003385; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.37.198.29"; content:"Host"; http_header; classtype:trojan-activity; sid:100003386; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.37.209.250"; content:"Host"; http_header; classtype:trojan-activity; sid:100003387; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.37.227.126"; content:"Host"; http_header; classtype:trojan-activity; sid:100003388; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.38.109.69"; content:"Host"; http_header; classtype:trojan-activity; sid:100003389; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.38.143.194"; content:"Host"; http_header; classtype:trojan-activity; sid:100003390; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.38.143.74"; content:"Host"; http_header; classtype:trojan-activity; sid:100003391; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.38.172.44"; content:"Host"; http_header; classtype:trojan-activity; sid:100003392; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.38.183.193"; content:"Host"; http_header; classtype:trojan-activity; sid:100003393; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.38.95.186"; content:"Host"; http_header; classtype:trojan-activity; sid:100003394; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.40.102.23"; content:"Host"; http_header; classtype:trojan-activity; sid:100003395; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.40.103.105"; content:"Host"; http_header; classtype:trojan-activity; sid:100003396; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.40.103.247"; content:"Host"; http_header; classtype:trojan-activity; sid:100003397; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.40.103.74"; content:"Host"; http_header; classtype:trojan-activity; sid:100003398; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.40.117.145"; content:"Host"; http_header; classtype:trojan-activity; sid:100003399; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.40.118.59"; content:"Host"; http_header; classtype:trojan-activity; sid:100003400; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.40.120.116"; content:"Host"; http_header; classtype:trojan-activity; sid:100003401; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.40.120.3"; content:"Host"; http_header; classtype:trojan-activity; sid:100003402; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.40.121.114"; content:"Host"; http_header; classtype:trojan-activity; sid:100003403; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.40.70.58"; content:"Host"; http_header; classtype:trojan-activity; sid:100003404; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.40.73.12"; content:"Host"; http_header; classtype:trojan-activity; sid:100003405; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.40.73.77"; content:"Host"; http_header; classtype:trojan-activity; sid:100003406; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.40.74.167"; content:"Host"; http_header; classtype:trojan-activity; sid:100003407; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.40.74.211"; content:"Host"; http_header; classtype:trojan-activity; sid:100003408; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.40.75.242"; content:"Host"; http_header; classtype:trojan-activity; sid:100003409; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.40.76.153"; content:"Host"; http_header; classtype:trojan-activity; sid:100003410; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.40.76.228"; content:"Host"; http_header; classtype:trojan-activity; sid:100003411; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.40.77.155"; content:"Host"; http_header; classtype:trojan-activity; sid:100003412; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.40.77.243"; content:"Host"; http_header; classtype:trojan-activity; sid:100003413; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.40.78.176"; content:"Host"; http_header; classtype:trojan-activity; sid:100003414; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.40.78.62"; content:"Host"; http_header; classtype:trojan-activity; sid:100003415; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.40.85.172"; content:"Host"; http_header; classtype:trojan-activity; sid:100003416; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.40.86.122"; content:"Host"; http_header; classtype:trojan-activity; sid:100003417; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.40.86.245"; content:"Host"; http_header; classtype:trojan-activity; sid:100003418; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.40.87.111"; content:"Host"; http_header; classtype:trojan-activity; sid:100003419; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.40.87.157"; content:"Host"; http_header; classtype:trojan-activity; sid:100003420; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.40.87.87"; content:"Host"; http_header; classtype:trojan-activity; sid:100003421; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.40.87.98"; content:"Host"; http_header; classtype:trojan-activity; sid:100003422; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.40.88.60"; content:"Host"; http_header; classtype:trojan-activity; sid:100003423; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.41.10.1"; content:"Host"; http_header; classtype:trojan-activity; sid:100003424; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.41.2.133"; content:"Host"; http_header; classtype:trojan-activity; sid:100003425; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.41.2.43"; content:"Host"; http_header; classtype:trojan-activity; sid:100003426; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.41.5.125"; content:"Host"; http_header; classtype:trojan-activity; sid:100003427; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.41.52.125"; content:"Host"; http_header; classtype:trojan-activity; sid:100003428; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.41.6.169"; content:"Host"; http_header; classtype:trojan-activity; sid:100003429; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.41.7.30"; content:"Host"; http_header; classtype:trojan-activity; sid:100003430; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.41.84.201"; content:"Host"; http_header; classtype:trojan-activity; sid:100003431; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.41.86.86"; content:"Host"; http_header; classtype:trojan-activity; sid:100003432; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.43.108.228"; content:"Host"; http_header; classtype:trojan-activity; sid:100003433; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.43.110.163"; content:"Host"; http_header; classtype:trojan-activity; sid:100003434; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.43.111.165"; content:"Host"; http_header; classtype:trojan-activity; sid:100003435; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.43.112.206"; content:"Host"; http_header; classtype:trojan-activity; sid:100003436; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.43.113.143"; content:"Host"; http_header; classtype:trojan-activity; sid:100003437; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.43.118.191"; content:"Host"; http_header; classtype:trojan-activity; sid:100003438; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.43.119.216"; content:"Host"; http_header; classtype:trojan-activity; sid:100003439; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.43.119.36"; content:"Host"; http_header; classtype:trojan-activity; sid:100003440; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.43.119.40"; content:"Host"; http_header; classtype:trojan-activity; sid:100003441; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.43.127.20"; content:"Host"; http_header; classtype:trojan-activity; sid:100003442; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.43.199.179"; content:"Host"; http_header; classtype:trojan-activity; sid:100003443; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.44.102.206"; content:"Host"; http_header; classtype:trojan-activity; sid:100003444; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.44.61.88"; content:"Host"; http_header; classtype:trojan-activity; sid:100003445; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.45.102.59"; content:"Host"; http_header; classtype:trojan-activity; sid:100003446; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.45.103.90"; content:"Host"; http_header; classtype:trojan-activity; sid:100003447; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.45.11.187"; content:"Host"; http_header; classtype:trojan-activity; sid:100003448; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.45.112.22"; content:"Host"; http_header; classtype:trojan-activity; sid:100003449; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.45.12.102"; content:"Host"; http_header; classtype:trojan-activity; sid:100003450; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.45.12.151"; content:"Host"; http_header; classtype:trojan-activity; sid:100003451; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.45.12.220"; content:"Host"; http_header; classtype:trojan-activity; sid:100003452; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.45.14.186"; content:"Host"; http_header; classtype:trojan-activity; sid:100003453; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.45.15.52"; content:"Host"; http_header; classtype:trojan-activity; sid:100003454; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.45.15.63"; content:"Host"; http_header; classtype:trojan-activity; sid:100003455; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.45.32.181"; content:"Host"; http_header; classtype:trojan-activity; sid:100003456; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.45.33.93"; content:"Host"; http_header; classtype:trojan-activity; sid:100003457; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.45.34.175"; content:"Host"; http_header; classtype:trojan-activity; sid:100003458; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.45.35.5"; content:"Host"; http_header; classtype:trojan-activity; sid:100003459; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.45.35.80"; content:"Host"; http_header; classtype:trojan-activity; sid:100003460; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.45.38.6"; content:"Host"; http_header; classtype:trojan-activity; sid:100003461; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.45.59.111"; content:"Host"; http_header; classtype:trojan-activity; sid:100003462; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.45.8.215"; content:"Host"; http_header; classtype:trojan-activity; sid:100003463; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.46.31.135"; content:"Host"; http_header; classtype:trojan-activity; sid:100003464; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.46.44.17"; content:"Host"; http_header; classtype:trojan-activity; sid:100003465; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.46.45.92"; content:"Host"; http_header; classtype:trojan-activity; sid:100003466; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.46.47.108"; content:"Host"; http_header; classtype:trojan-activity; sid:100003467; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.46.47.62"; content:"Host"; http_header; classtype:trojan-activity; sid:100003468; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.46.52.73"; content:"Host"; http_header; classtype:trojan-activity; sid:100003469; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.46.53.89"; content:"Host"; http_header; classtype:trojan-activity; sid:100003470; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.46.54.180"; content:"Host"; http_header; classtype:trojan-activity; sid:100003471; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.46.7.49"; content:"Host"; http_header; classtype:trojan-activity; sid:100003472; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.46.9.236"; content:"Host"; http_header; classtype:trojan-activity; sid:100003473; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.47.114.173"; content:"Host"; http_header; classtype:trojan-activity; sid:100003474; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.47.116.190"; content:"Host"; http_header; classtype:trojan-activity; sid:100003475; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.47.127.185"; content:"Host"; http_header; classtype:trojan-activity; sid:100003476; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.47.75.3"; content:"Host"; http_header; classtype:trojan-activity; sid:100003477; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.5.42.70"; content:"Host"; http_header; classtype:trojan-activity; sid:100003478; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.54.123.47"; content:"Host"; http_header; classtype:trojan-activity; sid:100003479; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.54.123.76"; content:"Host"; http_header; classtype:trojan-activity; sid:100003480; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.6.120.85"; content:"Host"; http_header; classtype:trojan-activity; sid:100003481; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.6.196.72"; content:"Host"; http_header; classtype:trojan-activity; sid:100003482; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.6.241.214"; content:"Host"; http_header; classtype:trojan-activity; sid:100003483; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.6.76.27"; content:"Host"; http_header; classtype:trojan-activity; sid:100003484; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.64.167.249"; content:"Host"; http_header; classtype:trojan-activity; sid:100003485; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.7.204.164"; content:"Host"; http_header; classtype:trojan-activity; sid:100003486; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.8.247.5"; content:"Host"; http_header; classtype:trojan-activity; sid:100003487; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.8.251.1"; content:"Host"; http_header; classtype:trojan-activity; sid:100003488; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.8.60.16"; content:"Host"; http_header; classtype:trojan-activity; sid:100003489; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"31.13.23.180"; content:"Host"; http_header; classtype:trojan-activity; sid:100003490; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"31.132.167.195"; content:"Host"; http_header; classtype:trojan-activity; sid:100003491; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"31.133.0.49"; content:"Host"; http_header; classtype:trojan-activity; sid:100003492; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"31.163.137.126"; content:"Host"; http_header; classtype:trojan-activity; sid:100003493; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"31.168.104.102"; content:"Host"; http_header; classtype:trojan-activity; sid:100003494; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"31.168.146.199"; content:"Host"; http_header; classtype:trojan-activity; sid:100003495; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"31.168.16.68"; content:"Host"; http_header; classtype:trojan-activity; sid:100003496; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"31.168.179.83"; content:"Host"; http_header; classtype:trojan-activity; sid:100003497; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"31.168.184.59"; content:"Host"; http_header; classtype:trojan-activity; sid:100003498; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"31.168.194.67"; content:"Host"; http_header; classtype:trojan-activity; sid:100003499; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"31.168.216.132"; content:"Host"; http_header; classtype:trojan-activity; sid:100003500; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"31.168.248.204"; content:"Host"; http_header; classtype:trojan-activity; sid:100003501; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"31.168.30.65"; content:"Host"; http_header; classtype:trojan-activity; sid:100003502; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"31.168.60.234"; content:"Host"; http_header; classtype:trojan-activity; sid:100003503; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"31.168.63.146"; content:"Host"; http_header; classtype:trojan-activity; sid:100003504; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"31.168.65.233"; content:"Host"; http_header; classtype:trojan-activity; sid:100003505; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"31.210.182.56"; content:"Host"; http_header; classtype:trojan-activity; sid:100003506; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"31.210.20.142"; content:"Host"; http_header; classtype:trojan-activity; sid:100003507; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"31.28.7.159"; content:"Host"; http_header; classtype:trojan-activity; sid:100003508; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"31.35.237.160"; content:"Host"; http_header; classtype:trojan-activity; sid:100003509; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"34.81.218.76"; content:"Host"; http_header; classtype:trojan-activity; sid:100003510; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"35.131.161.166"; content:"Host"; http_header; classtype:trojan-activity; sid:100003511; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"35.142.89.14"; content:"Host"; http_header; classtype:trojan-activity; sid:100003512; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"36.100.241.114"; content:"Host"; http_header; classtype:trojan-activity; sid:100003513; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"36.20.12.127"; content:"Host"; http_header; classtype:trojan-activity; sid:100003514; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"36.24.59.41"; content:"Host"; http_header; classtype:trojan-activity; sid:100003515; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"36.248.253.197"; content:"Host"; http_header; classtype:trojan-activity; sid:100003516; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"36.251.18.26"; content:"Host"; http_header; classtype:trojan-activity; sid:100003517; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"36.251.19.246"; content:"Host"; http_header; classtype:trojan-activity; sid:100003518; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"36.255.90.219"; content:"Host"; http_header; classtype:trojan-activity; sid:100003519; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"36.32.173.148"; content:"Host"; http_header; classtype:trojan-activity; sid:100003520; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"36.33.139.174"; content:"Host"; http_header; classtype:trojan-activity; sid:100003521; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"36.33.141.166"; content:"Host"; http_header; classtype:trojan-activity; sid:100003522; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"36.33.227.196"; content:"Host"; http_header; classtype:trojan-activity; sid:100003523; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"36.33.248.66"; content:"Host"; http_header; classtype:trojan-activity; sid:100003524; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"36.36.242.175"; content:"Host"; http_header; classtype:trojan-activity; sid:100003525; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"36.36.243.80"; content:"Host"; http_header; classtype:trojan-activity; sid:100003526; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"36.38.184.145"; content:"Host"; http_header; classtype:trojan-activity; sid:100003527; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"36.66.105.159"; content:"Host"; http_header; classtype:trojan-activity; sid:100003528; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"36.66.133.125"; content:"Host"; http_header; classtype:trojan-activity; sid:100003529; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"36.66.139.36"; content:"Host"; http_header; classtype:trojan-activity; sid:100003530; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"36.89.18.133"; content:"Host"; http_header; classtype:trojan-activity; sid:100003531; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"36.89.18.195"; content:"Host"; http_header; classtype:trojan-activity; sid:100003532; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"36.96.189.196"; content:"Host"; http_header; classtype:trojan-activity; sid:100003533; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"360.lcy2zzx.pw"; content:"Host"; http_header; classtype:trojan-activity; sid:100003534; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"360down7.miiyun.cn"; content:"Host"; http_header; classtype:trojan-activity; sid:100003535; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"37.0.10.232"; content:"Host"; http_header; classtype:trojan-activity; sid:100003536; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"37.0.9.202"; content:"Host"; http_header; classtype:trojan-activity; sid:100003537; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"37.142.32.162"; content:"Host"; http_header; classtype:trojan-activity; sid:100003538; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"37.221.64.37"; content:"Host"; http_header; classtype:trojan-activity; sid:100003539; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"37.233.60.68"; content:"Host"; http_header; classtype:trojan-activity; sid:100003540; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"37.33.1.6"; content:"Host"; http_header; classtype:trojan-activity; sid:100003541; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"37.34.179.221"; content:"Host"; http_header; classtype:trojan-activity; sid:100003542; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"37.34.180.172"; content:"Host"; http_header; classtype:trojan-activity; sid:100003543; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"37.44.238.35"; content:"Host"; http_header; classtype:trojan-activity; sid:100003544; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"37.53.176.11"; content:"Host"; http_header; classtype:trojan-activity; sid:100003545; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"37.54.14.36"; content:"Host"; http_header; classtype:trojan-activity; sid:100003546; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"37.55.50.167"; content:"Host"; http_header; classtype:trojan-activity; sid:100003547; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.113.245.254"; content:"Host"; http_header; classtype:trojan-activity; sid:100003548; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.65.167.202"; content:"Host"; http_header; classtype:trojan-activity; sid:100003549; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.65.197.172"; content:"Host"; http_header; classtype:trojan-activity; sid:100003550; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.65.222.64"; content:"Host"; http_header; classtype:trojan-activity; sid:100003551; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.65.241.172"; content:"Host"; http_header; classtype:trojan-activity; sid:100003552; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.65.244.128"; content:"Host"; http_header; classtype:trojan-activity; sid:100003553; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.66.154.28"; content:"Host"; http_header; classtype:trojan-activity; sid:100003554; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.66.21.55"; content:"Host"; http_header; classtype:trojan-activity; sid:100003555; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.67.189.89"; content:"Host"; http_header; classtype:trojan-activity; sid:100003556; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.68.113.20"; content:"Host"; http_header; classtype:trojan-activity; sid:100003557; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.68.152.42"; content:"Host"; http_header; classtype:trojan-activity; sid:100003558; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.68.165.187"; content:"Host"; http_header; classtype:trojan-activity; sid:100003559; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.68.87.14"; content:"Host"; http_header; classtype:trojan-activity; sid:100003560; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.72.148.186"; content:"Host"; http_header; classtype:trojan-activity; sid:100003561; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.72.160.5"; content:"Host"; http_header; classtype:trojan-activity; sid:100003562; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.72.29.224"; content:"Host"; http_header; classtype:trojan-activity; sid:100003563; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.72.38.201"; content:"Host"; http_header; classtype:trojan-activity; sid:100003564; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.73.147.40"; content:"Host"; http_header; classtype:trojan-activity; sid:100003565; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.73.177.183"; content:"Host"; http_header; classtype:trojan-activity; sid:100003566; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.73.92.69"; content:"Host"; http_header; classtype:trojan-activity; sid:100003567; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.74.102.202"; content:"Host"; http_header; classtype:trojan-activity; sid:100003568; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.74.129.104"; content:"Host"; http_header; classtype:trojan-activity; sid:100003569; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.76.103.66"; content:"Host"; http_header; classtype:trojan-activity; sid:100003570; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.76.123.76"; content:"Host"; http_header; classtype:trojan-activity; sid:100003571; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.76.178.12"; content:"Host"; http_header; classtype:trojan-activity; sid:100003572; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.76.32.241"; content:"Host"; http_header; classtype:trojan-activity; sid:100003573; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.76.45.34"; content:"Host"; http_header; classtype:trojan-activity; sid:100003574; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.76.69.125"; content:"Host"; http_header; classtype:trojan-activity; sid:100003575; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.77.114.136"; content:"Host"; http_header; classtype:trojan-activity; sid:100003576; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.77.206.111"; content:"Host"; http_header; classtype:trojan-activity; sid:100003577; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.77.246.204"; content:"Host"; http_header; classtype:trojan-activity; sid:100003578; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.77.4.111"; content:"Host"; http_header; classtype:trojan-activity; sid:100003579; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.77.5.205"; content:"Host"; http_header; classtype:trojan-activity; sid:100003580; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.77.90.116"; content:"Host"; http_header; classtype:trojan-activity; sid:100003581; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.79.145.191"; content:"Host"; http_header; classtype:trojan-activity; sid:100003582; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.79.145.7"; content:"Host"; http_header; classtype:trojan-activity; sid:100003583; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.79.146.105"; content:"Host"; http_header; classtype:trojan-activity; sid:100003584; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.79.235.197"; content:"Host"; http_header; classtype:trojan-activity; sid:100003585; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.80.11.210"; content:"Host"; http_header; classtype:trojan-activity; sid:100003586; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.80.163.42"; content:"Host"; http_header; classtype:trojan-activity; sid:100003587; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.80.187.132"; content:"Host"; http_header; classtype:trojan-activity; sid:100003588; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.80.191.92"; content:"Host"; http_header; classtype:trojan-activity; sid:100003589; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.80.201.156"; content:"Host"; http_header; classtype:trojan-activity; sid:100003590; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.80.203.242"; content:"Host"; http_header; classtype:trojan-activity; sid:100003591; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.80.6.94"; content:"Host"; http_header; classtype:trojan-activity; sid:100003592; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.81.118.218"; content:"Host"; http_header; classtype:trojan-activity; sid:100003593; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.81.12.12"; content:"Host"; http_header; classtype:trojan-activity; sid:100003594; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.81.130.100"; content:"Host"; http_header; classtype:trojan-activity; sid:100003595; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.81.252.129"; content:"Host"; http_header; classtype:trojan-activity; sid:100003596; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.81.41.157"; content:"Host"; http_header; classtype:trojan-activity; sid:100003597; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.84.168.23"; content:"Host"; http_header; classtype:trojan-activity; sid:100003598; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.84.85.15"; content:"Host"; http_header; classtype:trojan-activity; sid:100003599; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.85.124.250"; content:"Host"; http_header; classtype:trojan-activity; sid:100003600; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.85.126.157"; content:"Host"; http_header; classtype:trojan-activity; sid:100003601; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.85.217.126"; content:"Host"; http_header; classtype:trojan-activity; sid:100003602; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.86.173.201"; content:"Host"; http_header; classtype:trojan-activity; sid:100003603; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.86.180.117"; content:"Host"; http_header; classtype:trojan-activity; sid:100003604; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.86.182.245"; content:"Host"; http_header; classtype:trojan-activity; sid:100003605; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.86.184.186"; content:"Host"; http_header; classtype:trojan-activity; sid:100003606; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.86.237.214"; content:"Host"; http_header; classtype:trojan-activity; sid:100003607; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.86.249.232"; content:"Host"; http_header; classtype:trojan-activity; sid:100003608; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.87.220.236"; content:"Host"; http_header; classtype:trojan-activity; sid:100003609; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.88.1.217"; content:"Host"; http_header; classtype:trojan-activity; sid:100003610; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.88.118.83"; content:"Host"; http_header; classtype:trojan-activity; sid:100003611; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.88.119.96"; content:"Host"; http_header; classtype:trojan-activity; sid:100003612; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.88.17.219"; content:"Host"; http_header; classtype:trojan-activity; sid:100003613; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.88.84.59"; content:"Host"; http_header; classtype:trojan-activity; sid:100003614; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.89.196.200"; content:"Host"; http_header; classtype:trojan-activity; sid:100003615; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.90.130.44"; content:"Host"; http_header; classtype:trojan-activity; sid:100003616; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.90.185.167"; content:"Host"; http_header; classtype:trojan-activity; sid:100003617; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.90.185.253"; content:"Host"; http_header; classtype:trojan-activity; sid:100003618; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.90.186.135"; content:"Host"; http_header; classtype:trojan-activity; sid:100003619; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.90.186.14"; content:"Host"; http_header; classtype:trojan-activity; sid:100003620; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.90.186.250"; content:"Host"; http_header; classtype:trojan-activity; sid:100003621; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.90.189.61"; content:"Host"; http_header; classtype:trojan-activity; sid:100003622; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.97.212.218"; content:"Host"; http_header; classtype:trojan-activity; sid:100003623; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"41.139.209.46"; content:"Host"; http_header; classtype:trojan-activity; sid:100003624; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"41.143.185.47"; content:"Host"; http_header; classtype:trojan-activity; sid:100003625; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"41.165.130.43"; content:"Host"; http_header; classtype:trojan-activity; sid:100003626; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"41.190.63.174"; content:"Host"; http_header; classtype:trojan-activity; sid:100003627; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"41.211.100.137"; content:"Host"; http_header; classtype:trojan-activity; sid:100003628; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"41.222.195.232"; content:"Host"; http_header; classtype:trojan-activity; sid:100003629; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"41.226.60.138"; content:"Host"; http_header; classtype:trojan-activity; sid:100003630; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"41.230.17.135"; content:"Host"; http_header; classtype:trojan-activity; sid:100003631; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"41.230.31.58"; content:"Host"; http_header; classtype:trojan-activity; sid:100003632; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"41.251.248.90"; content:"Host"; http_header; classtype:trojan-activity; sid:100003633; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"41.38.61.82"; content:"Host"; http_header; classtype:trojan-activity; sid:100003634; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"41.39.34.104"; content:"Host"; http_header; classtype:trojan-activity; sid:100003635; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"41.39.34.105"; content:"Host"; http_header; classtype:trojan-activity; sid:100003636; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"41.39.34.106"; content:"Host"; http_header; classtype:trojan-activity; sid:100003637; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"41.39.34.107"; content:"Host"; http_header; classtype:trojan-activity; sid:100003638; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"41.39.34.108"; content:"Host"; http_header; classtype:trojan-activity; sid:100003639; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"41.39.34.109"; content:"Host"; http_header; classtype:trojan-activity; sid:100003640; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"41.39.34.110"; content:"Host"; http_header; classtype:trojan-activity; sid:100003641; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"41.39.34.111"; content:"Host"; http_header; classtype:trojan-activity; sid:100003642; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"41.41.174.27"; content:"Host"; http_header; classtype:trojan-activity; sid:100003643; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"41.72.203.82"; content:"Host"; http_header; classtype:trojan-activity; sid:100003644; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"41.76.157.2"; content:"Host"; http_header; classtype:trojan-activity; sid:100003645; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"41.78.172.77"; content:"Host"; http_header; classtype:trojan-activity; sid:100003646; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"41.86.18.11"; content:"Host"; http_header; classtype:trojan-activity; sid:100003647; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"41.86.18.148"; content:"Host"; http_header; classtype:trojan-activity; sid:100003648; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"41.86.18.164"; content:"Host"; http_header; classtype:trojan-activity; sid:100003649; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"41.86.18.165"; content:"Host"; http_header; classtype:trojan-activity; sid:100003650; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"41.86.18.171"; content:"Host"; http_header; classtype:trojan-activity; sid:100003651; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"41.86.19.140"; content:"Host"; http_header; classtype:trojan-activity; sid:100003652; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"41.86.19.152"; content:"Host"; http_header; classtype:trojan-activity; sid:100003653; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"41.86.19.80"; content:"Host"; http_header; classtype:trojan-activity; sid:100003654; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"41.86.19.87"; content:"Host"; http_header; classtype:trojan-activity; sid:100003655; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"41.86.21.27"; content:"Host"; http_header; classtype:trojan-activity; sid:100003656; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"41.86.21.28"; content:"Host"; http_header; classtype:trojan-activity; sid:100003657; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"41.86.21.5"; content:"Host"; http_header; classtype:trojan-activity; sid:100003658; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"41.86.21.59"; content:"Host"; http_header; classtype:trojan-activity; sid:100003659; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"41.86.21.62"; content:"Host"; http_header; classtype:trojan-activity; sid:100003660; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"41.86.5.142"; content:"Host"; http_header; classtype:trojan-activity; sid:100003661; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"41.86.5.153"; content:"Host"; http_header; classtype:trojan-activity; sid:100003662; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"41.86.5.164"; content:"Host"; http_header; classtype:trojan-activity; sid:100003663; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"41.86.5.183"; content:"Host"; http_header; classtype:trojan-activity; sid:100003664; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"41.86.5.199"; content:"Host"; http_header; classtype:trojan-activity; sid:100003665; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"41.86.5.233"; content:"Host"; http_header; classtype:trojan-activity; sid:100003666; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"41.86.5.42"; content:"Host"; http_header; classtype:trojan-activity; sid:100003667; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.176.100.6"; content:"Host"; http_header; classtype:trojan-activity; sid:100003668; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.179.64.39"; content:"Host"; http_header; classtype:trojan-activity; sid:100003669; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.180.206.145"; content:"Host"; http_header; classtype:trojan-activity; sid:100003670; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.202.100.159"; content:"Host"; http_header; classtype:trojan-activity; sid:100003671; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.202.101.189"; content:"Host"; http_header; classtype:trojan-activity; sid:100003672; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.224.101.136"; content:"Host"; http_header; classtype:trojan-activity; sid:100003673; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.224.109.95"; content:"Host"; http_header; classtype:trojan-activity; sid:100003674; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.224.121.157"; content:"Host"; http_header; classtype:trojan-activity; sid:100003675; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.224.123.115"; content:"Host"; http_header; classtype:trojan-activity; sid:100003676; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.224.124.241"; content:"Host"; http_header; classtype:trojan-activity; sid:100003677; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.224.126.17"; content:"Host"; http_header; classtype:trojan-activity; sid:100003678; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.224.126.198"; content:"Host"; http_header; classtype:trojan-activity; sid:100003679; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.224.14.14"; content:"Host"; http_header; classtype:trojan-activity; sid:100003680; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.224.143.87"; content:"Host"; http_header; classtype:trojan-activity; sid:100003681; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.224.168.127"; content:"Host"; http_header; classtype:trojan-activity; sid:100003682; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.224.172.222"; content:"Host"; http_header; classtype:trojan-activity; sid:100003683; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.224.174.140"; content:"Host"; http_header; classtype:trojan-activity; sid:100003684; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.224.178.31"; content:"Host"; http_header; classtype:trojan-activity; sid:100003685; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.224.178.71"; content:"Host"; http_header; classtype:trojan-activity; sid:100003686; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.224.18.185"; content:"Host"; http_header; classtype:trojan-activity; sid:100003687; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.224.2.159"; content:"Host"; http_header; classtype:trojan-activity; sid:100003688; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.224.2.233"; content:"Host"; http_header; classtype:trojan-activity; sid:100003689; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.224.208.168"; content:"Host"; http_header; classtype:trojan-activity; sid:100003690; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.224.233.255"; content:"Host"; http_header; classtype:trojan-activity; sid:100003691; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.224.235.50"; content:"Host"; http_header; classtype:trojan-activity; sid:100003692; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.224.239.236"; content:"Host"; http_header; classtype:trojan-activity; sid:100003693; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.224.245.247"; content:"Host"; http_header; classtype:trojan-activity; sid:100003694; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.224.27.208"; content:"Host"; http_header; classtype:trojan-activity; sid:100003695; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.224.30.61"; content:"Host"; http_header; classtype:trojan-activity; sid:100003696; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.224.47.49"; content:"Host"; http_header; classtype:trojan-activity; sid:100003697; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.224.47.71"; content:"Host"; http_header; classtype:trojan-activity; sid:100003698; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.224.59.112"; content:"Host"; http_header; classtype:trojan-activity; sid:100003699; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.224.6.148"; content:"Host"; http_header; classtype:trojan-activity; sid:100003700; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.224.62.93"; content:"Host"; http_header; classtype:trojan-activity; sid:100003701; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.224.65.67"; content:"Host"; http_header; classtype:trojan-activity; sid:100003702; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.224.69.134"; content:"Host"; http_header; classtype:trojan-activity; sid:100003703; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.224.7.164"; content:"Host"; http_header; classtype:trojan-activity; sid:100003704; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.224.74.163"; content:"Host"; http_header; classtype:trojan-activity; sid:100003705; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.224.74.217"; content:"Host"; http_header; classtype:trojan-activity; sid:100003706; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.224.80.146"; content:"Host"; http_header; classtype:trojan-activity; sid:100003707; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.224.83.183"; content:"Host"; http_header; classtype:trojan-activity; sid:100003708; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.225.203.202"; content:"Host"; http_header; classtype:trojan-activity; sid:100003709; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.225.228.131"; content:"Host"; http_header; classtype:trojan-activity; sid:100003710; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.225.250.54"; content:"Host"; http_header; classtype:trojan-activity; sid:100003711; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.225.54.109"; content:"Host"; http_header; classtype:trojan-activity; sid:100003712; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.225.75.71"; content:"Host"; http_header; classtype:trojan-activity; sid:100003713; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.226.65.88"; content:"Host"; http_header; classtype:trojan-activity; sid:100003714; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.226.80.25"; content:"Host"; http_header; classtype:trojan-activity; sid:100003715; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.226.89.86"; content:"Host"; http_header; classtype:trojan-activity; sid:100003716; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.227.115.241"; content:"Host"; http_header; classtype:trojan-activity; sid:100003717; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.227.118.116"; content:"Host"; http_header; classtype:trojan-activity; sid:100003718; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.227.123.161"; content:"Host"; http_header; classtype:trojan-activity; sid:100003719; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.227.135.240"; content:"Host"; http_header; classtype:trojan-activity; sid:100003720; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.227.166.215"; content:"Host"; http_header; classtype:trojan-activity; sid:100003721; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.227.187.97"; content:"Host"; http_header; classtype:trojan-activity; sid:100003722; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.227.206.7"; content:"Host"; http_header; classtype:trojan-activity; sid:100003723; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.227.236.95"; content:"Host"; http_header; classtype:trojan-activity; sid:100003724; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.227.238.136"; content:"Host"; http_header; classtype:trojan-activity; sid:100003725; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.227.244.100"; content:"Host"; http_header; classtype:trojan-activity; sid:100003726; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.227.7.76"; content:"Host"; http_header; classtype:trojan-activity; sid:100003727; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.228.127.178"; content:"Host"; http_header; classtype:trojan-activity; sid:100003728; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.228.232.1"; content:"Host"; http_header; classtype:trojan-activity; sid:100003729; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.228.233.103"; content:"Host"; http_header; classtype:trojan-activity; sid:100003730; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.228.254.48"; content:"Host"; http_header; classtype:trojan-activity; sid:100003731; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.228.33.182"; content:"Host"; http_header; classtype:trojan-activity; sid:100003732; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.228.65.120"; content:"Host"; http_header; classtype:trojan-activity; sid:100003733; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.228.77.227"; content:"Host"; http_header; classtype:trojan-activity; sid:100003734; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.228.78.207"; content:"Host"; http_header; classtype:trojan-activity; sid:100003735; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.228.96.163"; content:"Host"; http_header; classtype:trojan-activity; sid:100003736; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.229.160.125"; content:"Host"; http_header; classtype:trojan-activity; sid:100003737; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.230.101.108"; content:"Host"; http_header; classtype:trojan-activity; sid:100003738; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.230.101.97"; content:"Host"; http_header; classtype:trojan-activity; sid:100003739; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.230.103.11"; content:"Host"; http_header; classtype:trojan-activity; sid:100003740; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.230.103.20"; content:"Host"; http_header; classtype:trojan-activity; sid:100003741; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.230.104.236"; content:"Host"; http_header; classtype:trojan-activity; sid:100003742; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.230.123.18"; content:"Host"; http_header; classtype:trojan-activity; sid:100003743; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.230.189.78"; content:"Host"; http_header; classtype:trojan-activity; sid:100003744; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.230.191.130"; content:"Host"; http_header; classtype:trojan-activity; sid:100003745; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.230.199.207"; content:"Host"; http_header; classtype:trojan-activity; sid:100003746; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.230.217.139"; content:"Host"; http_header; classtype:trojan-activity; sid:100003747; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.230.218.217"; content:"Host"; http_header; classtype:trojan-activity; sid:100003748; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.230.225.40"; content:"Host"; http_header; classtype:trojan-activity; sid:100003749; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.230.32.219"; content:"Host"; http_header; classtype:trojan-activity; sid:100003750; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.230.42.124"; content:"Host"; http_header; classtype:trojan-activity; sid:100003751; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.230.44.173"; content:"Host"; http_header; classtype:trojan-activity; sid:100003752; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.230.49.68"; content:"Host"; http_header; classtype:trojan-activity; sid:100003753; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.230.65.223"; content:"Host"; http_header; classtype:trojan-activity; sid:100003754; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.230.85.201"; content:"Host"; http_header; classtype:trojan-activity; sid:100003755; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.230.99.109"; content:"Host"; http_header; classtype:trojan-activity; sid:100003756; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.231.107.207"; content:"Host"; http_header; classtype:trojan-activity; sid:100003757; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.231.240.203"; content:"Host"; http_header; classtype:trojan-activity; sid:100003758; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.231.246.233"; content:"Host"; http_header; classtype:trojan-activity; sid:100003759; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.231.91.209"; content:"Host"; http_header; classtype:trojan-activity; sid:100003760; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.232.101.235"; content:"Host"; http_header; classtype:trojan-activity; sid:100003761; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.232.102.219"; content:"Host"; http_header; classtype:trojan-activity; sid:100003762; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.232.119.72"; content:"Host"; http_header; classtype:trojan-activity; sid:100003763; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.232.203.220"; content:"Host"; http_header; classtype:trojan-activity; sid:100003764; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.232.78.239"; content:"Host"; http_header; classtype:trojan-activity; sid:100003765; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.233.105.78"; content:"Host"; http_header; classtype:trojan-activity; sid:100003766; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.233.123.230"; content:"Host"; http_header; classtype:trojan-activity; sid:100003767; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.233.207.52"; content:"Host"; http_header; classtype:trojan-activity; sid:100003768; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.234.137.141"; content:"Host"; http_header; classtype:trojan-activity; sid:100003769; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.234.164.79"; content:"Host"; http_header; classtype:trojan-activity; sid:100003770; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.234.221.216"; content:"Host"; http_header; classtype:trojan-activity; sid:100003771; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.234.238.187"; content:"Host"; http_header; classtype:trojan-activity; sid:100003772; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.234.245.33"; content:"Host"; http_header; classtype:trojan-activity; sid:100003773; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.234.249.143"; content:"Host"; http_header; classtype:trojan-activity; sid:100003774; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.234.249.170"; content:"Host"; http_header; classtype:trojan-activity; sid:100003775; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.235.115.198"; content:"Host"; http_header; classtype:trojan-activity; sid:100003776; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.235.17.145"; content:"Host"; http_header; classtype:trojan-activity; sid:100003777; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.235.174.227"; content:"Host"; http_header; classtype:trojan-activity; sid:100003778; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.235.31.36"; content:"Host"; http_header; classtype:trojan-activity; sid:100003779; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.235.50.109"; content:"Host"; http_header; classtype:trojan-activity; sid:100003780; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.235.64.45"; content:"Host"; http_header; classtype:trojan-activity; sid:100003781; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.235.68.176"; content:"Host"; http_header; classtype:trojan-activity; sid:100003782; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.235.71.220"; content:"Host"; http_header; classtype:trojan-activity; sid:100003783; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.235.81.140"; content:"Host"; http_header; classtype:trojan-activity; sid:100003784; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.235.86.81"; content:"Host"; http_header; classtype:trojan-activity; sid:100003785; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.235.88.61"; content:"Host"; http_header; classtype:trojan-activity; sid:100003786; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.235.90.202"; content:"Host"; http_header; classtype:trojan-activity; sid:100003787; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.235.94.185"; content:"Host"; http_header; classtype:trojan-activity; sid:100003788; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.235.95.33"; content:"Host"; http_header; classtype:trojan-activity; sid:100003789; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.236.151.154"; content:"Host"; http_header; classtype:trojan-activity; sid:100003790; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.236.160.10"; content:"Host"; http_header; classtype:trojan-activity; sid:100003791; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.236.212.200"; content:"Host"; http_header; classtype:trojan-activity; sid:100003792; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.236.214.53"; content:"Host"; http_header; classtype:trojan-activity; sid:100003793; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.236.236.155"; content:"Host"; http_header; classtype:trojan-activity; sid:100003794; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.237.47.61"; content:"Host"; http_header; classtype:trojan-activity; sid:100003795; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.238.148.127"; content:"Host"; http_header; classtype:trojan-activity; sid:100003796; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.238.167.36"; content:"Host"; http_header; classtype:trojan-activity; sid:100003797; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.238.224.136"; content:"Host"; http_header; classtype:trojan-activity; sid:100003798; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.238.224.94"; content:"Host"; http_header; classtype:trojan-activity; sid:100003799; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.238.251.227"; content:"Host"; http_header; classtype:trojan-activity; sid:100003800; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.238.48.59"; content:"Host"; http_header; classtype:trojan-activity; sid:100003801; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.238.56.108"; content:"Host"; http_header; classtype:trojan-activity; sid:100003802; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.238.73.149"; content:"Host"; http_header; classtype:trojan-activity; sid:100003803; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.239.190.157"; content:"Host"; http_header; classtype:trojan-activity; sid:100003804; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.239.43.138"; content:"Host"; http_header; classtype:trojan-activity; sid:100003805; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.239.96.219"; content:"Host"; http_header; classtype:trojan-activity; sid:100003806; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.61.99.155"; content:"Host"; http_header; classtype:trojan-activity; sid:100003807; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.7.19.251"; content:"Host"; http_header; classtype:trojan-activity; sid:100003808; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.84.34.141"; content:"Host"; http_header; classtype:trojan-activity; sid:100003809; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"43.226.234.42"; content:"Host"; http_header; classtype:trojan-activity; sid:100003810; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"43.241.106.183"; content:"Host"; http_header; classtype:trojan-activity; sid:100003811; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"43.248.191.71"; content:"Host"; http_header; classtype:trojan-activity; sid:100003812; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"43.255.241.176"; content:"Host"; http_header; classtype:trojan-activity; sid:100003813; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"45.115.255.235"; content:"Host"; http_header; classtype:trojan-activity; sid:100003814; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"45.115.255.236"; content:"Host"; http_header; classtype:trojan-activity; sid:100003815; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"45.133.1.107"; content:"Host"; http_header; classtype:trojan-activity; sid:100003816; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"45.133.1.108"; content:"Host"; http_header; classtype:trojan-activity; sid:100003817; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"45.133.203.192"; content:"Host"; http_header; classtype:trojan-activity; sid:100003818; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"45.134.8.218"; content:"Host"; http_header; classtype:trojan-activity; sid:100003819; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"45.137.21.44"; content:"Host"; http_header; classtype:trojan-activity; sid:100003820; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"45.142.182.126"; content:"Host"; http_header; classtype:trojan-activity; sid:100003821; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"45.166.189.201"; content:"Host"; http_header; classtype:trojan-activity; sid:100003822; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"45.189.73.83"; content:"Host"; http_header; classtype:trojan-activity; sid:100003823; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"45.190.46.60"; content:"Host"; http_header; classtype:trojan-activity; sid:100003824; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"45.201.167.132"; content:"Host"; http_header; classtype:trojan-activity; sid:100003825; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"45.201.204.240"; content:"Host"; http_header; classtype:trojan-activity; sid:100003826; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"45.22.209.58"; content:"Host"; http_header; classtype:trojan-activity; sid:100003827; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"45.224.168.21"; content:"Host"; http_header; classtype:trojan-activity; sid:100003828; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"45.224.168.23"; content:"Host"; http_header; classtype:trojan-activity; sid:100003829; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"45.224.168.30"; content:"Host"; http_header; classtype:trojan-activity; sid:100003830; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"45.224.168.33"; content:"Host"; http_header; classtype:trojan-activity; sid:100003831; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"45.224.169.185"; content:"Host"; http_header; classtype:trojan-activity; sid:100003832; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"45.23.22.186"; content:"Host"; http_header; classtype:trojan-activity; sid:100003833; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"45.231.209.229"; content:"Host"; http_header; classtype:trojan-activity; sid:100003834; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"45.232.72.1"; content:"Host"; http_header; classtype:trojan-activity; sid:100003835; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"45.232.73.191"; content:"Host"; http_header; classtype:trojan-activity; sid:100003836; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"45.27.253.137"; content:"Host"; http_header; classtype:trojan-activity; sid:100003837; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"45.5.208.215"; content:"Host"; http_header; classtype:trojan-activity; sid:100003838; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"45.5.209.188"; content:"Host"; http_header; classtype:trojan-activity; sid:100003839; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"45.5.209.75"; content:"Host"; http_header; classtype:trojan-activity; sid:100003840; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"45.51.104.59"; content:"Host"; http_header; classtype:trojan-activity; sid:100003841; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"45.6.39.26"; content:"Host"; http_header; classtype:trojan-activity; sid:100003842; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"45.61.184.103"; content:"Host"; http_header; classtype:trojan-activity; sid:100003843; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"45.65.222.222"; content:"Host"; http_header; classtype:trojan-activity; sid:100003844; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"45.72.242.244"; content:"Host"; http_header; classtype:trojan-activity; sid:100003845; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"45.9.20.150"; content:"Host"; http_header; classtype:trojan-activity; sid:100003846; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"45.95.169.115"; content:"Host"; http_header; classtype:trojan-activity; sid:100003847; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"46.100.107.142"; content:"Host"; http_header; classtype:trojan-activity; sid:100003848; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"46.107.206.141"; content:"Host"; http_header; classtype:trojan-activity; sid:100003849; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"46.139.27.132"; content:"Host"; http_header; classtype:trojan-activity; sid:100003850; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"46.172.75.231"; content:"Host"; http_header; classtype:trojan-activity; sid:100003851; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"46.175.184.18"; content:"Host"; http_header; classtype:trojan-activity; sid:100003852; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"46.175.22.54"; content:"Host"; http_header; classtype:trojan-activity; sid:100003853; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"46.200.206.4"; content:"Host"; http_header; classtype:trojan-activity; sid:100003854; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"46.201.210.44"; content:"Host"; http_header; classtype:trojan-activity; sid:100003855; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"46.214.27.4"; content:"Host"; http_header; classtype:trojan-activity; sid:100003856; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"46.214.37.242"; content:"Host"; http_header; classtype:trojan-activity; sid:100003857; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"46.23.199.41"; content:"Host"; http_header; classtype:trojan-activity; sid:100003858; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"46.236.65.108"; content:"Host"; http_header; classtype:trojan-activity; sid:100003859; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"46.237.1.17"; content:"Host"; http_header; classtype:trojan-activity; sid:100003860; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"46.24.130.254"; content:"Host"; http_header; classtype:trojan-activity; sid:100003861; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"46.241.120.165"; content:"Host"; http_header; classtype:trojan-activity; sid:100003862; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"46.33.63.8"; content:"Host"; http_header; classtype:trojan-activity; sid:100003863; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"46.36.74.43"; content:"Host"; http_header; classtype:trojan-activity; sid:100003864; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"46.42.86.128"; content:"Host"; http_header; classtype:trojan-activity; sid:100003865; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"46.47.80.41"; content:"Host"; http_header; classtype:trojan-activity; sid:100003866; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"46.72.140.20"; content:"Host"; http_header; classtype:trojan-activity; sid:100003867; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"46.97.21.162"; content:"Host"; http_header; classtype:trojan-activity; sid:100003868; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"47.145.144.219"; content:"Host"; http_header; classtype:trojan-activity; sid:100003869; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"47.145.152.26"; content:"Host"; http_header; classtype:trojan-activity; sid:100003870; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"47.148.133.227"; content:"Host"; http_header; classtype:trojan-activity; sid:100003871; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"47.148.46.57"; content:"Host"; http_header; classtype:trojan-activity; sid:100003872; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"47.151.7.143"; content:"Host"; http_header; classtype:trojan-activity; sid:100003873; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"47.154.44.62"; content:"Host"; http_header; classtype:trojan-activity; sid:100003874; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"47.16.133.241"; content:"Host"; http_header; classtype:trojan-activity; sid:100003875; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"47.180.188.158"; content:"Host"; http_header; classtype:trojan-activity; sid:100003876; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"47.181.202.147"; content:"Host"; http_header; classtype:trojan-activity; sid:100003877; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"47.200.1.26"; content:"Host"; http_header; classtype:trojan-activity; sid:100003878; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