2021-03-18 10:18:59 +00:00
|
|
|
# Title: Online Malicious URL Snort2 Ruleset
|
2021-07-30 12:11:07 +00:00
|
|
|
# Updated: Fri, 30 Jul 2021 12:10:42 +0000
|
2021-03-18 10:18:59 +00:00
|
|
|
# Expires: 1 day (update frequency)
|
|
|
|
# Homepage: https://gitlab.com/curben/urlhaus-filter
|
2021-03-19 00:12:51 +00:00
|
|
|
# License: https://gitlab.com/curben/urlhaus-filter#license
|
2021-03-18 10:18:59 +00:00
|
|
|
# Source: https://urlhaus.abuse.ch/api/
|
2021-05-08 12:13:10 +00:00
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"0-24bpautomentes.hu"; content:"Host"; http_header; classtype:trojan-activity; sid:100000001; rev:1;)
|
2021-07-24 12:11:00 +00:00
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.0.218.230"; content:"Host"; http_header; classtype:trojan-activity; sid:100000002; rev:1;)
|
2021-07-29 00:10:56 +00:00
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.10.146.148"; content:"Host"; http_header; classtype:trojan-activity; sid:100000003; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.10.146.175"; content:"Host"; http_header; classtype:trojan-activity; sid:100000004; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.10.146.29"; content:"Host"; http_header; classtype:trojan-activity; sid:100000005; rev:1;)
|
2021-07-30 00:11:06 +00:00
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.10.146.31"; content:"Host"; http_header; classtype:trojan-activity; sid:100000006; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.10.147.148"; content:"Host"; http_header; classtype:trojan-activity; sid:100000007; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.10.147.48"; content:"Host"; http_header; classtype:trojan-activity; sid:100000008; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.10.147.64"; content:"Host"; http_header; classtype:trojan-activity; sid:100000009; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.10.150.40"; content:"Host"; http_header; classtype:trojan-activity; sid:100000010; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.117.32.216"; content:"Host"; http_header; classtype:trojan-activity; sid:100000011; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.117.4.172"; content:"Host"; http_header; classtype:trojan-activity; sid:100000012; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.14.61.188"; content:"Host"; http_header; classtype:trojan-activity; sid:100000013; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.189.79.208"; content:"Host"; http_header; classtype:trojan-activity; sid:100000014; rev:1;)
|
2021-07-30 12:11:07 +00:00
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.197.79.26"; content:"Host"; http_header; classtype:trojan-activity; sid:100000015; rev:1;)
|
2021-07-30 00:11:06 +00:00
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.224.3.229"; content:"Host"; http_header; classtype:trojan-activity; sid:100000016; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.224.3.230"; content:"Host"; http_header; classtype:trojan-activity; sid:100000017; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.224.3.238"; content:"Host"; http_header; classtype:trojan-activity; sid:100000018; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.224.3.243"; content:"Host"; http_header; classtype:trojan-activity; sid:100000019; rev:1;)
|
2021-07-30 12:11:07 +00:00
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.224.3.250"; content:"Host"; http_header; classtype:trojan-activity; sid:100000020; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.224.3.253"; content:"Host"; http_header; classtype:trojan-activity; sid:100000021; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.224.3.254"; content:"Host"; http_header; classtype:trojan-activity; sid:100000022; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.246.222.107"; content:"Host"; http_header; classtype:trojan-activity; sid:100000023; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.246.222.109"; content:"Host"; http_header; classtype:trojan-activity; sid:100000024; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.246.222.113"; content:"Host"; http_header; classtype:trojan-activity; sid:100000025; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.246.222.127"; content:"Host"; http_header; classtype:trojan-activity; sid:100000026; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.246.222.13"; content:"Host"; http_header; classtype:trojan-activity; sid:100000027; rev:1;)
|
2021-07-30 00:11:06 +00:00
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.246.222.16"; content:"Host"; http_header; classtype:trojan-activity; sid:100000028; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.246.222.2"; content:"Host"; http_header; classtype:trojan-activity; sid:100000029; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.246.222.20"; content:"Host"; http_header; classtype:trojan-activity; sid:100000030; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.246.222.201"; content:"Host"; http_header; classtype:trojan-activity; sid:100000031; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.246.222.213"; content:"Host"; http_header; classtype:trojan-activity; sid:100000032; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.246.222.22"; content:"Host"; http_header; classtype:trojan-activity; sid:100000033; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.246.222.232"; content:"Host"; http_header; classtype:trojan-activity; sid:100000034; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.246.222.234"; content:"Host"; http_header; classtype:trojan-activity; sid:100000035; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.246.222.237"; content:"Host"; http_header; classtype:trojan-activity; sid