"47.21.19.222"; content:"Host"; http_header; classtype:trojan-activity; sid:100003879; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"47.22.159.114"; content:"Host"; http_header; classtype:trojan-activity; sid:100003880; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"47.34.189.185"; content:"Host"; http_header; classtype:trojan-activity; sid:100003881; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"47.46.231.38"; content:"Host"; http_header; classtype:trojan-activity; sid:100003882; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.112.196.164"; content:"Host"; http_header; classtype:trojan-activity; sid:100003883; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.115.98.208"; content:"Host"; http_header; classtype:trojan-activity; sid:100003884; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.116.176.244"; content:"Host"; http_header; classtype:trojan-activity; sid:100003885; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.142.240.85"; content:"Host"; http_header; classtype:trojan-activity; sid:100003886; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.142.87.36"; content:"Host"; http_header; classtype:trojan-activity; sid:100003887; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.143.32.36"; content:"Host"; http_header; classtype:trojan-activity; sid:100003888; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.143.32.41"; content:"Host"; http_header; classtype:trojan-activity; sid:100003889; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.143.43.93"; content:"Host"; http_header; classtype:trojan-activity; sid:100003890; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.156.35.166"; content:"Host"; http_header; classtype:trojan-activity; sid:100003891; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.158.112.149"; content:"Host"; http_header; classtype:trojan-activity; sid:100003892; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.158.202.113"; content:"Host"; http_header; classtype:trojan-activity; sid:100003893; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.159.20.121"; content:"Host"; http_header; classtype:trojan-activity; sid:100003894; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.159.21.171"; content:"Host"; http_header; classtype:trojan-activity; sid:100003895; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.159.21.3"; content:"Host"; http_header; classtype:trojan-activity; sid:100003896; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.159.92.189"; content:"Host"; http_header; classtype:trojan-activity; sid:100003897; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.169.9.23"; content:"Host"; http_header; classtype:trojan-activity; sid:100003898; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.213.161.204"; content:"Host"; http_header; classtype:trojan-activity; sid:100003899; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.213.162.148"; content:"Host"; http_header; classtype:trojan-activity; sid:100003900; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.213.164.114"; content:"Host"; http_header; classtype:trojan-activity; sid:100003901; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.213.179.129"; content:"Host"; http_header; classtype:trojan-activity; sid:100003902; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.213.212.154"; content:"Host"; http_header; classtype:trojan-activity; sid:100003903; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.64.122.199"; content:"Host"; http_header; classtype:trojan-activity; sid:100003904; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.65.90.69"; content:"Host"; http_header; classtype:trojan-activity; sid:100003905; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.68.24.126"; content:"Host"; http_header; classtype:trojan-activity; sid:100003906; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.0.10"; content:"Host"; http_header; classtype:trojan-activity; sid:100003907; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.0.112"; content:"Host"; http_header; classtype:trojan-activity; sid:100003908; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.0.178"; content:"Host"; http_header; classtype:trojan-activity; sid:100003909; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.0.210"; content:"Host"; http_header; classtype:trojan-activity; sid:100003910; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.0.219"; content:"Host"; http_header; classtype:trojan-activity; sid:100003911; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.0.245"; content:"Host"; http_header; classtype:trojan-activity; sid:100003912; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.0.54"; content:"Host"; http_header; classtype:trojan-activity; sid:100003913; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.0.78"; content:"Host"; http_header; classtype:trojan-activity; sid:100003914; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.1.106"; content:"Host"; http_header; classtype:trojan-activity; sid:100003915; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.1.116"; content:"Host"; http_header; classtype:trojan-activity; sid:100003916; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.1.235"; content:"Host"; http_header; classtype:trojan-activity; sid:100003917; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.1.42"; content:"Host"; http_header; classtype:trojan-activity; sid:100003918; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.100.146"; content:"Host"; http_header; classtype:trojan-activity; sid:100003919; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.100.236"; content:"Host"; http_header; classtype:trojan-activity; sid:100003920; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.100.55"; content:"Host"; http_header; classtype:trojan-activity; sid:100003921; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.100.84"; content:"Host"; http_header; classtype:trojan-activity; sid:100003922; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.111.165"; content:"Host"; http_header; classtype:trojan-activity; sid:100003923; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.12.139"; content:"Host"; http_header; classtype:trojan-activity; sid:100003924; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.15.10"; content:"Host"; http_header; classtype:trojan-activity; sid:100003925; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.15.115"; content:"Host"; http_header; classtype:trojan-activity; sid:100003926; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.15.119"; content:"Host"; http_header; classtype:trojan-activity; sid:100003927; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.15.143"; content:"Host"; http_header; classtype:trojan-activity; sid:100003928; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.15.183"; content:"Host"; http_header; classtype:trojan-activity; sid:100003929; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.15.185"; content:"Host"; http_header; classtype:trojan-activity; sid:100003930; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.15.200"; content:"Host"; http_header; classtype:trojan-activity; sid:100003931; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.15.41"; content:"Host"; http_header; classtype:trojan-activity; sid:100003932; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.15.48"; content:"Host"; http_header; classtype:trojan-activity; sid:100003933; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.15.5"; content:"Host"; http_header; classtype:trojan-activity; sid:100003934; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.15.68"; content:"Host"; http_header; classtype:trojan-activity; sid:100003935; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.15.73"; content:"Host"; http_header; classtype:trojan-activity; sid:100003936; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.15.75"; content:"Host"; http_header; classtype:trojan-activity; sid:100003937; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.15.93"; content:"Host"; http_header; classtype:trojan-activity; sid:100003938; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.15.99"; content:"Host"; http_header; classtype:trojan-activity; sid:100003939; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.2.121"; content:"Host"; http_header; classtype:trojan-activity; sid:100003940; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.2.157"; content:"Host"; http_header; classtype:trojan-activity; sid:100003941; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.2.171"; content:"Host"; http_header; classtype:trojan-activity; sid:100003942; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.2.215"; content:"Host"; http_header; classtype:trojan-activity; sid:100003943; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.2.220"; content:"Host"; http_header; classtype:trojan-activity; sid:100003944; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.3.138"; content:"Host"; http_header; classtype:trojan-activity; sid:100003945; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.3.14"; content:"Host"; http_header; classtype:trojan-activity; sid:100003946; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.3.146"; content:"Host"; http_header; classtype:trojan-activity; sid:100003947; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.3.225"; content:"Host"; http_header; classtype:trojan-activity; sid:100003948; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.3.242"; content:"Host"; http_header; classtype:trojan-activity; sid:100003949; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.3.36"; content:"Host"; http_header; classtype:trojan-activity; sid:100003950; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.3.52"; content:"Host"; http_header; classtype:trojan-activity; sid:100003951; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.3.76"; content:"Host"; http_header; classtype:trojan-activity; sid:100003952; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.3.96"; content:"Host"; http_header; classtype:trojan-activity; sid:100003953; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.4.104"; content:"Host"; http_header; classtype:trojan-activity; sid:100003954; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.4.112"; content:"Host"; http_header; classtype:trojan-activity; sid:100003955; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.4.123"; content:"Host"; http_header; classtype:trojan-activity; sid:100003956; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.4.15"; content:"Host"; http_header; classtype:trojan-activity; sid:100003957; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.4.165"; content:"Host"; http_header; classtype:trojan-activity; sid:100003958; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.4.170"; content:"Host"; http_header; classtype:trojan-activity; sid:100003959; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.4.182"; content:"Host"; http_header; classtype:trojan-activity; sid:100003960; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.4.185"; content:"Host"; http_header; classtype:trojan-activity; sid:100003961; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.4.2"; content:"Host"; http_header; classtype:trojan-activity; sid:100003962; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.4.218"; content:"Host"; http_header; classtype:trojan-activity; sid:100003963; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.4.223"; content:"Host"; http_header; classtype:trojan-activity; sid:100003964; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.4.233"; content:"Host"; http_header; classtype:trojan-activity; sid:100003965; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.4.250"; content:"Host"; http_header; classtype:trojan-activity; sid:100003966; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.4.28"; content:"Host"; http_header; classtype:trojan-activity; sid:100003967; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.4.30"; content:"Host"; http_header; classtype:trojan-activity; sid:100003968; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.4.34"; content:"Host"; http_header; classtype:trojan-activity; sid:100003969; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.4.35"; content:"Host"; http_header; classtype:trojan-activity; sid:100003970; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.4.85"; content:"Host"; http_header; classtype:trojan-activity; sid:100003971; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.4.92"; content:"Host"; http_header; classtype:trojan-activity; sid:100003972; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.81.105"; content:"Host"; http_header; classtype:trojan-activity; sid:100003973; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.81.109"; content:"Host"; http_header; classtype:trojan-activity; sid:100003974; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.81.112"; content:"Host"; http_header; classtype:trojan-activity; sid:100003975; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.81.121"; content:"Host"; http_header; classtype:trojan-activity; sid:100003976; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.81.136"; content:"Host"; http_header; classtype:trojan-activity; sid:100003977; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.81.141"; content:"Host"; http_header; classtype:trojan-activity; sid:100003978; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.81.149"; content:"Host"; http_header; classtype:trojan-activity; sid:100003979; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.81.177"; content:"Host"; http_header; classtype:trojan-activity; sid:100003980; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.81.190"; content:"Host"; http_header; classtype:trojan-activity; sid:100003981; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.81.212"; content:"Host"; http_header; classtype:trojan-activity; sid:100003982; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.81.217"; content:"Host"; http_header; classtype:trojan-activity; sid:100003983; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.81.231"; content:"Host"; http_header; classtype:trojan-activity; sid:100003984; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.81.244"; content:"Host"; http_header; classtype:trojan-activity; sid:100003985; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.81.36"; content:"Host"; http_header; classtype:trojan-activity; sid:100003986; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.81.41"; content:"Host"; http_header; classtype:trojan-activity; sid:100003987; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.81.48"; content:"Host"; http_header; classtype:trojan-activity; sid:100003988; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.81.52"; content:"Host"; http_header; classtype:trojan-activity; sid:100003989; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.81.59"; content:"Host"; http_header; classtype:trojan-activity; sid:100003990; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.81.63"; content:"Host"; http_header; classtype:trojan-activity; sid:100003991; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.81.86"; content:"Host"; http_header; classtype:trojan-activity; sid:100003992; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.81.9"; content:"Host"; http_header; classtype:trojan-activity; sid:100003993; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.96.133"; content:"Host"; http_header; classtype:trojan-activity; sid:100003994; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.96.173"; content:"Host"; http_header; classtype:trojan-activity; sid:100003995; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.96.200"; content:"Host"; http_header; classtype:trojan-activity; sid:100003996; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.96.228"; content:"Host"; http_header; classtype:trojan-activity; sid:100003997; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.96.253"; content:"Host"; http_header; classtype:trojan-activity; sid:100003998; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.96.38"; content:"Host"; http_header; classtype:trojan-activity; sid:100003999; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.96.39"; content:"Host"; http_header; classtype:trojan-activity; sid:100004000; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.96.67"; content:"Host"; http_header; classtype:trojan-activity; sid:100004001; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.96.76"; content:"Host"; http_header; classtype:trojan-activity; sid:100004002; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.96.95"; content:"Host"; http_header; classtype:trojan-activity; sid:100004003; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.75.36.184"; content:"Host"; http_header; classtype:trojan-activity; sid:100004004; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.76.177.152"; content:"Host"; http_header; classtype:trojan-activity; sid:100004005; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.76.79.188"; content:"Host"; http_header; classtype:trojan-activity; sid:100004006; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.87.213.254"; content:"Host"; http_header; classtype:trojan-activity; sid:100004007; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.89.116.125"; content:"Host"; http_header; classtype:trojan-activity; sid:100004008; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.89.150.170"; content:"Host"; http_header; classtype:trojan-activity; sid:100004009; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.89.167.186"; content:"Host"; http_header; classtype:trojan-activity; sid:100004010; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.89.168.114"; content:"Host"; http_header; classtype:trojan-activity; sid:100004011; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.89.168.188"; content:"Host"; http_header; classtype:trojan-activity; sid:100004012; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.89.170.115"; content:"Host"; http_header; classtype:trojan-activity; sid:100004013; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.89.171.204"; content:"Host"; http_header; classtype:trojan-activity; sid:100004014; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.89.171.233"; content:"Host"; http_header; classtype:trojan-activity; sid:100004015; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.89.172.221"; content:"Host"; http_header; classtype:trojan-activity; sid:100004016; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.89.173.47"; content:"Host"; http_header; classtype:trojan-activity; sid:100004017; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.89.175.30"; content:"Host"; http_header; classtype:trojan-activity; sid:100004018; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.89.196.37"; content:"Host"; http_header; classtype:trojan-activity; sid:100004019; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.89.223.112"; content:"Host"; http_header; classtype:trojan-activity; sid:100004020; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.89.223.179"; content:"Host"; http_header; classtype:trojan-activity; sid:100004021; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.89.223.61"; content:"Host"; http_header; classtype:trojan-activity; sid:100004022; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.89.223.85"; content:"Host"; http_header; classtype:trojan-activity; sid:100004023; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.89.225.113"; content:"Host"; http_header; classtype:trojan-activity; sid:100004024; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.89.225.150"; content:"Host"; http_header; classtype:trojan-activity; sid:100004025; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.89.70.100"; content:"Host"; http_header; classtype:trojan-activity; sid:100004026; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.89.70.103"; content:"Host"; http_header; classtype:trojan-activity; sid:100004027; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.89.70.12"; content:"Host"; http_header; classtype:trojan-activity; sid:100004028; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.89.70.158"; content:"Host"; http_header; classtype:trojan-activity; sid:100004029; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.89.70.168"; content:"Host"; http_header; classtype:trojan-activity; sid:100004030; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.89.70.184"; content:"Host"; http_header; classtype:trojan-activity; sid:100004031; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.89.70.223"; content:"Host"; http_header; classtype:trojan-activity; sid:100004032; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.89.70.24"; content:"Host"; http_header; classtype:trojan-activity; sid:100004033; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.89.70.243"; content:"Host"; http_header; classtype:trojan-activity; sid:100004034; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.89.70.251"; content:"Host"; http_header; classtype:trojan-activity; sid:100004035; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.89.70.53"; content:"Host"; http_header; classtype:trojan-activity; sid:100004036; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.89.70.80"; content:"Host"; http_header; classtype:trojan-activity; sid:100004037; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.89.70.99"; content:"Host"; http_header; classtype:trojan-activity; sid:100004038; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.89.72.114"; content:"Host"; http_header; classtype:trojan-activity; sid:100004039; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.89.72.123"; content:"Host"; http_header; classtype:trojan-activity; sid:100004040; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.89.72.13"; content:"Host"; http_header; classtype:trojan-activity; sid:100004041; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.89.72.147"; content:"Host"; http_header; classtype:trojan-activity; sid:100004042; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.89.72.175"; content:"Host"; http_header; classtype:trojan-activity; sid:100004043; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.89.72.194"; content:"Host"; http_header; classtype:trojan-activity; sid:100004044; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.89.72.243"; content:"Host"; http_header; classtype:trojan-activity; sid:100004045; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.89.72.248"; content:"Host"; http_header; classtype:trojan-activity; sid:100004046; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.89.72.30"; content:"Host"; http_header; classtype:trojan-activity; sid:100004047; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.89.72.62"; content:"Host"; http_header; classtype:trojan-activity; sid:100004048; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.89.72.74"; content:"Host"; http_header; classtype:trojan-activity; sid:100004049; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.89.72.88"; content:"Host"; http_header; classtype:trojan-activity; sid:100004050; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.89.90.100"; content:"Host"; http_header; classtype:trojan-activity; sid:100004051; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.89.90.12"; content:"Host"; http_header; classtype:trojan-activity; sid:100004052; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.89.90.14"; content:"Host"; http_header; classtype:trojan-activity; sid:100004053; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.89.90.160"; content:"Host"; http_header; classtype:trojan-activity; sid:100004054; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.89.90.161"; content:"Host"; http_header; classtype:trojan-activity; sid:100004055; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.89.90.228"; content:"Host"; http_header; classtype:trojan-activity; sid:100004056; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.89.90.235"; content:"Host"; http_header; classtype:trojan-activity; sid:100004057; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.89.90.238"; content:"Host"; http_header; classtype:trojan-activity; sid:100004058; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.89.90.39"; content:"Host"; http_header; classtype:trojan-activity; sid:100004059; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.89.90.63"; content:"Host"; http_header; classtype:trojan-activity; sid:100004060; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.89.90.92"; content:"Host"; http_header; classtype:trojan-activity; sid:100004061; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.89.90.94"; content:"Host"; http_header; classtype:trojan-activity; sid:100004062; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.89.93.108"; content:"Host"; http_header; classtype:trojan-activity; sid:100004063; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.89.93.126"; content:"Host"; http_header; classtype:trojan-activity; sid:100004064; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.89.93.139"; content:"Host"; http_header; classtype:trojan-activity; sid:100004065; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.89.93.144"; content:"Host"; http_header; classtype:trojan-activity; sid:100004066; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.89.93.153"; content:"Host"; http_header; classtype:trojan-activity; sid:100004067; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.89.93.162"; content:"Host"; http_header; classtype:trojan-activity; sid:100004068; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.89.93.183"; content:"Host"; http_header; classtype:trojan-activity; sid:100004069; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.89.93.185"; content:"Host"; http_header; classtype:trojan-activity; sid:100004070; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.89.93.188"; content:"Host"; http_header; classtype:trojan-activity; sid:100004071; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.89.93.193"; content:"Host"; http_header; classtype:trojan-activity; sid:100004072; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.89.93.194"; content:"Host"; http_header; classtype:trojan-activity; sid:100004073; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.89.93.203"; content:"Host"; http_header; classtype:trojan-activity; sid:100004074; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.89.93.21"; content:"Host"; http_header; classtype:trojan-activity; sid:100004075; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.89.93.210"; content:"Host"; http_header; classtype:trojan-activity; sid:100004076; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.89.93.218"; content:"Host"; http_header; classtype:trojan-activity; sid:100004077; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.89.93.22"; content:"Host"; http_header; classtype:trojan-activity; sid:100004078; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.89.93.239"; content:"Host"; http_header; classtype:trojan-activity; sid:100004079; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.89.93.252"; content:"Host"; http_header; classtype:trojan-activity; sid:100004080; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.89.93.254"; content:"Host"; http_header; classtype:trojan-activity; sid:100004081; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.89.93.62"; content:"Host"; http_header; classtype:trojan-activity; sid:100004082; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.89.93.65"; content:"Host"; http_header; classtype:trojan-activity; sid:100004083; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.89.93.68"; content:"Host"; http_header; classtype:trojan-activity; sid:100004084; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.89.93.7"; content:"Host"; http_header; classtype:trojan-activity; sid:100004085; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.89.93.74"; content:"Host"; http_header; classtype:trojan-activity; sid:100004086; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.89.93.85"; content:"Host"; http_header; classtype:trojan-activity; sid:100004087; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.89.93.94"; content:"Host"; http_header; classtype:trojan-activity; sid:100004088; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"5.102.211.20"; content:"Host"; http_header; classtype:trojan-activity; sid:100004089; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"5.28.139.28"; content:"Host"; http_header; classtype:trojan-activity; sid:100004090; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"5.42.28.181"; content:"Host"; http_header; classtype:trojan-activity; sid:100004091; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"5.57.74.2"; content:"Host"; http_header; classtype:trojan-activity; sid:100004092; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"5.8.110.188"; content:"Host"; http_header; classtype:trojan-activity; sid:100004093; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"5.95.61.30"; content:"Host"; http_header; classtype:trojan-activity; sid:100004094; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"50.192.171.85"; content:"Host"; http_header; classtype:trojan-activity; sid:100004095; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"50.194.110.19"; content:"Host"; http_header; classtype:trojan-activity; sid:100004096; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"50.209.208.17"; content:"Host"; http_header; classtype:trojan-activity; sid:100004097; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"50.212.94.242"; content:"Host"; http_header; classtype:trojan-activity; sid:100004098; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"50.226.94.6"; content:"Host"; http_header; classtype:trojan-activity; sid:100004099; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"50.245.199.220"; content:"Host"; http_header; classtype:trojan-activity; sid:100004100; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"50.247.83.66"; content:"Host"; http_header; classtype:trojan-activity; sid:100004101; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"50.251.250.50"; content:"Host"; http_header; classtype:trojan-activity; sid:100004102; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"50.83.34.176"; content:"Host"; http_header; classtype:trojan-activity; sid:100004103; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"50.88.53.62"; content:"Host"; http_header; classtype:trojan-activity; sid:100004104; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"51.159.54.29"; content:"Host"; http_header; classtype:trojan-activity; sid:100004105; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"51.195.61.169"; content:"Host"; http_header; classtype:trojan-activity; sid:100004106; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"51.81.85.213"; content:"Host"; http_header; classtype:trojan-activity; sid:100004107; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"52.165.230.106"; content:"Host"; http_header; classtype:trojan-activity; sid:100004108; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.115.161.104"; content:"Host"; http_header; classtype:trojan-activity; sid:100004109; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.115.161.155"; content:"Host"; http_header; classtype:trojan-activity; sid:100004110; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.115.161.70"; content:"Host"; http_header; classtype:trojan-activity; sid:100004111; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.115.162.92"; content:"Host"; http_header; classtype:trojan-activity; sid:100004112; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.115.167.147"; content:"Host"; http_header; classtype:trojan-activity; sid:100004113; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.115.174.4"; content:"Host"; http_header; classtype:trojan-activity; sid:100004114; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.125.191.4"; content:"Host"; http_header; classtype:trojan-activity; sid:100004115; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.142.166.120"; content:"Host"; http_header; classtype:trojan-activity; sid:100004116; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.142.200.124"; content:"Host"; http_header; classtype:trojan-activity; sid:100004117; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.153.182.115"; content:"Host"; http_header; classtype:trojan-activity; sid:100004118; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.187.47.183"; content:"Host"; http_header; classtype:trojan-activity; sid:100004119; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.19.188.114"; content:"Host"; http_header; classtype:trojan-activity; sid:100004120; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.19.248.108"; content:"Host"; http_header; classtype:trojan-activity; sid:100004121; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.217.25.87"; content:"Host"; http_header; classtype:trojan-activity; sid:100004122; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.217.26.102"; content:"Host"; http_header; classtype:trojan-activity; sid:100004123; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.23.24.60"; content:"Host"; http_header; classtype:trojan-activity; sid:100004124; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.23.94.254"; content:"Host"; http_header; classtype:trojan-activity; sid:100004125; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.230.89.42"; content:"Host"; http_header; classtype:trojan-activity; sid:100004126; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.241.82.35"; content:"Host"; http_header; classtype:trojan-activity; sid:100004127; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.243.126.75"; content:"Host"; http_header; classtype:trojan-activity; sid:100004128; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.248.117.94"; content:"Host"; http_header; classtype:trojan-activity; sid:100004129; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.248.140.153"; content:"Host"; http_header; classtype:trojan-activity; sid:100004130; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.248.140.235"; content:"Host"; http_header; classtype:trojan-activity; sid:100004131; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.248.140.29"; content:"Host"; http_header; classtype:trojan-activity; sid:100004132; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.248.142.138"; content:"Host"; http_header; classtype:trojan-activity; sid:100004133; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.248.142.208"; content:"Host"; http_header; classtype:trojan-activity; sid:100004134; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.248.142.216"; content:"Host"; http_header; classtype:trojan-activity; sid:100004135; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.248.143.110"; content:"Host"; http_header; classtype:trojan-activity; sid:100004136; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.248.143.251"; content:"Host"; http_header; classtype:trojan-activity; sid:100004137; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.248.144.225"; content:"Host"; http_header; classtype:trojan-activity; sid:100004138; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.248.144.88"; content:"Host"; http_header; classtype:trojan-activity; sid:100004139; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.248.145.132"; content:"Host"; http_header; classtype:trojan-activity; sid:100004140; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.248.145.212"; content:"Host"; http_header; classtype:trojan-activity; sid:100004141; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.248.146.230"; content:"Host"; http_header; classtype:trojan-activity; sid:100004142; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.248.146.27"; content:"Host"; http_header; classtype:trojan-activity; sid:100004143; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.248.149.236"; content:"Host"; http_header; classtype:trojan-activity; sid:100004144; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.248.149.24"; content:"Host"; http_header; classtype:trojan-activity; sid:100004145; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.248.150.82"; content:"Host"; http_header; classtype:trojan-activity; sid:100004146; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.248.73.161"; content:"Host"; http_header; classtype:trojan-activity; sid:100004147; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.248.73.93"; content:"Host"; http_header; classtype:trojan-activity; sid:100004148; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.248.76.185"; content:"Host"; http_header; classtype:trojan-activity; sid:100004149; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.248.79.136"; content:"Host"; http_header; classtype:trojan-activity; sid:100004150; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.248.79.203"; content:"Host"; http_header; classtype:trojan-activity; sid:100004151; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.248.85.182"; content:"Host"; http_header; classtype:trojan-activity; sid:100004152; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.249.14.253"; content:"Host"; http_header; classtype:trojan-activity; sid:100004153; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.249.18.14"; content:"Host"; http_header; classtype:trojan-activity; sid:100004154; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.249.21.129"; content:"Host"; http_header; classtype:trojan-activity; sid:100004155; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.249.22.98"; content:"Host"; http_header; classtype:trojan-activity; sid:100004156; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.249.72.216"; content:"Host"; http_header; classtype:trojan-activity; sid:100004157; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.249.72.33"; content:"Host"; http_header; classtype:trojan-activity; sid:100004158; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.249.73.136"; content:"Host"; http_header; classtype:trojan-activity; sid:100004159; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.249.73.156"; content:"Host"; http_header; classtype:trojan-activity; sid:100004160; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.249.73.70"; content:"Host"; http_header; classtype:trojan-activity; sid:100004161; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.249.73.83"; content:"Host"; http_header; classtype:trojan-activity; sid:100004162; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.249.74.217"; content:"Host"; http_header; classtype:trojan-activity; sid:100004163; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.249.74.243"; content:"Host"; http_header; classtype:trojan-activity; sid:100004164; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.249.74.89"; content:"Host"; http_header; classtype:trojan-activity; sid:100004165; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.249.75.51"; content:"Host"; http_header; classtype:trojan-activity; sid:100004166; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.249.76.97"; content:"Host"; http_header; classtype:trojan-activity; sid:100004167; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.249.77.254"; content:"Host"; http_header; classtype:trojan-activity; sid:100004168; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.249.78.202"; content:"Host"; http_header; classtype:trojan-activity; sid:100004169; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.249.78.49"; content:"Host"; http_header; classtype:trojan-activity; sid:100004170; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.249.79.58"; content:"Host"; http_header; classtype:trojan-activity; sid:100004171; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.249.8.68"; content:"Host"; http_header; classtype:trojan-activity; sid:100004172; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.249.81.177"; content:"Host"; http_header; classtype:trojan-activity; sid:100004173; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.249.81.231"; content:"Host"; http_header; classtype:trojan-activity; sid:100004174; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.249.81.27"; content:"Host"; http_header; classtype:trojan-activity; sid:100004175; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.249.82.161"; content:"Host"; http_header; classtype:trojan-activity; sid:100004176; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.249.82.253"; content:"Host"; http_header; classtype:trojan-activity; sid:100004177; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.249.82.5"; content:"Host"; http_header; classtype:trojan-activity; sid:100004178; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.249.83.120"; content:"Host"; http_header; classtype:trojan-activity; sid:100004179; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.249.83.56"; content:"Host"; http_header; classtype:trojan-activity; sid:100004180; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.249.83.70"; content:"Host"; http_header; classtype:trojan-activity; sid:100004181; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.249.85.152"; content:"Host"; http_header; classtype:trojan-activity; sid:100004182; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.249.85.203"; content:"Host"; http_header; classtype:trojan-activity; sid:100004183; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.249.85.29"; content:"Host"; http_header; classtype:trojan-activity; sid:100004184; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.249.86.126"; content:"Host"; http_header; classtype:trojan-activity; sid:100004185; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.249.86.159"; content:"Host"; http_header; classtype:trojan-activity; sid:100004186; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.249.86.209"; content:"Host"; http_header; classtype:trojan-activity; sid:100004187; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.249.87.86"; content:"Host"; http_header; classtype:trojan-activity; sid:100004188; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.249.88.4"; content:"Host"; http_header; classtype:trojan-activity; sid:100004189; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.249.9.115"; content:"Host"; http_header; classtype:trojan-activity; sid:100004190; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.249.90.140"; content:"Host"; http_header; classtype:trojan-activity; sid:100004191; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.249.90.32"; content:"Host"; http_header; classtype:trojan-activity; sid:100004192; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.249.91.133"; content:"Host"; http_header; classtype:trojan-activity; sid:100004193; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.249.91.168"; content:"Host"; http_header; classtype:trojan-activity; sid:100004194; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.249.91.224"; content:"Host"; http_header; classtype:trojan-activity; sid:100004195; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.252.160.22"; content:"Host"; http_header; classtype:trojan-activity; sid:100004196; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.252.160.63"; content:"Host"; http_header; classtype:trojan-activity; sid:100004197; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.252.161.48"; content:"Host"; http_header; classtype:trojan-activity; sid:100004198; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.252.163.249"; content:"Host"; http_header; classtype:trojan-activity; sid:100004199; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.252.164.9"; content:"Host"; http_header; classtype:trojan-activity; sid:100004200; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.252.174.149"; content:"Host"; http_header; classtype:trojan-activity; sid:100004201; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.252.175.6"; content:"Host"; http_header; classtype:trojan-activity; sid:100004202; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.252.176.211"; content:"Host"; http_header; classtype:trojan-activity; sid:100004203; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.252.180.180"; content:"Host"; http_header; classtype:trojan-activity; sid:100004204; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.252.180.32"; content:"Host"; http_header; classtype:trojan-activity; sid:100004205; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.252.182.111"; content:"Host"; http_header; classtype:trojan-activity; sid:100004206; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.252.203.150"; content:"Host"; http_header; classtype:trojan-activity; sid:100004207; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.252.203.202"; content:"Host"; http_header; classtype:trojan-activity; sid:100004208; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.253.13.113"; content:"Host"; http_header; classtype:trojan-activity; sid:100004209; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.253.14.15"; content:"Host"; http_header; classtype:trojan-activity; sid:100004210; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.253.14.87"; content:"Host"; http_header; classtype:trojan-activity; sid:100004211; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.253.15.42"; content:"Host"; http_header; classtype:trojan-activity; sid:100004212; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.253.7.37"; content:"Host"; http_header; classtype:trojan-activity; sid:100004213; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.253.7.92"; content:"Host"; http_header; classtype:trojan-activity; sid:100004214; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.253.8.166"; content:"Host"; http_header; classtype:trojan-activity; sid:100004215; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.253.9.116"; content:"Host"; http_header; classtype:trojan-activity; sid:100004216; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.255.1.254"; content:"Host"; http_header; classtype:trojan-activity; sid:100004217; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.255.134.7"; content:"Host"; http_header; classtype:trojan-activity; sid:100004218; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.255.14.139"; content:"Host"; http_header; classtype:trojan-activity; sid:100004219; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.255.14.63"; content:"Host"; http_header; classtype:trojan-activity; sid:100004220; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.255.141.157"; content:"Host"; http_header; classtype:trojan-activity; sid:100004221; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.255.143.209"; content:"Host"; http_header; classtype:trojan-activity; sid:100004222; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.255.20.56"; content:"Host"; http_header; classtype:trojan-activity; sid:100004223; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.255.205.27"; content:"Host"; http_header; classtype:trojan-activity; sid:100004224; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.255.208.27"; content:"Host"; http_header; classtype:trojan-activity; sid:100004225; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.255.21.247"; content:"Host"; http_header; classtype:trojan-activity; sid:100004226; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.255.210.204"; content:"Host"; http_header; classtype:trojan-activity; sid:100004227; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.255.211.227"; content:"Host"; http_header; classtype:trojan-activity; sid:100004228; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.255.215.158"; content:"Host"; http_header; classtype:trojan-activity; sid:100004229; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.255.42.206"; content:"Host"; http_header; classtype:trojan-activity; sid:100004230; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.48.231.122"; content:"Host"; http_header; classtype:trojan-activity; sid:100004231; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.50.216.216"; content:"Host"; http_header; classtype:trojan-activity; sid:100004232; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.53.59.104"; content:"Host"; http_header; classtype:trojan-activity; sid:100004233; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.53.68.46"; content:"Host"; http_header; classtype:trojan-activity; sid:100004234; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.54.108.10"; content:"Host"; http_header; classtype:trojan-activity; sid:100004235; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.55.103.33"; content:"Host"; http_header; classtype:trojan-activity; sid:100004236; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.58.41.106"; content:"Host"; http_header; classtype:trojan-activity; sid:100004237; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.72.165.153"; content:"Host"; http_header; classtype:trojan-activity; sid:100004238; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.76.151.189"; content:"Host"; http_header; classtype:trojan-activity; sid:100004239; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"59.0.158.67"; content:"Host"; http_header; classtype:trojan-activity; sid:100004240; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"59.1.115.162"; content:"Host"; http_header; classtype:trojan-activity; sid:100004241; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"59.1.251.12"; content:"Host"; http_header; classtype:trojan-activity; sid:100004242; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"59.104.194.103"; content:"Host"; http_header; classtype:trojan-activity; sid:100004243; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"59.15.78.225"; content:"Host"; http_header; classtype:trojan-activity; sid:100004244; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"59.16.133.7"; content:"Host"; http_header; classtype:trojan-activity; sid:100004245; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"59.173.201.213"; content:"Host"; http_header; classtype:trojan-activity; sid:100004246; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"59.174.50.123"; content:"Host"; http_header; classtype:trojan-activity; sid:100004247; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"59.23.218.91"; content:"Host"; http_header; classtype:trojan-activity; sid:100004248; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"59.27.255.101"; content:"Host"; http_header; classtype:trojan-activity; sid:100004249; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"59.3.30.251"; content:"Host"; http_header; classtype:trojan-activity; sid:100004250; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"59.30.127.140"; content:"Host"; http_header; classtype:trojan-activity; sid:100004251; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"59.31.130.205"; content:"Host"; http_header; classtype:trojan-activity; sid:100004252; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"59.35.29.47"; content:"Host"; http_header; classtype:trojan-activity; sid:100004253; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"59.42.60.139"; content:"Host"; http_header; classtype:trojan-activity; sid:100004254; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"59.45.227.82"; content:"Host"; http_header; classtype:trojan-activity; sid:100004255; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"59.47.167.251"; content:"Host"; http_header; classtype:trojan-activity; sid:100004256; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"59.51.16.222"; content:"Host"; http_header; classtype:trojan-activity; sid:100004257; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"59.58.105.154"; content:"Host"; http_header; classtype:trojan-activity; sid:100004258; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"59.58.114.125"; content:"Host"; http_header; classtype:trojan-activity; sid:100004259; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"59.58.117.177"; content:"Host"; http_header; classtype:trojan-activity; sid:100004260; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"59.58.117.200"; content:"Host"; http_header; classtype:trojan-activity; sid:100004261; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"59.60.120.27"; content:"Host"; http_header; classtype:trojan-activity; sid:100004262; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"59.8.125.188"; content:"Host"; http_header; classtype:trojan-activity; sid:100004263; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"59.88.141.17"; content:"Host"; http_header; classtype:trojan-activity; sid:100004264; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"59.92.228.45"; content:"Host"; http_header; classtype:trojan-activity; sid:100004265; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"59.93.16.124"; content:"Host"; http_header; classtype:trojan-activity; sid:100004266; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"59.93.18.144"; content:"Host"; http_header; classtype:trojan-activity; sid:100004267; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"59.93.18.7"; content:"Host"; http_header; classtype:trojan-activity; sid:100004268; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"59.93.21.254"; content:"Host"; http_header; classtype:trojan-activity; sid:100004269; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"59.93.21.93"; content:"Host"; http_header; classtype:trojan-activity; sid:100004270; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"59.93.22.76"; content:"Host"; http_header; classtype:trojan-activity; sid:100004271; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"59.93.26.205"; content:"Host"; http_header; classtype:trojan-activity; sid:100004272; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"59.93.27.175"; content:"Host"; http_header; classtype:trojan-activity; sid:100004273; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"59.94.194.28"; content:"Host"; http_header; classtype:trojan-activity; sid:100004274; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"59.94.203.99"; content:"Host"; http_header; classtype:trojan-activity; sid:100004275; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"59.94.207.1"; content:"Host"; http_header; classtype:trojan-activity; sid:100004276; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"59.94.207.37"; content:"Host"; http_header; classtype:trojan-activity; sid:100004277; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"59.95.70.98"; content:"Host"; http_header; classtype:trojan-activity; sid:100004278; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"59.95.76.216"; content:"Host"; http_header; classtype:trojan-activity; sid:100004279; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"59.96.26.14"; content:"Host"; http_header; classtype:trojan-activity; sid:100004280; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"59.97.169.158"; content:"Host"; http_header; classtype:trojan-activity; sid:100004281; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"59.98.140.155"; content:"Host"; http_header; classtype:trojan-activity; sid:100004282; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"59.98.143.79"; content:"Host"; http_header; classtype:trojan-activity; sid:100004283; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"59.98.51.85"; content:"Host"; http_header; classtype:trojan-activity; sid:100004284; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"59.99.136.198"; content:"Host"; http_header; classtype:trojan-activity; sid:100004285; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"59.99.141.168"; content:"Host"; http_header; classtype:trojan-activity; sid:100004286; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"59.99.142.123"; content:"Host"; http_header; classtype:trojan-activity; sid:100004287; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"59.99.143.208"; content:"Host"; http_header; classtype:trojan-activity; sid:100004288; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"59.99.197.87"; content:"Host"; http_header; classtype:trojan-activity; sid:100004289; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"59.99.198.177"; content:"Host"; http_header; classtype:trojan-activity; sid:100004290; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"59.99.199.185"; content:"Host"; http_header; classtype:trojan-activity; sid:100004291; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"59.99.201.99"; content:"Host"; http_header; classtype:trojan-activity; sid:100004292; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"59.99.205.27"; content:"Host"; http_header; classtype:trojan-activity; sid:100004293; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"59.99.41.161"; content:"Host"; http_header; classtype:trojan-activity; sid:100004294; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"59.99.42.70"; content:"Host"; http_header; classtype:trojan-activity; sid:100004295; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"59.99.43.50"; content:"Host"; http_header; classtype:trojan-activity; sid:100004296; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"59.99.44.134"; content:"Host"; http_header; classtype:trojan-activity; sid:100004297; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"60.10.236.128"; content:"Host"; http_header; classtype:trojan-activity; sid:100004298; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"60.10.239.152"; content:"Host"; http_header; classtype:trojan-activity; sid:100004299; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"60.13.34.110"; content:"Host"; http_header; classtype:trojan-activity; sid:100004300; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"60.16.102.241"; content:"Host"; http_header; classtype:trojan-activity; sid:100004301; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"60.16.206.231"; content:"Host"; http_header; classtype:trojan-activity; sid:100004302; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"60.16.237.203"; content:"Host"; http_header; classtype:trojan-activity; sid:100004303; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"60.162.112.39"; content:"Host"; http_header; classtype:trojan-activity; sid:100004304; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"60.162.113.18"; content:"Host"; http_header; classtype:trojan-activity; sid:100004305; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"60.162.17.130"; content:"Host"; http_header; classtype:trojan-activity; sid:100004306; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"60.162.20.108"; content:"Host"; http_header; classtype:trojan-activity; sid:100004307; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"60.17.108.175"; content:"Host"; http_header; classtype:trojan-activity; sid:100004308; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"60.17.13.9"; content:"Host"; http_header; classtype:trojan-activity; sid:100004309; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"60.179.6.87"; content:"Host"; http_header; classtype:trojan-activity; sid:100004310; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"60.183.124.1"; content:"Host"; http_header; classtype:trojan-activity; sid:100004311; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"60.184.133.123"; content:"Host"; http_header; classtype:trojan-activity; sid:100004312; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"60.185.213.101"; content:"Host"; http_header; classtype:trojan-activity; sid:100004313; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"60.185.225.152"; content:"Host"; http_header; classtype:trojan-activity; sid:100004314; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"60.20.226.151"; content:"Host"; http_header; classtype:trojan-activity; sid:100004315; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"60.208.135.42"; content:"Host"; http_header; classtype:trojan-activity; sid:100004316; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"60.209.173.237"; content:"Host"; http_header; classtype:trojan-activity; sid:100004317; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"60.209.182.171"; content:"Host"; http_header; classtype:trojan-activity; sid:100004318; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"60.209.227.32"; content:"Host"; http_header; classtype:trojan-activity; sid:100004319; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"60.209.98.31"; content:"Host"; http_header; classtype:trojan-activity; sid:100004320; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"60.211.31.230"; content:"Host"; http_header; classtype:trojan-activity; sid:100004321; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"60.211.82.211"; content:"Host"; http_header; classtype:trojan-activity; sid:100004322; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"60.212.125.142"; content:"Host"; http_header; classtype:trojan-activity; sid:100004323; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"60.212.159.125"; content:"Host"; http_header; classtype:trojan-activity; sid:100004324; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"60.212.161.132"; content:"Host"; http_header; classtype:trojan-activity; sid:100004325; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"60.212.209.51"; content:"Host"; http_header; classtype:trojan-activity; sid:100004326; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"60.212.221.253"; content:"Host"; http_header; classtype:trojan-activity; sid:100004327; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"60.212.232.125"; content:"Host"; http_header; classtype:trojan-activity; sid:100004328; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"60.212.25.17"; content:"Host"; http_header; classtype:trojan-activity; sid:100004329; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"60.212.29.141"; content:"Host"; http_header; classtype:trojan-activity; sid:100004330; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"60.212.30.250"; content:"Host"; http_header; classtype:trojan-activity; sid:100004331; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"60.212.65.24"; content:"Host"; http_header; classtype:trojan-activity; sid:100004332; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"60.213.75.70"; content:"Host"; http_header; classtype:trojan-activity; sid:100004333; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"60.213.90.150"; content:"Host"; http_header; classtype:trojan-activity; sid:100004334; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"60.214.36.251"; content:"Host"; http_header; classtype:trojan-activity; sid:100004335; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"60.214.77.7"; content:"Host"; http_header; classtype:trojan-activity; sid:100004336; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"60.215.198.35"; content:"Host"; http_header; classtype:trojan-activity; sid:100004337; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"60.215.4.166"; content:"Host"; http_header; classtype:trojan-activity; sid:100004338; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"60.215.53.177"; content:"Host"; http_header; classtype:trojan-activity; sid:100004339; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"60.217.188.157"; content:"Host"; http_header; classtype:trojan-activity; sid:100004340; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"60.217.84.66"; content:"Host"; http_header; classtype:trojan-activity; sid:100004341; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"60.223.170.41"; content:"Host"; http_header; classtype:trojan-activity; sid:100004342; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"60.223.92.222"; content:"Host"; http_header; classtype:trojan-activity; sid:100004343; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"60.243.171.204"; content:"Host"; http_header; classtype:trojan-activity; sid:100004344; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"60.7.129.76"; content:"Host"; http_header; classtype:trojan-activity; sid:100004345; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"60.7.130.145"; content:"Host"; http_header; classtype:trojan-activity; sid:100004346; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.133.90.221"; content:"Host"; http_header; classtype:trojan-activity; sid:100004347; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.137.149.173"; content:"Host"; http_header; classtype:trojan-activity; sid:100004348; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.141.125.174"; content:"Host"; http_header; classtype:trojan-activity; sid:100004349; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.145.166.148"; content:"Host"; http_header; classtype:trojan-activity; sid:100004350; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.153.170.90"; content:"Host"; http_header; classtype:trojan-activity; sid:100004351; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.179.247.228"; content:"Host"; http_header; classtype:trojan-activity; sid:100004352; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.179.91.2"; content:"Host"; http_header; classtype:trojan-activity; sid:100004353; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.247.183.18"; content:"Host"; http_header; classtype:trojan-activity; sid:100004354; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.3.145.16"; content:"Host"; http_header; classtype:trojan-activity; sid:100004355; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.3.146.234"; content:"Host"; http_header; classtype:trojan-activity; sid:100004356; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.3.148.52"; content:"Host"; http_header; classtype:trojan-activity; sid:100004357; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.3.149.10"; content:"Host"; http_header; classtype:trojan-activity; sid:100004358; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.3.184.7"; content:"Host"; http_header; classtype:trojan-activity; sid:100004359; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.3.185.222"; content:"Host"; http_header; classtype:trojan-activity; sid:100004360; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.3.185.35"; content:"Host"; http_header; classtype:trojan-activity; sid:100004361; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.52.10.17"; content:"Host"; http_header; classtype:trojan-activity; sid:100004362; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.52.10.202"; content:"Host"; http_header; classtype:trojan-activity; sid:100004363; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.52.100.65"; content:"Host"; http_header; classtype:trojan-activity; sid:100004364; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.52.103.117"; content:"Host"; http_header; classtype:trojan-activity; sid:100004365; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.52.103.193"; content:"Host"; http_header; classtype:trojan-activity; sid:100004366; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.52.11.16"; content:"Host"; http_header; classtype:trojan-activity; sid:100004367; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.52.114.160"; content:"Host"; http_header; classtype:trojan-activity; sid:100004368; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.52.130.23"; content:"Host"; http_header; classtype:trojan-activity; sid:100004369; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.52.156.164"; content:"Host"; http_header; classtype:trojan-activity; sid:100004370; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.52.158.72"; content:"Host"; http_header; classtype:trojan-activity; sid:100004371; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.52.169.137"; content:"Host"; http_header; classtype:trojan-activity; sid:100004372; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.52.211.165"; content:"Host"; http_header; classtype:trojan-activity; sid:100004373; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.52.28.138"; content:"Host"; http_header; classtype:trojan-activity; sid:100004374; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.52.33.57"; content:"Host"; http_header; classtype:trojan-activity; sid:100004375; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.52.47.43"; content:"Host"; http_header; classtype:trojan-activity; sid:100004376; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.52.51.214"; content:"Host"; http_header; classtype:trojan-activity; sid:100004377; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.52.52.26"; content:"Host"; http_header; classtype:trojan-activity; sid:100004378; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.52.59.51"; content:"Host"; http_header; classtype:trojan-activity; sid:100004379; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.52.62.163"; content:"Host"; http_header; classtype:trojan-activity; sid:100004380; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.52.62.42"; content:"Host"; http_header; classtype:trojan-activity; sid:100004381; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.52.73.134"; content:"Host"; http_header; classtype:trojan-activity; sid:100004382; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.52.76.212"; content:"Host"; http_header; classtype:trojan-activity; sid:100004383; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.52.77.222"; content:"Host"; http_header; classtype:trojan-activity; sid:100004384; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.52.79.192"; content:"Host"; http_header; classtype:trojan-activity; sid:100004385; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.52.8.244"; content:"Host"; http_header; classtype:trojan-activity; sid:100004386; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.52.99.151"; content:"Host"; http_header; classtype:trojan-activity; sid:100004387; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.52.99.86"; content:"Host"; http_header; classtype:trojan-activity; sid:100004388; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.53.122.111"; content:"Host"; http_header; classtype:trojan-activity; sid:100004389; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.53.124.54"; content:"Host"; http_header; classtype:trojan-activity; sid:100004390; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.53.125.37"; content:"Host"; http_header; classtype:trojan-activity; sid:100004391; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.53.126.89"; content:"Host"; http_header; classtype:trojan-activity; sid:100004392; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.53.138.55"; content:"Host"; http_header; classtype:trojan-activity; sid:100004393; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.53.145.92"; content:"Host"; http_header; classtype:trojan-activity; sid:100004394; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.53.199.170"; content:"Host"; http_header; classtype:trojan-activity; sid:100004395; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.53.23.20"; content:"Host"; http_header; classtype:trojan-activity; sid:100004396; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.53.238.177"; content:"Host"; http_header; classtype:trojan-activity; sid:100004397; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.53.24.127"; content:"Host"; http_header; classtype:trojan-activity; sid:100004398; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.53.34.23"; content:"Host"; http_header; classtype:trojan-activity; sid:100004399; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.53.37.23"; content:"Host"; http_header; classtype:trojan-activity; sid:100004400; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.53.41.108"; content:"Host"; http_header; classtype:trojan-activity; sid:100004401; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.53.81.168"; content:"Host"; http_header; classtype:trojan-activity; sid:100004402; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.53.81.48"; content:"Host"; http_header; classtype:trojan-activity; sid:100004403; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.53.83.51"; content:"Host"; http_header; classtype:trojan-activity; sid:100004404; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.53.84.32"; content:"Host"; http_header; classtype:trojan-activity; sid:100004405; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.53.84.99"; content:"Host"; http_header; classtype:trojan-activity; sid:100004406; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.53.90.62"; content:"Host"; http_header; classtype:trojan-activity; sid:100004407; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.53.93.113"; content:"Host"; http_header; classtype:trojan-activity; sid:100004408; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.54.11.19"; content:"Host"; http_header; classtype:trojan-activity; sid:100004409; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.54.194.116"; content:"Host"; http_header; classtype:trojan-activity; sid:100004410; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.54.198.46"; content:"Host"; http_header; classtype:trojan-activity; sid:100004411; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.54.202.227"; content:"Host"; http_header; classtype:trojan-activity; sid:100004412; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.54.218.183"; content:"Host"; http_header; classtype:trojan-activity; sid:100004413; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.54.40.152"; content:"Host"; http_header; classtype:trojan-activity; sid:100004414; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.54.42.188"; content:"Host"; http_header; classtype:trojan-activity; sid:100004415; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.54.63.126"; content:"Host"; http_header; classtype:trojan-activity; sid:100004416; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.54.79.15"; content:"Host"; http_header; classtype:trojan-activity; sid:100004417; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.55.209.32"; content:"Host"; http_header; classtype:trojan-activity; sid:100004418; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.56.180.67"; content:"Host"; http_header; classtype:trojan-activity; sid:100004419; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.58.172.244"; content:"Host"; http_header; classtype:trojan-activity; sid:100004420; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.58.73.220"; content:"Host"; http_header; classtype:trojan-activity; sid:100004421; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.61.218.23"; content:"Host"; http_header; classtype:trojan-activity; sid:100004422; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.63.246.140"; content:"Host"; http_header; classtype:trojan-activity; sid:100004423; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.65.172.121"; content:"Host"; http_header; classtype:trojan-activity; sid:100004424; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.70.0.22"; content:"Host"; http_header; classtype:trojan-activity; sid:100004425; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.70.110.59"; content:"Host"; http_header; classtype:trojan-activity; sid:100004426; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.70.132.195"; content:"Host"; http_header; classtype:trojan-activity; sid:100004427; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.70.133.75"; content:"Host"; http_header; classtype:trojan-activity; sid:100004428; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.70.155.27"; content:"Host"; http_header; classtype:trojan-activity; sid:100004429; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.70.247.150"; content:"Host"; http_header; classtype:trojan-activity; sid:100004430; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.70.255.230"; content:"Host"; http_header; classtype:trojan-activity; sid:100004431; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.70.45.130"; content:"Host"; http_header; classtype:trojan-activity; sid:100004432; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.70.69.173"; content:"Host"; http_header; classtype:trojan-activity; sid:100004433; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.75.36.225"; content:"Host"; http_header; classtype:trojan-activity; sid:100004434; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.84.250.145"; content:"Host"; http_header; classtype:trojan-activity; sid:100004435; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.85.133.73"; content:"Host"; http_header; classtype:trojan-activity; sid:100004436; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.85.171.104"; content:"Host"; http_header; classtype:trojan-activity; sid:100004437; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"62.109.25.196"; content:"Host"; http_header; classtype:trojan-activity; sid:100004438; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"62.141.73.58"; content:"Host"; http_header; classtype:trojan-activity; sid:100004439; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"62.219.129.114"; content:"Host"; http_header; classtype:trojan-activity; sid:100004440; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"62.219.131.205"; content:"Host"; http_header; classtype:trojan-activity; sid:100004441; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"62.219.138.150"; content:"Host"; http_header; classtype:trojan-activity; sid:100004442; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"62.219.143.46"; content:"Host"; http_header; classtype:trojan-activity; sid:100004443; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"62.219.237.224"; content:"Host"; http_header; classtype:trojan-activity; sid:100004444; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"62.31.126.33"; content:"Host"; http_header; classtype:trojan-activity; sid:100004445; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"62.33.98.52"; content:"Host"; http_header; classtype:trojan-activity; sid:100004446; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"62.38.115.196"; content:"Host"; http_header; classtype:trojan-activity; sid:100004447; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"62.38.130.177"; content:"Host"; http_header; classtype:trojan-activity; sid:100004448; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"62.38.149.66"; content:"Host"; http_header; classtype:trojan-activity; sid:100004449; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"62.38.222.98"; content:"Host"; http_header; classtype:trojan-activity; sid:100004450; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"62.43.207.148"; content:"Host"; http_header; classtype:trojan-activity; sid:100004451; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"62.90.142.43"; content:"Host"; http_header; classtype:trojan-activity; sid:100004452; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"62.90.161.62"; content:"Host"; http_header; classtype:trojan-activity; sid:100004453; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"62.90.165.236"; content:"Host"; http_header; classtype:trojan-activity; sid:100004454; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"63.245.122.93"; content:"Host"; http_header; classtype:trojan-activity; sid:100004455; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"64.112.182.150"; content:"Host"; http_header; classtype:trojan-activity; sid:100004456; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"64.150.228.130"; content:"Host"; http_header; classtype:trojan-activity; sid:100004457; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"64.188.23.148"; content:"Host"; http_header; classtype:trojan-activity; sid:100004458; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"65.26.155.131"; content:"Host"; http_header; classtype:trojan-activity; sid:100004459; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"65.34.193.250"; content:"Host"; http_header; classtype:trojan-activity; sid:100004460; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"65.35.61.255"; content:"Host"; http_header; classtype:trojan-activity; sid:100004461; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"65.75.102.36"; content:"Host"; http_header; classtype:trojan-activity; sid:100004462; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"66.108.202.40"; content:"Host"; http_header; classtype:trojan-activity; sid:100004463; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"66.108.79.137"; content:"Host"; http_header; classtype:trojan-activity; sid:100004464; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"66.189.122.244"; content:"Host"; http_header; classtype:trojan-activity; sid:100004465; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"66.203.137.106"; content:"Host"; http_header; classtype:trojan-activity; sid:100004466; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"66.208.203.190"; content:"Host"; http_header; classtype:trojan-activity; sid:100004467; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"66.229.92.206"; content:"Host"; http_header; classtype:trojan-activity; sid:100004468; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"66.57.55.210"; content:"Host"; http_header; classtype:trojan-activity; sid:100004469; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"66.74.7.197"; content:"Host"; http_header; classtype:trojan-activity; sid:100004470; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"66.85.229.121"; content:"Host"; http_header; classtype:trojan-activity; sid:100004471; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"66.91.200.144"; content:"Host"; http_header; classtype:trojan-activity; sid:100004472; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"67.247.123.0"; content:"Host"; http_header; classtype:trojan-activity; sid:100004473; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"67.250.98.123"; content:"Host"; http_header; classtype:trojan-activity; sid:100004474; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"67.8.138.101"; content:"Host"; http_header; classtype:trojan-activity; sid:100004475; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"67.80.30.18"; content:"Host"; http_header; classtype:trojan-activity; sid:100004476; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"67.83.134.39"; content:"Host"; http_header; classtype:trojan-activity; sid:100004477; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"67.84.139.167"; content:"Host"; http_header; classtype:trojan-activity; sid:100004478; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"68.113.80.247"; content:"Host"; http_header; classtype:trojan-activity; sid:100004479; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"68.174.182.226"; content:"Host"; http_header; classtype:trojan-activity; sid:100004480; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"68.188.144.143"; content:"Host"; http_header; classtype:trojan-activity; sid:100004481; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"68.195.217.253"; content:"Host"; http_header; classtype:trojan-activity; sid:100004482; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"68.205.119.241"; content:"Host"; http_header; classtype:trojan-activity; sid:100004483; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"68.236.212.86"; content:"Host"; http_header; classtype:trojan-activity; sid:100004484; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"68.84.51.98"; content:"Host"; http_header; classtype:trojan-activity; sid:100004485; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"69.115.37.205"; content:"Host"; http_header; classtype:trojan-activity; sid:100004486; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"69.120.237.255"; content:"Host"; http_header; classtype:trojan-activity; sid:100004487; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"69.222.157.166"; content:"Host"; http_header; classtype:trojan-activity; sid:100004488; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"69.59.92.28"; content:"Host"; http_header; classtype:trojan-activity; sid:100004489; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"69.75.227.186"; content:"Host"; http_header; classtype:trojan-activity; sid:100004490; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"70.115.31.30"; content:"Host"; http_header; classtype:trojan-activity; sid:100004491; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"70.167.10.180"; content:"Host"; http_header; classtype:trojan-activity; sid:100004492; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"70.236.190.250"; content:"Host"; http_header; classtype:trojan-activity; sid:100004493; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"70.44.154.126"; content:"Host"; http_header; classtype:trojan-activity; sid:100004494; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"70.79.173.244"; content:"Host"; http_header; classtype:trojan-activity; sid:100004495; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"71.127.148.69"; content:"Host"; http_header; classtype:trojan-activity; sid:100004496; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"71.163.125.165"; content:"Host"; http_header; classtype:trojan-activity; sid:100004497; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"71.167.45.193"; content:"Host"; http_header; classtype:trojan-activity; sid:100004498; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"71.17.10.8"; content:"Host"; http_header; classtype:trojan-activity; sid:100004499; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"71.190.150.144"; content:"Host"; http_header; classtype:trojan-activity; sid:100004500; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"71.224.211.119"; content:"Host"; http_header; classtype:trojan-activity; sid:100004501; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"71.40.234.166"; content:"Host"; http_header; classtype:trojan-activity; sid:100004502; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"71.43.106.142"; content:"Host"; http_header; classtype:trojan-activity; sid:100004503; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"71.47.133.58"; content:"Host"; http_header; classtype:trojan-activity; sid:100004504; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"71.62.14.246"; content:"Host"; http_header; classtype:trojan-activity; sid:100004505; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"71.66.203.234"; content:"Host"; http_header; classtype:trojan-activity; sid:100004506; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"71.68.229.247"; content:"Host"; http_header; classtype:trojan-activity; sid:100004507; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"71.76.173.75"; content:"Host"; http_header; classtype:trojan-activity; sid:100004508; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"71.79.235.170"; content:"Host"; http_header; classtype:trojan-activity; sid:100004509; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"71.85.106.211"; content:"Host"; http_header; classtype:trojan-activity; sid:100004510; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"72.130.90.223"; content:"Host"; http_header; classtype:trojan-activity; sid:100004511; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"72.133.148.246"; content:"Host"; http_header; classtype:trojan-activity; sid:100004512; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"72.186.139.38"; content:"Host"; http_header; classtype:trojan-activity; sid:100004513; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"72.202.249.109"; content:"Host"; http_header; classtype:trojan-activity; sid:100004514; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"72.214.61.120"; content:"Host"; http_header; classtype:trojan-activity; sid:100004515; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"72.214.69.226"; content:"Host"; http_header; classtype:trojan-activity; sid:100004516; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"72.43.71.36"; content:"Host"; http_header; classtype:trojan-activity; sid:100004517; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"72.68.173.197"; content:"Host"; http_header; classtype:trojan-activity; sid:100004518; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"73.127.64.11"; content:"Host"; http_header; classtype:trojan-activity; sid:100004519; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"73.163.134.45"; content:"Host"; http_header; classtype:trojan-activity; sid:100004520; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"73.31.139.77"; content:"Host"; http_header; classtype:trojan-activity; sid:100004521; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"73.43.209.225"; content:"Host"; http_header; classtype:trojan-activity; sid:100004522; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"73.58.164.153"; content:"Host"; http_header; classtype:trojan-activity; sid:100004523; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"73.84.49.191"; content:"Host"; http_header; classtype:trojan-activity; sid:100004524; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"73.97.12.152"; content:"Host"; http_header; classtype:trojan-activity; sid:100004525; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"74.108.224.112"; content:"Host"; http_header; classtype:trojan-activity; sid:100004526; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"74.221.153.26"; content:"Host"; http_header; classtype:trojan-activity; sid:100004527; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"74.75.165.81"; content:"Host"; http_header; classtype:trojan-activity; sid:100004528; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"75.127.1.235"; content:"Host"; http_header; classtype:trojan-activity; sid:100004529; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"75.127.141.52"; content:"Host"; http_header; classtype:trojan-activity; sid:100004530; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"75.129.90.99"; content:"Host"; http_header; classtype:trojan-activity; sid:100004531; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"75.146.85.149"; content:"Host"; http_header; classtype:trojan-activity; sid:100004532; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"75.151.35.77"; content:"Host"; http_header; classtype:trojan-activity; sid:100004533; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"75.155.123.172"; content:"Host"; http_header; classtype:trojan-activity; sid:100004534; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"75.186.100.206"; content:"Host"; http_header; classtype:trojan-activity; sid:100004535; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"75.67.206.39"; content:"Host"; http_header; classtype:trojan-activity; sid:100004536; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"75.83.102.27"; content:"Host"; http_header; classtype:trojan-activity; sid:100004537; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"75.97.202.184"; content:"Host"; http_header; classtype:trojan-activity; sid:100004538; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"75.99.143.195"; content:"Host"; http_header; classtype:trojan-activity; sid:100004539; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"75.99.144.114"; content:"Host"; http_header; classtype:trojan-activity; sid:100004540; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"75.99.213.61"; content:"Host"; http_header; classtype:trojan-activity; sid:100004541; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"76.108.187.210"; content:"Host"; http_header; classtype:trojan-activity; sid:100004542; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"76.108.191.3"; content:"Host"; http_header; classtype:trojan-activity; sid:100004543; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"76.170.11.82"; content:"Host"; http_header; classtype:trojan-activity; sid:100004544; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"76.177.234.1"; content:"Host"; http_header; classtype:trojan-activity; sid:100004545; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"76.178.22.145"; content:"Host"; http_header; classtype:trojan-activity; sid:100004546; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"76.217.92.231"; content:"Host"; http_header; classtype:trojan-activity; sid:100004547; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"76.250.199.133"; content:"Host"; http_header; classtype:trojan-activity; sid:100004548; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"76.79.220.181"; content:"Host"; http_header; classtype:trojan-activity; sid:100004549; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"76.84.134.33"; content:"Host"; http_header; classtype:trojan-activity; sid:100004550; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"76.89.121.143"; content:"Host"; http_header; classtype:trojan-activity; sid:100004551; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"77.237.25.210"; content:"Host"; http_header; classtype:trojan-activity; sid:100004552; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"77st.net"; content:"Host"; http_header; classtype:trojan-activity; sid:100004553; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"78.177.149.133"; content:"Host"; http_header; classtype:trojan-activity; sid:100004554; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"78.186.40.28"; content:"Host"; http_header; classtype:trojan-activity; sid:100004555; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"78.187.141.144"; content:"Host"; http_header; classtype:trojan-activity; sid:100004556; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"78.187.240.125"; content:"Host"; http_header; classtype:trojan-activity; sid:100004557; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"78.187.41.200"; content:"Host"; http_header; classtype:trojan-activity; sid:100004558; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"78.188.131.165"; content:"Host"; http_header; classtype:trojan-activity; sid:100004559; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"78.188.168.64"; content:"Host"; http_header; classtype:trojan-activity; sid:100004560; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"78.188.188.141"; content:"Host"; http_header; classtype:trojan-activity; sid:100004561; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"78.189.104.157"; content:"Host"; http_header; classtype:trojan-activity; sid:100004562; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"78.189.176.163"; content:"Host"; http_header; classtype:trojan-activity; sid:100004563; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"78.189.237.53"; content:"Host"; http_header; classtype:trojan-activity; sid:100004564; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"78.189.27.157"; content:"Host"; http_header; classtype:trojan-activity; sid:100004565; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"78.189.54.150"; content:"Host"; http_header; classtype:trojan-activity; sid:100004566; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"78.197.6.50"; content:"Host"; http_header; classtype:trojan-activity; sid:100004567; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"78.30.63.56"; content:"Host"; http_header; classtype:trojan-activity; sid:100004568; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"78.72.165.254"; content:"Host"; http_header; classtype:trojan-activity; sid:100004569; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"78.97.122.109"; content:"Host"; http_header; classtype:trojan-activity; sid:100004570; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"79.137.250.41"; content:"Host"; http_header; classtype:trojan-activity; sid:100004571; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"79.164.170.227"; content:"Host"; http_header; classtype:trojan-activity; sid:100004572; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"79.170.31.247"; content:"Host"; http_header; classtype:trojan-activity; sid:100004573; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"79.3.72.208"; content:"Host"; http_header; classtype:trojan-activity; sid:100004574; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"79.66.188.254"; content:"Host"; http_header; classtype:trojan-activity; sid:100004575; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"79.7.170.58"; content:"Host"; http_header; classtype:trojan-activity; sid:100004576; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"79.9.38.231"; content:"Host"; http_header; classtype:trojan-activity; sid:100004577; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"8.210.133.129"; content:"Host"; http_header; classtype:trojan-activity; sid:100004578; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"80.107.89.188"; content:"Host"; http_header; classtype:trojan-activity; sid:100004579; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"80.107.89.207"; content:"Host"; http_header; classtype:trojan-activity; sid:100004580; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"80.174.103.91"; content:"Host"; http_header; classtype:trojan-activity; sid:100004581; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"80.179.93.192"; content:"Host"; http_header; classtype:trojan-activity; sid:100004582; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"80.211.181.77"; content:"Host"; http_header; classtype:trojan-activity; sid:100004583; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"81.163.246.9"; content:"Host"; http_header; classtype:trojan-activity; sid:100004584; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"81.165.44.109"; content:"Host"; http_header; classtype:trojan-activity; sid:100004585; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"81.214.143.93"; content:"Host"; http_header; classtype:trojan-activity; sid:100004586; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"81.215.202.162"; content:"Host"; http_header; classtype:trojan-activity; sid:100004587; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"81.218.139.126"; content:"Host"; http_header; classtype:trojan-activity; sid:100004588; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"81.218.156.164"; content:"Host"; http_header; classtype:trojan-activity; sid:100004589; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"81.218.170.52"; content:"Host"; http_header; classtype:trojan-activity; sid:100004590; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"81.218.180.161"; content:"Host"; http_header; classtype:trojan-activity; sid:100004591; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"81.218.187.113"; content:"Host"; http_header; classtype:trojan-activity; sid:100004592; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"81.218.195.216"; content:"Host"; http_header; classtype:trojan-activity; sid:100004593; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"81.218.196.175"; content:"Host"; http_header; classtype:trojan-activity; sid:100004594; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"81.230.98.222"; content:"Host"; http_header; classtype:trojan-activity; sid:100004595; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"81.24.82.72"; content:"Host"; http_header; classtype:trojan-activity; sid:100004596; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"81.30.177.68"; content:"Host"; http_header; classtype:trojan-activity; sid:100004597; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"81.5.66.115"; content:"Host"; http_header; classtype:trojan-activity; sid:100004598; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"81.60.194.183"; content:"Host"; http_header; classtype:trojan-activity; sid:100004599; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"81.61.234.34"; content:"Host"; http_header; classtype:trojan-activity; sid:100004600; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"82.146.91.18"; content:"Host"; http_header; classtype:trojan-activity; sid:100004601; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"82.166.212.178"; content:"Host"; http_header; classtype:trojan-activity; sid:100004602; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"82.166.252.133"; content:"Host"; http_header; classtype:trojan-activity; sid:100004603; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"82.166.85.112"; content:"Host"; http_header; classtype:trojan-activity; sid:100004604; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"82.166.86.104"; content:"Host"; http_header; classtype:trojan-activity; sid:100004605; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"82.207.61.194"; content:"Host"; http_header; classtype:trojan-activity; sid:100004606; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"82.208.189.252"; content:"Host"; http_header; classtype:trojan-activity; sid:100004607; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"82.209.229.142"; content:"Host"; http_header; classtype:trojan-activity; sid:100004608; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"82.209.250.155"; content:"Host"; http_header; classtype:trojan-activity; sid:100004609; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"82.62.110.252"; content:"Host"; http_header; classtype:trojan-activity; sid:100004610; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"82.62.210.102"; content:"Host"; http_header; classtype:trojan-activity; sid:100004611; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"82.62.53.77"; content:"Host"; http_header; classtype:trojan-activity; sid:100004612; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"82.62.65.143"; content:"Host"; http_header; classtype:trojan-activity; sid:100004613; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"82.66.0.178"; content:"Host"; http_header; classtype:trojan-activity; sid:100004614; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"82.80.138.72"; content:"Host"; http_header; classtype:trojan-activity; sid:100004615; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"82.80.139.92"; content:"Host"; http_header; classtype:trojan-activity; sid:100004616; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"82.80.142.134"; content:"Host"; http_header; classtype:trojan-activity; sid:100004617; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"82.80.154.214"; content:"Host"; http_header; classtype:trojan-activity; sid:100004618; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"82.80.166.183"; content:"Host"; http_header; classtype:trojan-activity; sid:100004619; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"82.80.187.109"; content:"Host"; http_header; classtype:trojan-activity; sid:100004620; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"82.80.55.131"; content:"Host"; http_header; classtype:trojan-activity; sid:100004621; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"82.81.100.54"; content:"Host"; http_header; classtype:trojan-activity; sid:100004622; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"82.81.101.148"; content:"Host"; http_header; classtype:trojan-activity; sid:100004623; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"82.81.106.65"; content:"Host"; http_header; classtype:trojan-activity; sid:100004624; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"82.81.108.172"; content:"Host"; http_header; classtype:trojan-activity; sid:100004625; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"82.81.108.230"; content:"Host"; http_header; classtype:trojan-activity; sid:100004626; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"82.81.131.158"; content:"Host"; http_header; classtype:trojan-activity; sid:100004627; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"82.81.134.133"; content:"Host"; http_header; classtype:trojan-activity; sid:100004628; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"82.81.134.66"; content:"Host"; http_header; classtype:trojan-activity; sid:100004629; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"82.81.19.42"; content:"Host"; http_header; classtype:trojan-activity; sid:100004630; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"82.81.234.195"; content:"Host"; http_header; classtype:trojan-activity; sid:100004631; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"82.81.246.96"; content:"Host"; http_header; classtype:trojan-activity; sid:100004632; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"82.81.254.242"; content:"Host"; http_header; classtype:trojan-activity; sid:100004633; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"82.81.31.9"; content:"Host"; http_header; classtype:trojan-activity; sid:100004634; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"82.81.4.57"; content:"Host"; http_header; classtype:trojan-activity; sid:100004635; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"82.81.42.161"; content:"Host"; http_header; classtype:trojan-activity; sid:100004636; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"82.81.73.245"; content:"Host"; http_header; classtype:trojan-activity; sid:100004637; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"82.81.98.51"; content:"Host"; http_header; classtype:trojan-activity; sid:100004638; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"83.0.233.13"; content:"Host"; http_header; classtype:trojan-activity; sid:100004639; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"83.130.129.157"; content:"Host"; http_header; classtype:trojan-activity; sid:100004640; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"83.165.237.163"; content:"Host"; http_header; classtype:trojan-activity; sid:100004641; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"83.218.189.6"; content:"Host"; http_header; classtype:trojan-activity; sid:100004642; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"83.234.147.99"; content:"Host"; http_header; classtype:trojan-activity; sid:100004643; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"83.234.218.42"; content:"Host"; http_header; classtype:trojan-activity; sid:100004644; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"83.239.6.202"; content:"Host"; http_header; classtype:trojan-activity; sid:100004645; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"83.243.209.188"; content:"Host"; http_header; classtype:trojan-activity; sid:100004646; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"83.251.143.42"; content:"Host"; http_header; classtype:trojan-activity; sid:100004647; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"83.254.58.178"; content:"Host"; http_header; classtype:trojan-activity; sid:100004648; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"83.42.121.15"; content:"Host"; http_header; classtype:trojan-activity; sid:100004649; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"83.69.90.81"; content:"Host"; http_header; classtype:trojan-activity; sid:100004650; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"84.1.22.11"; content:"Host"; http_header; classtype:trojan-activity; sid:100004651; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"84.124.168.112"; content:"Host"; http_header; classtype:trojan-activity; sid:100004652; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"84.15.171.61"; content:"Host"; http_header; classtype:trojan-activity; sid:100004653; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"84.194.130.232"; content:"Host"; http_header; classtype:trojan-activity; sid:100004654; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"84.194.131.233"; content:"Host"; http_header; classtype:trojan-activity; sid:100004655; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"84.210.160.169"; content:"Host"; http_header; classtype:trojan-activity; sid:100004656; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"84.210.214.182"; content:"Host"; http_header; classtype:trojan-activity; sid:100004657; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"84.210.220.214"; content:"Host"; http_header; classtype:trojan-activity; sid:100004658; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"84.214.212.183"; content:"Host"; http_header; classtype:trojan-activity; sid:100004659; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"84.228.112.240"; content:"Host"; http_header; classtype:trojan-activity; sid:100004660; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"84.228.114.91"; content:"Host"; http_header; classtype:trojan-activity; sid:100004661; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"84.228.50.118"; content:"Host"; http_header; classtype:trojan-activity; sid:100004662; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"84.228.95.204"; content:"Host"; http_header; classtype:trojan-activity; sid:100004663; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"84.238.81.186"; content:"Host"; http_header; classtype:trojan-activity; sid:100004664; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"84.242.139.134"; content:"Host"; http_header; classtype:trojan-activity; sid:100004665; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"84.254.39.129"; content:"Host"; http_header; classtype:trojan-activity; sid:100004666; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"84.33.111.227"; content:"Host"; http_header; classtype:trojan-activity; sid:100004667; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"84.33.89.12"; content:"Host"; http_header; classtype:trojan-activity; sid:100004668; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"84.40.127.242"; content:"Host"; http_header; classtype:trojan-activity; sid:100004669; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"84.94.164.119"; content:"Host"; http_header; classtype:trojan-activity; sid:100004670; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"8402d53c-17e9-4250-8011-20f28f5d404f.certbooster.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004671; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"85.105.135.187"; content:"Host"; http_header; classtype:trojan-activity; sid:100004672; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"85.105.180.228"; content:"Host"; http_header; classtype:trojan-activity; sid:100004673; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"85.105.192.117"; content:"Host"; http_header; classtype:trojan-activity; sid:100004674; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"85.105.202.53"; content:"Host"; http_header; classtype:trojan-activity; sid:100004675; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"85.105.208.25"; content:"Host"; http_header; classtype:trojan-activity; sid:100004676; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"85.105.232.28"; content:"Host"; http_header; classtype:trojan-activity; sid:100004677; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"85.105.241.2"; content:"Host"; http_header; classtype:trojan-activity; sid:100004678; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"85.105.8.9"; content:"Host"; http_header; classtype:trojan-activity; sid:100004679; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"85.108.143.12"; content:"Host"; http_header; classtype:trojan-activity; sid:100004680; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"85.112.32.172"; content:"Host"; http_header; classtype:trojan-activity; sid:100004681; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"85.186.151.246"; content:"Host"; http_header; classtype:trojan-activity; sid:100004682; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"85.209.2.163"; content:"Host"; http_header; classtype:trojan-activity; sid:100004683; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"85.237.217.143"; content:"Host"; http_header; classtype:trojan-activity; sid:100004684; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"85.237.217.174"; content:"Host"; http_header; classtype:trojan-activity; sid:100004685; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"85.239.33.9"; content:"Host"; http_header; classtype:trojan-activity; sid:100004686; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"85.247.67.171"; content:"Host"; http_header; classtype:trojan-activity; sid:100004687; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"85.97.111.84"; content:"Host"; http_header; classtype:trojan-activity; sid:100004688; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"85.97.130.227"; content:"Host"; http_header; classtype:trojan-activity; sid:100004689; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"86.12.245.33"; content:"Host"; http_header; classtype:trojan-activity; sid:100004690; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"86.34.49.153"; content:"Host"; http_header; classtype:trojan-activity; sid:100004691; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"86.57.209.162"; content:"Host"; http_header; classtype:trojan-activity; sid:100004692; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"86.6.187.44"; content:"Host"; http_header; classtype:trojan-activity; sid:100004693; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"87.104.121.97"; content:"Host"; http_header; classtype:trojan-activity; sid:100004694; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"87.120.215.98"; content:"Host"; http_header; classtype:trojan-activity; sid:100004695; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"87.27.143.210"; content:"Host"; http_header; classtype:trojan-activity; sid:100004696; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"88.119.171.253"; content:"Host"; http_header; classtype:trojan-activity; sid:100004697; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"88.12.54.150"; content:"Host"; http_header; classtype:trojan-activity; sid:100004698; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"88.2.208.71"; content:"Host"; http_header; classtype:trojan-activity; sid:100004699; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"88.218.227.141"; content:"Host"; http_header; classtype:trojan-activity; sid:100004700; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"88.243.203.160"; content:"Host"; http_header; classtype:trojan-activity; sid:100004701; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"88.247.195.125"; content:"Host"; http_header; classtype:trojan-activity; sid:100004702; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"88.248.136.231"; content:"Host"; http_header; classtype:trojan-activity; sid:100004703; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"88.248.178.51"; content:"Host"; http_header; classtype:trojan-activity; sid:100004704; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"88.248.51.139"; content:"Host"; http_header; classtype:trojan-activity; sid:100004705; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"88.250.150.85"; content:"Host"; http_header; classtype:trojan-activity; sid:100004706; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"88.250.19.224"; content:"Host"; http_header; classtype:trojan-activity; sid:100004707; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"88.250.226.26"; content:"Host"; http_header; classtype:trojan-activity; sid:100004708; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"88.250.240.245"; content:"Host"; http_header; classtype:trojan-activity; sid:100004709; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"88.250.251.88"; content:"Host"; http_header; classtype:trojan-activity; sid:100004710; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"88.250.254.90"; content:"Host"; http_header; classtype:trojan-activity; sid:100004711; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"88.83.53.164"; content:"Host"; http_header; classtype:trojan-activity; sid:100004712; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"88.95.99.218"; content:"Host"; http_header; classtype:trojan-activity; sid:100004713; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"89.122.198.237"; content:"Host"; http_header; classtype:trojan-activity; sid:100004714; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"89.122.96.52"; content:"Host"; http_header; classtype:trojan-activity; sid:100004715; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"89.152.144.81"; content:"Host"; http_header; classtype:trojan-activity; sid:100004716; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"89.160.157.171"; content:"Host"; http_header; classtype:trojan-activity; sid:100004717; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"89.165.170.54"; content:"Host"; http_header; classtype:trojan-activity; sid:100004718; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"89.237.70.44"; content:"Host"; http_header; classtype:trojan-activity; sid:100004719; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"89.237.85.187"; content:"Host"; http_header; classtype:trojan-activity; sid:100004720; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"89.248.112.202"; content:"Host"; http_header; classtype:trojan-activity; sid:100004721; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"89.39.3.12"; content:"Host"; http_header; classtype:trojan-activity; sid:100004722; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"89.40.87.5"; content:"Host"; http_header; classtype:trojan-activity; sid:100004723; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"89.97.62.134"; content:"Host"; http_header; classtype:trojan-activity; sid:100004724; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"89.97.64.171"; content:"Host"; http_header; classtype:trojan-activity; sid:100004725; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"90.159.233.113"; content:"Host"; http_header; classtype:trojan-activity; sid:100004726; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"90.224.214.248"; content:"Host"; http_header; classtype:trojan-activity; sid:100004727; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"90.63.176.144"; content:"Host"; http_header; classtype:trojan-activity; sid:100004728; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"90.84.224.152"; content:"Host"; http_header; classtype:trojan-activity; sid:100004729; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"91.122.12.192"; content:"Host"; http_header; classtype:trojan-activity; sid:100004730; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"91.122.213.250"; content:"Host"; http_header; classtype:trojan-activity; sid:100004731; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"91.138.215.5"; content:"Host"; http_header; classtype:trojan-activity; sid:100004732; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"91.187.103.32"; content:"Host"; http_header; classtype:trojan-activity; sid:100004733; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"91.208.206.205"; content:"Host"; http_header; classtype:trojan-activity; sid:100004734; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"91.208.206.5"; content:"Host"; http_header; classtype:trojan-activity; sid:100004735; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"91.212.150.180"; content:"Host"; http_header; classtype:trojan-activity; sid:100004736; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"91.217.104.185"; content:"Host"; http_header; classtype:trojan-activity; sid:100004737; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"91.222.140.240"; content:"Host"; http_header; classtype:trojan-activity; sid:100004738; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"91.222.76.164"; content:"Host"; http_header; classtype:trojan-activity; sid:100004739; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"91.226.129.239"; content:"Host"; http_header; classtype:trojan-activity; sid:100004740; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"91.235.129.172"; content:"Host"; http_header; classtype:trojan-activity; sid:100004741; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"91.240.209.170"; content:"Host"; http_header; classtype:trojan-activity; sid:100004742; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"91.244.169.139"; content:"Host"; http_header; classtype:trojan-activity; sid:100004743; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"91.92.16.244"; content:"Host"; http_header; classtype:trojan-activity; sid:100004744; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"91.98.248.104"; content:"Host"; http_header; classtype:trojan-activity; sid:100004745; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"91yudao.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004746; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"92.124.148.142"; content:"Host"; http_header; classtype:trojan-activity; sid:100004747; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"92.242.54.217"; content:"Host"; http_header; classtype:trojan-activity; sid:100004748; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"92.27.246.202"; content:"Host"; http_header; classtype:trojan-activity; sid:100004749; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"92.54.237.237"; content:"Host"; http_header; classtype:trojan-activity; sid:100004750; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"92.54.237.74"; content:"Host"; http_header; classtype:trojan-activity; sid:100004751; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"92.63.100.2"; content:"Host"; http_header; classtype:trojan-activity; sid:100004752; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"92.85.32.209"; content:"Host"; http_header; classtype:trojan-activity; sid:100004753; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"92c49223-b37f-4157-904d-daf4679f14d5.usrfiles.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004754; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"93.125.8.65"; content:"Host"; http_header; classtype:trojan-activity; sid:100004755; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"93.145.118.71"; content:"Host"; http_header; classtype:trojan-activity; sid:100004756; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"93.155.194.69"; content:"Host"; http_header; classtype:trojan-activity; sid:100004757; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"93.157.62.185"; content:"Host"; http_header; classtype:trojan-activity; sid:100004758; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"93.170.119.69"; content:"Host"; http_header; classtype:trojan-activity; sid:100004759; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"93.171.157.73"; content:"Host"; http_header; classtype:trojan-activity; sid:100004760; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"93.172.112.182"; content:"Host"; http_header; classtype:trojan-activity; sid:100004761; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"93.172.23.200"; content:"Host"; http_header; classtype:trojan-activity; sid:100004762; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"93.189.124.136"; content:"Host"; http_header; classtype:trojan-activity; sid:100004763; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"93.21.224.154"; content:"Host"; http_header; classtype:trojan-activity; sid:100004764; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"93.39.115.176"; content:"Host"; http_header; classtype:trojan-activity; sid:100004765; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"93.41.137.16"; content:"Host"; http_header; classtype:trojan-activity; sid:100004766; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"93.41.182.249"; content:"Host"; http_header; classtype:trojan-activity; sid:100004767; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"93.41.206.56"; content:"Host"; http_header; classtype:trojan-activity; sid:100004768; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"93.57.43.233"; content:"Host"; http_header; classtype:trojan-activity; sid:100004769; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"94.137.31.250"; content:"Host"; http_header; classtype:trojan-activity; sid:100004770; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"94.154.152.248"; content:"Host"; http_header; classtype:trojan-activity; sid:100004771; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"94.154.152.250"; content:"Host"; http_header; classtype:trojan-activity; sid:100004772; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"94.154.17.170"; content:"Host"; http_header; classtype:trojan-activity; sid:100004773; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"94.200.16.22"; content:"Host"; http_header; classtype:trojan-activity; sid:100004774; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"94.200.86.70"; content:"Host"; http_header; classtype:trojan-activity; sid:100004775; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"94.224.83.208"; content:"Host"; http_header; classtype:trojan-activity; sid:100004776; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"94.226.98.236"; content:"Host"; http_header; classtype:trojan-activity; sid:100004777; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"94.245.52.195"; content:"Host"; http_header; classtype:trojan-activity; sid:100004778; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"94.67.171.154"; content:"Host"; http_header; classtype:trojan-activity; sid:100004779; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"94.72.8.218"; content:"Host"; http_header; classtype:trojan-activity; sid:100004780; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"95.107.2.143"; content:"Host"; http_header; classtype:trojan-activity; sid:100004781; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"95.133.130.177"; content:"Host"; http_header; classtype:trojan-activity; sid:100004782; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"95.154.70.215"; content:"Host"; http_header; classtype:trojan-activity; sid:100004783; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"95.158.19.130"; content:"Host"; http_header; classtype:trojan-activity; sid:100004784; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"95.170.113.227"; content:"Host"; http_header; classtype:trojan-activity; sid:100004785; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"95.170.201.34"; content:"Host"; http_header; classtype:trojan-activity; sid:100004786; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"95.181.152.139"; content:"Host"; http_header; classtype:trojan-activity; sid:100004787; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"95.188.138.77"; content:"Host"; http_header; classtype:trojan-activity; sid:100004788; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"95.202.177.109"; content:"Host"; http_header; classtype:trojan-activity; sid:100004789; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"95.214.52.146"; content:"Host"; http_header; classtype:trojan-activity; sid:100004790; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"95.255.11.243"; content:"Host"; http_header; classtype:trojan-activity; sid:100004791; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"95.65.12.229"; content:"Host"; http_header; classtype:trojan-activity; sid:100004792; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"95.68.78.64"; content:"Host"; http_header; classtype:trojan-activity; sid:100004793; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"95.9.120.40"; content:"Host"; http_header; classtype:trojan-activity; sid:100004794; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"95.9.33.229"; content:"Host"; http_header; classtype:trojan-activity; sid:100004795; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"96.232.132.55"; content:"Host"; http_header; classtype:trojan-activity; sid:100004796; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"96.47.147.169"; content:"Host"; http_header; classtype:trojan-activity; sid:100004797; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"96.56.55.147"; content:"Host"; http_header; classtype:trojan-activity; sid:100004798; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"96.69.95.138"; content:"Host"; http_header; classtype:trojan-activity; sid:100004799; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"96.8.121.112"; content:"Host"; http_header; classtype:trojan-activity; sid:100004800; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"96.9.77.58"; content:"Host"; http_header; classtype:trojan-activity; sid:100004801; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"97.68.140.254"; content:"Host"; http_header; classtype:trojan-activity; sid:100004802; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"97.96.199.75"; content:"Host"; http_header; classtype:trojan-activity; sid:100004803; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"98.0.239.142"; content:"Host"; http_header; classtype:trojan-activity; sid:100004804; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"98.113.239.207"; content:"Host"; http_header; classtype:trojan-activity; sid:100004805; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"98.14.30.176"; content:"Host"; http_header; classtype:trojan-activity; sid:100004806; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"98.157.228.234"; content:"Host"; http_header; classtype:trojan-activity; sid:100004807; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"98.191.111.116"; content:"Host"; http_header; classtype:trojan-activity; sid:100004808; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"98.211.165.239"; content:"Host"; http_header; classtype:trojan-activity; sid:100004809; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"98.231.124.39"; content:"Host"; http_header; classtype:trojan-activity; sid:100004810; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"98.247.95.152"; content:"Host"; http_header; classtype:trojan-activity; sid:100004811; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"98.30.24.54"; content:"Host"; http_header; classtype:trojan-activity; sid:100004812; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"99.150.245.203"; content:"Host"; http_header; classtype:trojan-activity; sid:100004813; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"99.165.34.49"; content:"Host"; http_header; classtype:trojan-activity; sid:100004814; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"99.2.117.58"; content:"Host"; http_header; classtype:trojan-activity; sid:100004815; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"99.26.72.169"; content:"Host"; http_header; classtype:trojan-activity; sid:100004816; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"99.33.195.164"; content:"Host"; http_header; classtype:trojan-activity; sid:100004817; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"99.74.63.103"; content:"Host"; http_header; classtype:trojan-activity; sid:100004818; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"99.8.30.116"; content:"Host"; http_header; classtype:trojan-activity; sid:100004819; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"a3ium.davaohorizon.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004820; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"aaagroup.in"; content:"Host"; http_header; classtype:trojan-activity; sid:100004821; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"aarsaindustries.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004822; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"aayom.asia"; content:"Host"; http_header; classtype:trojan-activity; sid:100004823; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"aayom.biz"; content:"Host"; http_header; classtype:trojan-activity; sid:100004824; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"aayom.co.in"; content:"Host"; http_header; classtype:trojan-activity; sid:100004825; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"aayom.in"; content:"Host"; http_header; classtype:trojan-activity; sid:100004826; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"aayom.mobi"; content:"Host"; http_header; classtype:trojan-activity; sid:100004827; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"aayom.net"; content:"Host"; http_header; classtype:trojan-activity; sid:100004828; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"aayomsolutions.co.in"; content:"Host"; http_header; classtype:trojan-activity; sid:100004829; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"aayushivfraipur.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004830; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"abissnet.net"; content:"Host"; http_header; classtype:trojan-activity; sid:100004831; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"abmaxdigital.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004832; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"aboveandbelow.com.au"; content:"Host"; http_header; classtype:trojan-activity; sid:100004833; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"academiaoslo.com.uy"; content:"Host"; http_header; classtype:trojan-activity; sid:100004834; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"acellr.co.uk"; content:"Host"; http_header; classtype:trojan-activity; sid:100004835; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"activenergy.com.au"; content:"Host"; http_header; classtype:trojan-activity; sid:100004836; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"aditycursos.cl"; content:"Host"; http_header; classtype:trojan-activity; sid:100004837; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"adl-asia.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004838; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"admin.classified.pointsource.ng"; content:"Host"; http_header; classtype:trojan-activity; sid:100004839; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"admin.gentbcn.org"; content:"Host"; http_header; classtype:trojan-activity; sid:100004840; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"administradores.bet"; content:"Host"; http_header; classtype:trojan-activity; sid:100004841; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"adoxarabia.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004842; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"ads.cscabiramam.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004843; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"afavoritacouros.com.br"; content:"Host"; http_header; classtype:trojan-activity; sid:100004844; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"afhaenterprises.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004845; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"afnan-amc.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004846; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"agcguide.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004847; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"agconsultoressrl.com.ar"; content:"Host"; http_header; classtype:trojan-activity; sid:100004848; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"agemn.co.za"; content:"Host"; http_header; classtype:trojan-activity; sid:100004849; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"agendanacional.com.mx"; content:"Host"; http_header; classtype:trojan-activity; sid:100004850; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"agricola.fivenca.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004851; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"ah.btp-inc.ca"; content:"Host"; http_header; classtype:trojan-activity; sid:100004852; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"ajgraphics.com.br"; content:"Host"; http_header; classtype:trojan-activity; sid:100004853; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"akdvidyalaya.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004854; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"aknacehbarat.ac.id"; content:"Host"; http_header; classtype:trojan-activity; sid:100004855; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"al-wahd.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004856; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"alarak.ae"; content:"Host"; http_header; classtype:trojan-activity; sid:100004857; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"alatieq.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004858; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"alberts.diamondrelationscrm.us"; content:"Host"; http_header; classtype:trojan-activity; sid:100004859; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"aldahwiprivatehospital.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004860; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"aldtec.net.br"; content:"Host"; http_header; classtype:trojan-activity; sid:100004861; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"alemelektronik.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004862; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"alena1971.es"; content:"Host"; http_header; classtype:trojan-activity; sid:100004863; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"alexdubai.com.aldiabsteel.