:100000036; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.246.222.245"; content:"Host"; http_header; classtype:trojan-activity; sid:100000037; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.246.222.249"; content:"Host"; http_header; classtype:trojan-activity; sid:100000038; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.246.222.38"; content:"Host"; http_header; classtype:trojan-activity; sid:100000039; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.246.222.40"; content:"Host"; http_header; classtype:trojan-activity; sid:100000040; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.246.222.41"; content:"Host"; http_header; classtype:trojan-activity; sid:100000041; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.246.222.43"; content:"Host"; http_header; classtype:trojan-activity; sid:100000042; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.246.222.45"; content:"Host"; http_header; classtype:trojan-activity; sid:100000043; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.246.222.49"; content:"Host"; http_header; classtype:trojan-activity; sid:100000044; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.246.222.56"; content:"Host"; http_header; classtype:trojan-activity; sid:100000045; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.246.222.6"; content:"Host"; http_header; classtype:trojan-activity; sid:100000046; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.246.222.63"; content:"Host"; http_header; classtype:trojan-activity; sid:100000047; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.246.222.69"; content:"Host"; http_header; classtype:trojan-activity; sid:100000048; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.246.222.80"; content:"Host"; http_header; classtype:trojan-activity; sid:100000049; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.246.222.94"; content:"Host"; http_header; classtype:trojan-activity; sid:100000050; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.246.223.10"; content:"Host"; http_header; classtype:trojan-activity; sid:100000051; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.246.223.103"; content:"Host"; http_header; classtype:trojan-activity; sid:100000052; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.246.223.109"; content:"Host"; http_header; classtype:trojan-activity; sid:100000053; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.246.223.130"; content:"Host"; http_header; classtype:trojan-activity; sid:100000054; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.246.223.146"; content:"Host"; http_header; classtype:trojan-activity; sid:100000055; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.246.223.148"; content:"Host"; http_header; classtype:trojan-activity; sid:100000056; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.246.223.15"; content:"Host"; http_header; classtype:trojan-activity; sid:100000057; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.246.223.151"; content:"Host"; http_header; classtype:trojan-activity; sid:100000058; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.246.223.18"; content:"Host"; http_header; classtype:trojan-activity; sid:100000059; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.246.223.22"; content:"Host"; http_header; classtype:trojan-activity; sid:100000060; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.246.223.223"; content:"Host"; http_header; classtype:trojan-activity; sid:100000061; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.246.223.32"; content:"Host"; http_header; classtype:trojan-activity; sid:100000062; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.246.223.48"; content:"Host"; http_header; classtype:trojan-activity; sid:100000063; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.246.223.49"; content:"Host"; http_header; classtype:trojan-activity; sid:100000064; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.246.223.54"; content:"Host"; http_header; classtype:trojan-activity; sid:100000065; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.246.223.58"; content:"Host"; http_header; classtype:trojan-activity; sid:100000066; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.246.223.59"; content:"Host"; http_header; classtype:trojan-activity; sid:100000067; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.246.223.6"; content:"Host"; http_header; classtype:trojan-activity; sid:100000068; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.246.223.71"; content:"Host"; http_header; classtype:trojan-activity; sid:100000069; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.246.223.83"; content:"Host"; http_header; classtype:trojan-activity; sid:100000070; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.246.223.94"; content:"Host"; http_header; classtype:trojan-activity; sid:100000071; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.247.221.142"; content:"Host"; http_header; classtype:trojan-activity; sid:100000072; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.250.159.41"; content:"Host"; http_header; classtype:trojan-activity; sid:100000073; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.49.155.197"; content:"Host"; http_header; classtype:trojan-activity; sid:100000074; rev:1;)
|
2021-07-30 12:11:07 +00:00