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004864; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"alexfaye.testing.virvazir.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004865; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"algoindia.in"; content:"Host"; http_header; classtype:trojan-activity; sid:100004866; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"allgconnect.com.br"; content:"Host"; http_header; classtype:trojan-activity; sid:100004867; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"almeidaconfeccoes.com.br"; content:"Host"; http_header; classtype:trojan-activity; sid:100004868; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"altal-charity.org"; content:"Host"; http_header; classtype:trojan-activity; sid:100004869; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"alwayscomply.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004870; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"amarendrachakravorty.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004871; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"amarinderkhaira.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004872; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"amarteargentina.com.ar"; content:"Host"; http_header; classtype:trojan-activity; sid:100004873; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"ambientevirtualevolua.com.br"; content:"Host"; http_header; classtype:trojan-activity; sid:100004874; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"ammaenterprises.in"; content:"Host"; http_header; classtype:trojan-activity; sid:100004875; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"amman.ifincloud.in"; content:"Host"; http_header; classtype:trojan-activity; sid:100004876; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"amumufree.weebly.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004877; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"andreaskisauer.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004878; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"andrepaixaoconsultoria.com.br"; content:"Host"; http_header; classtype:trojan-activity; sid:100004879; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"andres.ug"; content:"Host"; http_header; classtype:trojan-activity; sid:100004880; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"animehd23.epizy.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004881; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"ann1.aamfeg.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004882; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"ann2.aamfeg.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004883; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"ann6.aamfeg.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004884; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"ann7.aamfeg.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004885; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"antivirf.ru"; content:"Host"; http_header; classtype:trojan-activity; sid:100004886; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"aparnashealthfoundation.aayom.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004887; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"apartamentoscitta.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004888; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"apeswap.com.brightaffiliatesales.org"; content:"Host"; http_header; classtype:trojan-activity; sid:100004889; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"apexdesigns.co.in"; content:"Host"; http_header; classtype:trojan-activity; sid:100004890; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"api-ms.cobainaja.id"; content:"Host"; http_header; classtype:trojan-activity; sid:100004891; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"api.cstdevs.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004892; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"api.ecbse.in"; content:"Host"; http_header; classtype:trojan-activity; sid:100004893; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"api.huokejinglingvip.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004894; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"api.servisexxx.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004895; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"apoolcondo.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004896; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"app.classified.pointsource.ng"; content:"Host"; http_header; classtype:trojan-activity; sid:100004897; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"app.northerntrader.net"; content:"Host"; http_header; classtype:trojan-activity; sid:100004898; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"applianceservicing.in"; content:"Host"; http_header; classtype:trojan-activity; sid:100004899; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"aquasail.virvazir.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004900; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"ardmtshidayatulfirdaus.inas.web.id"; content:"Host"; http_header; classtype:trojan-activity; sid:100004901; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"arkanacc.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004902; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"arquivos.sismais.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004903; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"arrkcelebrations.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004904; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"arshadbrother.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004905; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"artursemth.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004906; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"arushagems.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004907; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"ashwagandha.co.in"; content:"Host"; http_header; classtype:trojan-activity; sid:100004908; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"ask-regard.call-save.biz"; content:"Host"; http_header; classtype:trojan-activity; sid:100004909; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"asu.com.vn"; content:"Host"; http_header; classtype:trojan-activity; sid:100004910; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"at4tools.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004911; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"atglabscoatings.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004912; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"audrimart.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004913; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"aulist.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004914; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"auto60.in"; content:"Host"; http_header; classtype:trojan-activity; sid:100004915; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"autofficinaguerreri.it"; content:"Host"; http_header; classtype:trojan-activity; sid:100004916; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"autostock.swadeshishop.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004917; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"avadhanagames.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004918; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"avaviacao.com.br"; content:"Host"; http_header; classtype:trojan-activity; sid:100004919; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"avira.ydns.eu"; content:"Host"; http_header; classtype:trojan-activity; sid:100004920; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"avpra.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004921; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"ayushk.mydemosystems.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004922; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"azerbaijan-tourism.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004923; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"azmeasurement.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004924; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"backgrounds.pk"; content:"Host"; http_header; classtype:trojan-activity; sid:100004925; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"backupsoldyn.duckdns.org"; content:"Host"; http_header; classtype:trojan-activity; sid:100004926; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"badeggdesign.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004927; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"balavigna.in"; content:"Host"; http_header; classtype:trojan-activity; sid:100004928; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"ballatstone.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004929; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"bangkok-orchids.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004930; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"banquet.inspiresoftware.co.in"; content:"Host"; http_header; classtype:trojan-activity; sid:100004931; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"bappa.akashawaskar.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004932; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"bbia.co.uk"; content:"Host"; http_header; classtype:trojan-activity; sid:100004933; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"beem.id"; content:"Host"; http_header; classtype:trojan-activity; sid:100004934; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"benwellgroup.co.uk"; content:"Host"; http_header; classtype:trojan-activity; sid:100004935; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"bespokeweddings.ie"; content:"Host"; http_header; classtype:trojan-activity; sid:100004936; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"bestcreditsociety.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004937; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"bewidog.cz"; content:"Host"; http_header; classtype:trojan-activity; sid:100004938; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"bharattimeslive.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004939; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"bhraman.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004940; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"bigmikesupplies.co.za"; content:"Host"; http_header; classtype:trojan-activity; sid:100004941; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"bigs.bikershop.biz"; content:"Host"; http_header; classtype:trojan-activity; sid:100004942; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"bigwin.ml"; content:"Host"; http_header; classtype:trojan-activity; sid:100004943; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"bijoybangla.news"; content:"Host"; http_header; classtype:trojan-activity; sid:100004944; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"billing.rahitechnosoft.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004945; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"binatonezx.tk"; content:"Host"; http_header; classtype:trojan-activity; sid:100004946; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"bitcoin-king.asajgloves.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004947; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"bitcoin-king.burjil.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004948; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"bitcoin-king.cafedesafari.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004949; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"bitcoin-king.mfasports.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004950; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"bitcoinguidebooklive.mydemosystems.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004951; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"black-beauty-accessories.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004952; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"blanche.gr"; content:"Host"; http_header; classtype:trojan-activity; sid:100004953; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"blog.bidvacationrental.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004954; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"blog.digiptocurrency.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004955; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"blog.grnstore.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004956; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"blog.takbelit.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004957; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"bmct.com.ec"; content:"Host"; http_header; classtype:trojan-activity; sid:100004958; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"bmss.org.in"; content:"Host"; http_header; classtype:trojan-activity; sid:100004959; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"bobcatminer-store.e-mantra.in"; content:"Host"; http_header; classtype:trojan-activity; sid:100004960; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"bot.nekololi.cc"; content:"Host"; http_header; classtype:trojan-activity; sid:100004961; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"bpbj.id"; content:"Host"; http_header; classtype:trojan-activity; sid:100004962; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"bpeltd.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004963; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"breakingbread.modelacademy.co.in"; content:"Host"; http_header; classtype:trojan-activity; sid:100004964; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"brechtsonengenharia.com.br"; content:"Host"; http_header; classtype:trojan-activity; sid:100004965; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"briar.com.my"; content:"Host"; http_header; classtype:trojan-activity; sid:100004966; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"brickwholesaler.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004967; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"brideofmessiah.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004968; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"brightmega.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004969; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"brightstarshop.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004970; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"brilhodezembalagens.com.br"; content:"Host"; http_header; classtype:trojan-activity; sid:100004971; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"broncofilter.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004972; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"brownstowntabernacle.org"; content:"Host"; http_header; classtype:trojan-activity; sid:100004973; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"brsbnp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004974; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"budlife.io"; content:"Host"; http_header; classtype:trojan-activity; sid:100004975; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"buggys.cl"; content:"Host"; http_header; classtype:trojan-activity; sid:100004976; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"buigiaphat.com.vn"; content:"Host"; http_header; classtype:trojan-activity; sid:100004977; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"bukapower.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004978; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"bullseyemedia.in"; content:"Host"; http_header; classtype:trojan-activity; sid:100004979; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"bunge.skybitvest.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004980; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"buruujtech.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004981; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"buscascolegios.diit.cl"; content:"Host"; http_header; classtype:trojan-activity; sid:100004982; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"buyheliumminer.jarinsultana.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004983; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"buysrilankan.lk"; content:"Host"; http_header; classtype:trojan-activity; sid:100004984; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"c.oooooooooo.ga"; content:"Host"; http_header; classtype:trojan-activity; sid:100004985; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"caballo.com.au"; content:"Host"; http_header; classtype:trojan-activity; sid:100004986; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"callgirlsandescortkenya.site"; content:"Host"; http_header; classtype:trojan-activity; sid:100004987; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"camminachetipassa.it"; content:"Host"; http_header; classtype:trojan-activity; sid:100004988; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"campaign.ezelo.com.bd"; content:"Host"; http_header; classtype:trojan-activity; sid:100004989; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"cancer.educandome.co"; content:"Host"; http_header; classtype:trojan-activity; sid:100004990; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"caragudigital.com.mx"; content:"Host"; http_header; classtype:trojan-activity; sid:100004991; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"cardemo.mydemosystems.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004992; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"careergg.virvazir.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004993; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"cariustadz.org"; content:"Host"; http_header; classtype:trojan-activity; sid:100004994; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"ccleaner.amysoft.in"; content:"Host"; http_header; classtype:trojan-activity; sid:100004995; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"ccleaner.citylightsrealcon.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004996; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"cdaonline.com.ar"; content:"Host"; http_header; classtype:trojan-activity; sid:100004997; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"cdn-10049480.file.myqcloud.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004998; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"celebratepartyhire.com.au"; content:"Host"; http_header; classtype:trojan-activity; sid:100004999; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"cellas.sk"; content:"Host"; http_header; classtype:trojan-activity; sid:100005000; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"certification.jacsai.org"; content:"Host"; http_header; classtype:trojan-activity; sid:100005001; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"cfs10.blog.daum.net"; content:"Host"; http_header; classtype:trojan-activity; sid:100005002; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"cfs13.tistory.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005003; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"cfs5.tistory.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005004; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"cfs7.blog.daum.net"; content:"Host"; http_header; classtype:trojan-activity; sid:100005005; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"cfs9.blog.daum.net"; content:"Host"; http_header; classtype:trojan-activity; sid:100005006; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"cgc.qroo.cloud"; content:"Host"; http_header; classtype:trojan-activity; sid:100005007; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"cgp3solutions.co.za"; content:"Host"; http_header; classtype:trojan-activity; sid:100005008; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"ch.tinderpoint.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005009; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"ch1.spacermodem.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005010; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"chandigarh.cityscoop.in"; content:"Host"; http_header; classtype:trojan-activity; sid:100005011; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"changanphilqa.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005012; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"chennaiengineeringcolleges.in"; content:"Host"; http_header; classtype:trojan-activity; sid:100005013; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"chezalice.co.za"; content:"Host"; http_header; classtype:trojan-activity; sid:100005014; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"childselect.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005015; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"chinese-calendar.tongshu.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005016; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"churchofopendoor.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005017; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"cifeer.net"; content:"Host"; http_header; classtype:trojan-activity; sid:100005018; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"ciidental.com.ec"; content:"Host"; http_header; classtype:trojan-activity; sid:100005019; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"citiqproperties.co.za"; content:"Host"; http_header; classtype:trojan-activity; sid:100005020; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"citycentergarden.croatiaplace.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005021; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"clickbaneh.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005022; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"clickfunnels.tradeoracle.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005023; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"clienthealthchecklist.philcopy.net"; content:"Host"; http_header; classtype:trojan-activity; sid:100005024; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"clientsmanagementsystem.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005025; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"cloud.fc.co.mz"; content:"Host"; http_header; classtype:trojan-activity; sid:100005026; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"cloud.rjamar.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005027; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"clubedalona.com.br"; content:"Host"; http_header; classtype:trojan-activity; sid:100005028; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"cms.surplusudyog.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005029; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"cnc.ecstasycode.de"; content:"Host"; http_header; classtype:trojan-activity; sid:100005030; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"cnc.ecstasycode.xyz"; content:"Host"; http_header; classtype:trojan-activity; sid:100005031; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"cobhamplasteringservices.co.uk"; content:"Host"; http_header; classtype:trojan-activity; sid:100005032; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"coffeemachinenow.sweetescapehouse.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005033; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"cokhithienan.vn"; content:"Host"; http_header; classtype:trojan-activity; sid:100005034; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"colinde.pricesne.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005035; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"colonna.ug"; content:"Host"; http_header; classtype:trojan-activity; sid:100005036; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"community.reimclub.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005037; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"comunidad.remaxcaproinco.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005038; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"concussiontherapy.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005039; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"conductorestodoterreno.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005040; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"config.cqhbkjzx.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005041; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"connect.rio.br"; content:"Host"; http_header; classtype:trojan-activity; sid:100005042; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"contimaxi.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005043; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"contourcnc.in"; content:"Host"; http_header; classtype:trojan-activity; sid:100005044; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"copelandscapes.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005045; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"coronamedicines.co.in"; content:"Host"; http_header; classtype:trojan-activity; sid:100005046; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"coulsongraphics.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005047; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"count.mail.163.com.impactmedfoundation.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005048; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"courtneyjones.ac.ug"; content:"Host"; http_header; classtype:trojan-activity; sid:100005049; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"covid19.aayom.org"; content:"Host"; http_header; classtype:trojan-activity; sid:100005050; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"cp-saofacundo.pt"; content:"Host"; http_header; classtype:trojan-activity; sid:100005051; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"cr.nsohost.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005052; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"cr.tad1.uz"; content:"Host"; http_header; classtype:trojan-activity; sid:100005053; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"craiglindstrom.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005054; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"crearechile.cl"; content:"Host"; http_header; classtype:trojan-activity; sid:100005055; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"creationskateboards.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005056; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"creed.studio"; content:"Host"; http_header; classtype:trojan-activity; sid:100005057; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"cresvin.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005058; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"cricket.theglobalindia.net"; content:"Host"; http_header; classtype:trojan-activity; sid:100005059; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"crittersbythebay.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005060; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"crm.bcheg.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005061; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"crmfarko.manivelasst.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005062; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"crmroche.manivelasst.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005063; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"crmsaas.swotbizsoftware.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005064; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"cropupcreatives.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005065; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"crypto-earnup.muezhest.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005066; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"cryptodbllc.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005067; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"ctic.icagi.sn"; content:"Host"; http_header; classtype:trojan-activity; sid:100005068; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"cubotj.duckdns.org"; content:"Host"; http_header; classtype:trojan-activity; sid:100005069; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"cupaonahora.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005070; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"cursodeparapsicologia.org"; content:"Host"; http_header; classtype:trojan-activity; sid:100005071; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"custominsure.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005072; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"cutting-tools.in"; content:"Host"; http_header; classtype:trojan-activity; sid:100005073; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"cynkon.kairoscs.net"; content:"Host"; http_header; classtype:trojan-activity; sid:100005074; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"d.powerofwish.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005075; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"d1.udashi.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005076; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"da.alibuf.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005077; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"dacui.online"; content:"Host"; http_header; classtype:trojan-activity; sid:100005078; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"danaevara.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005079; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"daniel1.ottimosoft1.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005080; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"danielacordeiro.com.br"; content:"Host"; http_header; classtype:trojan-activity; sid:100005081; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"daohang1.oss-cn-beijing.aliyuncs.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005082; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"dashboard.khholdings.co.za"; content:"Host"; http_header; classtype:trojan-activity; sid:100005083; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"data.cdevelop.org"; content:"Host"; http_header; classtype:trojan-activity; sid:100005084; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"data.green-iraq.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005085; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"data.over-blog-kiwi.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005086; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"dataonestorage.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005087; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"datapolish.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005088; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"davidmcguinness.info"; content:"Host"; http_header; classtype:trojan-activity; sid:100005089; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"dawis.tw"; content:"Host"; http_header; classtype:trojan-activity; sid:100005090; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"dcpn.com.bd"; content:"Host"; http_header; classtype:trojan-activity; sid:100005091; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"ddivine.kriritindia.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005092; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"ddl7.data.hu"; content:"Host"; http_header; classtype:trojan-activity; sid:100005093; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"ddl8.data.hu"; content:"Host"; http_header; classtype:trojan-activity; sid:100005094; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"deagroup-ks.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005095; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"deb43e46-145f-4ebd-abfb-69a78b67bacf.usrfiles.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005096; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"decorsindia.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005097; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"dekovizyon.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005098; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"dellhummock.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005099; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"demo.ajanskaratoprak.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005100; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"demo.bcheg.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005101; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"demo.careacademyuk.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005102; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"demo.energianmittaus.fi"; content:"Host"; http_header; classtype:trojan-activity; sid:100005103; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"demo2.7oficinas.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005104; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"democrm.swotbizsoftware.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005105; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"demogroup.net"; content:"Host"; http_header; classtype:trojan-activity; sid:100005106; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"dental.xiaoxiao.media"; content:"Host"; http_header; classtype:trojan-activity; sid:100005107; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"designerliving.co.za"; content:"Host"; http_header; classtype:trojan-activity; sid:100005108; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"destinymc.co.za"; content:"Host"; http_header; classtype:trojan-activity; sid:100005109; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"dev.crystalclearvapestore.co.uk"; content:"Host"; http_header; classtype:trojan-activity; sid:100005110; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"dev.sebpo.net"; content:"Host"; http_header; classtype:trojan-activity; sid:100005111; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"dev2.alumnia.id"; content:"Host"; http_header; classtype:trojan-activity; sid:100005112; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"developer.logicunion.in"; content:"Host"; http_header; classtype:trojan-activity; sid:100005113; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"development.goipcloud.co.ke"; content:"Host"; http_header; classtype:trojan-activity; sid:100005114; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"deysianekissia.com.br"; content:"Host"; http_header; classtype:trojan-activity; sid:100005115; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"dezcom.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005116; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"diamantesviagens.com.br"; content:"Host"; http_header; classtype:trojan-activity; sid:100005117; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"difi.in"; content:"Host"; http_header; classtype:trojan-activity; sid:100005118; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"digidocconvergence.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005119; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"disenoychimeneas.com.mx"; content:"Host"; http_header; classtype:trojan-activity; sid:100005120; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"disinfectiontunnel.emergemetal.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005121; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"divinevirginhair.store"; content:"Host"; http_header; classtype:trojan-activity; sid:100005122; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"djtransport.ch"; content:"Host"; http_header; classtype:trojan-activity; sid:100005123; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"dl.1003b.56a.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005124; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"dl.198424.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005125; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"dl.9xu.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005126; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"dl.installcdn-aws.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005127; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"dl.packetstormsecurity.net"; content:"Host"; http_header; classtype:trojan-activity; sid:100005128; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"dl.rina-roleplay.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005129; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"dmarevolution.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005130; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"dmequest.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005131; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"dnmyc.veritycredit.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005132; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"dnziplik.com.tr"; content:"Host"; http_header; classtype:trojan-activity; sid:100005133; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"dodsonimaging.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005134; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"dom.daf.free.fr"; content:"Host"; http_header; classtype:trojan-activity; sid:100005135; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"dominandoagestao.com.br"; content:"Host"; http_header; classtype:trojan-activity; sid:100005136; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"doncedyhall.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005137; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"dongnaitw.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005138; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"dosman.pl"; content:"Host"; http_header; classtype:trojan-activity; sid:100005139; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"doubt.ecbse.in"; content:"Host"; http_header; classtype:trojan-activity; sid:100005140; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"down.dh465.cn"; content:"Host"; http_header; classtype:trojan-activity; sid:100005141; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"down.pcclear.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005142; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"down.rxgif.cn"; content:"Host"; http_header; classtype:trojan-activity; sid:100005143; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"down.udashi.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005144; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"down.webbora.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005145; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"down1.arpun.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005146; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"download.5866.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005147; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"download.c3pool.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005148; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"download.caihong.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005149; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"download.pdf00.cn"; content:"Host"; http_header; classtype:trojan-activity; sid:100005150; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"download.rising.com.cn"; content:"Host"; http_header; classtype:trojan-activity; sid:100005151; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"download.skycn.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005152; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"download.xinbowei.cn"; content:"Host"; http_header; classtype:trojan-activity; sid:100005153; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"drali.lensdesigns.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005154; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"dralokmisra.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005155; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"drbaby.com.sa"; content:"Host"; http_header; classtype:trojan-activity; sid:100005156; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"dreamwatchevent.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005157; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"drishyaerp.analogcloudtech.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005158; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"drja.com.br"; content:"Host"; http_header; classtype:trojan-activity; sid:100005159; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"drsha.innovativesolutions.mobi"; content:"Host"; http_header; classtype:trojan-activity; sid:100005160; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"dsenterprize.co.za"; content:"Host"; http_header; classtype:trojan-activity; sid:100005161; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"dstvsolutions.co.za"; content:"Host"; http_header; classtype:trojan-activity; sid:100005162; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"dtlavleen.online"; content:"Host"; http_header; classtype:trojan-activity; sid:100005163; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"du-wizards.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005164; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"duiwqyue.digital"; content:"Host"; http_header; classtype:trojan-activity; sid:100005165; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"dutapp.wisolve.co.za"; content:"Host"; http_header; classtype:trojan-activity; sid:100005166; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"dx.qqyewu.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005167; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"dypage.duckdns.org"; content:"Host"; http_header; classtype:trojan-activity; sid:100005168; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"dywork.duckdns.org"; content:"Host"; http_header; classtype:trojan-activity; sid:100005169; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"e-commerce.saleensuporte.com.br"; content:"Host"; http_header; classtype:trojan-activity; sid:100005170; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"e-learning.iskandariah.perubatan.org"; content:"Host"; http_header; classtype:trojan-activity; sid:100005171; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"e-weddingcardswala.in"; content:"Host"; http_header; classtype:trojan-activity; sid:100005172; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"eagleglobex.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005173; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"easecloud.com.br"; content:"Host"; http_header; classtype:trojan-activity; sid:100005174; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"easybrand.vn"; content:"Host"; http_header; classtype:trojan-activity; sid:100005175; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"easyviettravel.vn"; content:"Host"; http_header; classtype:trojan-activity; sid:100005176; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"eat.wrocery.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005177; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"ebikes.com.ec"; content:"Host"; http_header; classtype:trojan-activity; sid:100005178; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"ecim.azneomedia.ro"; content:"Host"; http_header; classtype:trojan-activity; sid:100005179; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"ecole.pyc.ci"; content:"Host"; http_header; classtype:trojan-activity; sid:100005180; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"edf41f52-452f-4671-a310-1da9f1d2ecd8.usrfiles.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005181; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"edm.zolimacitymag.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005182; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"edu.pmvanini.rs.gov.br"; content:"Host"; http_header; classtype:trojan-activity; sid:100005183; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"ef-web.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005184; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"ehor.org"; content:"Host"; http_header; classtype:trojan-activity; sid:100005185; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"eidoss.mx"; content:"Host"; http_header; classtype:trojan-activity; sid:100005186; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"eldoretwagonhotel.co.ke"; content:"Host"; http_header; classtype:trojan-activity; sid:100005187; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"elhuerto237.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005188; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"elmoool.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005189; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"elshadaischool.co.za"; content:"Host"; http_header; classtype:trojan-activity; sid:100005190; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"ema.cabinetkbg.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005191; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"embodiedworkllc.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005192; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"emegablog.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005193; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"empresa.sindeudas.cl"; content:"Host"; http_header; classtype:trojan-activity; sid:100005194; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"en.baoend.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005195; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"en.dsdkochoracin.com.mk"; content:"Host"; http_header; classtype:trojan-activity; sid:100005196; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"enc-tech.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005197; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"endurotanzania.co.tz"; content:"Host"; http_header; classtype:trojan-activity; sid:100005198; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"engelle.celottawa.ca"; content:"Host"; http_header; classtype:trojan-activity; sid:100005199; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"epalogistica.com.br"; content:"Host"; http_header; classtype:trojan-activity; sid:100005200; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"ergotherapeia-kalamata.gr"; content:"Host"; http_header; classtype:trojan-activity; sid:100005201; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"erphtml.techvein.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005202; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"esetnode32-antiviru.ydns.eu"; content:"Host"; http_header; classtype:trojan-activity; sid:100005203; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"eshohor.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005204; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"eshopcaffedeldoge.net"; content:"Host"; http_header; classtype:trojan-activity; sid:100005205; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"eslomingenieria.com.ar"; content:"Host"; http_header; classtype:trojan-activity; sid:100005206; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"esportesht.com.br"; content:"Host"; http_header; classtype:trojan-activity; sid:100005207; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"estiloymadera.com.py"; content:"Host"; http_header; classtype:trojan-activity; sid:100005208; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"estudiogflz.com.ar"; content:"Host"; http_header; classtype:trojan-activity; sid:100005209; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"estudy.zentidos.company"; content:"Host"; http_header; classtype:trojan-activity; sid:100005210; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"etracking.cargoairservices.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005211; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"evvcrisisfund.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005212; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"excavatorgroup.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005213; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"exilum.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005214; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"expansion360.net"; content:"Host"; http_header; classtype:trojan-activity; sid:100005215; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"expomen.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005216; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"f1netce.net.br"; content:"Host"; http_header; classtype:trojan-activity; sid:100005217; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"fabritonescontract.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005218; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"fajar.kusrini.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005219; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"falaqschools.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005220; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"fam-int.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005221; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"faybooking.ics-comm.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005222; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"feedmethewordtoday.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005223; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"felicienne.nl"; content:"Host"; http_header; classtype:trojan-activity; sid:100005224; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"fepze.com.mx"; content:"Host"; http_header; classtype:trojan-activity; sid:100005225; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"fibertel.co.in"; content:"Host"; http_header; classtype:trojan-activity; sid:100005226; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"fieldomobify.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005227; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"files5.uludagbilisim.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005228; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"files6.uludagbilisim.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005229; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"filmfestival.sourcetaggers.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005230; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"filmscarpc.co.uk"; content:"Host"; http_header; classtype:trojan-activity; sid:100005231; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"finconsulting.us"; content:"Host"; http_header; classtype:trojan-activity; sid:100005232; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"fishermanscove.in"; content:"Host"; http_header; classtype:trojan-activity; sid:100005233; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"fisio.rshasto.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005234; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"fixauto.illumetechnology.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005235; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"fixturewala.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005236; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"flashitsolutions.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005237; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"flyingbuddhadesign.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005238; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"fobe1.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005239; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"foccus1.com.br"; content:"Host"; http_header; classtype:trojan-activity; sid:100005240; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"formaseguros.com.br"; content:"Host"; http_header; classtype:trojan-activity; sid:100005241; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"forum.masrelmahrousa.org"; content:"Host"; http_header; classtype:trojan-activity; sid:100005242; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"forum.wrathworld.com.br"; content:"Host"; http_header; classtype:trojan-activity; sid:100005243; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"fotoobjetivo.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005244; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"foundationrepairhoustontx.net"; content:"Host"; http_header; classtype:trojan-activity; sid:100005245; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"foxeps.com.br"; content:"Host"; http_header; classtype:trojan-activity; sid:100005246; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"fratellispizzas.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005247; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"freisites.com.br"; content:"Host"; http_header; classtype:trojan-activity; sid:100005248; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"ftproy.readyvirtualcenter.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005249; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"fuellesindustrialesmexico.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005250; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"fullelectronica.com.ar"; content:"Host"; http_header; classtype:trojan-activity; sid:100005251; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"funletters.net"; content:"Host"; http_header; classtype:trojan-activity; sid:100005252; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"futbolpr.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005253; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"g.popmonster.ru"; content:"Host"; http_header; classtype:trojan-activity; sid:100005254; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"g9securityforce.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005255; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"galeriarobertocamasmie.com.br"; content:"Host"; http_header; classtype:trojan-activity; sid:100005256; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"garibaldidal1970.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005257; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"gautamconstruction.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005258; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"gelleta.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005259; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"gerenciareventos.com.br"; content:"Host"; http_header; classtype:trojan-activity; sid:100005260; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"gfmodd1.webselffiles01.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005261; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"ghcw.roarcommunications.in"; content:"Host"; http_header; classtype:trojan-activity; sid:100005262; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"ghusain.in"; content:"Host"; http_header; classtype:trojan-activity; sid:100005263; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"globalproject.eng.br"; content:"Host"; http_header; classtype:trojan-activity; sid:100005264; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"gmvadmission.org"; content:"Host"; http_header; classtype:trojan-activity; sid:100005265; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"godfathersjunk.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005266; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"godubai.club"; content:"Host"; http_header; classtype:trojan-activity; sid:100005267; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"godzuwaglobalventures.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005268; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"goldenasiacapital.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005269; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"goldencard.fun"; content:"Host"; http_header; classtype:trojan-activity; sid:100005270; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"gomezhandymanllc.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005271; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"goodboxx.in"; content:"Host"; http_header; classtype:trojan-activity; sid:100005272; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"govippu.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005273; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"gppril.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005274; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"grandspree.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005275; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"greenarch.thesketchyones.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005276; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"greencodeteam.top"; content:"Host"; http_header; classtype:trojan-activity; sid:100005277; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"greenfieldholidays.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005278; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"greenhillsacademy.org"; content:"Host"; http_header; classtype:trojan-activity; sid:100005279; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"greenpayindia.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005280; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"greenriveroutdoors.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005281; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"grpericias.com.br"; content:"Host"; http_header; classtype:trojan-activity; sid:100005282; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"grupojustoybueno.tropicalgida.co"; content:"Host"; http_header; classtype:trojan-activity; sid:100005283; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"gruzof.by"; content:"Host"; http_header; classtype:trojan-activity; sid:100005284; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"gsmcommerce.net"; content:"Host"; http_header; classtype:trojan-activity; sid:100005285; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"gsmusic.com.br"; content:"Host"; http_header; classtype:trojan-activity; sid:100005286; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"gt-max.com.my"; content:"Host"; http_header; classtype:trojan-activity; sid:100005287; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"guillermomanrique.com.mx"; content:"Host"; http_header; classtype:trojan-activity; sid:100005288; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"guongnoithat.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005289; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"guru.ifincloud.in"; content:"Host"; http_header; classtype:trojan-activity; sid:100005290; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"gurujifoundation.in"; content:"Host"; http_header; classtype:trojan-activity; sid:100005291; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"gwclighting.com.au"; content:"Host"; http_header; classtype:trojan-activity; sid:100005292; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"gwcrresearch.org"; content:"Host"; http_header; classtype:trojan-activity; sid:100005293; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"gym.quicksoft.in"; content:"Host"; http_header; classtype:trojan-activity; sid:100005294; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"habbotips.free.fr"; content:"Host"; http_header; classtype:trojan-activity; sid:100005295; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"hagebakken.no"; content:"Host"; http_header; classtype:trojan-activity; sid:100005296; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"hajezey10.top"; content:"Host"; http_header; classtype:trojan-activity; sid:100005297; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"hamropolicy.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005298; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"hartcontractorsltd.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005299; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"hashtagmedia.co.in"; content:"Host"; http_header; classtype:trojan-activity; sid:100005300; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"hchfug.org"; content:"Host"; http_header; classtype:trojan-activity; sid:100005301; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"hdkamera2003.hu"; content:"Host"; http_header; classtype:trojan-activity; sid:100005302; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"hellogorgeous.com.au"; content:"Host"; http_header; classtype:trojan-activity; sid:100005303; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"herchinfitout.com.sg"; content:"Host"; http_header; classtype:trojan-activity; sid:100005304; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"hewadexchange.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005305; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"heyyou6013.lowjunnhoi.repl.co"; content:"Host"; http_header; classtype:trojan-activity; sid:100005306; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"hhaward.org"; content:"Host"; http_header; classtype:trojan-activity; sid:100005307; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"highlandslasvegas.atakdev.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005308; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"higiemaxxi.com.br"; content:"Host"; http_header; classtype:trojan-activity; sid:100005309; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"hitstation.nl"; content:"Host"; http_header; classtype:trojan-activity; sid:100005310; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"hls.piceriyadh.org"; content:"Host"; http_header; classtype:trojan-activity; sid:100005311; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"hmpmall.co.kr"; content:"Host"; http_header; classtype:trojan-activity; sid:100005312; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"hms.americano3.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005313; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"hollow-sections.net"; content:"Host"; http_header; classtype:trojan-activity; sid:100005314; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"homologpdc.com.br"; content:"Host"; http_header; classtype:trojan-activity; sid:100005315; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"hongluosi.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005316; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"honours.com.ng"; content:"Host"; http_header; classtype:trojan-activity; sid:100005317; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"hookedupboatclub.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005318; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"hopefoundationindia.in"; content:"Host"; http_header; classtype:trojan-activity; sid:100005319; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"hospice.maxone24.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005320; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"hospitalveterinario.uy"; content:"Host"; http_header; classtype:trojan-activity; sid:100005321; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"hostingparacolombia.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005322; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"hotel.ics-comm.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005323; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"hotelhadieh.ir"; content:"Host"; http_header; classtype:trojan-activity; sid:100005324; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"hotelluxura.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005325; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"houstonshutters.site"; content:"Host"; http_header; classtype:trojan-activity; sid:100005326; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"howimetyourdata.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005327; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"hr2019.vrcom7.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005328; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"hsecaravans.co.uk"; content:"Host"; http_header; classtype:trojan-activity; sid:100005329; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"hseda.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005330; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"htownbars.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005331; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"huda.edu.af"; content:"Host"; http_header; classtype:trojan-activity; sid:100005332; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"humanresourceslifeline.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005333; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"hunggiang.vn"; content:"Host"; http_header; classtype:trojan-activity; sid:100005334; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"hvparaisosdospets.com.br"; content:"Host"; http_header; classtype:trojan-activity; sid:100005335; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"icarusgroup.net"; content:"Host"; http_header; classtype:trojan-activity; sid:100005336; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"icestormperu.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005337; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"ichibansystems.pe"; content:"Host"; http_header; classtype:trojan-activity; sid:100005338; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"idealoffice.in"; content:"Host"; http_header; classtype:trojan-activity; sid:100005339; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"idilsoft.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005340; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"idj.no"; content:"Host"; http_header; classtype:trojan-activity; sid:100005341; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"ihomesa.com.br"; content:"Host"; http_header; classtype:trojan-activity; sid:100005342; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"iloop.sourcetaggers.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005343; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"ilrafrica.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005344; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"imbueautoworx.co.za"; content:"Host"; http_header; classtype:trojan-activity; sid:100005345; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"imgs.googlwaa.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005346; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"immunotec.network"; content:"Host"; http_header; classtype:trojan-activity; sid:100005347; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"imobiles.pk"; content:"Host"; http_header; classtype:trojan-activity; sid:100005348; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"in-softs.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005349; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"incrediblepixels.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005350; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"indiaexpress24.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005351; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"indonesias.me"; content:"Host"; http_header; classtype:trojan-activity; sid:100005352; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"indug.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005353; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"infovator.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005354; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"ingilizcetest.net"; content:"Host"; http_header; classtype:trojan-activity; sid:100005355; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"innosolv-idine.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005356; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"innovativewindoors.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005357; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"inter-brico.ro"; content:"Host"; http_header; classtype:trojan-activity; sid:100005358; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"intersel-idf.org"; content:"Host"; http_header; classtype:trojan-activity; sid:100005359; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"interviewsetup.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005360; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"intogamez.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005361; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"inventory.sourcetaggers.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005362; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"inversiones.paneltg.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005363; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"invoice.99p.ru"; content:"Host"; http_header; classtype:trojan-activity; sid:100005364; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"iptel.cy"; content:"Host"; http_header; classtype:trojan-activity; sid:100005365; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"iray.iraymaroc.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005366; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"isaac.mikhailmotoringschool.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005367; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"isatechnology.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005368; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"isladelapiedraresort.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005369; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"itisalllove.servepics.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005370; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"izeltelekom.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005371; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"jaclynrothe.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005372; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"jamshed.pk"; content:"Host"; http_header; classtype:trojan-activity; sid:100005373; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"jardinaix.fr"; content:"Host"; http_header; classtype:trojan-activity; sid:100005374; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"java.waterflowergarden.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005375; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"jcedu.org"; content:"Host"; http_header; classtype:trojan-activity; sid:100005376; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"jcsproductions.ci"; content:"Host"; http_header; classtype:trojan-activity; sid:100005377; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"jdkems.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005378; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"jebs.net.au"; content:"Host"; http_header; classtype:trojan-activity; sid:100005379; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"jeffdahlke.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005380; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"jennwolfemtb.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005381; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"jewelry.activeasiasl.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005382; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"jhayesconsulting.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005383; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"jhm.pt"; content:"Host"; http_header; classtype:trojan-activity; sid:100005384; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"jnanbharati.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005385; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"joshuaganss.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005386; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"jpcleaningservices2.davaohorizon.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005387; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"jqueri-web.at"; content:"Host"; http_header; classtype:trojan-activity; sid:100005388; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"justinscott.com.au"; content:"Host"; http_header; classtype:trojan-activity; sid:100005389; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"jyk85mxc.z1001.net"; content:"Host"; http_header; classtype:trojan-activity; sid:100005390; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"k-guru.friendsit.net"; content:"Host"; http_header; classtype:trojan-activity; sid:100005391; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"kadigital.co.uk"; content:"Host"; http_header; classtype:trojan-activity; sid:100005392; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"kalogirosfinance.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005393; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"kamayan.co"; content:"Host"; http_header; classtype:trojan-activity; sid:100005394; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"karer.by"; content:"Host"; http_header; classtype:trojan-activity; sid:100005395; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"karmakoincodes.weebly.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005396; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"karpatutazo.hu"; content:"Host"; http_header; classtype:trojan-activity; sid:100005397; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"kartalkala.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005398; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"katanvetov.co.il"; content:"Host"; http_header; classtype:trojan-activity; sid:100005399; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"kbpcollegethane.net"; content:"Host"; http_header; classtype:trojan-activity; sid:100005400; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"kensingtondriving.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005401; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"khadyo.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005402; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"khoynuts.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005403; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"kimyen.net"; content:"Host"; http_header; classtype:trojan-activity; sid:100005404; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"kingspalmhomes.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005405; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"kjcpromo.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005406; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"km.popmonster.ru"; content:"Host"; http_header; classtype:trojan-activity; sid:100005407; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"krainikovvlad.eternalhost.info"; content:"Host"; http_header; classtype:trojan-activity; sid:100005408; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"ktechnetwork.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005409; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"kutegiagoc.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005410; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"labpro.top"; content:"Host"; http_header; classtype:trojan-activity; sid:100005411; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"lakisuru.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005412; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"lameguard.ru"; content:"Host"; http_header; classtype:trojan-activity; sid:100005413; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"landing.yetiapp.ec"; content:"Host"; http_header; classtype:trojan-activity; sid:100005414; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"lasermobilesounds.co.uk"; content:"Host"; http_header; classtype:trojan-activity; sid:100005415; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"lases.mx"; content:"Host"; http_header; classtype:trojan-activity; sid:100005416; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"latinaked.club"; content:"Host"; http_header; classtype:trojan-activity; sid:100005417; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"lauratomismith.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005418; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"law.zosagroup.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005419; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"lawfirm.paperbirdtech.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005420; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"lcbrokers.com.br"; content:"Host"; http_header; classtype:trojan-activity; sid:100005421; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"ld.mediaget.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005422; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"ldgcorp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005423; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"leak.serveftp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005424; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"leasiacherise.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005425; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"lefilsdepub.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005426; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"legend.nu"; content:"Host"; http_header; classtype:trojan-activity; sid:100005427; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"lem.gsdtest.co.za"; content:"Host"; http_header; classtype:trojan-activity; sid:100005428; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"lestesteux.ca"; content:"Host"; http_header; classtype:trojan-activity; sid:100005429; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"library.arihantmbainstitute.ac.in"; content:"Host"; http_header; classtype:trojan-activity; sid:100005430; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"lidamtour.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005431; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"lifetelugu.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005432; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"lilliesonline.mydemosystems.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005433; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"lindnerelektroanlagen.de"; content:"Host"; http_header; classtype:trojan-activity; sid:100005434; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"linkintec.cn"; content:"Host"; http_header; classtype:trojan-activity; sid:100005435; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"litespeak.pl"; content:"Host"; http_header; classtype:trojan-activity; sid:100005436; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"livehelpco.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005437; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"livetrack.in"; content:"Host"; http_header; classtype:trojan-activity; sid:100005438; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"livinghealthylife.co.in"; content:"Host"; http_header; classtype:trojan-activity; sid:100005439; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"lm.stagingarea.co.za"; content:"Host"; http_header; classtype:trojan-activity; sid:100005440; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"lms.cstdevs.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005441; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"lms.techvein.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005442; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"location-voitures.ma"; content:"Host"; http_header; classtype:trojan-activity; sid:100005443; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"locatsp.com.br"; content:"Host"; http_header; classtype:trojan-activity; sid:100005444; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"lojastives.com.br"; content:"Host"; http_header; classtype:trojan-activity; sid:100005445; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"longcheckdo.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005446; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"lpmalaw.mx"; content:"Host"; http_header; classtype:trojan-activity; sid:100005447; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"m.ashiwenhua.net"; content:"Host"; http_header; classtype:trojan-activity; sid:100005448; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"m8.popmonster.ru"; content:"Host"; http_header; classtype:trojan-activity; sid:100005449; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"macmor-media.com.au"; content:"Host"; http_header; classtype:trojan-activity; sid:100005450; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"madeireiranovaalianca.com.br"; content:"Host"; http_header; classtype:trojan-activity; sid:100005451; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"madeireiranp.com.br"; content:"Host"; http_header; classtype:trojan-activity; sid:100005452; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"madicon.co.za"; content:"Host"; http_header; classtype:trojan-activity; sid:100005453; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"mail.bs-eiendomme.co.za"; content:"Host"; http_header; classtype:trojan-activity; sid:100005454; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"mail.petshopq8.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005455; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"mailer.srkcommunication.biz"; content:"Host"; http_header; classtype:trojan-activity; sid:100005456; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"maintenance.alumnia.id"; content:"Host"; http_header; classtype:trojan-activity; sid:100005457; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"maisonandmaison.com.au"; content:"Host"; http_header; classtype:trojan-activity; sid:100005458; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"makeonline.agtv.ge"; content:"Host"; http_header; classtype:trojan-activity; sid:100005459; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"makeupuccino.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005460; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"makeurocement.mn"; content:"Host"; http_header; classtype:trojan-activity; sid:100005461; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"maksi.feb.unib.ac.id"; content:"Host"; http_header; classtype:trojan-activity; sid:100005462; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"maldives.activeasiasl.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005463; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"maltepecastajanslari.bykmedya.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005464; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"mamabearcoffee.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005465; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"manamaglobaltrade.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005466; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"maquinadosgutierrez.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005467; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"marcyovcx.ru"; content:"Host"; http_header; classtype:trojan-activity; sid:100005468; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"mariaharp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005469; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"mario-sunjic.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005470; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"mariobrown.net"; content:"Host"; http_header; classtype:trojan-activity; sid:100005471; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"marketingintelligence.tech"; content:"Host"; http_header; classtype:trojan-activity; sid:100005472; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"marketingonline.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005473; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"marksidfgs.ug"; content:"Host"; http_header; classtype:trojan-activity; sid:100005474; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"marmariscastajanslari.bykmedya.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005475; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"marquesvogt.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005476; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"matisaas.ac.ug"; content:"Host"; http_header; classtype:trojan-activity; sid:100005477; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"matong47.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005478; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"matrix.pwebcast.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005479; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"maverickssecurity.com.pk"; content:"Host"; http_header; classtype:trojan-activity; sid:100005480; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"mayatharavadu.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005481; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"mba.maiwandasia.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005482; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"mbgrm.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005483; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"mbsolutions.ge"; content:"Host"; http_header; classtype:trojan-activity; sid:100005484; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"mbx.com.au"; content:"Host"; http_header; classtype:trojan-activity; sid:100005485; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"mechanoesis.gr"; content:"Host"; http_header; classtype:trojan-activity; sid:100005486; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"mechring.analogcloudtech.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005487; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"media-server.skyinternet.com.pk"; content:"Host"; http_header; classtype:trojan-activity; sid:100005488; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"meet.visatree.in"; content:"Host"; http_header; classtype:trojan-activity; sid:100005489; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"meeweb.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005490; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"megagynreformas.com.br"; content:"Host"; http_header; classtype:trojan-activity; sid:100005491; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"megamart.afnan-amc.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005492; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"megjavit-lak.hu"; content:"Host"; http_header; classtype:trojan-activity; sid:100005493; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"merchan-arq.com.pe"; content:"Host"; http_header; classtype:trojan-activity; sid:100005494; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"merchantbli.myitas.net"; content:"Host"; http_header; classtype:trojan-activity; sid:100005495; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"metastudies.gr"; content:"Host"; http_header; classtype:trojan-activity; sid:100005496; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"metro.fingerbus.cn"; content:"Host"; http_header; classtype:trojan-activity; sid:100005497; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"mfaft.gov.jm"; content:"Host"; http_header; classtype:trojan-activity; sid:100005498; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"mfevr.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005499; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"mibilizi.rw"; content:"Host"; http_header; classtype:trojan-activity; sid:100005500; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"microblading.mirliandias.com.br"; content:"Host"; http_header; classtype:trojan-activity; sid:100005501; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"microcomm-group.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005502; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"microhub.analogcloudtech.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005503; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"mikhailmotoringschool.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005504; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"miletiquetas.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005505; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"mimocestasepresentes.com.br"; content:"Host"; http_header; classtype:trojan-activity; sid:100005506; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"mindworksfoundation.com.au"; content:"Host"; http_header; classtype:trojan-activity; sid:100005507; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"miplataformaeducativa.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005508; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"mirror.mypage.sk"; content:"Host"; http_header; classtype:trojan-activity; sid:100005509; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"mis.nbcc.ac.th"; content:"Host"; http_header; classtype:trojan-activity; sid:100005510; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"misterson.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005511; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"mistydeblasiophotography.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005512; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"mkontakt.az"; content:"Host"; http_header; classtype:trojan-activity; sid:100005513; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"mktf.mx"; content:"Host"; http_header; classtype:trojan-activity; sid:100005514; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"mmd.cityhelpcall.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005515; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"mmdx.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005516; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"mncarteam.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005517; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"mobile.illumetechnology.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005518; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"mobile.lovplus.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005519; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"moe.xiaomitq.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005520; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"mohammadtalks.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005521; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"mojochamps.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005522; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"monest.mobileappz.in"; content:"Host"; http_header; classtype:trojan-activity; sid:100005523; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"mongoosesoftwares.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005524; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"monocomunicacao.com.br"; content:"Host"; http_header; classtype:trojan-activity; sid:100005525; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"morrobaydrugandgift.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005526; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"morrysbagels.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005527; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"mos-app.myitas.net"; content:"Host"; http_header; classtype:trojan-activity; sid:100005528; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"mscdn.nuonuo.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005529; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"mtmusicaemercado.com.br"; content:"Host"; http_header; classtype:trojan-activity; sid:100005530; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"multilevelcarparkingindia.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005531; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"mumgee.co.za"; content:"Host"; http_header; classtype:trojan-activity; sid:100005532; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"mundodomedico.com.br"; content:"Host"; http_header; classtype:trojan-activity; sid:100005533; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"muradvietnam.vn"; content:"Host"; http_header; classtype:trojan-activity; sid:100005534; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"musicvalley.crisscrosssolutions.in"; content:"Host"; http_header; classtype:trojan-activity; sid:100005535; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"muzimbiti.xigubo.co.mz"; content:"Host"; http_header; classtype:trojan-activity; sid:100005536; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"my.cloudme.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005537; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"mydownloads.myftp.org"; content:"Host"; http_header; classtype:trojan-activity; sid:100005538; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"myfreekart.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005539; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"mymlql.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005540; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"myservicebayau.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005541; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"mysura.it"; content:"Host"; http_header; classtype:trojan-activity; sid:100005542; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"namathutamizhagamtv.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005543; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"nanorgin.ydns.eu"; content:"Host"; http_header; classtype:trojan-activity; sid:100005544; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"nasapaul.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005545; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"naturearterium.com.br"; content:"Host"; http_header; classtype:trojan-activity; sid:100005546; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"navaragroupe.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005547; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"navratangemlab.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005548; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"ncrplacement.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005549; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"necocheasexshop.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005550; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"neoxora.lk"; content:"Host"; http_header; classtype:trojan-activity; sid:100005551; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"nerve.untergrund.net"; content:"Host"; http_header; classtype:trojan-activity; sid:100005552; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"nesthomes.co.ke"; content:"Host"; http_header; classtype:trojan-activity; sid:100005553; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"netnz.com.br"; content:"Host"; http_header; classtype:trojan-activity; sid:100005554; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"nettube.com.br"; content:"Host"; http_header; classtype:trojan-activity; sid:100005555; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"networkwheels.co.za"; content:"Host"; http_header; classtype:trojan-activity; sid:100005556; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"new.shafiqpress.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005557; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"newdevjyq.devjyq.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005558; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"newtreedesign.co.uk"; content:"Host"; http_header; classtype:trojan-activity; sid:100005559; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"newyarlfm.weebly.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005560; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"nextdigitalday.ru"; content:"Host"; http_header; classtype:trojan-activity; sid:100005561; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"ngdaycare.co.za"; content:"Host"; http_header; classtype:trojan-activity; sid:100005562; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"nhorangtreem.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005563; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"nirmalfood.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005564; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"nirvanaartgallery.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005565; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"nisanth.ifincloud.in"; content:"Host"; http_header; classtype:trojan-activity; sid:100005566; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"nitropixel.com.br"; content:"Host"; http_header; classtype:trojan-activity; sid:100005567; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"nivimpex.hu"; content:"Host"; http_header; classtype:trojan-activity; sid:100005568; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"niwf.sourcetaggers.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005569; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"njtiledesigncenter.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005570; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"nmkonline.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005571; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"nomadicbees.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005572; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"noonimpex.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005573; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"nord-vpn.nfltvon.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005574; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"nord-vpn.sportstvhdlive.xyz"; content:"Host"; http_header; classtype:trojan-activity; sid:100005575; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"nord-vpn.thegamereal.xyz"; content:"Host"; http_header; classtype:trojan-activity; sid:100005576; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"nord-vpn.womenhealthlinekenya.org"; content:"Host"; http_header; classtype:trojan-activity; sid:100005577; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"nordvpn.aarsongroup.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005578; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"nordvpn.trueloaf.in"; content:"Host"; http_header; classtype:trojan-activity; sid:100005579; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"nordvpn.veggiemartindia.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005580; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"notebookparcalari.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005581; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"notify.securetransactions.in"; content:"Host"; http_header; classtype:trojan-activity; sid:100005582; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"nourish.kamarka.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005583; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"ns.drkdsinfo.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005584; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"ns1.the-widyantos.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005585; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"oceancitymdforsalebyowner.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005586; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"ocmdbeachrentals.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005587; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"octoil.net"; content:"Host"; http_header; classtype:trojan-activity; sid:100005588; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"office365.bellboyindia.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005589; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"office365.trueloaf.in"; content:"Host"; http_header; classtype:trojan-activity; sid:100005590; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"offlineclubz.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005591; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"ohsewgorgeous.co.uk"; content:"Host"; http_header; classtype:trojan-activity; sid:100005592; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"oilers.live"; content:"Host"; http_header; classtype:trojan-activity; sid:100005593; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"oknoplastik.sk"; content:"Host"; http_header; classtype:trojan-activity; sid:100005594; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"old.cybers.com.ua"; content:"Host"; http_header; classtype:trojan-activity; sid:100005595; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"oleholeh.memangbeda.website"; content:"Host"; http_header; classtype:trojan-activity; sid:100005596; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"ombrapiatta.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005597; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"omega.az"; content:"Host"; http_header; classtype:trojan-activity; sid:100005598; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"oms.pappai.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005599; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"omscoc.pappai.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005600; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"online.creedglobal.in"; content:"Host"; http_header; classtype:trojan-activity; sid:100005601; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"onyx-food.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005602; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"ooforms.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005603; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"oracle.zzhreceive.top"; content:"Host"; http_header; classtype:trojan-activity; sid:100005604; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"order.redroseofbristol.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005605; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"ordersofmagnetude.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005606; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"orientgatewayltd.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005607; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"orienthighereducation.edu.np"; content:"Host"; http_header; classtype:trojan-activity; sid:100005608; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"oronoziparraguirre.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005609; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"orsan.gruporhynous.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005610; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"oshosanzen.in"; content:"Host"; http_header; classtype:trojan-activity; sid:100005611; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"outdoortacklebox.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005612; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"outwardfinance.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005613; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"ozadowear.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005614; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"ozemag.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005615; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"p2.d9media.cn"; content:"Host"; http_header; classtype:trojan-activity; sid:100005616; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"p3.zbjimg.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005617; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"p6.zbjimg.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005618; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"pablobrothel.com.ar"; content:"Host"; http_header; classtype:trojan-activity; sid:100005619; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"pacwebdesigns.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005620; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"pagueibrasil.com.br"; content:"Host"; http_header; classtype:trojan-activity; sid:100005621; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"pallascapital.katchpurcity.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005622; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"palomino.embarcar.com.pe"; content:"Host"; http_header; classtype:trojan-activity; sid:100005623; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"panamericana.repensarcursos.com.br"; content:"Host"; http_header; classtype:trojan-activity; sid:100005624; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"pang-ling.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005625; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"papay.com.br"; content:"Host"; http_header; classtype:trojan-activity; sid:100005626; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"paradisecharters.jayodesigns.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005627; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"parallel.rockvideos.at"; content:"Host"; http_header; classtype:trojan-activity; sid:100005628; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"pastorcryptograph.at"; content:"Host"; http_header; classtype:trojan-activity; sid:100005629; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"pataphysics.net.au"; content:"Host"; http_header; classtype:trojan-activity; sid:100005630; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"patch2.51lg.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005631; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"patch3.99ddd.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005632; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"paulmercier.biz"; content:"Host"; http_header; classtype:trojan-activity; sid:100005633; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"payerrealty.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005634; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"payments.atifsiddiqui.me"; content:"Host"; http_header; classtype:trojan-activity; sid:100005635; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"pcysolucionesweb.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005636; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"peakfinancial.co.nz"; content:"Host"; http_header; classtype:trojan-activity; sid:100005637; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"pedicollections.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005638; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"perpustekim.untirta.ac.id"; content:"Host"; http_header; classtype:trojan-activity; sid:100005639; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"perspectivimmo.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005640; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"pertanian.kusrini.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005641; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"pgdb2009.org"; content:"Host"; http_header; classtype:trojan-activity; sid:100005642; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"phasdesign.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005643; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"phuket-expat-vaccinations.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005644; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"physicsbyfiziks.org"; content:"Host"; http_header; classtype:trojan-activity; sid:100005645; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"pickapp.uy"; content:"Host"; http_header; classtype:trojan-activity; sid:100005646; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"piemontesasaffitti.e-bill.it"; content:"Host"; http_header; classtype:trojan-activity; sid:100005647; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"pikasho.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005648; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"pinace.ddns.net"; content:"Host"; http_header; classtype:trojan-activity; sid:100005649; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"pink99.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005650; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"pivot-to-virtual.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005651; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"plasfan.ind.br"; content:"Host"; http_header; classtype:trojan-activity; sid:100005652; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"plive.today"; content:"Host"; http_header; classtype:trojan-activity; sid:100005653; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"plug2field.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005654; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"pnlh.walhi.or.id"; content:"Host"; http_header; classtype:trojan-activity; sid:100005655; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"pole.com.vc"; content:"Host"; http_header; classtype:trojan-activity; sid:100005656; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"pooltablemoversdenver.net"; content:"Host"; http_header; classtype:trojan-activity; sid:100005657; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"popmonster.ru"; content:"Host"; http_header; classtype:trojan-activity; sid:100005658; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"portal.senseaonline.in"; content:"Host"; http_header; classtype:trojan-activity; sid:100005659; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"pos.moonlighthotelresort.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005660; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"posmicrosystems.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005661; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"ppc.tinderpoint.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005662; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"ppdb.smk-ciptaskill.sch.id"; content:"Host"; http_header; classtype:trojan-activity; sid:100005663; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"pranam.analogcloudtech.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005664; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"premierpodcastpromotions.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005665; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"prestasicash.com.ar"; content:"Host"; http_header; classtype:trojan-activity; sid:100005666; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"prestigehomeautomation.net"; content:"Host"; http_header; classtype:trojan-activity; sid:100005667; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"prevenzioneformazionelavoro.it"; content:"Host"; http_header; classtype:trojan-activity; sid:100005668; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"primesporthub.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005669; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"prismart.com.mx"; content:"Host"; http_header; classtype:trojan-activity; sid:100005670; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"privacytoolzforyou7000.top"; content:"Host"; http_header; classtype:trojan-activity; sid:100005671; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"prodownload.live"; content:"Host"; http_header; classtype:trojan-activity; sid:100005672; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"production.underboots.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005673; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"project.demotestserver.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005674; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"projectled.com.co"; content:"Host"; http_header; classtype:trojan-activity; sid:100005675; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"projects.virvazir.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005676; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"projeniolustur.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005677; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"promoversdubai.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005678; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"prosoc.nl"; content:"Host"; http_header; classtype:trojan-activity; sid:100005679; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"protechasia.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005680; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"provantagemtn.co.za"; content:"Host"; http_header; classtype:trojan-activity; sid:100005681; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"proyectartpanama.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005682; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"psb.sunandrajat.or.id"; content:"Host"; http_header; classtype:trojan-activity; sid:100005683; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"punjabdevelopersassociation.com.pk"; content:"Host"; http_header; classtype:trojan-activity; sid:100005684; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"purecountry-100.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005685; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"pvcprinting.co.uk"; content:"Host"; http_header; classtype:trojan-activity; sid:100005686; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"pwebcast.com.mx"; content:"Host"; http_header; classtype:trojan-activity; sid:100005687; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"pzainteriors.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005688; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"qmsled.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005689; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"qrcode.yesmachinery.ae"; content:"Host"; http_header; classtype:trojan-activity; sid:100005690; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"qrmenu.ionoxwebstudio.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005691; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"qsbinternational.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005692; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"qsport.precogtech.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005693; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"quartier-midi.be"; content:"Host"; http_header; classtype:trojan-activity; sid:100005694; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"queenesderi.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005695; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"queensbrain.in"; content:"Host"; http_header; classtype:trojan-activity; sid:100005696; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"querocar.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005697; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"quickbooks.stevekontos.biz"; content:"Host"; http_header; classtype:trojan-activity; sid:100005698; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"quickbooks.thormobilemanagement.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005699; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"quinielanfl.excellsusgroup.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005700; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"qwentter.com.ng"; content:"Host"; http_header; classtype:trojan-activity; sid:100005701; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"qy668pay.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005702; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"rab.com.mx"; content:"Host"; http_header; classtype:trojan-activity; sid:100005703; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"rainbowisp.info"; content:"Host"; http_header; classtype:trojan-activity; sid:100005704; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"rakeshkhatri.in"; content:"Host"; http_header; classtype:trojan-activity; sid:100005705; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"ram-egy.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005706; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"ramacrop.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005707; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"ramseywetruss.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005708; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"rangsay.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005709; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"raquelhelena.com.br"; content:"Host"; http_header; classtype:trojan-activity; sid:100005710; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"rashika.ascarvalho.co.za"; content:"Host"; http_header; classtype:trojan-activity; sid:100005711; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"ratemyfenancialadvisor.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005712; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"ray1sav.iraymaroc.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005713; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"rcmesilva.charbelsales.com.br"; content:"Host"; http_header; classtype:trojan-activity; sid:100005714; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"reacredit.com.br"; content:"Host"; http_header; classtype:trojan-activity; sid:100005715; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"realcobfortaleza.com.br"; content:"Host"; http_header; classtype:trojan-activity; sid:100005716; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"redbats.co.in"; content:"Host"; http_header; classtype:trojan-activity; sid:100005717; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"redeafinidade.com.br"; content:"Host"; http_header; classtype:trojan-activity; sid:100005718; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"reflexprinting.com.au"; content:"Host"; http_header; classtype:trojan-activity; sid:100005719; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"reifenquick.de"; content:"Host"; http_header; classtype:trojan-activity; sid:100005720; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"relance.msk.ru"; content:"Host"; http_header; classtype:trojan-activity; sid:100005721; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"renukhond.mydemosystems.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005722; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"reseller.itechbrasil.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005723; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"responsible.donationfriends.org"; content:"Host"; http_header; classtype:trojan-activity; sid:100005724; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"restaurantechezdaniel.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005725; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"retailexpertscloud.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005726; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"retracker.host"; content:"Host"; http_header; classtype:trojan-activity; sid:100005727; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"reve.omestatesgoa.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005728; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"revitos.in"; content:"Host"; http_header; classtype:trojan-activity; sid:100005729; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"rga-il.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005730; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"ricambi.fixtofix.it"; content:"Host"; http_header; classtype:trojan-activity; sid:100005731; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"richcompliance.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005732; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"rinaefoundation.org.za"; content:"Host"; http_header; classtype:trojan-activity; sid:100005733; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"rinkaisystem-ht.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005734; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"rkani.ifincloud.in"; content:"Host"; http_header; classtype:trojan-activity; sid:100005735; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"rlggroup.in"; content:"Host"; http_header; classtype:trojan-activity; sid:100005736; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"robertsinclair.net"; content:"Host"; http_header; classtype:trojan-activity; sid:100005737; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"rodoserv.pt"; content:"Host"; http_header; classtype:trojan-activity; sid:100005738; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"romanianpoints.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005739; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"roofing.galacticleads.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005740; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"roshanzamir.ir"; content:"Host"; http_header; classtype:trojan-activity; sid:100005741; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"roshnijewellery.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005742; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"rositaslatinflavor.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005743; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"roydot.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005744; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"rs-toolkit.mikestclair.org"; content:"Host"; http_header; classtype:trojan-activity; sid:100005745; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"rubazar.pro"; content:"Host"; http_header; classtype:trojan-activity; sid:100005746; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"rubycityvietnam.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005747; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"ruisgood.ru"; content:"Host"; http_header; classtype:trojan-activity; sid:100005748; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"ruwadalkuwait.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005749; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"s.51shijuan.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005750; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"sabdulla.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005751; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"safcol-colors.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005752; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"safekeygroup.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005753; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"sainzim.co.za"; content:"Host"; http_header; classtype:trojan-activity; sid:100005754; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"sales.reoprime.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005755; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"salonways.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005756; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"saltswat.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005757; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"sample3.khushiyonkazariya.in"; content:"Host"; http_header; classtype:trojan-activity; sid:100005758; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"samrathalcabs.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005759; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"samsung-tv.tk"; content:"Host"; http_header; classtype:trojan-activity; sid:100005760; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"sasystemsuk.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005761; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"sbaf.ifincloud.in"; content:"Host"; http_header; classtype:trojan-activity; sid:100005762; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"scarfaceindustries.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005763; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"scffirm.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005764; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"scglobal.co.th"; content:"Host"; http_header; classtype:trojan-activity; sid:100005765; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"schoolonlinereg.co.za"; content:"Host"; http_header; classtype:trojan-activity; sid:100005766; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"schyllerco.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005767; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"scientisthub.online"; content:"Host"; http_header; classtype:trojan-activity; sid:100005768; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"scl.co.tz"; content:"Host"; http_header; classtype:trojan-activity; sid:100005769; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"seamlessvideowall.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005770; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"seba.sit.uproducts.in"; content:"Host"; http_header; classtype:trojan-activity; sid:100005771; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"secure-doc-reader.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005772; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"senbiaojita.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005773; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"senyoon.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005774; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"sercoint.com.bo"; content:"Host"; http_header; classtype:trojan-activity; sid:100005775; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"sericaasia.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005776; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"server.radiohsl.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005777; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"server.toeicswt.co.kr"; content:"Host"; http_header; classtype:trojan-activity; sid:100005778; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"service.easytrace.mn"; content:"Host"; http_header; classtype:trojan-activity; sid:100005779; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"serviciotecnicolima.com.pe"; content:"Host"; http_header; classtype:trojan-activity; sid:100005780; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"serviciovirtual.com.ar"; content:"Host"; http_header; classtype:trojan-activity; sid:100005781; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"servidor.indommus.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005782; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"servitecempilhadeira.com.br"; content:"Host"; http_header; classtype:trojan-activity; sid:100005783; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"sexologistpakistan.net"; content:"Host"; http_header; classtype:trojan-activity; sid:100005784; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"sg.zeacreations.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005785; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"sgessy.com.br"; content:"Host"; http_header; classtype:trojan-activity; sid:100005786; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"sgtest.sglobaltraders.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005787; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"shadiandsonsinstruments.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005788; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"shadihub.hmrngroup.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005789; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"shaheentbfoundation.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005790; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"shahikhana.cstdevs.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005791; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"shahu66.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005792; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"shams118.ir"; content:"Host"; http_header; classtype:trojan-activity; sid:100005793; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"sharpelevators.in"; content:"Host"; http_header; classtype:trojan-activity; sid:100005794; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"shefaalab.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005795; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"shop.donationfriends.org"; content:"Host"; http_header; classtype:trojan-activity; sid:100005796; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"shop.mediasova.ru"; content:"Host"; http_header; classtype:trojan-activity; sid:100005797; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"shop999.mn"; content:"Host"; http_header; classtype:trojan-activity; sid:100005798; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"shopilyv.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005799; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"shopkaro.online"; content:"Host"; http_header; classtype:trojan-activity; sid:100005800; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"shopmagmill.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005801; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"short.extrafandome.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005802; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"shvpn.tanvir69.xyz"; content:"Host"; http_header; classtype:trojan-activity; sid:100005803; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"sige.brisainformatica.com.br"; content:"Host"; http_header; classtype:trojan-activity; sid:100005804; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"sigma-web.ci"; content:"Host"; http_header; classtype:trojan-activity; sid:100005805; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"signatureads.co.in"; content:"Host"; http_header; classtype:trojan-activity; sid:100005806; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"siili.net"; content:"Host"; http_header; classtype:trojan-activity; sid:100005807; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"silentlegion.duckdns.org"; content:"Host"; http_header; classtype:trojan-activity; sid:100005808; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"silverworldapparelsltd.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005809; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"simgftesting.kabtakalar.id"; content:"Host"; http_header; classtype:trojan-activity; sid:100005810; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"simoneporzi.it"; content:"Host"; http_header; classtype:trojan-activity; sid:100005811; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"sindicato1ucm.cl"; content:"Host"; http_header; classtype:trojan-activity; sid:100005812; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"sipb.kusrini.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005813; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"siqueirabroker.com.br"; content:"Host"; http_header; classtype:trojan-activity; sid:100005814; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"siriusblackshop.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005815; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"sistelligent.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005816; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"siwannews.in"; content:"Host"; http_header; classtype:trojan-activity; sid:100005817; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"skyofsaints.duckdns.org"; content:"Host"; http_header; classtype:trojan-activity; sid:100005818; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"skyscan.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005819; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"sman1paguyaman.sch.id"; content:"Host"; http_header; classtype:trojan-activity; sid:100005820; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"smarthouseforum.ru"; content:"Host"; http_header; classtype:trojan-activity; sid:100005821; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"snelbit.akdesigner.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005822; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"socialman.org"; content:"Host"; http_header; classtype:trojan-activity; sid:100005823; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"sodovip88.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005824; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"soft.110route.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005825; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"solotrainingcenter.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005826; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"sopage.duckdns.org"; content:"Host"; http_header; classtype:trojan-activity; sid:100005827; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"sophalbesteducation.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005828; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"sos.greencaphosting1.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005829; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"sota-france.fr"; content:"Host"; http_header; classtype:trojan-activity; sid:100005830; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"sowork.duckdns.org"; content:"Host"; http_header; classtype:trojan-activity; sid:100005831; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"spaceframe.mobi.space-frame.co.za"; content:"Host"; http_header; classtype:trojan-activity; sid:100005832; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"spantechpt.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005833; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"sparcalabar.lightzillion.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005834; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"speasperu.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005835; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"spent.com.pl"; content:"Host"; http_header; classtype:trojan-activity; sid:100005836; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"spetsesyachtcharter.gr"; content:"Host"; http_header; classtype:trojan-activity; sid:100005837; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"springcs.net"; content:"Host"; http_header; classtype:trojan-activity; sid:100005838; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"squadlegion.kozow.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005839; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"src1.minibai.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005840; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"srrealestate.techzonecam.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005841; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"srvmanos.no-ip.info"; content:"Host"; http_header; classtype:trojan-activity; sid:100005842; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"sspbluebox.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005843; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"st.devcodin.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005844; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"stage-app.hodify.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005845; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"staging.apparelpunch.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005846; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"standardpackeng.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005847; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"static.3001.net"; content:"Host"; http_header; classtype:trojan-activity; sid:100005848; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"static.cz01.cn"; content:"Host"; http_header; classtype:trojan-activity; sid:100005849; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"stbvox.dsagrafica.gq"; content:"Host"; http_header; classtype:trojan-activity; sid:100005850; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"stceciliacatholicchurch.org"; content:"Host"; http_header; classtype:trojan-activity; sid:100005851; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"stefanini.com.pe"; content:"Host"; http_header; classtype:trojan-activity; sid:100005852; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"stereonetwork.net"; content:"Host"; http_header; classtype:trojan-activity; sid:100005853; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"sterlitecamotech.