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.52.218.0"; content:"Host"; http_header; classtype:trojan-activity; sid:100000075; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.59.249.121"; content:"Host"; http_header; classtype:trojan-activity; sid:100000076; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1.69.253.90"; content:"Host"; http_header; classtype:trojan-activity; sid:100000077; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"100.12.184.63"; content:"Host"; http_header; classtype:trojan-activity; sid:100000078; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"100.12.51.122"; content:"Host"; http_header; classtype:trojan-activity; sid:100000079; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"100.33.107.62"; content:"Host"; http_header; classtype:trojan-activity; sid:100000080; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"100.35.47.56"; content:"Host"; http_header; classtype:trojan-activity; sid:100000081; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1008691.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100000082; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"101.108.100.24"; content:"Host"; http_header; classtype:trojan-activity; sid:100000083; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"101.108.129.220"; content:"Host"; http_header; classtype:trojan-activity; sid:100000084; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"101.108.130.218"; content:"Host"; http_header; classtype:trojan-activity; sid:100000085; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"101.108.132.107"; content:"Host"; http_header; classtype:trojan-activity; sid:100000086; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"101.108.132.12"; content:"Host"; http_header; classtype:trojan-activity; sid:100000087; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"101.109.168.157"; content:"Host"; http_header; classtype:trojan-activity; sid:100000088; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"101.16.163.79"; content:"Host"; http_header; classtype:trojan-activity; sid:100000089; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"101.20.221.96"; content:"Host"; http_header; classtype:trojan-activity; sid:100000090; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"101.20.46.209"; content:"Host"; http_header; classtype:trojan-activity; sid:100000091; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"101.20.5.202"; content:"Host"; http_header; classtype:trojan-activity; sid:100000092; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"101.25.112.75"; content:"Host"; http_header; classtype:trojan-activity; sid:100000093; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"101.25.71.98"; content:"Host"; http_header; classtype:trojan-activity; sid:100000094; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"101.25.83.27"; content:"Host"; http_header; classtype:trojan-activity; sid:100000095; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"101.25.83.65"; content:"Host"; http_header; classtype:trojan-activity; sid:100000096; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"101.255.36.154"; content:"Host"; http_header; classtype:trojan-activity; sid:100000097; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"101.28.101.110"; content:"Host"; http_header; classtype:trojan-activity; sid:100000098; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"101.28.105.107"; content:"Host"; http_header; classtype:trojan-activity; sid:100000099; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"101.28.214.93"; content:"Host"; http_header; classtype:trojan-activity; sid:100000100; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"101.28.217.228"; content:"Host"; http_header; classtype:trojan-activity; sid:100000101; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"101.30.108.140"; content:"Host"; http_header; classtype:trojan-activity; sid:100000102; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"101.51.138.55"; content:"Host"; http_header; classtype:trojan-activity; sid:100000103; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"101.64.153.2"; content:"Host"; http_header; classtype:trojan-activity; sid:100000104; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"101.65.130.159"; content:"Host"; http_header; classtype:trojan-activity; sid:100000105; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"101.67.214.63"; content:"Host"; http_header; classtype:trojan-activity; sid:100000106; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"101.73.25.101"; content:"Host"; http_header; classtype:trojan-activity; sid:100000107; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"101.75.163.186"; content:"Host"; http_header; classtype:trojan-activity; sid:100000108; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"101.75.223.34"; content:"Host"; http_header; classtype:trojan-activity; sid:100000109; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"101.78.22.102"; content:"Host"; http_header; classtype:trojan-activity; sid:100000110; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"102.141.240.139"; content:"Host"; http_header; classtype:trojan-activity; sid:100000111; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"102.39.242.53"; content:"Host"; http_header; classtype:trojan-activity; sid:100000112; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"103.101.59.5"; content:"Host"; http_header; classtype:trojan-activity; sid:100000113; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"103.109.82.23"; content:"Host"; http_header; classtype:trojan-activity; sid:100000114; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"103.117.152.210"; content:"Host"; http_header; classtype:trojan-activity; sid:100000115; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"103.117.153.197"; content:"Host"; http_header; classtype:trojan-activity; sid:100000116; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"103.117.203.245"; content:"Host"; http_header; classtype:trojan-activity; sid:100000117; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"103.120.135.232"; content