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005854; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"sthelenspreprimaryhyd.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005855; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"stluigi.techvein.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005856; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"story-life.net"; content:"Host"; http_header; classtype:trojan-activity; sid:100005857; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"student.eduplus.com.br"; content:"Host"; http_header; classtype:trojan-activity; sid:100005858; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"submissions.tentcityrecords.net"; content:"Host"; http_header; classtype:trojan-activity; sid:100005859; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"suburbanmusiccircle.org"; content:"Host"; http_header; classtype:trojan-activity; sid:100005860; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"sunukoomthies.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005861; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"superadmin.eatoz.io"; content:"Host"; http_header; classtype:trojan-activity; sid:100005862; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"support.clz.kr"; content:"Host"; http_header; classtype:trojan-activity; sid:100005863; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"support.gravityshift.io"; content:"Host"; http_header; classtype:trojan-activity; sid:100005864; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"support.ionoxwebstudio.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005865; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"support.kumulsoft.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005866; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"supportit.online"; content:"Host"; http_header; classtype:trojan-activity; sid:100005867; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"suriyecastajanslari.bykmedya.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005868; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"suryatp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005869; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"suyashhospitalraipur.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005870; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"swathfitness.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005871; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"swdhy.hiraanyatours.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005872; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"swearmomma.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005873; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"swwbia.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005874; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"syguruace.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005875; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"t2000productions.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005876; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"taka.com.mx"; content:"Host"; http_header; classtype:trojan-activity; sid:100005877; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"tanjimshop.friendsit.net"; content:"Host"; http_header; classtype:trojan-activity; sid:100005878; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"tanlayseong.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005879; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"tarravalleyfoods.com.au"; content:"Host"; http_header; classtype:trojan-activity; sid:100005880; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"taxclubpk.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005881; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"teamnextone.in"; content:"Host"; http_header; classtype:trojan-activity; sid:100005882; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"teamproject.link"; content:"Host"; http_header; classtype:trojan-activity; sid:100005883; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"techgms.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005884; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"techybhai.online"; content:"Host"; http_header; classtype:trojan-activity; sid:100005885; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"tecnomedrano.com.ar"; content:"Host"; http_header; classtype:trojan-activity; sid:100005886; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"teknoarge.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005887; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"teleargentina.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005888; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"telmeez.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005889; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"temptmag.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005890; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"test.adventser.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005891; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"test.coronadoconcertband.org"; content:"Host"; http_header; classtype:trojan-activity; sid:100005892; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"test.livshin.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005893; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"test2.marrenconstruction.ie"; content:"Host"; http_header; classtype:trojan-activity; sid:100005894; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"teste.d2dmotors.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005895; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"testing-istudiophoto.davaohorizon.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005896; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"testing.auditaxes.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005897; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"testing.uktsg.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005898; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"testkhadyo.khadyo.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005899; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"thaayagam.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005900; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"tharringtonsponsorship.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005901; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"thefibrestory.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005902; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"thefibrestory.in"; content:"Host"; http_header; classtype:trojan-activity; sid:100005903; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"thegift.live"; content:"Host"; http_header; classtype:trojan-activity; sid:100005904; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"thehotelshowdev.bitkit.dk"; content:"Host"; http_header; classtype:trojan-activity; sid:100005905; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"thekrishnagroup.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005906; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"thescihub.in"; content:"Host"; http_header; classtype:trojan-activity; sid:100005907; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"thevipl.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005908; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"thirukumaran.ifincloud.in"; content:"Host"; http_header; classtype:trojan-activity; sid:100005909; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"thosewebbs.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005910; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"tianangdep.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005911; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"timamollo.co.za"; content:"Host"; http_header; classtype:trojan-activity; sid:100005912; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"timegonebuy.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005913; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"tissl.lk"; content:"Host"; http_header; classtype:trojan-activity; sid:100005914; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"todoapp.cstdevs.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005915; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"tonmatdoanminh.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005916; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"tonydong.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005917; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"toobalhost.publicvm.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005918; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"tools.reimclub.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005919; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"topaziogranitos.com.br"; content:"Host"; http_header; classtype:trojan-activity; sid:100005920; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"toplevel.com.br"; content:"Host"; http_header; classtype:trojan-activity; sid:100005921; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"toprintdigital.net"; content:"Host"; http_header; classtype:trojan-activity; sid:100005922; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"torresquinterocorp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005923; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"tr.social-impact.in"; content:"Host"; http_header; classtype:trojan-activity; sid:100005924; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"tracker-one.com.au"; content:"Host"; http_header; classtype:trojan-activity; sid:100005925; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"transfer.tezoroproductions.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005926; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"traveladmin.sourcetaggers.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005927; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"travelwithmanta.co.za"; content:"Host"; http_header; classtype:trojan-activity; sid:100005928; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"treeleaf.sourcetaggers.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005929; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"trello2.missiondmc.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005930; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"trgramm.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005931; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"trustwallet.miemjapan.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005932; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"try.justprintbd.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005933; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"tulli.info"; content:"Host"; http_header; classtype:trojan-activity; sid:100005934; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"tupperware.michaelroberge.ca"; content:"Host"; http_header; classtype:trojan-activity; sid:100005935; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"tuttepratiche.it"; content:"Host"; http_header; classtype:trojan-activity; sid:100005936; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"tuzlacastajanslari.bykmedya.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005937; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"tvschimborazo.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005938; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"twinings.grupoformax.net"; content:"Host"; http_header; classtype:trojan-activity; sid:100005939; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"uaeloan.ae"; content:"Host"; http_header; classtype:trojan-activity; sid:100005940; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"ublis.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005941; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"ublis.in"; content:"Host"; http_header; classtype:trojan-activity; sid:100005942; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"ublisyoga.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005943; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"ublretailerdemo.cstdevs.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005944; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"ultimate-24.de"; content:"Host"; http_header; classtype:trojan-activity; sid:100005945; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"ultrasolution-eg.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005946; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"underboots.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005947; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"unicorpbrunei.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005948; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"unifashion.app.krazyit.com.au"; content:"Host"; http_header; classtype:trojan-activity; sid:100005949; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"uniradar.com.br"; content:"Host"; http_header; classtype:trojan-activity; sid:100005950; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"unisoftcc.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005951; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"universalplastoind.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005952; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"unwittingjaggeddebugging.neumatic.repl.co"; content:"Host"; http_header; classtype:trojan-activity; sid:100005953; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"update.myiphost.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005954; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"urbanshoppy.co.in"; content:"Host"; http_header; classtype:trojan-activity; sid:100005955; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"urneeds.mx"; content:"Host"; http_header; classtype:trojan-activity; sid:100005956; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"usecatoutlet.com.br"; content:"Host"; http_header; classtype:trojan-activity; sid:100005957; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"usful.net"; content:"Host"; http_header; classtype:trojan-activity; sid:100005958; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"utrav.ma"; content:"Host"; http_header; classtype:trojan-activity; sid:100005959; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"uyomall.lightzillion.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005960; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"v3-fastupload.s3-accelerate.amazonaws.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005961; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"vacationreborn.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005962; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"valelana.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005963; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"valleguanape.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005964; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"vanillshop.ir"; content:"Host"; http_header; classtype:trojan-activity; sid:100005965; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"ve0.popmonster.ru"; content:"Host"; http_header; classtype:trojan-activity; sid:100005966; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"vectarts.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005967; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"veggiemartindia.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005968; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"velda.co"; content:"Host"; http_header; classtype:trojan-activity; sid:100005969; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"venveo.wordpressdeveloper.info"; content:"Host"; http_header; classtype:trojan-activity; sid:100005970; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"verypremium.co"; content:"Host"; http_header; classtype:trojan-activity; sid:100005971; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"vfocus.net"; content:"Host"; http_header; classtype:trojan-activity; sid:100005972; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"vg.gurusoftware.in"; content:"Host"; http_header; classtype:trojan-activity; sid:100005973; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"villaggioverde.com.br"; content:"Host"; http_header; classtype:trojan-activity; sid:100005974; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"villatera.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005975; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"violinstop.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005976; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"virtual.ecowaykis.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005977; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"virtuleverage.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005978; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"visam.info"; content:"Host"; http_header; classtype:trojan-activity; sid:100005979; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"vistoriadeengenharia.com.br"; content:"Host"; http_header; classtype:trojan-activity; sid:100005980; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"vitamedi.ge"; content:"Host"; http_header; classtype:trojan-activity; sid:100005981; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"vivacuscoperu.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005982; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"viveirodoiscorregos.com.br"; content:"Host"; http_header; classtype:trojan-activity; sid:100005983; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"viverosvila.es"; content:"Host"; http_header; classtype:trojan-activity; sid:100005984; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"vksales.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005985; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"vologroup.com.br"; content:"Host"; http_header; classtype:trojan-activity; sid:100005986; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"vote.yixuecup.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005987; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"vpts.co.za"; content:"Host"; http_header; classtype:trojan-activity; sid:100005988; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"vulkanvegas-de.katchpurcity.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005989; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"vulkanvegas.auditaxs.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005990; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"vulkanvegas.benaa-egy.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005991; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"vulkanvegas.malexs.net"; content:"Host"; http_header; classtype:trojan-activity; sid:100005992; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"vulkanvegasonline.katchpurcity.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005993; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"wardaelectricals.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005994; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"warmbeddy.top"; content:"Host"; http_header; classtype:trojan-activity; sid:100005995; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"washatsanjose.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005996; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"waskitaprecast.co.id"; content:"Host"; http_header; classtype:trojan-activity; sid:100005997; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"wealthfootwear.lk"; content:"Host"; http_header; classtype:trojan-activity; sid:100005998; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"web.biocamposrl.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005999; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"web.geomegasoft.net"; content:"Host"; http_header; classtype:trojan-activity; sid:100006000; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"webcontent.techvein.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006001; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"webpro.marketing"; content:"Host"; http_header; classtype:trojan-activity; sid:100006002; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"webschool.quicksoft.in"; content:"Host"; http_header; classtype:trojan-activity; sid:100006003; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"weinsteincounseling.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006004; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"wfinance.com.br"; content:"Host"; http_header; classtype:trojan-activity; sid:100006005; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"wi522012.ferozo.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006006; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"wildnights.co.uk"; content:"Host"; http_header; classtype:trojan-activity; sid:100006007; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"wildtrust.mediadevstaging.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006008; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"winonvulkan.publicidadexpress.mx"; content:"Host"; http_header; classtype:trojan-activity; sid:100006009; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"winonvulkan.ringhio.net"; content:"Host"; http_header; classtype:trojan-activity; sid:100006010; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"winonvulkan.syrox-kosova.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006011; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"winonvulkan.thecomb.mx"; content:"Host"; http_header; classtype:trojan-activity; sid:100006012; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"winsuncustomclothing.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006013; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"wishesconcierge.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006014; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"wmcarnetcanada.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006015; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"woezon.agency"; content:"Host"; http_header; classtype:trojan-activity; sid:100006016; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"wolfgang-brodte.de"; content:"Host"; http_header; classtype:trojan-activity; sid:100006017; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"wordpress.saleensuporte.com.br"; content:"Host"; http_header; classtype:trojan-activity; sid:100006018; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"worldeducationtranscript.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006019; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"worldofjain.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006020; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"wp.readhere.in"; content:"Host"; http_header; classtype:trojan-activity; sid:100006021; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"wrocery.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006022; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"ws5588.f3322.net"; content:"Host"; http_header; classtype:trojan-activity; sid:100006023; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"x2vn.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006024; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"xaydungbinhphuoc.vn"; content:"Host"; http_header; classtype:trojan-activity; sid:100006025; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"xetzpo06.top"; content:"Host"; http_header; classtype:trojan-activity; sid:100006026; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"xia.ddcch4ckserver.top"; content:"Host"; http_header; classtype:trojan-activity; sid:100006027; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"xk.996is.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006028; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"xk1.996is.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006029; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"xmartrdp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006030; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"xre.popmonster.ru"; content:"Host"; http_header; classtype:trojan-activity; sid:100006031; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"xz.8dashi.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006032; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"yafa-coach.co.il"; content:"Host"; http_header; classtype:trojan-activity; sid:100006033; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"yasminkozmetik.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006034; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"yazilim.2crankara.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006035; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"yeichner.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006036; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"yp.hnggzyjy.cn"; content:"Host"; http_header; classtype:trojan-activity; sid:100006037; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"ysbaojia.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006038; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"ytvnews.info"; content:"Host"; http_header; classtype:trojan-activity; sid:100006039; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"zaitia.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006040; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"zetlegion.kozow.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006041; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"zeytinburnucastajanslari.bykmedya.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006042; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"ziengineeringco.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006043; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"zingit.readyvirtualcenter.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006044; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"zofer.com.br"; content:"Host"; http_header; classtype:trojan-activity; sid:100006045; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"zozter.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006046; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"zsadvocacia.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006047; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"zumheilen.net"; content:"Host"; http_header; classtype:trojan-activity; sid:100006048; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"zz.690tx.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006049; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/wp-content/plugins/super-forms/uploads/php/files/lrat8burlqjbuvvgvcq56qm8ms/41304353790.pdf"; http_uri; nocase; content:"akdenizokullari.k12.tr"; content:"Host"; http_header; classtype:trojan-activity; sid:100006050; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/labesoftware/update/downloads/boost-fps.exe"; http_uri; nocase; content:"bitbucket.org"; content:"Host"; http_header; classtype:trojan-activity; sid:100006051; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/labesoftware/update/downloads/install_plugin_x64_x86.exe"; http_uri; nocase; content:"bitbucket.org"; content:"Host"; http_header; classtype:trojan-activity; sid:100006052; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/labesoftware/update/downloads/vpn_free.exe"; http_uri; nocase; content:"bitbucket.org"; content:"Host"; http_header; classtype:trojan-activity; sid:100006053; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/primesoftware-eng/files/downloads/clipe.exe"; http_uri; nocase; content:"bitbucket.org"; content:"Host"; http_header; classtype:trojan-activity; sid:100006054; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/hmatrix/data/hack1226.exe"; http_uri; nocase; content:"cd.textfiles.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006055; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/808540577594736675/848370352207691826/go9bxdwxeabmhas2.jpg"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006056; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/808540577594736675/852340086528147476/firefox.lnk"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006057; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/875404916150116402/875404948865708052/hours.txt"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006058; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/891724680417923104/908055152404099112/c.js"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006059; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/897181828421656630/902883404108939325/nwszeclpfkywlsrvlpglyrnsilmxebi"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006060; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/898085606138212365/898088211937656832/form1.dll"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006061; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/902171796420300844/902171853072789525/0_uiautomationprovider.resources.dll"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006062; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/902172304656703503/902172431744122940/4_txflog.dll"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006063; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/902882967184113677/902905276905181215/seneqslobz.dll"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006064; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/902882967184113677/902908047775657994/gnrebii.dll"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006065; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/904488836585902123/904640001617326100/wfiajhjcodimsjppihqzhoxjluimomo"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006066; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905044663310884887/905079026979315752/ineeodepmfwgrh.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006067; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905044663310884887/905080517433638972/uehgdlhsbqn.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006068; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905044663310884887/905080779397288046/sqnlcbrigftp.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006069; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905044663310884887/905080995152265276/ptrcfx.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006070; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905044663310884887/905081066568712252/syvewioejybb.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006071; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905044663310884887/905081102543237130/neiqb.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006072; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905044663310884887/905081292171935845/oeccoqgguyvvu.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006073; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905155070591631412/905157398786891836/mqpslcnpdgohwb.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006074; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905155070591631412/905157552487153674/sbwtfknrcmcyng.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006075; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905155070591631412/905157917672620102/yvvon.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006076; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905155070591631412/905158106290479104/ugboebirjaosenq.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006077; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905155070591631412/905158444972122182/vlnwj.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006078; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905155070591631412/905158528438792252/yltsrhjzmwepfr.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006079; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905155070591631412/905158771918123008/mtutjdvj.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006080; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905155070591631412/905158926482423818/cdlcpbofdcilbqn.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006081; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905155070591631412/905159098016878653/hivomuyvlwbl.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006082; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905422350693048413/905450459551137842/xbvlgcnkeezt.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006083; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905473607621296159/905480989642481674/inujgualuksdm.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006084; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905473607621296159/905481080352698388/paroxsmynpug.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006085; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905473607621296159/905481200938938499/bfrjmxp.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006086; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905473607621296159/905482553350303804/ovcxknj.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006087; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905473607621296159/905482718320676894/gyqzr.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006088; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905473607621296159/905482736297463869/hnbxcw.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006089; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905473607621296159/905482832661598288/eeuzbhwk.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006090; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905473607621296159/905485015234801694/ebqetdhpxcmmyc.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006091; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905473607621296159/905485174807097414/glwmcitdkhwi.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006092; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905473607621296159/905485195543711884/ojfnvcj.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006093; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905473896290070611/905480604643115008/vqnbxz.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006094; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905473896290070611/905480778476048404/tjbmsr.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006095; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905473896290070611/905480902090555412/snaaqnatmgjsjt.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006096; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905473896290070611/905482402309214278/pvyhmbuegco.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006097; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905473896290070611/905482454951931934/rikmsyzphzyaq.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006098; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905473896290070611/905482468935762010/mpclskg.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006099; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905473896290070611/905482480377802782/ohengygugzjkspj.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006100; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905473896290070611/905484553819422790/lrzuperiqbivj.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006101; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905473896290070611/905484589374537799/oqvnd.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006102; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905473896290070611/905484659658473512/cgmyrgnjiqqknhu.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006103; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905473896290070611/905484696585117726/pnlfqyijfo.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006104; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905473896290070611/905484714348003398/andqehqwa.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006105; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905474057821093941/905480219345952829/rxwkkebor.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006106; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905474057821093941/905480378410737674/rnqekerzbspvvp.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006107; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905474057821093941/905480396995702804/gkmkmddwnxb.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006108; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905474057821093941/905480491040403466/tlfqdvpemvbe.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006109; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905474057821093941/905480509386272819/ntilsenjhiyp.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006110; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905474057821093941/905482209606107216/wfoydiylbn.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006111; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905474057821093941/905482217009066074/fndzlz.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006112; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905474057821093941/905482229084487800/bwpqieyx.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006113; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905474057821093941/905482243881979934/cnkpooxdz.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006114; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905474057821093941/905482273875447928/jvsngzeplgmrs.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006115; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905474057821093941/905484290693931008/wqswodkjppethmp.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006116; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905474057821093941/905484329164091462/zqtdqroxycfhqru.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006117; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905474057821093941/905484367894286346/swohgltlqs.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006118; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905474057821093941/905484445677662300/muvctfy.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006119; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905474192336633979/905479932694642688/wofefnaxo.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006120; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905474192336633979/905479970334330940/ldfgmplqhfymouc.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006121; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905474192336633979/905480007831412736/cxvjhfxnb.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006122; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905474192336633979/905480025430712371/togtpqtl.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006123; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905474192336633979/905482034967883796/chsgx.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006124; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905474192336633979/905482039791321098/lehihngo.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006125; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905474192336633979/905482043989852160/ekbrkegdcyruz.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006126; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905474192336633979/905482050491002930/xmjmo.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006127; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905474192336633979/905483925785288784/dtstjns.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006128; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905474192336633979/905484073261203547/ajvtzulxot.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006129; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905474192336633979/905484116550643772/iogjjvpeq.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006130; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905474192336633979/905484120489099304/qfywuzlqavswh.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006131; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905474192336633979/905484156769816606/dnawnzzqsyibbj.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006132; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905474253569269793/905479542859264010/jeifuqrjbdclz.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006133; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905474253569269793/905479559661621388/zersawktgeo.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006134; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905474253569269793/905479628032966656/ocsociyyxtaojm.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006135; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905474253569269793/905479646060113960/scqgyrkd.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006136; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905474253569269793/905479808446758953/eisnygfoj.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006137; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905474253569269793/905481761646055424/lzzqx.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006138; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905474253569269793/905481778964332624/mxehprrywyuozp.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006139; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905474253569269793/905481942814847067/uzvpd.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006140; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905474253569269793/905481960049221742/ettyyjpfsevjng.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006141; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905474253569269793/905482021592240168/gwwmzehfhtm.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006142; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905474253569269793/905483476223033404/xrtgks.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006143; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905474253569269793/905483654195740672/ynxzjinpv.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006144; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905474253569269793/905483672390619206/nudwvwujpsri.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006145; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905474253569269793/905483817526132746/lupbeievgfutemc.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006146; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905474253569269793/905483849453158451/issczsy.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006147; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905515157717917696/krvakomuolce.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006148; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905515233047621702/cnxzkdgrowjsmyl.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006149; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905515268112023643/jqkeifchksnnh.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006150; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905515338257559602/ydghj.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006151; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905515357664595968/odqzofr.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006152; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905515450845241374/gxvrzuyobio.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006153; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905515487847383150/odbedcmgjxjcbdy.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006154; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905515507124420638/dcjotpwbligj.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006155; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905515553941250068/zfqojnep.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006156; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905515593682288700/fydzfzbvnc.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006157; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905515609482219520/txyglc.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006158; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905515738075369522/woreigxolgwgj.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006159; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905515755624349716/ekshm.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006160; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905515792077029396/mazhc.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006161; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905515830056456223/jmkro.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006162; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905515934289104956/kbvgvl.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006163; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905515951007625306/qatolcuwmc.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006164; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905516069756743750/nslvol.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006165; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905516088442380288/hvjwp.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006166; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905516155161174098/bqvaobkhpzpwcn.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006167; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905516174018740334/vtzmubvswcsoqui.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006168; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905516227080888330/gitsubnfpv.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006169; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905516318776770620/jqjdzpqvdfec.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006170; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905516356076711956/otrhnstlqiw.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006171; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905516457742434304/jvfkilkpds.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006172; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905516474293166080/qhpjqhca.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006173; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905516520233390120/brskrou.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006174; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905516536968671232/ewxrffqq.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006175; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905516554349867048/cqfqxv.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006176; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905516591100362772/nthzdcgkpehbz.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006177; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905516608368279662/uwekprrbqq.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006178; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905516642967113738/asiscoowckrfxz.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006179; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905516660323127306/zzhkmsmisukqy.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006180; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905516676102123550/tosezvfewlqhrhw.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006181; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905516692082405416/rexmjnrqgxmyxp.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006182; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905516708721225738/dyplpfbpbc.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006183; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905516724525350922/mfoeijwgvjtpsun.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006184; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905516740870570124/ujjxreco.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006185; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905516770440380466/szzjqkzfspts.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006186; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905516786492006460/brmzvtbfbkvfjj.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006187; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905516816477065306/ruejafolf.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006188; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905516830368604221/zyrdrlsmzbzkjt.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006189; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905516864602529792/hqtraohc.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006190; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905516878506635344/wglvcbutdebqt.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006191; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905516916486053898/pnlpc.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006192; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905516953370767441/dssycz.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006193; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905516981715865670/mbpmrbmzx.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006194; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905517026242605116/tpwpfylbbhej.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006195; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905517097176674314/raxyijnkrlz.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006196; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905517106647400478/weqpsggtxmz.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006197; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905517120912257054/pwtfuf.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006198; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905517134266892288/rbivaenwumet.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006199; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905517151044108309/trlfs.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006200; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905517177594069042/fzluehsnjxk.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006201; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905517210980712478/gdjgmch.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006202; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905517218920562708/qcevgnqznju.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006203; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905517231423766558/otcwuwbqrdwjbw.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006204; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905517246179344435/rupsfvwrsst.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006205; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905517275161960448/xbisz.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006206; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905517288973807687/ptnhjazjjnbkmbo.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006207; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905517302613684280/ilafiiavzfcch.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006208; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905517329675341884/zayjhknvolg.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006209; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905517344284114944/jbhsyxoxtdc.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006210; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905517370137776188/igfmuq.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006211; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905517400487768135/uydmiryt.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006212; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905517414966513735/veacfnnqfrdmh.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006213; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905517444712525875/fdwsjj.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006214; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905517473242161172/bdbtxhh.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006215; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905517487167270932/mgnaawsqhxepg.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006216; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905517514241478786/xfyxydfmnmwiwy.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006217; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905517555551203408/rnvdmwciypcg.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006218; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905517582919028766/szkwy.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006219; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905517589906751498/oqntzrxrx.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006220; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905517594075856896/lqrxxtducexvqjp.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006221; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905517673650192394/wrnjeobxkqrcb.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006222; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905517728285208646/zmmtixduifwujl.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006223; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905517736602505266/insmxwdp.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006224; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905517745079218317/tqstzsuepvhxk.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006225; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905517763257311242/vtwmrgkoktctemm.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006226; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905517780596576356/icsgaucxuinbcrj.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006227; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905517785248038942/zbqizgsvxlariy.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006228; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905517814364925962/ggquj.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006229; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905517838335344670/vfvutifwf.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006230; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905517846942056468/rcdwk.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006231; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905517874318282842/ioiweiuqr.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006232; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905517901438681088/xxerwvq.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006233; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905517923710402580/rnwnsektzea.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006234; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905517930920415252/qmdtpfeddnohnhd.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006235; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905517946284167168/hwbgfqyrssqfg.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006236; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905517956128190484/ovitwytfuwnycad.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006237; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905517975359078400/uqdridztiz.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006238; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905518018237435914/jkibnclc.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006239; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905518058574073856/gtubx.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006240; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905518086545891390/wnlvce.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006241; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905518104581382205/yphpyqhkvua.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006242; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905518112634454067/vjxewnyslksjye.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006243; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905518122411364412/mwahtdoigpmpfb.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006244; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905518128249843722/wwebxsv.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006245; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905518151935098930/cgxvwg.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006246; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905518180531847258/tific.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006247; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905518225406713897/zswuer.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006248; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905521256181403718/uatixgfkimjd.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006249; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905521265132048424/eqnaoxwtyq.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006250; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905521275915632680/mhsyzbwpkclbd.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006251; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905521294236344350/btcbkbt.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006252; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905521317741223997/prcwmorj.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006253; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905521364235079730/ospnscsxigul.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006254; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905521367632457779/qmlipqwb.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006255; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905521379913379981/cqtzf.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006256; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905521384069935155/dvpyokrobtpimok.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006257; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905521392156545084/mgtkueywtyqm.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006258; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905521413929185310/nmrwzwtfkqh.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006259; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905521428869312552/dqsneisfnxxo.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006260; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905521437257891921/sdbwmkp.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006261; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905521461190619176/mpmvedrvcsukwjo.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006262; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905521465196179526/wqyukldg.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006263; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905521474331344928/seyqh.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006264; rev:1;)
|
2021-11-11 00:10:59 +00:00
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905521477787475978/biqilyugtu.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006265; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905521481793015868/xhedel.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006266; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905521486104789072/ydfuxujlc.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006267; rev:1;)
|
2021-11-11 12:10:39 +00:00