:"Host"; http_header; classtype:trojan-activity; sid:100000118; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"103.125.163.10"; content:"Host"; http_header; classtype:trojan-activity; sid:100000119; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"103.130.88.51"; content:"Host"; http_header; classtype:trojan-activity; sid:100000120; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"103.134.135.245"; content:"Host"; http_header; classtype:trojan-activity; sid:100000121; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"103.140.250.43"; content:"Host"; http_header; classtype:trojan-activity; sid:100000122; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"103.155.80.130"; content:"Host"; http_header; classtype:trojan-activity; sid:100000123; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"103.155.80.201"; content:"Host"; http_header; classtype:trojan-activity; sid:100000124; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"103.155.80.77"; content:"Host"; http_header; classtype:trojan-activity; sid:100000125; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"103.155.82.200"; content:"Host"; http_header; classtype:trojan-activity; sid:100000126; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"103.156.91.50"; content:"Host"; http_header; classtype:trojan-activity; sid:100000127; rev:1;)
|
2021-07-30 00:11:06 +00:00
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"103.16.145.25"; content:"Host"; http_header; classtype:trojan-activity; sid:100000128; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"103.194.235.193"; content:"Host"; http_header; classtype:trojan-activity; sid:100000129; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"103.201.134.34"; content:"Host"; http_header; classtype:trojan-activity; sid:100000130; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"103.204.168.34"; content:"Host"; http_header; classtype:trojan-activity; sid:100000131; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"103.216.200.34"; content:"Host"; http_header; classtype:trojan-activity; sid:100000132; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"103.217.150.117"; content:"Host"; http_header; classtype:trojan-activity; sid:100000133; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"103.217.215.21"; content:"Host"; http_header; classtype:trojan-activity; sid:100000134; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"103.224.200.146"; content:"Host"; http_header; classtype:trojan-activity; sid:100000135; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"103.224.200.40"; content:"Host"; http_header; classtype:trojan-activity; sid:100000136; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"103.230.153.181"; content:"Host"; http_header; classtype:trojan-activity; sid:100000137; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"103.238.228.3"; content:"Host"; http_header; classtype:trojan-activity; sid:100000138; rev:1;)
|
2021-07-30 12:11:07 +00:00
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"103.238.228.4"; content:"Host"; http_header; classtype:trojan-activity; sid:100000139; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"103.240.249.121"; content:"Host"; http_header; classtype:trojan-activity; sid:100000140; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"103.251.57.23"; content:"Host"; http_header; classtype:trojan-activity; sid:100000141; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"103.252.128.166"; content:"Host"; http_header; classtype:trojan-activity; sid:100000142; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"103.252.168.211"; content:"Host"; http_header; classtype:trojan-activity; sid:100000143; rev:1;)
|
2021-07-30 00:11:06 +00:00
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"103.38.89.194"; content:"Host"; http_header; classtype:trojan-activity; sid:100000144; rev:1;)
|
2021-07-30 12:11:07 +00:00
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"103.4.116.82"; content:"Host"; http_header; classtype:trojan-activity; sid:100000145; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"103.4.117.26"; content:"Host"; http_header; classtype:trojan-activity; sid:100000146; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"103.48.80.15"; content:"Host"; http_header; classtype:trojan-activity; sid:100000147; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"103.50.4.235"; content:"Host"; http_header; classtype:trojan-activity; sid:100000148; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"103.50.7.126"; content:"Host"; http_header; classtype:trojan-activity; sid:100000149; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"103.60.215.56"; content:"Host"; http_header; classtype:trojan-activity; sid:100000150; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"103.66.78.171"; content:"Host"; http_header; classtype:trojan-activity; sid:100000151; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"103.70.5.247"; content:"Host"; http_header; classtype:trojan-activity; sid:100000152; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"103.72.216.38"; content:"Host"; http_header; classtype:trojan-activity; sid:100000153; rev:1;)
|
2021-07-30 00:11:06 +00:00
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"103.82.145.136"; content:"Host"; http_header; classtype:trojan-activity; sid:100000154; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"103.82.98.170"; content:"Host"; http_header; classtype:trojan-activity; sid:100000155; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"103.83.167.163"; content:"Host"; http_header; classtype:trojan-activity; sid:100000156; rev:1;)
|
2021-07-30 12:11:07 +00:00