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905521489305014332/cybgxhfbw.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006268; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905521499031609354/zjhupac.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006269; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905521506153549904/ezjdug.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006270; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905521509995515954/zbieuksbr.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006271; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905521527729049680/zumuronng.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006272; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905521532049182761/vwykgii.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006273; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905521536465793074/bdnzfnzfad.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006274; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905521574164189254/pwwjbpbhthnjdt.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006275; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905521585954357318/vqthrggkz.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006276; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905521590169665606/cyxjcbn.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006277; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905521603155206204/ruirsy.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006278; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905521606498078780/czjrsqraiq.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006279; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905521611854192650/zradtlgnokkp.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006280; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905521624432926740/zwhzfqknykezdx.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006281; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905521628052619324/pwzuq.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006282; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905521632477593660/mbjzrijteafhj.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006283; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905521636583821393/zriha.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006284; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905521652434088026/djicms.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006285; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905521656372543528/hvtjgxp.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006286; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905521660197756928/najnkhwhmuzjz.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006287; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905521673757917194/rdovqm.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006288; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905521677432156171/zhezktyrzau.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006289; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905521688924541008/bemxhph.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006290; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905521706091839508/okbvjxs.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006291; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905521723905032282/bkwmrejknccgfo.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006292; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905521727625392198/ucacluzssysou.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006293; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905521755966292029/gortty.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006294; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905521777940258826/qxjfeursngglmgs.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006295; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905521789000646666/guycdt.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006296; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905521809351405638/oihiofqmsx.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006297; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905521813386330172/izpiosipiufjnt.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006298; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905521823737851965/tlnvwykfijxcgpm.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006299; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905521833296683018/halvgn.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006300; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905521838132695040/nouujnpemyi.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006301; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905521841664299018/hvbbolbydfdk.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006302; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905521855513915403/nsgvvgtgqpmf.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006303; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905521872937037924/jzofuuvrwkrhtol.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006304; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905521877009715220/kyojw.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006305; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905521885398327297/mixwzmdqynzh.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006306; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905521898526507018/oupcuytnxkcvee.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006307; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905521906399211530/kulqzpmbhpx.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006308; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905521910257942558/vrorl.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006309; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905521923864289370/ticfpivqnmgfql.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006310; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905521930017329192/mwxze.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006311; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905521937227345920/vujwzp.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006312; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905521957372563476/hlcetubwp.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006313; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905521961474592778/ocmfrv.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006314; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905521972354621460/bsglwtvjofn.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006315; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905521982001537045/azwvcuhoekl.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006316; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905521985617035355/aqqgvovxdqflx.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006317; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905521989245091930/hkhqute.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006318; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905522009679724564/kdcca.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006319; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905522022317195314/ejevnyzawuywff.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006320; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905522047772393512/rdqegrxpe.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006321; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905522054948864082/ytwkbpeusqjmfv.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006322; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905522058648248391/ksozudysh.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006323; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905522062213406720/kyygr.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006324; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905522072787238993/rnfvvnc.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006325; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905522079967903744/emgkrwvjd.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006326; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905522084367708270/xxrpwi.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006327; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905522088205496330/kbhulkoyronuh.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006328; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905522105095962624/jgnsrpudxwuavz.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006329; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905522108715630662/zwaegbhueirrs.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006330; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905522112234663977/juggfhzs.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006331; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905522135563395082/dnmtrlhpivmys.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006332; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905522160376901652/zkbjwybspqhhkby.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006333; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905522167368810517/pskruvjjvcv.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006334; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905522175879028827/vxkqfcrczxnzfs.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006335; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905522192828235846/yvxoxbief.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006336; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905522200533168198/cqeikfmdmlv.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006337; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905522217058697216/ynbzihu.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006338; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905522243818385408/rcgwwprqc.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006339; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905522265565855874/mxuccl.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006340; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905522269768540180/suumouz.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006341; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905522279151202404/vwmkrsfxhiotiib.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006342; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905522283433570314/iylorlzlbze.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006343; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905522294733037568/pygdd.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006344; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905522312546254939/bvhrfesdbxndqf.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006345; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905522316732166184/wgbxscblads.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006346; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905522321031323679/ogbww.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006347; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905522329176653854/jikkpll.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006348; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905522333144473640/fendwhpe.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006349; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905522364735950939/mpyydsv.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006350; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905522417970053160/sndlrcudyld.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006351; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905522434202009670/chnlkfgr.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006352; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905522443714691192/fftolgwqgteis.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006353; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905522447997104148/pwlrczaxil.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006354; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905522455324553257/yxhrac.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006355; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905522459699208242/qdgcdygxuujgw.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006356; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905522466884038726/hnhbbyonla.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006357; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905522470352744498/iwvkhaqsg.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006358; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905522484282003486/qylpppgqqf.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006359; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905522495946391563/mvrniuxt.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006360; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905522504938946670/xfuvucn.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006361; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905522511884742676/jshcsqfeovzkx.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006362; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905522516028719185/tmqohsccrof.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006363; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905522520013291570/shtcccs.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006364; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905522533539926066/ijnvju.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006365; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905522537667129424/luqexvwjje.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006366; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905522541135790121/vcdfu.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006367; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905522555098628106/ujxfgwhy.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006368; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905522562937782282/drnvfluapoht.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006369; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905522579761168454/oaajquocodq.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006370; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905522587260575834/swusoxig.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006371; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905522591551352915/thjdwjtm.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006372; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905522608911577128/qqxqkwwmfvzcdz.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006373; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905522612136992839/hdenbxknppaeb.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006374; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905522636149387275/imawauyglbyxzzz.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006375; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905522655476744282/wqhfdldifiq.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006376; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905522659926876160/xechutjw.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006377; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/905513341278093417/905522680386711552/ptsybzqqxa.mp3"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006378; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/906970546426765386/907252610094989332/hiouxwjr.wav"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006379; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/906970546426765386/907252749241028628/lqfcpz.wav"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006380; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/906970546426765386/907252777003143168/axraxexxqtlqoc.wav"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006381; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/906970546426765386/907252807231492106/gymncw.wav"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006382; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/906970546426765386/907252837426282536/kjlinseqeyzldc.wav"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006383; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/906970546426765386/907252873723777034/mtwrrchcfdsyx.wav"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006384; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/906970546426765386/907252905004892200/dbpiugwidvtkis.wav"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006385; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/906970546426765386/907252966153666591/vorai.wav"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006386; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/906970546426765386/907253024689373224/guekxduuffwkvo.wav"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006387; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/906970546426765386/907253089730441216/pmkfgpvodbnjnq.wav"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006388; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/906970546426765386/907253162883301396/szjpwmmv.wav"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006389; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/906970546426765386/907253171267711006/dsxwdzcxw.wav"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006390; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/906970546426765386/907253189181587557/uramam.wav"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006391; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/906970546426765386/907253227085529108/izwavqpqmn.wav"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006392; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/906970546426765386/907253263802449961/votcvscgvcq.wav"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006393; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/906970546426765386/907253352709107752/abmwhkaeuntwmup.wav"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006394; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/906970546426765386/907253362225983568/lcifbgsvfn.wav"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006395; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/906970546426765386/907253481952395264/bouxezfdxaesq.wav"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006396; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/906970546426765386/907253529087971358/yvlugobyi.wav"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006397; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/906970546426765386/907253547928805486/bgicawulsi.wav"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006398; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/906970546426765386/907253570204737587/yiefdpir.wav"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006399; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/906970546426765386/907253600240140318/ktngzflbrzcdzh.wav"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006400; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/906970546426765386/907253628228739142/venusy.wav"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006401; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/906970546426765386/907253670037585970/xzpuwfpfcpdzdk.wav"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006402; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/906970546426765386/907253712421027880/celrowkolcnklu.wav"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006403; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/906970546426765386/907253729516998676/skfjohhaien.wav"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006404; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/906970546426765386/907253742989115393/ezrfvd.wav"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006405; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/906981226219466814/907259361003442287/yntfawnhzbf.wav"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006406; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/906981226219466814/907259391483449435/uzzwmfbwmeb.wav"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006407; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/906981226219466814/907259471837925416/hghvadxfucvwn.wav"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006408; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/906981226219466814/907259498509500476/tgylztsrooamoco.wav"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006409; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/906981226219466814/907259504863875182/vuazfgb.wav"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006410; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/906981226219466814/907259513504161792/gbwvyfcx.wav"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006411; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/906981226219466814/907259558269943888/mphsgwstxn.wav"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006412; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/906981226219466814/907259585553920050/ctednctxrclvhit.wav"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006413; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/906981226219466814/907259633519951902/pkmescyrg.wav"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006414; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/906981226219466814/907259660598411294/ugfch.wav"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006415; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/906981226219466814/907259681616064592/ysulrnporecd.wav"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006416; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/906981226219466814/907259729028472853/fkcqt.wav"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006417; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/906981226219466814/907259754102026300/qjvpzyerbcsj.wav"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006418; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/906981226219466814/907259762532569158/ftvbwujapmgxrmt.wav"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006419; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/906981226219466814/907259770921189417/yzqltnzpjsfaqae.wav"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006420; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/906981226219466814/907259829356224512/zpznoyzktupacm.wav"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006421; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/906981226219466814/907259865339146280/nhhulcg.wav"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006422; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/906981226219466814/907259871739645952/hyjikgvc.wav"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006423; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/906984396509306893/907261524643569694/jchivgimup.wav"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006424; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/906984396509306893/907261631896121444/pnbsu.wav"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006425; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/906984396509306893/907261681896394832/gyuumowvvhwja.wav"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006426; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/906984396509306893/907261714934923314/nqnfr.wav"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006427; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/906984396509306893/907261754944405534/yeceeihqui.wav"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006428; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/906984396509306893/907261815115882517/xbbbldi.wav"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006429; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/906984396509306893/907261873693552670/gihdapv.wav"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006430; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/906984396509306893/907262040140288000/mlzwgzjqglhtbm.wav"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006431; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/906984396509306893/907262060495265842/pyihphv.wav"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006432; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/906984396509306893/907262074722328617/diwgdiqqzlqz.wav"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006433; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/906984396509306893/907262194004148335/vevuv.wav"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006434; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/906984396509306893/907262209489530890/oukfhbixwgv.wav"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006435; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/906984396509306893/907262280020918292/cjahmhc.wav"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006436; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/906984396509306893/907262374350831666/pyatr.wav"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006437; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/906984396509306893/907262417682190386/ncpris.wav"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006438; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/906984396509306893/907262608694997012/gaxvces.wav"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006439; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/906984396509306893/907262677104066560/ngqcpwsedc.wav"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006440; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/906984396509306893/907262726634614784/okdwln.wav"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006441; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/906984396509306893/907263021812944936/cqqrisvajupbfw.wav"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006442; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/906987050476138500/907267491250712576/scsyk.wav"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006443; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/906987050476138500/907267713167163463/tynacjtlid.wav"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006444; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/906987050476138500/907267765193297940/bfadezo.wav"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006445; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/906987050476138500/907267771186937897/nkfnaurnrwolklw.wav"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006446; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/906987050476138500/907267795815911444/cpxeqlwskh.wav"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006447; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/906987050476138500/907267802170261604/crqfawogznvk.wav"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006448; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/906987050476138500/907267914632151061/adsrnvkmy.wav"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006449; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/906987050476138500/907268068626018324/mnxrhlem.wav"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006450; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/906987050476138500/907268347022950410/klfovplmzuki.wav"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006451; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/906987050476138500/907268366539034624/grbeqgh.wav"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006452; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/906987050476138500/907268387292463154/jarqdvraapowpd.wav"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006453; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/906987050476138500/907268407634841661/tixwwscekzej.wav"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006454; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/906987050476138500/907268517852753950/tvmlqhaydfykd.wav"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006455; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/906989795283173420/907272435806658580/fzrbmoiu.wav"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006456; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/906989795283173420/907272483005149244/jxsnspp.wav"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006457; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/906989795283173420/907272495118311454/mceavohovxdd.wav"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006458; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/906989795283173420/907272505935417374/xffciyqtkwpkb.wav"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006459; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/906989795283173420/907272547534536744/suvfqvoqwuvtgmh.wav"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006460; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/906989795283173420/907272560318763078/qdxsup.wav"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006461; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/906989795283173420/907272758889685042/hvgnxftpgqjpwyj.wav"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006462; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/906989795283173420/907273119956353094/xasaevatlmczn.wav"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006463; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/906989795283173420/907273138360942592/rzbqsyffzeum.wav"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006464; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/906989795283173420/907273145327685732/ejejiatt.wav"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006465; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/906989795283173420/907273232384667688/ibcbexwoescymj.wav"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006466; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/906989795283173420/907273293218873344/amtuhnjytufvoy.wav"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006467; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/906989795283173420/907273364769505280/wklwlxvzzz.wav"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006468; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/906989795283173420/907273428778749962/pmpwqql.wav"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006469; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/906989795283173420/907273597494652958/uxcenhtfc.wav"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006470; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/906989795283173420/907273707792261150/ftqfpegtgigdt.wav"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006471; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/906989795283173420/907273923463352320/fxlbygeelbcswep.wav"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006472; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/906989795283173420/907273945139511326/ihyiuffirngnvt.wav"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006473; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/906989795283173420/907274026198663168/rqjqziufhaxczkb.wav"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006474; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/906989795283173420/907274092594495498/mzccplyrtjhvx.wav"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006475; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/906989795283173420/907274221741310002/geoclyv.wav"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006476; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/906996518161113190/907981341633675336/ksewve.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006477; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/906996518161113190/907981568461639680/xfvmuqkttfbn.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006478; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/906996518161113190/907981604054515722/ftdwts.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006479; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/906996518161113190/907981626221412352/cxrafulzul.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006480; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/906996518161113190/907981839224959026/pmltaq.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006481; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907662428664369166/907976425234104320/jnopgfxomvnwns.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006482; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907662428664369166/907976764897255424/yvbvsv.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006483; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907663849111556109/907974399095873586/ptdmanedffa.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006484; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907663849111556109/907974451621167125/skvznch.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006485; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907663849111556109/907974467639197747/nfsfkywamkfettf.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006486; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907663849111556109/907974565672656966/vqyiindr.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006487; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907663849111556109/907974570693263410/faelmkxfvestmd.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006488; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907663849111556109/907974589517275146/cooaxcd.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006489; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907663849111556109/907974804508934165/gpmgr.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006490; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907663849111556109/907974836540833832/ifnztdsy.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006491; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907663849111556109/907974842588987472/klompkwep.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006492; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907663849111556109/907974871110254632/lfudmbibo.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006493; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907665395815677994/907971765920219176/cxafurz.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006494; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907665395815677994/907971771028893716/jutmyjygani.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006495; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907665395815677994/907971777026719744/jcznm.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006496; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907665395815677994/907971782722592768/azhgrz.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006497; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907665395815677994/907971791195107348/ldhsglttjo.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006498; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907665395815677994/907971797448790046/vqgqfl.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006499; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907665395815677994/907971803832549436/exalvyyepugnog.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006500; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907665395815677994/907971812967714876/fgvfvmsjaw.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006501; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907665395815677994/907971818898481233/kzetdlog.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006502; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907665395815677994/907971824921493504/vjqejxwcistma.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006503; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907665395815677994/907971831787556874/uyrbdzzbhmz.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006504; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907665395815677994/907971844424990740/lhkjuehshsxgz.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006505; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907665395815677994/907971850921975858/hunsxqb.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006506; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907665395815677994/907971856592666684/umpymq.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006507; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907665395815677994/907971862758297630/kywtxxxscdxn.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006508; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907665395815677994/907971870555529266/wxpla.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006509; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907665395815677994/907971876914102292/ntiyvaxpc.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006510; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907665395815677994/907971885063610388/tzfhwrvt.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006511; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907665395815677994/907971892852449330/hxrpiga.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006512; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907665395815677994/907971900402200586/epoajs.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006513; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907665395815677994/907971908358774824/imkwvynfq.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006514; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907665395815677994/907971919092015144/gpsfymmaaz.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006515; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907665395815677994/907971926494949416/imuwpzac.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006516; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907665395815677994/907971932371189831/aoxacxg.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006517; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907665395815677994/907971937270116373/kjlmxf.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006518; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907665395815677994/907971943024697424/vnrgobnekjusgwd.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006519; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907665395815677994/907971949483937802/wawome.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006520; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907665395815677994/907971954244468768/kuknwiazfnkqopq.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006521; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907665395815677994/907971959533473792/qtfjt.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006522; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907665395815677994/907971964629565470/lkmje.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006523; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907665395815677994/907971969985687612/osqwqaqtj.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006524; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907665395815677994/907971976918892544/oxkoasjcqueoqe.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006525; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907665395815677994/907971982044327986/lgqqz.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006526; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907665395815677994/907971988004429884/icivn.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006527; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907665395815677994/907971993436057600/dwnwc.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006528; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907665395815677994/907971998330814464/sflppci.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006529; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907665395815677994/907972004404158504/xlrybogowvoupe.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006530; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907665395815677994/907972008711716884/djjqloigrjujneh.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006531; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907665395815677994/907972014713753610/rmtrvq.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006532; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907665395815677994/907972022657753188/lhlyoxqpdre.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006533; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907665395815677994/907972032271122482/wjrtbtmzn.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006534; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907665395815677994/907972045286019132/yvneuxmi.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006535; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907665395815677994/907972051023851540/nkyybwo.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006536; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907665395815677994/907972057508220988/apgnx.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006537; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907665395815677994/907972062629482566/tbddyu.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006538; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907665395815677994/907972075065602088/tblxgckqb.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006539; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907665395815677994/907972081071837244/wyaivcm.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006540; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907665395815677994/907972086029492244/bbrtvez.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006541; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907665395815677994/907972093872861244/syrlt.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006542; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907665395815677994/907972099409346601/qnjgytefzbfm.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006543; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907665395815677994/907972104983572551/wibwynck.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006544; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907665395815677994/907972109907656704/nxmgvhub.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006545; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907665395815677994/907972114869538816/vysmhozkxlqmas.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006546; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907665395815677994/907972119491665951/muixvdc.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006547; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907665395815677994/907972124919091210/xscwvz.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006548; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907665395815677994/907972131432853534/wzfil.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006549; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907665395815677994/907972135920734239/hbrehj.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006550; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907665395815677994/907972140899401788/ofteirukinqpyr.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006551; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907665395815677994/907972147954221116/ingoegrrj.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006552; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907665395815677994/907972153138348042/whxnoel.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006553; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907665395815677994/907972158473531453/hlbefffjdkbs.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006554; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907665395815677994/907972163603140619/tdcoabmviixjsq.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006555; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907665395815677994/907972171492634624/rbmryatpkakwbpo.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006556; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907665395815677994/907972177545031720/mwuaacmfe.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006557; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907665395815677994/907972195488251934/gymvfofu.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006558; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907665395815677994/907972201381257246/qbqzrtkhmdfd.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006559; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907665395815677994/907972212638773248/xwfjzrwpfcr.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006560; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907665395815677994/907972217470607370/kwjrdze.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006561; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907665395815677994/907972222050770974/bpfdb.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006562; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907665395815677994/907972226593198140/alglyuo.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006563; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907665395815677994/907972233593516042/fechx.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006564; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907665395815677994/907972239469740062/vaixnj.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006565; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907665395815677994/907972244871999498/lzguyxuhkikaq.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006566; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907665395815677994/907972250643333120/hvdkhdwzxtztob.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006567; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907665395815677994/907972255244492830/lcjddqevmkg.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006568; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907665395815677994/907972261011677224/fktobhjhvyfs.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006569; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907665395815677994/907972270608232488/xzlasd.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006570; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907665395815677994/907972275205197864/dmxgo.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006571; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907665395815677994/907972279932186634/siihieaj.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006572; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907665395815677994/907972284822732820/rifwedfpzpxwnj.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006573; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907665395815677994/907972289788788766/gzdwlapl.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006574; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907665395815677994/907972295052652574/rdynxqub.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006575; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907665395815677994/907972300643631165/shemnua.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006576; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907665395815677994/907972305588744192/oiykhvhamn.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006577; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907665395815677994/907972310110208080/caqulteotbzdrdt.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006578; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907665395815677994/907972323037024276/eljgcjpph.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006579; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907665395815677994/907972327764017152/tkedyqyjvircue.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006580; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907665395815677994/907972335179542548/dtuouomeclvljz.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006581; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907665395815677994/907972342167244860/cohxndq.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006582; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907665395815677994/907972347171065886/pnfiwhvctmx.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006583; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907665395815677994/907972352049041428/jwndqlhnr.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006584; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907665395815677994/907972360156643338/aoopyjwybgus.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006585; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907665395815677994/907972365479194704/sbnmbma.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006586; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907665395815677994/907972371649003530/ifecr.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006587; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907666907405099111/907969001425104906/dtlefuizql.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006588; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907666907405099111/907969006504411176/khsdne.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006589; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907666907405099111/907969011722113045/huxuxmsvdethph.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006590; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907666907405099111/907969025504579594/vxspqdaymqjlvoi.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006591; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907666907405099111/907969031942856774/vtexkktriqc.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006592; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907666907405099111/907969038649536522/wdgafgizjbzxxt.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006593; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907666907405099111/907969044651589662/yosjpubquljalp.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006594; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907666907405099111/907969058396315678/nnpxzidli.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006595; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907666907405099111/907969064033464380/jgbpr.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006596; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907666907405099111/907969069121146920/ebpimxod.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006597; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907666907405099111/907969074519240774/tdntmzkuble.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006598; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907666907405099111/907969082417098752/ypuqjewmbktd.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006599; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907666907405099111/907969087282511882/lvqdsb.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006600; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907666907405099111/907969095520116768/yiqpmsmoelhep.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006601; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907666907405099111/907969100624564255/iwnhzka.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006602; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907666907405099111/907969106941186098/mjcnsj.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006603; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907666907405099111/907969111752052806/vsfptqjndcqggbz.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006604; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907666907405099111/907969117284360242/mxystzzhzg.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006605; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907666907405099111/907969123848450058/eikahvsz.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006606; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907666907405099111/907969129263271946/ylkaxminotcup.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006607; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907666907405099111/907969134531342356/tvsrxaywetyhyi.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006608; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907666907405099111/907969142672465961/odrgpzogi.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006609; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907666907405099111/907969148041183282/pvksaqnwvzfdltm.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006610; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907666907405099111/907969153309245470/xhkegyumttaz.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006611; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907666907405099111/907969158443053056/mbwaq.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006612; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907666907405099111/907969163694317578/ybvbueqikrkrjw.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006613; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907666907405099111/907969169000124476/gmima.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006614; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907666907405099111/907969173441880074/fhuwaqeijzns.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006615; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907666907405099111/907969179162918942/ezpdeptvynosvjt.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006616; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907666907405099111/907969184166707220/lquzklfzphxu.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006617; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907666907405099111/907969188985974826/emdwgypativsf.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006618; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907666907405099111/907969193520009296/hhyoib.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006619; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907666907405099111/907969200100884480/epsiynmjoo.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006620; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907666907405099111/907969205427638344/bjljvqwjn.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006621; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907666907405099111/907969210192363541/vstus.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006622; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907666907405099111/907969215376531516/yvgmzqmld.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006623; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907666907405099111/907969224964706344/uidirrryrc.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006624; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907666907405099111/907969236587122728/eafaks.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006625; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907666907405099111/907969241431547904/engzqsy.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006626; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907666907405099111/907969246523457536/tuwhzglpa.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006627; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907666907405099111/907969251116216330/ohjuokixi.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006628; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907666907405099111/907969256833028116/uzblsvrsuxn.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006629; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907666907405099111/907969262990262292/zsuny.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006630; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907666907405099111/907969268807790622/pqgmbnt.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006631; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907666907405099111/907969273694150666/hwcbdac.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006632; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907666907405099111/907969278203015168/fuhavx.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006633; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907666907405099111/907969284494467102/thuhcvyu.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006634; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907666907405099111/907969289879957524/umvdzanwbdlsuru.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006635; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907666907405099111/907969294833430528/ogpqjdcum.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006636; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907666907405099111/907969300038578176/cagekkjs.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006637; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907666907405099111/907969305088520232/sszlequmjrl.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006638; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907666907405099111/907969309911969853/pmevhfrlfiopqnm.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006639; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907666907405099111/907969314517311488/jrzhlhydyojro.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006640; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907666907405099111/907969319462400020/vmtxdggynrem.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006641; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907666907405099111/907969325598670858/crrbvxpmsop.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006642; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907666907405099111/907969331361611917/stlkica.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006643; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907666907405099111/907969338571624458/lrcbzufobhgps.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006644; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907666907405099111/907969343537684480/amsmbqlrsmqcdqu.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006645; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907666907405099111/907969348486959104/vsrdaxtin.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006646; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907666907405099111/907969355088809994/yejrovaixdxdqz.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006647; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907666907405099111/907969360902111242/klpbv.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006648; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907666907405099111/907969367147446283/yawvexlcgzabzf.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006649; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907666907405099111/907969372063166474/nkeiwkroud.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006650; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907666907405099111/907969377092136970/xeujqzytfm.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006651; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907666907405099111/907969381999468564/jjadxzcsajn.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006652; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907666907405099111/907969386474795018/ykkeuee.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006653; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907666907405099111/907969391965143070/wglzwg.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006654; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907666907405099111/907969397853925476/wirgwpjonhzxsl.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006655; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907666907405099111/907969402245382144/ukhlcbklwn.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006656; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907666907405099111/907969406892650496/kpeohfngo.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006657; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907666907405099111/907969413951676426/zdwxiqoxnqot.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006658; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907666907405099111/907969419404255232/nhreaxvjqiawfvy.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006659; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907666907405099111/907969424328384542/zmwhtmwvpqc.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006660; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907666907405099111/907969430808588309/fiseunahli.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006661; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907666907405099111/907969435472654416/stbevykulgsroee.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006662; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907666907405099111/907969446126186526/mwvnakw.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006663; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907666907405099111/907969450735730759/lkxojfhgshazkdd.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006664; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907666907405099111/907969458184790086/hbzytj.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006665; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907666907405099111/907969463058583572/tbyctakuzwj.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006666; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907666907405099111/907969467965931570/qvege.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006667; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907666907405099111/907969473586278451/lkkndnebc.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006668; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907666907405099111/907969482679533629/amqlmfbkeo.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006669; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907666907405099111/907969488228601856/wdevglzypahqig.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006670; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907666907405099111/907969496805945405/ytsut.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006671; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907666907405099111/907969504259227728/mlxxssze.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006672; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907666907405099111/907969515151847434/jcbntdlwwxoeel.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006673; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907666907405099111/907969522655428618/cnimeps.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006674; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907666907405099111/907969530301669427/ofqnvjgr.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006675; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907666907405099111/907969538103066674/jgrwhkjynmsow.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006676; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907666907405099111/907969545111752755/rmlbkvtwdjefp.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006677; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907666907405099111/907969551021518899/fgeiee.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006678; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907666907405099111/907969556507664454/dqbolsyhvwvfyy.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006679; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907666907405099111/907969561649893396/tduojof.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006680; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907666907405099111/907969566439800832/gojkuyypa.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006681; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/907666907405099111/907969572483772426/intuwbstn.mov"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006682; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/908238221694074903/908238335124848661/quotation_form_pdf.zip"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006683; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/razor/rzr-winner_intro.zip"; http_uri; nocase; content:"chiptune.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006684; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/meteoradminz/hidden-tear/zip/master"; http_uri; nocase; content:"codeload.github.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006685; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/mr-r3b00t/rdp_backdoor/zip/refs/heads/main"; http_uri; nocase; content:"codeload.github.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006686; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/tmp/protected-cek9qz4zvk2n65e-c5d84gi5/security-cloud/kypqw-52kkq0n9ywj9oa/"; http_uri; nocase; content:"colfincas.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006687; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/uc?export=download&id=11wrd1k3cum3xwrrk7ry9emoxvjihpxt5&revid=0bwr0ytfwg4ymmfnormy4ret5uulxym9uri9na2p4oe1xzxlnpq"; http_uri; nocase; content:"docs.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006688; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/uc?export=download&id=140vkyfrfhbqkukc2hnw-gsvi5wjw6iyi"; http_uri; nocase; content:"docs.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006689; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/uc?export=download&id=1ctmywlj5wouiug1wgizy3ke7yj1u0yor&revid=0b_t0-zked1mgagxwmxcwywq5q0q1uk1uoxcwaup6l2ovmtdjpq"; http_uri; nocase; content:"docs.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006690; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/uc?export=download&id=1dcskexskninafqjsvcdvurd8sn0y3z2m&revid=0b32-vhr9_ogcmnjutlfrrke4l213smg0ajdrr0yvavfsnnrvpq"; http_uri; nocase; content:"docs.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006691; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/uc?export=download&id=1gpjdoys0jisgixkzzi79qrvuun0m2ufd&revid=0bwzj95xpgx6-shdtthq5ztfkajlnv3ntvvzqy0u5k0vvqtrvpq"; http_uri; nocase; content:"docs.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006692; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/uc?export=download&id=1gv_nk9llqw4fxudo-khja7nuuj1kevvw&revid=0b7zefp-g6n7vm0zhowo4be9pvus4mmh0ymxvd3r6zlu3ylznpq"; http_uri; nocase; content:"docs.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006693; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/uc?export=download&id=1h_dyp_d5lst4akyf2qezxl7j1scvbtvs&revid=0b5thckui5i0mdk5moelbnm9vuhnydvjnvwpyq01vrg5xvwhrpq"; http_uri; nocase; content:"docs.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006694; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/uc?export=download&id=1hdvmpsulsdwmfbduwezpkhyqscvaujpz&revid=0bxuz33-vsvvttjk1tutwb25oynbmuwjqsytdmtqybxvayvrzpq"; http_uri; nocase; content:"docs.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006695; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/uc?export=download&id=1jpl-uouydm5hypqm67uokyddrblbpxvw&revid=0b7zpiprmoc5ubhpwclq0cxdyte5vwtrbymnidznhtgm3bzvrpq"; http_uri; nocase; content:"docs.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006696; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/uc?export=download&id=1lrsmsenpabz1ihnqwve1zahmbbrjvy0k&revid=0bwxkravv4isdrzmrqulpqwfbnk44s3louvlqtm85tzbdvjzzpq"; http_uri; nocase; content:"docs.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006697; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/uc?export=download&id=1m8jszvq-ztfrul7vgsb6q-n3ftgnkbdj&revid=0bxrhybf9__wnmgjlnmxmunzznlu0v204azc4edmzcep6a0hzpq"; http_uri; nocase; content:"docs.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006698; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/uc?export=download&id=1sbd1rnw8luztjmsh6gdlzupvyupbopa0&revid=0b3yyjts_woklr2vnyxvqohlidxbxn1l2wwjntxfnwvi5v0h3pq"; http_uri; nocase; content:"docs.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006699; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/uc?export=download&id=1tilqozot07vylvdmmsfs7ia452jwhktj&revid=0b7gsmqzks4xkcdjcwhuvatj2qvlvchnmnnovu2ldzstek2jzpq"; http_uri; nocase; content:"docs.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006700; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/uc?export=download&id=1ygn4gkmy9musdp_lgnpyjjh6rskt39vp&revid=0b8rbgp2bpeofmk5ta3n3mgjtefbzdevwtk5wwhpjd3yruejjpq"; http_uri; nocase; content:"docs.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006701; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/uc?export=download&id=1zxejnkdwqezrbgani5vjk2y2nhmpkg0z&revid=0b-bo0wgwxcblsui1mehkbhrlu01rwxnyrxzxanbdendmbndnpq"; http_uri; nocase; content:"docs.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006702; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/frm0reseen/prntscrnofamzorderid.jpg.exe"; http_uri; nocase; content:"drive.google.com.it-barcelona.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006703; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/uc?export=download&id=12ma_yvbmprts6e_vkfnmwikrnwsarqbw"; http_uri; nocase; content:"drive.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006704; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/uc?export=download&id=15gb8pb4gmlvzqpw--f8ifnbltyu2r5w5&_sm_nck=1"; http_uri; nocase; content:"drive.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006705; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/uc?export=download&id=18zfspcrlbavz_ooolsobhnpa264xyytm"; http_uri; nocase; content:"drive.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006706; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/uc?export=download&id=1_kme2jlo4rwuoi0skp0ejlnqrjpi0zha"; http_uri; nocase; content:"drive.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006707; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/uc?export=download&id=1alq8r5tnr6wwiftqa3l6d9fymv7y0g9m"; http_uri; nocase; content:"drive.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006708; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/uc?export=download&id=1etpmpb2shvuny5dxj5awfpxklxqpbzgx"; http_uri; nocase; content:"drive.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006709; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/uc?export=download&id=1fa2j7bhbrbrijrqqw6ls0zqsqphkez5z"; http_uri; nocase; content:"drive.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006710; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/uc?export=download&id=1igs5o27dptipoo8iqgpvjqpzytr0bekk"; http_uri; nocase; content:"drive.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006711; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/uc?export=download&id=1ma38y_tmkwp6spyu_omub2ntyzolb0qj"; http_uri; nocase; content:"drive.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006712; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/uc?export=download&id=1n8_s6gijerearczwh74blkygodig64eo"; http_uri; nocase; content:"drive.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006713; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/uc?export=download&id=1nw1gmzg6lwtuhs0tte969xcfpp9_dc5q"; http_uri; nocase; content:"drive.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006714; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/uc?export=download&id=1o9jg3oqyewncoptigwscdbtfmvtfqygj"; http_uri; nocase; content:"drive.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006715; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/uc?export=download&id=1pr2l1wfpwhfzln-sq93bb9xwfqtrwezu"; http_uri; nocase; content:"drive.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006716; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/uc?export=download&id=1qqshuwbrdfj--licjq2m4aacpveydwyq"; http_uri; nocase; content:"drive.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006717; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/uc?export=download&id=1quzouzjuncjhkgnferfx06dg7icwxy2d"; http_uri; nocase; content:"drive.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006718; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/uc?export=download&id=1tnnhctucoeyrnqdkpizy9gm6w5ha0_tb"; http_uri; nocase; content:"drive.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006719; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/uc?export=download&id=1uygnpwzzyzn2rodsrimg0-sloxy_letg"; http_uri; nocase; content:"drive.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006720; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/uc?export=download&id=1yfqtugahqhqrulwugdekeavffktsl8ci"; http_uri; nocase; content:"drive.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006721; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/uc?export=download&id=1z7qhwcozjwehksdhw-yuivac2jzwjqia"; http_uri; nocase; content:"drive.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006722; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/uc?id=1a7jwdzayvxw_d3cgv_n7tjf4sty3ufor&export=download"; http_uri; nocase; content:"drive.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006723; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/uc?id=1y59mvv5dlrjfcdnlz3gmfskjj2vqerz1&export=download"; http_uri; nocase; content:"drive.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006724; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/downloads/emclick.zip"; http_uri; nocase; content:"e-mudhra.