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"103.85.125.145"; content:"Host"; http_header; classtype:trojan-activity; sid:100000157; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"103.90.205.87"; content:"Host"; http_header; classtype:trojan-activity; sid:100000158; rev:1;)
|
2021-07-30 00:11:06 +00:00
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"103.91.245.3"; content:"Host"; http_header; classtype:trojan-activity; sid:100000159; rev:1;)
|
2021-07-30 12:11:07 +00:00
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"103.91.245.36"; content:"Host"; http_header; classtype:trojan-activity; sid:100000160; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"103.91.245.40"; content:"Host"; http_header; classtype:trojan-activity; sid:100000161; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"103.91.245.47"; content:"Host"; http_header; classtype:trojan-activity; sid:100000162; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"103.91.245.48"; content:"Host"; http_header; classtype:trojan-activity; sid:100000163; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"103.91.245.54"; content:"Host"; http_header; classtype:trojan-activity; sid:100000164; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"103.92.25.90"; content:"Host"; http_header; classtype:trojan-activity; sid:100000165; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"103.92.25.95"; content:"Host"; http_header; classtype:trojan-activity; sid:100000166; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"103.99.207.155"; content:"Host"; http_header; classtype:trojan-activity; sid:100000167; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"104.144.69.50"; content:"Host"; http_header; classtype:trojan-activity; sid:100000168; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"104.184.75.123"; content:"Host"; http_header; classtype:trojan-activity; sid:100000169; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"104.189.92.253"; content:"Host"; http_header; classtype:trojan-activity; sid:100000170; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"105.96.3.110"; content:"Host"; http_header; classtype:trojan-activity; sid:100000171; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"106.104.193.155"; content:"Host"; http_header; classtype:trojan-activity; sid:100000172; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"106.110.213.245"; content:"Host"; http_header; classtype:trojan-activity; sid:100000173; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"106.110.215.171"; content:"Host"; http_header; classtype:trojan-activity; sid:100000174; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"106.113.156.228"; content:"Host"; http_header; classtype:trojan-activity; sid:100000175; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"106.247.101.230"; content:"Host"; http_header; classtype:trojan-activity; sid:100000176; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"106.5.171.90"; content:"Host"; http_header; classtype:trojan-activity; sid:100000177; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"106.6.152.234"; content:"Host"; http_header; classtype:trojan-activity; sid:100000178; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"107.13.39.147"; content:"Host"; http_header; classtype:trojan-activity; sid:100000179; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"107.134.68.249"; content:"Host"; http_header; classtype:trojan-activity; sid:100000180; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"107.172.196.205"; content:"Host"; http_header; classtype:trojan-activity; sid:100000181; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"107.172.197.100"; content:"Host"; http_header; classtype:trojan-activity; sid:100000182; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"107.172.214.23"; content:"Host"; http_header; classtype:trojan-activity; sid:100000183; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"107.172.249.3"; content:"Host"; http_header; classtype:trojan-activity; sid:100000184; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"107.173.176.101"; content:"Host"; http_header; classtype:trojan-activity; sid:100000185; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"107.173.176.102"; content:"Host"; http_header; classtype:trojan-activity; sid:100000186; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"107.174.24.161"; content:"Host"; http_header; classtype:trojan-activity; sid:100000187; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"107.175.64.117"; content:"Host"; http_header; classtype:trojan-activity; sid:100000188; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"107.175.94.101"; content:"Host"; http_header; classtype:trojan-activity; sid:100000189; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"107.175.94.7"; content:"Host"; http_header; classtype:trojan-activity; sid:100000190; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"107.194.242.170"; content:"Host"; http_header; classtype:trojan-activity; sid:100000191; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"107.220.119.25"; content:"Host"; http_header; classtype:trojan-activity; sid:100000192; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"108.178.184.220"; content:"Host"; http_header; classtype:trojan-activity; sid:100000193; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"108.190.201.37"; content:"Host"; http_header; classtype:trojan-activity; sid:100000194; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"108.190.250.48"; content:"Host"; http_header; classtype:trojan-activity; sid:100000195; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"108.20.203.32"; content:"Host"; http_header; classtype:trojan-activity; sid:100000196; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"108.214.49.232"; content:"Host"; http_header; classtype:trojan-activity; sid:100000197; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"108.239.155.26"; content:"Host"; http_header; classtype:trojan-activity; sid:100000198; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"108.249.194.121"; content:"Host"; http_header; classtype:trojan-activity; sid:100000199; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"108.27.217.242"; content:"Host"; http_header; classtype:trojan-activity; sid:100000200; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"109.124.90.229"; content:"Host"; http_header; classtype:trojan-activity; sid:100000201; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"109.168.31.162"; content:"Host"; http_header; classtype:trojan-activity; sid:100000202; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"109.235.26.11"; content:"Host"; http_header; classtype:trojan-activity; sid:100000203; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"109.235.7.228"; content:"Host"; http_header; classtype:trojan-activity; sid:100000204; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"109.86.85.253"; content:"Host"; http_header; classtype:trojan-activity; sid:100000205; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"109.92.26.48"; content:"Host"; http_header; classtype:trojan-activity; sid:100000206; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"109.95.200.230"; content:"Host"; http_header; classtype:trojan-activity; sid:100000207; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"109.96.127.90"; content:"Host"; http_header; classtype:trojan-activity; sid:100000208; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"109.99.37.97"; content:"Host"; http_header; classtype:trojan-activity; sid:100000209; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"110.14.58.190"; content:"Host"; http_header; classtype:trojan-activity; sid:100000210; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"110.15.70.15"; content:"Host"; http_header; classtype:trojan-activity; sid:100000211; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"110.172.144.113"; content:"Host"; http_header; classtype:trojan-activity; sid:100000212; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"110.172.144.114"; content:"Host"; http_header; classtype:trojan-activity; sid:100000213; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"110.18.194.228"; content:"Host"; http_header; classtype:trojan-activity; sid:100000214; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"110.180.171.124"; content:"Host"; http_header; classtype:trojan-activity; sid:100000215; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"110.187.228.228"; content:"Host"; http_header; classtype:trojan-activity; sid:100000216; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"110.228.40.31"; content:"Host"; http_header; classtype:trojan-activity; sid:100000217; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"110.240.227.130"; content:"Host"; http_header; classtype:trojan-activity; sid:100000218; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"110.240.24.100"; content:"Host"; http_header; classtype:trojan-activity; sid:100000219; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"110.240.45.12"; content:"Host"; http_header; classtype:trojan-activity; sid:100000220; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"110.241.119.25"; content:"Host"; http_header; classtype:trojan-activity; sid:100000221; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"110.243.0.230"; content:"Host"; http_header; classtype:trojan-activity; sid:100000222; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"110.243.12.4"; content:"Host"; http_header; classtype:trojan-activity; sid:100000223; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"110.243.16.89"; content:"Host"; http_header; classtype:trojan-activity; sid:100000224; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"110.246.239.238"; content:"Host"; http_header; classtype:trojan-activity; sid:100000225; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"110.247.36.184"; content:"Host"; http_header; classtype:trojan-activity; sid:100000226; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"110.25.95.28"; content:"Host"; http_header; classtype:trojan-activity; sid:100000227; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"110.251.106.180"; content:"Host"; http_header; classtype:trojan-activity; sid:100000228; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"110.251.194.99"; content:"Host"; http_header; classtype:trojan-activity; sid:100000229; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"110.253.222.200"; content:"Host"; http_header; classtype:trojan-activity; sid:100000230; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"110.253.242.157"; content:"Host"; http_header; classtype:trojan-activity; sid:100000231; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"110.253.30.89"; content:"Host"; http_header; classtype:trojan-activity; sid:100000232; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"110.253.36.79"; content:"Host"; http_header; classtype:trojan-activity; sid:100000233; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"110.255.108.33"; content:"Host"; http_header; classtype:trojan-activity; sid:100000234; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"110.255.113.179"; content:"Host"; http_header; classtype:trojan-activity; sid:100000235; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"110.255.141.97"; content:"Host"; http_header; classtype:trojan-activity; sid:100000236; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