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006725; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/register/phpcaptcha/images/19dnqhg1p/sbhvtqlysxhxn/"; http_uri; nocase; content:"expeditionquest.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006726; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/register/phpcaptcha/images/35egphpl5uzpvdmz9bncmvon3p/"; http_uri; nocase; content:"expeditionquest.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006727; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/acclufokl/~3/ioahipbgbma/fucking.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006728; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/acdqpwomvsy/~3/oqpe4ldcjrg/enhancement.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006729; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/ahxafhi/~3/a0al4i4tovw/preservative.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006730; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/ajxafckm/~3/skbglrtl5uu/noel.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006731; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/alirfulnm/~3/ndacdix1_j8/widening.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006732; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/anlxoni/~3/xij8qygg4gc/output.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006733; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/anwqylqmhwo/~3/xo_-2ukbv8g/endorse.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006734; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/aqmxthnuj/~3/jxr1d1okt_y/testament.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006735; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/avbpzk/~3/v5_jkxuo2j8/builking.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006736; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/axkttybngiq/~3/zpirzpomvls/vindicate.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006737; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/axsog/~3/dwuxqw5_ypm/onslaught.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006738; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/ayccag/~3/cqltmsneimq/carpentry.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006739; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/azltqhzautz/~3/vq-ugoewpfe/amoebae.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006740; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/bbhltnaaar/~3/1v0l6tjhcas/unanimated.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006741; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/bcssq/~3/ogqpv3nj4tc/complement.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006742; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/bgewouwged/~3/k45k6pcntzu/schoolteacher.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006743; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/bgwmfpq/~3/jb9if5dpuc4/steely.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006744; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/birpzgq/~3/feqpb2ggli0/steamboat.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006745; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/bjymgybvb/~3/zbfjmv4uq7q/sanguinary.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006746; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/bnseoh/~3/lnxireseggi/arguable.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006747; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/bqotlhet/~3/o9uhe5ccera/temerarious.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006748; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/bqqjy/~3/8arzowzauzw/distributive.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006749; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/btiplevsb/~3/molntiorq5g/semicircular.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006750; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/bveytumkj/~3/pdweu_wphoe/tenterhook.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006751; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/bwwgiowzkf/~3/flsmjxlsa0a/blanch.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006752; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/bzong/~3/oyd5dgiwdt8/commendable.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006753; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/capdry/~3/heqrdc4cy5s/notary.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006754; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/cfmgws/~3/kjueqjz_zlw/prefer.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006755; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/cixice/~3/vikna7ur_me/obtainable.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006756; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/ckvwrzdq/~3/6sgns3ifbuu/somnambulation.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006757; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/clhqsk/~3/fwb9_bjta0m/thine.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006758; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/cmdnbf/~3/mgnzkzduyjo/scoring.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006759; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/cnxjfoig/~3/jfbeithjz3m/premier.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006760; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/ctmthcaul/~3/yyy6u06f3vg/sweater.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006761; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/ctorqkweegn/~3/b5xjjtgkqqu/objectless.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006762; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/cvkqjnjtb/~3/pprjbqbu9ri/create.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006763; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/cxbkrswmk/~3/9ph1o3cavs0/distinct.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006764; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/cynawotueo/~3/n1wyog8yw3q/stifler.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006765; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/dbaciriy/~3/b6hl-ptjona/hyphen.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006766; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/dbpygyegx/~3/5m_nypirq50/aggregate.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006767; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/ddbmnsavbn/~3/etkmzquzgxw/perceptivity.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006768; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/deptwmxfly/~3/uus1b_in2ww/metasymbol.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006769; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/dgrmkin/~3/bindwn1ha9a/inconsequence.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006770; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/didwvvzjoyd/~3/9xg9wdjbxpa/unplug.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006771; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/dirgpvozpa/~3/xpapcahg_9q/courtage.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006772; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/dlyohau/~3/izau55rmuly/weir.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006773; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/dnztlzg/~3/ajgusgbvevk/holland.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006774; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/dtledf/~3/yrgu_uunuwa/denture.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006775; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/dtmvpqlhvom/~3/e7z4-bcozsq/balky.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006776; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/duwgnbw/~3/fdkqfhnve1k/unsold.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006777; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/dylmj/~3/gd-eeoz3i_0/grievance.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006778; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/dzagb/~3/pj0kiapg6r0/baffled.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006779; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/eafepds/~3/s3nlt6mhenw/cough.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006780; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/efateyftn/~3/idcy3kdzc2i/technopark.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006781; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/eqayxfxuh/~3/etkmzquzgxw/perceptivity.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006782; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/ervbwfvb/~3/nxhqmryyjwg/cadenza.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006783; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/esziaj/~3/2iqc4jgq0ps/supercritical.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006784; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/exnhqdxcj/~3/oa9pefw2pqg/minelayer.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006785; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/feswzyozdgc/~3/1iwkb2t14xa/dispensary.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006786; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/feuduordtg/~3/b6m6xz6fjfe/imagined.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006787; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/ffszfdzaj/~3/syv8cmuflh8/scotchman.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006788; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/fgfdzrt/~3/cyenf8xs684/groundwater.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006789; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/fmwkyh/~3/2kyhelvwoxa/anodization.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006790; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/fqsgpe/~3/xyclrytcpim/grilled.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006791; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/fsfbmpp/~3/fdkqfhnve1k/unsold.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006792; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/fsojqstotji/~3/gd-eeoz3i_0/grievance.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006793; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/ftnsb/~3/6tkd8_lqoz8/nag.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006794; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/fwcnuf/~3/4_oqfbxxw0k/bubo.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006795; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/ganujs/~3/vkkqfv_dtuo/faxswitch.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006796; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/gexajvwtrpx/~3/3g7ei89iv2g/outlandish.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006797; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/ggvhoixwlk/~3/ttlqoqnbvow/circuitous.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006798; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/giayrkhvav/~3/195taszfscc/penalty.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006799; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/gjrtdsfkc/~3/ekh8dphr6dg/titmice.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006800; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/gmkdubu/~3/pcuxosw0xxc/quixotic.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006801; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/gnkjjkq/~3/bezazto067w/burrow.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006802; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/gnvfcmrurve/~3/hbdiojegbdo/anarchist.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006803; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/gpaeyfnony/~3/c1qf8sextsm/superegos.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006804; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/gpbfv/~3/mofrjxdr1tg/reincarnation.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006805; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/gxzdfcc/~3/ssexnsuoxve/zoologies.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006806; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/gyzyb/~3/yhjvbtxw_wm/annealed.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006807; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/hadyoo/~3/hkewrygojvg/peso.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006808; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/hehfqyfu/~3/jbnvpknmcno/toggle.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006809; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/helixolpr/~3/ctzra29qpg0/puler.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006810; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/hfkjxrue/~3/akokmfbmsrw/saunterer.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006811; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/hkbtk/~3/7obeggsv5lo/elaborating.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006812; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/hkhaijrk/~3/lsrkvsn7q6w/essayist.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006813; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/hseyrqaywr/~3/3b5seyunic8/vulcanized.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006814; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/hszlzvemwo/~3/jbnvpknmcno/toggle.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006815; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/hvaaempyq/~3/8vr3rfz4ljy/registry.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006816; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/hwcvf/~3/knog03oq9bk/truckler.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006817; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/hxmtdagwet/~3/qllxlf2hqmq/signet.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006818; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/hxvzlwhszp/~3/oimw7ugzbs0/trepidation.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006819; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/hzgznsljtj/~3/3zb33lnitma/legible.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006820; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/ieswybgah/~3/hfpltmih37c/artificialness.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006821; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/ietkovn/~3/wthquyfcu1m/birdlime.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006822; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/ifusiiywemm/~3/o-lhkcikr34/snuffling.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006823; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/ilqpjxnbdwm/~3/tpib69qo4ey/chronology.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006824; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/indewku/~3/fem2-xdmwc8/compilation.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006825; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/ipmaphe/~3/tgna__pfic8/seigniorial.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006826; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/iugvxreugt/~3/fdkqfhnve1k/unsold.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006827; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/ixewdbpye/~3/jn6wy3cci8k/censer.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006828; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/ixhcae/~3/2snk7j6ispc/jelly.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006829; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/jaillhnu/~3/swehwageo_e/tractable.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006830; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/jbwply/~3/0a9c3gpnhki/accountancy.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006831; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/jdkbolupe/~3/h8ewf_czim0/roasting.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006832; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/jgvjnxqvxx/~3/muamjnxxq-8/accoutered.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006833; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/jjicvjwgvo/~3/3qgv72fcae0/unaccommodating.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006834; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/jjoyxgnbcmx/~3/jotb1gzyk8g/project.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006835; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/jjtna/~3/w_pzxnue11q/pleasing.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006836; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/jluyzeapr/~3/j5onfjjebg0/numismatics.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006837; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/jovbqoflt/~3/rbjvtss1c9g/unsatisfactory.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006838; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/jqsrwovxu/~3/aznkmlsftko/crawl.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006839; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/juuwrnz/~3/ogqpv3nj4tc/complement.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006840; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/juxjadaaey/~3/pdweu_wphoe/tenterhook.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006841; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/jwtovx/~3/xrlsxyhs8h0/consolidated.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006842; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/kahvzrrbw/~3/9ph1o3cavs0/distinct.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006843; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/kduclobwfhy/~3/ypmqzqo5z9e/savor.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006844; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/kevsqwpts/~3/ykwqvubjdeo/lay.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006845; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/kfvyo/~3/vjjvpbqefpg/poliomyelitis.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006846; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/kiwhovohw/~3/vtxr34nmtww/denizen.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006847; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/krfverdxp/~3/anmbluxcmv4/viral.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006848; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/krsywmlb/~3/inpanexh4uc/semanticist.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006849; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/kuzqwo/~3/ew-c033bzcq/marginalia.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006850; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/kyuphpmmag/~3/wqhrcce3f80/remarkable.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006851; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/kyvffm/~3/h1f3-t7m4ks/betrothal.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006852; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/laeeyyb/~3/mjkku7ysa1a/contemplate.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006853; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/lbsgdllh/~3/we8ib97puco/mentioning.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006854; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/lbyshyvil/~3/qvfl3ohcu0a/shrinkable.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006855; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/ldkdkxdc/~3/4z4ko8l0gjq/competency.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006856; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/lepnuualrg/~3/e_zd9zjubw0/dribble.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006857; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/lkpejku/~3/xcwf81q7u0s/overwhelm.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006858; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/lmuuosdan/~3/wasfyezr_bu/proximate.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006859; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/lndqflbwla/~3/mjfhq8m-je0/antecedence.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006860; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/lnquusd/~3/k_hyk9nxbty/asphyxiating.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006861; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/lohdkgpij/~3/3dkgluacfo4/soliciting.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006862; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/lwlwye/~3/xcwf81q7u0s/overwhelm.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006863; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/mcpqtrnxmn/~3/ay_4unajqre/cerebellum.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006864; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/mdpeaq/~3/_che8nf3l6w/condensable.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006865; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/mfnnhompxq/~3/m3bvzg_eoew/flowchart.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006866; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/mgxtj/~3/mbrviuet7ce/temple.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006867; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/mhiyxchw/~3/jfuwt8wjbx4/forbidding.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006868; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/mieoegmhtbb/~3/k3vpjqh4ilg/multilingual.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006869; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/mlgwbxymik/~3/b1smeer9-9w/teleprinter.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006870; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/mmhhfyc/~3/vxczjni-pgy/outsider.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006871; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/mpaobcs/~3/flkqf9gpxgc/potbellied.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006872; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/mrcai/~3/qbz4hynf3we/blasting.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006873; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/mrgkigxzd/~3/kg8jmtfld4s/destine.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006874; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/msoiafe/~3/anmbluxcmv4/viral.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006875; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/mzdrgjib/~3/lugaysxqa-s/unreasonable.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006876; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/naqqmviicr/~3/lmw-b1afq3e/semitrailer.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006877; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/nbexrjumgn/~3/f6bzuug_4ly/peeking.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006878; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/ndnfqztk/~3/akkamfe5qke/whacked.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006879; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/nfqzvecux/~3/gi07ki7dn3u/reloading.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006880; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/ngwpzdywpir/~3/vq9vcjibkbc/transmitter.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006881; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/nkklazxgfrc/~3/lfnzlaxfj7q/protected.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006882; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/nklerm/~3/qizqwhtwdgk/obloquy.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006883; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/nknausisslt/~3/rgzyt7j3yhg/thrall.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006884; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/nmtpapv/~3/7ma92s5sxyc/proctoscopy.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006885; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/nnikb/~3/-1-khh68pqw/fragmentary.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006886; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/nnvebibtv/~3/xuanbbshhoq/spotted.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006887; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/nojrnovjvcm/~3/j12jkxi8cas/vicious.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006888; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/nonolli/~3/1uepu-sks2u/sacroiliac.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006889; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/nprongu/~3/w_nbtgahbt8/distribute.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006890; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/nztdidvi/~3/qa9a21nh73o/spittoon.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006891; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/nzyjggk/~3/hpe2gxaducg/seductions.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006892; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/ofkhvb/~3/pdkg0ueqfsk/list.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006893; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/ophzixzmcz/~3/iubimuykuio/watercourse.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006894; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/osvgbdsknr/~3/_xvw_bvwt5i/qualmish.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006895; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/oxbuutdu/~3/mdlxgqlxr-0/missionary.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006896; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/pajbv/~3/xixtjec6ho8/fitful.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006897; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/pcnhnmta/~3/_jqoltgfzxu/simplify.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006898; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/pfnghgnzixb/~3/usinugvvhhm/uninhabitable.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006899; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/phfee/~3/_lss0tuoyre/sputum.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006900; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/pierx/~3/jotb1gzyk8g/project.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006901; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/piupyixlp/~3/f6bzuug_4ly/peeking.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006902; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/pkpmcl/~3/qymvizy0alg/tassel.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006903; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/pmrejsys/~3/_hyvhxdw1ha/theorem.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006904; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/pmwithmoz/~3/-mg3zruzocc/nonsensical.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006905; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/pmyfpah/~3/0cbtfkxmqeo/math.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006906; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/pohyt/~3/u-evjve5igi/encampment.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006907; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/ppnlzrzm/~3/nwm_lfbxeqc/quadrangle.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006908; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/ppvwcfpnex/~3/4p7ye5qxdus/monoboard.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006909; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/prekuvbeeo/~3/2qvzftqigca/allayer.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006910; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/prslzag/~3/qrkhkr8vyhi/sewers.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006911; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/psoizymw/~3/eikcoy61up8/squeezed.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006912; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/qatpa/~3/jkxzov2v9za/bacteriologist.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006913; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/qclijoxofz/~3/195taszfscc/penalty.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006914; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/qdtdvhvojx/~3/n6zhx-wtina/inane.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006915; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/qfgtfma/~3/xfngp6mn-oc/uncultural.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006916; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/qfpopystj/~3/-x-srsezl5i/hick.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006917; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/qglivnncijs/~3/ifemth7g-r0/electroluminescent.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006918; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/qooauocapc/~3/n6iajpo2ujg/truancy.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006919; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/qpizvtzgf/~3/ux32nr4lwti/pelve.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006920; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/qqzgnezdjff/~3/vdtmzgbsjp4/selectron.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006921; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/qsuwlm/~3/q4xmpifhkio/lop.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006922; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/qtbgofbjx/~3/zltxowgkxsm/sojourner.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006923; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/quljrhya/~3/bindwn1ha9a/inconsequence.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006924; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/qxgzpi/~3/pnifklxurso/trinket.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006925; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/qyehdhnr/~3/-tzenidatjg/antechamber.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006926; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/rcjnalnhjvn/~3/nzs-d9g-gjq/tapioca.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006927; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/rdrjoh/~3/7yt_wwtil6s/psi.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006928; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/revpytf/~3/nycw8xuwfmk/thirsty.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006929; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/rfimyvkpe/~3/uqpgxvcinje/archetypical.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006930; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/rhkiwbxc/~3/evboolommmq/pursuer.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006931; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/rjego/~3/cvj-vb5d3x4/betwix.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006932; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/rjsel/~3/2iqc4jgq0ps/supercritical.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006933; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/rmnme/~3/gfonzak4qfy/reproach.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006934; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/rqevjogl/~3/jjhao9lh1cg/donkey.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006935; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/rqppjbeeu/~3/f5n7sqtfg3u/lampoonist.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006936; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/rszjs/~3/vzgnc5ubmpo/volkswagen.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006937; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/rtkrrocevmi/~3/qtverlnk2oi/contrivance.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006938; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/ryujhmz/~3/hxpp5hlzid8/worksite.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006939; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/rzdhb/~3/y76mxsgxypa/unenlightened.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006940; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/rzulolpxvqc/~3/g_cbdklwgxs/disadjustment.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006941; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/safchshqcyg/~3/kg8jmtfld4s/destine.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006942; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/scaxi/~3/qjcpsupbtcm/shirley.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006943; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/sfafznuh/~3/zraibg8fpvi/agriculture.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006944; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/sgecjuab/~3/xtmn2_vea9q/chaperon.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006945; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/sjbphqz/~3/mw4amyreowy/afternoons.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006946; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/smbjdyqwjh/~3/nrzvvvjihoy/abrasive.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006947; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/snrojvncz/~3/xo_-2ukbv8g/endorse.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006948; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/sodgb/~3/hkewrygojvg/peso.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006949; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/srfcidtlmu/~3/ejjvidgsbsk/semiofficial.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006950; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/sroagh/~3/qk_d281j3ki/handball.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006951; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/stbdd/~3/ksbma3_fn-w/revile.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006952; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/swturxuej/~3/pafjavp-lxs/waive.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006953; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/swwcbsnshxp/~3/hn6772vqi6c/proof.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006954; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/sxrbkxthc/~3/ondtkjgbb04/ransom.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006955; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/tcjvzjpqt/~3/_0kztsamhi0/scabbarding.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006956; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/tfuajft/~3/zcgr-npjkpg/unremarkable.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006957; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/tgggntwfde/~3/2avsblrp0n4/offend.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006958; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/tgwzdfcqye/~3/tfshu9cmpic/descent.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006959; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/tgxyttyzul/~3/yx7-arvbkzg/odds.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006960; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/tjmzxkqmlth/~3/s1iczjoxyww/unworried.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006961; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/tjzwubua/~3/svioz7u8y-w/squatness.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006962; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/tnpqgnxoi/~3/k_hyk9nxbty/asphyxiating.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006963; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/toqewe/~3/mqhgrrem9yu/equatorial.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006964; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/tsedyikqky/~3/wl19tx_nvoq/spherulite.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006965; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/ttrwicwsl/~3/irfqnalwwcm/inwardness.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006966; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/tuyzvcqblxp/~3/yzxhapplknw/disconnect.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006967; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/twfxii/~3/gauq9gwmyxw/perversity.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006968; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/txqhsxdd/~3/anymxgo8vpw/adulterous.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006969; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/uaxvqne/~3/knog03oq9bk/truckler.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006970; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/uckzqqvzgp/~3/6o4yykgba4a/nervously.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006971; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/udbpuk/~3/zz6ny4vw6dy/scaling.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006972; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/uiianrcl/~3/aj3q3wphh6s/lug.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006973; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/ujtgkzyegaw/~3/_m-8apj6sto/pancreas.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006974; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/usspzvz/~3/aoiw82rzr1k/timpani.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006975; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/utbfwdzrux/~3/2maihlywesk/underdone.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006976; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/utynfqjt/~3/qgzb2yc-yqm/discolored.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006977; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/uuhzrh/~3/uqalxftogwk/carouse.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006978; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/uuobkojdvi/~3/7ydub8usavk/purse.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006979; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/uxfjlhu/~3/bp6qa73ifa8/trestle.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006980; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/uxjbrzjo/~3/gq4phehmxcg/soapy.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006981; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/uxzyftsj/~3/urqsbsezrsu/palatability.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006982; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/uztvkvimwuy/~3/bsajek0u2vq/minion.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006983; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/vbvznmp/~3/w9ikzpetn5e/bleak.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006984; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/vcgouamcbp/~3/8vzpljvxzoy/jinn.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006985; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/vdvxmyfmtnx/~3/vtxr34nmtww/denizen.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006986; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/vfmsjw/~3/hswjbjpakk8/centring.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006987; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/vhccrf/~3/uoz_hv3fdbe/sultrily.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006988; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/vhqhzkrwcl/~3/qll97bmq_5e/lobby.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006989; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/vjotkcyrbrq/~3/evxnjqinrda/walking.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006990; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/vmnveq/~3/-1o8vjmtork/salivate.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006991; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/vnaqvfapenp/~3/optzpq-jjc4/firearm.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006992; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/vnxtbujhmvi/~3/-1o8vjmtork/salivate.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006993; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/vrdkmebsp/~3/2qvzftqigca/allayer.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006994; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/vvtrir/~3/y2sj2mhonf0/collegian.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006995; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/vwznlhojj/~3/ex-mkrrek3a/peseta.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006996; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/vyciozcbcyl/~3/mdxyij3_zte/satin.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006997; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/vzpkttwq/~3/mdzn3mt8yuu/pour.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006998; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/wcumr/~3/cvoqbe5r0ue/tenterhook.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006999; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/wfmgyvyhay/~3/orfsgfuvlz0/polycarbonate.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007000; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/wiyulwyvlig/~3/fm0uuexl4qe/turkic.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007001; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/wjgrvzhcmdk/~3/mftgycumomw/pelter.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007002; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/wkhddon/~3/e_m0wgutiv4/relabeling.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007003; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/wkpbndzuw/~3/kzyp0pfixda/solve.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007004; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/wrsepbhth/~3/esnvw3t04us/megacell.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007005; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/wsahakgrs/~3/vxczjni-pgy/outsider.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007006; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/wtedzbvuy/~3/xrat5rhat2c/negatived.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007007; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/wtgvb/~3/2iqc4jgq0ps/supercritical.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007008; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/wueembtjqrg/~3/osrmh7wd-ti/gourmand.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007009; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/wvhlgdsiy/~3/kb69tjrmbzc/receivership.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007010; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/wwxbcjfsfis/~3/l-7xloruwb4/ratables.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007011; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/wyuhlcyqe/~3/xe90cbokfay/buttocks.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007012; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/xghgbwq/~3/lxq0j7pbskg/gripe.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007013; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/xnbffsvly/~3/tfshu9cmpic/descent.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007014; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/xowisf/~3/eebnlmf13_m/woodcutting.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007015; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/xsaptz/~3/qkyynjft46i/belvedere.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007016; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/xvmhcb/~3/fo8dpcpzbme/solemnly.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007017; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/xvwciwgpm/~3/yyjfilth8rq/preschool.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007018; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/xxihtp/~3/r_7-q62x03c/grinding.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007019; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/xzbuulf/~3/ouyzszxfigq/drolly.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007020; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/yavbdbfblq/~3/jn6wy3cci8k/censer.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007021; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/yawhyyurz/~3/ugbnuhi-y-o/psychrophyl.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007022; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/ybeus/~3/oreszs5yuta/agitated.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007023; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/yeljx/~3/mm4zg6tzoow/decomposable.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007024; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/yivxg/~3/0uyo3v5jyvq/climes.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007025; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/yjvsbkwjxk/~3/jjviiqlcrvy/dweller.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007026; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/ykcwrgn/~3/xixtjec6ho8/fitful.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007027; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/ykyrjxheac/~3/0g0enqspo-o/scantly.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007028; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/yljgwrge/~3/hkluszlo3a8/expedited.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007029; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/ymubry/~3/tzj2vazfm5k/triadic.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007030; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/ymwhlllr/~3/np-6uoudjre/adverbial.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007031; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/ynsttg/~3/r_7-q62x03c/grinding.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007032; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/ypoieletgp/~3/asdmoduuyjk/anemone.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007033; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/yrcuvqp/~3/b65ouvrrdww/businesses.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007034; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/yrgmjtdukk/~3/ltxmj5fsueo/ferryboat.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007035; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/ysagcsv/~3/qjcpsupbtcm/shirley.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007036; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/yvmjdkz/~3/t6whgtd11nu/quickmarch.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007037; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/yvryv/~3/edno-0hmq6k/catapult.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007038; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/ywcod/~3/aaw9-qwnigk/prank.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007039; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/ywgicfllxl/~3/q9wi8srmk0w/tendentiously.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007040; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/yxgzkz/~3/mqhgrrem9yu/equatorial.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007041; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/yxmolkyr/~3/tpib69qo4ey/chronology.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007042; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/yzbakgcpe/~3/cjlo74uy_rc/forenoon.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007043; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/yznchfem/~3/g2d3tmanw-a/rob.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007044; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/zazmltnekw/~3/4na6kz9kkhy/ferrari.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007045; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/zcvcporwbh/~3/mfddi4m0x7e/presbyterian.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007046; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/zedxjrd/~3/j3kz7empfwc/comedian.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007047; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/zehvs/~3/_lss0tuoyre/sputum.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007048; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/zjaqjk/~3/lsrkvsn7q6w/essayist.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007049; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/zkezs/~3/mnso1ait9cg/studiously.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007050; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/zkgvguhbw/~3/hbdiojegbdo/anarchist.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007051; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/zkzrh/~3/t6rfqo23us0/chimney.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007052; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/zldmnepas/~3/boxhopo_yhm/verdigris.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007053; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/znvovkve/~3/o1k0gtodp_i/alleviate.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007054; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/zqjly/~3/8biiyiupkd0/boutonniere.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007055; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/zwugpwuxow/~3/xrat5rhat2c/negatived.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007056; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/zyvsd/~3/s3nlt6mhenw/cough.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007057; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/zzqirxt/~3/6oqhdyrteqe/protactinium.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007058; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/cdm/latest/flashplayer_install_cn_fc.exe"; http_uri; nocase; content:"flash.cn"; content:"Host"; http_header; classtype:trojan-activity; sid:100007059; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/4/items/image_20211023_0112/image.mp3"; http_uri; nocase; content:"ia601507.us.archive.org"; content:"Host"; http_header; classtype:trojan-activity; sid:100007060; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/eng/wp-content/plugins/featurific-for-wordpress/1"; http_uri; nocase; content:"jointings.org"; content:"Host"; http_header; classtype:trojan-activity; sid:100007061; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/eng/wp-content/plugins/featurific-for-wordpress/2"; http_uri; nocase; content:"jointings.org"; content:"Host"; http_header; classtype:trojan-activity; sid:100007062; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/eng/wp-content/plugins/featurific-for-wordpress/3"; http_uri; nocase; content:"jointings.org"; content:"Host"; http_header; classtype:trojan-activity; sid:100007063; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/down/affiliate/kuaizip_setup_10029.exe"; http_uri; nocase; content:"kuaizip.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007064; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/file/cmiglhey16jyhmb/inquiry.tgz/="; http_uri; nocase; content:"mediafire.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007065; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/k/big5/1giof6/"; http_uri; nocase; content:"minpic.de"; content:"Host"; http_header; classtype:trojan-activity; sid:100007066; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/yws/api/personal/file/web3a243b322cf83ca7cae587a92916bac7?method=download&inline=true&sharekey=649ac0bb5d5b13d15cbf50b2609e193a"; http_uri; nocase; content:"note.youdao.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007067; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=1aa11f5185a41ebe&resid=1aa11f5185a41ebe!106&authkey=adhb04tf9q3jw7e"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007068; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=1aa11f5185a41ebe&resid=1aa11f5185a41ebe%21106&authkey=adhb04tf9q3jw7e"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007069; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=267a066c079ebfb1&resid=267a066c079ebfb1!113&authkey=angcwhwzmrt9eco"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007070; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=267a066c079ebfb1&resid=267a066c079ebfb1%21113&authkey=angcwhwzmrt9eco"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007071; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=4266fcac716657a2&resid=4266fcac716657a2!121&authkey=aa0u2pbptgbfp6m"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007072; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=4266fcac716657a2&resid=4266fcac716657a2%21121&authkey=aa0u2pbptgbfp6m"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007073; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=89e276ac7d7c2431&resid=89e276ac7d7c2431!111&authkey=aijobk5mlcgyuri"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007074; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=8eb1c64e3399c1e6&resid=8eb1c64e3399c1e6!185&authkey=agko94snubh8f1u"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007075; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=8eb1c64e3399c1e6&resid=8eb1c64e3399c1e6!186&authkey=abfzd6psrogb7zq"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007076; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=8eb1c64e3399c1e6&resid=8eb1c64e3399c1e6%21185&authkey=agko94snubh8f1u"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007077; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=8eb1c64e3399c1e6&resid=8eb1c64e3399c1e6%21186&authkey=abfzd6psrogb7zq"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007078; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=a8280f36f7978c02&resid=a8280f36f7978c02!106&authkey=ahnpu53bxa1xnpo"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007079; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=a8280f36f7978c02&resid=a8280f36f7978c02!107&authkey=ahvlylhcdjiltho"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007080; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=a8280f36f7978c02&resid=a8280f36f7978c02!108&authkey=ajvanyarewm-qq4"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007081; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=a8280f36f7978c02&resid=a8280f36f7978c02!109&authkey=anky_yd8jytkpam"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007082; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=a8280f36f7978c02&resid=a8280f36f7978c02!110&authkey=aierdnce-lngc-y"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007083; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=a8280f36f7978c02&resid=a8280f36f7978c02!111&authkey=alvhncukd8-d7ly"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007084; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=a8280f36f7978c02&resid=a8280f36f7978c02!114&authkey=adnt-t1sjxkugpg"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007085; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=a8280f36f7978c02&resid=a8280f36f7978c02!115&authkey=agatzntq4kqt1pa"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007086; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=a8280f36f7978c02&resid=a8280f36f7978c02%21106&authkey=ahnpu53bxa1xnpo"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007087; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=a8280f36f7978c02&resid=a8280f36f7978c02%21107&authkey=ahvlylhcdjiltho"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007088; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=a8280f36f7978c02&resid=a8280f36f7978c02%21109&authkey=anky_yd8jytkpam"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007089; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=a8280f36f7978c02&resid=a8280f36f7978c02%21110&authkey=aierdnce-lngc-y"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007090; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=a8280f36f7978c02&resid=a8280f36f7978c02%21111&authkey=alvhncukd8-d7ly"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007091; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=a8280f36f7978c02&resid=a8280f36f7978c02%21112&authkey=ak53voastofdfbe"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007092; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=a8280f36f7978c02&resid=a8280f36f7978c02%21114&authkey=adnt-t1sjxkugpg"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007093; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=a8280f36f7978c02&resid=a8280f36f7978c02%21115&authkey=agatzntq4kqt1pa"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007094; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=b50578bd839f98bd&resid=b50578bd839f98bd!232&authkey=ajlimb92kfpjdyo"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007095; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=b50578bd839f98bd&resid=b50578bd839f98bd!234&authkey=abcuhcezlnwwkas"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007096; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=b50578bd839f98bd&resid=b50578bd839f98bd%21232&authkey=ajlimb92kfpjdyo"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007097; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=b50578bd839f98bd&resid=b50578bd839f98bd%21234&authkey=abcuhcezlnwwkas"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007098; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=b9d9f0ed5ceb60fd&resid=b9d9f0ed5ceb60fd!129&authkey=ajzy1kgsps71ss0"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007099; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=b9d9f0ed5ceb60fd&resid=b9d9f0ed5ceb60fd%21129&authkey=ajzy1kgsps71ss0"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007100; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/500279229/c4d1ce167d49df4f2206a5fe210b189f/winlocker.exe"; http_uri; nocase; content:"padlet-uploads.storage.googleapis.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007101; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/500279229/dfd16dbfc5b6c3ac5e3468e0929d1973/karlocker_exe.exe"; http_uri; nocase; content:"padlet-uploads.storage.googleapis.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007102; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/500279229/ebc8ef7d87c522e51b4dc3429f48d2db/systemcrasher_bydaniel.exe"; http_uri; nocase; content:"padlet-uploads.storage.googleapis.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007103; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/raw/1yn1bvqb"; http_uri; nocase; content:"pastebin.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007104; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/raw/4fvypptf"; http_uri; nocase; content:"pastebin.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007105; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/raw/4fwgxkzb"; http_uri; nocase; content:"pastebin.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007106; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/raw/77jhk0iw"; http_uri; nocase; content:"pastebin.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007107; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/raw/7yrtvh0j"; http_uri; nocase; content:"pastebin.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007108; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/raw/89hkc7wb"; http_uri; nocase; content:"pastebin.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007109; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/raw/bqhbezhr"; http_uri; nocase; content:"pastebin.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007110; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/raw/ct99tglf"; http_uri; nocase; content:"pastebin.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007111; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/raw/ctrqt3vp"; http_uri; nocase; content:"pastebin.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007112; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/raw/emy1xgpz"; http_uri; nocase; content:"pastebin.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007113; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/raw/gkj9jeek"; http_uri; nocase; content:"pastebin.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007114; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/raw/gs3l8dwc"; http_uri; nocase; content:"pastebin.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007115; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/raw/gudcxzqi"; http_uri; nocase; content:"pastebin.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007116; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/raw/j829zaxe"; http_uri; nocase; content:"pastebin.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007117; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/raw/myefegtf"; http_uri; nocase; content:"pastebin.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007118; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/raw/pxuj2cr6"; http_uri; nocase; content:"pastebin.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007119; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/raw/qcu4ppva"; http_uri; nocase; content:"pastebin.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007120; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/raw/qjigyejs"; http_uri; nocase; content:"pastebin.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007121; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/raw/tzetmw43"; http_uri; nocase; content:"pastebin.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007122; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/raw/u59eearf"; http_uri; nocase; content:"pastebin.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007123; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/raw/udqsatcz"; http_uri; nocase; content:"pastebin.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007124; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/raw/ue0cfwm7"; http_uri; nocase; content:"pastebin.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007125; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/raw/ukdkvfd8"; http_uri; nocase; content:"pastebin.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007126; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/raw/vg7m1ser"; http_uri; nocase; content:"pastebin.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007127; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/raw/vz0sldw3"; http_uri; nocase; content:"pastebin.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007128; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/raw/w97es7cw"; http_uri; nocase; content:"pastebin.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007129; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/raw/ws7ggjlt"; http_uri; nocase; content:"pastebin.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007130; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/raw/wyb5ldcp"; http_uri; nocase; content:"pastebin.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007131; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/raw/xxjcr1f2"; http_uri; nocase; content:"pastebin.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007132; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/raw/ypjfshky"; http_uri; nocase; content:"pastebin.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007133; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/raw/yqvsvlvq"; http_uri; nocase; content:"pastebin.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007134; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/raw/zxsp2w7h"; http_uri; nocase; content:"pastebin.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007135; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/wp-admin/llc/mwcacs65xienqdp/"; http_uri; nocase; content:"pierreconsulting.info"; content:"Host"; http_header; classtype:trojan-activity; sid:100007136; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/arntsonl/calc_security_poc/master/dll/calc.dll"; http_uri; nocase; content:"raw.githubusercontent.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007137; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/bero1985/berotinypascal/e34bd4164f4b7c27e7cf667dffd9274d33d6dfbe/bin/btpc.exe"; http_uri; nocase; content:"raw.githubusercontent.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007138; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/evil-coder66/defendercontrol/main/defendercontrol.exe"; http_uri; nocase; content:"raw.githubusercontent.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007139; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/fuzzbunch/fuzzbunch/master/payloads/doublepulsar-1.3.1.exe"; http_uri; nocase; content:"raw.githubusercontent.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007140; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/realtek25556/rhti2/gh-pages/90hfnvo69vk2ot.bmp"; http_uri; nocase; content:"raw.githubusercontent.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007141; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/pt/jp/topics/pronounce/assets/hjpro50.exe"; http_uri; nocase; content:"res.hjfile.cn"; content:"Host"; http_header; classtype:trojan-activity; sid:100007142; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/site/stormqk/dn/stormagent.apk?attredirects=0"; http_uri; nocase; content:"sites.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007143; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/inst77player/inst77player_1.0.0.1.exe"; http_uri; nocase; content:"softdl.360tpcdn.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007144; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/includes/66/asynccrypted.exe"; http_uri; nocase; content:"suyashcollegeofnursing.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007145; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/language/don109/cryptedfile109.exe"; http_uri; nocase; content:"suyashcollegeofnursing.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007146; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/language/don109/ltd5jpcpqvoh3te.exe"; http_uri; nocase; content:"suyashcollegeofnursing.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007147; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/language/don163/cryptedfile163.exe"; http_uri; nocase; content:"suyashcollegeofnursing.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007148; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/comedian.php"; http_uri; nocase; content:"takeout-app.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100007149; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/lfi9iu.rar"; http_uri; nocase; content:"tobecoaching.co.uk"; content:"Host"; http_header; classtype:trojan-activity; sid:100007150; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/get/utb10h/remittance_order%20_093.zip"; http_uri; nocase; content:"transfer.sh"; content:"Host"; http_header; classtype:trojan-activity; sid:100007151; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/img/image/10/b4f750f880a0c089f7ea7989a38e3dee/dll.jpg"; http_uri; nocase; content:"uplooder.net"; content:"Host"; http_header; classtype:trojan-activity; sid:100007152; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/issues/136_140/flt_shovemydiscoupyourarse.exe"; http_uri; nocase; content:"websound.ru"; content:"Host"; http_header; classtype:trojan-activity; sid:100007153; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/issues/136_140/kb%5efr_ouverture.exe"; http_uri; nocase; content:"websound.ru"; content:"Host"; http_header; classtype:trojan-activity; sid:100007154; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/issues/136_140/kb^fr_ouverture.exe"; http_uri; nocase; content:"websound.ru"; content:"Host"; http_header; classtype:trojan-activity; sid:100007155; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/issues/146_150/bc_memories_from_the_mcp.exe"; http_uri; nocase; content:"websound.ru"; content:"Host"; http_header; classtype:trojan-activity; sid:100007156; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/issues/151_155/tidex_-_short_stuff.exe"; http_uri; nocase; content:"websound.ru"; content:"Host"; http_header; classtype:trojan-activity; sid:100007157; rev:1;)
|