"110.255.152.88"; content:"Host"; http_header; classtype:trojan-activity; sid:100000237; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"110.35.145.127"; content:"Host"; http_header; classtype:trojan-activity; sid:100000238; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"110.35.227.222"; content:"Host"; http_header; classtype:trojan-activity; sid:100000239; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"110.35.234.28"; content:"Host"; http_header; classtype:trojan-activity; sid:100000240; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"110.35.249.21"; content:"Host"; http_header; classtype:trojan-activity; sid:100000241; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"110.49.167.189"; content:"Host"; http_header; classtype:trojan-activity; sid:100000242; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"110.86.176.136"; content:"Host"; http_header; classtype:trojan-activity; sid:100000243; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"110.86.179.49"; content:"Host"; http_header; classtype:trojan-activity; sid:100000244; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"110.86.183.105"; content:"Host"; http_header; classtype:trojan-activity; sid:100000245; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"111.118.102.71"; content:"Host"; http_header; classtype:trojan-activity; sid:100000246; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"111.118.45.193"; content:"Host"; http_header; classtype:trojan-activity; sid:100000247; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"111.118.88.61"; content:"Host"; http_header; classtype:trojan-activity; sid:100000248; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"111.125.67.125"; content:"Host"; http_header; classtype:trojan-activity; sid:100000249; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"111.165.132.240"; content:"Host"; http_header; classtype:trojan-activity; sid:100000250; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"111.165.79.171"; content:"Host"; http_header; classtype:trojan-activity; sid:100000251; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"111.166.203.51"; content:"Host"; http_header; classtype:trojan-activity; sid:100000252; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"111.167.161.87"; content:"Host"; http_header; classtype:trojan-activity; sid:100000253; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"111.170.84.99"; content:"Host"; http_header; classtype:trojan-activity; sid:100000254; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"111.170.85.130"; content:"Host"; http_header; classtype:trojan-activity; sid:100000255; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"111.170.85.30"; content:"Host"; http_header; classtype:trojan-activity; sid:100000256; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"111.170.89.55"; content:"Host"; http_header; classtype:trojan-activity; sid:100000257; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"111.172.39.184"; content:"Host"; http_header; classtype:trojan-activity; sid:100000258; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"111.174.255.115"; content:"Host"; http_header; classtype:trojan-activity; sid:100000259; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"111.178.97.192"; content:"Host"; http_header; classtype:trojan-activity; sid:100000260; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"111.179.198.83"; content:"Host"; http_header; classtype:trojan-activity; sid:100000261; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"111.179.63.131"; content:"Host"; http_header; classtype:trojan-activity; sid:100000262; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"111.182.232.188"; content:"Host"; http_header; classtype:trojan-activity; sid:100000263; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"111.185.226.13"; content:"Host"; http_header; classtype:trojan-activity; sid:100000264; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"111.185.23.84"; content:"Host"; http_header; classtype:trojan-activity; sid:100000265; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"111.185.230.136"; content:"Host"; http_header; classtype:trojan-activity; sid:100000266; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"111.185.27.9"; content:"Host"; http_header; classtype:trojan-activity; sid:100000267; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"111.222.15.142"; content:"Host"; http_header; classtype:trojan-activity; sid:100000268; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"111.225.121.71"; content:"Host"; http_header; classtype:trojan-activity; sid:100000269; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"111.225.8.68"; content:"Host"; http_header; classtype:trojan-activity; sid:100000270; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"111.225.90.200"; content:"Host"; http_header; classtype:trojan-activity; sid:100000271; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"111.38.104.15"; content:"Host"; http_header; classtype:trojan-activity; sid:100000272; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"111.38.106.48"; content:"Host"; http_header; classtype:trojan-activity; sid:100000273; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"111.38.123.184"; content:"Host"; http_header; classtype:trojan-activity; sid:100000274; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"111.38.9.114"; content:"Host"; http_header; classtype:trojan-activity; sid:100000275; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"111.73.98.55"; content:"Host"; http_header; classtype:trojan-activity; sid:100000276; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"111.76.122.92"; content:"Host"; http_header; classtype:trojan-activity; sid:100000277; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"111.90.191.25"; content:"Host"; http_header; classtype:trojan-activity; sid:100000278; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"111.90.191.7"; content:"Host"; http_header; classtype:trojan-activity; sid:100000279; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"111.92.107.14"; content:"Host"; http_header; classtype:trojan-activity; sid:100000280; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.123.156.5"; content:"Host"; http_header; classtype:trojan-activity; sid:100000281; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.123.169.153"; content:"Host"; http_header; classtype:trojan-activity; sid:100000282; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.132.56.26"; content:"Host"; http_header; classtype:trojan-activity; sid:100000283; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.147.92.51"; content:"Host"; http_header; classtype:trojan-activity; sid:100000284; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.16.177.67"; content:"Host"; http_header; classtype:trojan-activity; sid:100000285; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.167.165.139"; content:"Host"; http_header; classtype:trojan-activity; sid:100000286; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.170.219.168"; content:"Host"; http_header; classtype:trojan-activity; sid:100000287; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.170.233.9"; content:"Host"; http_header; classtype:trojan-activity; sid:100000288; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.173.133.67"; content:"Host"; http_header; classtype:trojan-activity; sid:100000289; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.185.189.30"; content:"Host"; http_header; classtype:trojan-activity; sid:100000290; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.186.210.211"; content:"Host"; http_header; classtype:trojan-activity; sid:100000291; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.186.96.252"; content:"Host"; http_header; classtype:trojan-activity; sid:100000292; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.187.91.117"; content:"Host"; http_header; classtype:trojan-activity; sid:100000293; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.192.154.224"; content:"Host"; http_header; classtype:trojan-activity; sid:100000294; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.192.154.242"; content:"Host"; http_header; classtype:trojan-activity; sid:100000295; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.225.157.233"; content:"Host"; http_header; classtype:trojan-activity; sid:100000296; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.225.188.248"; content:"Host"; http_header; classtype:trojan-activity; sid:100000297; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.225.80.114"; content:"Host"; http_header; classtype:trojan-activity; sid:100000298; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.226.139.130"; content:"Host"; http_header; classtype:trojan-activity; sid:100000299; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.226.141.80"; content:"Host"; http_header; classtype:trojan-activity; sid:100000300; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.226.187.64"; content:"Host"; http_header; classtype:trojan-activity; sid:100000301; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.226.191.121"; content:"Host"; http_header; classtype:trojan-activity; sid:100000302; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.226.3.188"; content:"Host"; http_header; classtype:trojan-activity; sid:100000303; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.228.188.43"; content:"Host"; http_header; classtype:trojan-activity; sid:100000304; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.228.230.246"; content:"Host"; http_header; classtype:trojan-activity; sid:100000305; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.228.74.103"; content:"Host"; http_header; classtype:trojan-activity; sid:100000306; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.228.76.227"; content:"Host"; http_header; classtype:trojan-activity; sid:100000307; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.229.184.27"; content:"Host"; http_header; classtype:trojan-activity; sid:100000308; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.229.196.200"; content:"Host"; http_header; classtype:trojan-activity; sid:100000309; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.230.144.129"; content:"Host"; http_header; classtype:trojan-activity; sid:100000310; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.230.148.162"; content:"Host"; http_header; classtype:trojan-activity; sid:100000311; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.230.251.85"; content:"Host"; http_header; classtype:trojan-activity; sid:100000312; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.232.20.196"; content:"Host"; http_header; classtype:trojan-activity; sid:100000313; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.233.101.157"; content:"Host"; http_header; classtype:trojan-activity; sid:100000314; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.233.102.200"; content:"Host"; http_header; classtype:trojan-activity; sid:100000315; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.233.183.246"; content:"Host"; http_header; classtype:trojan-activity; sid:100000316; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.234.133.196"; content:"Host"; http_header; classtype:trojan-activity; sid:100000317; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.234.169.93"; content:"Host"; http_header; classtype:trojan-activity; sid:100000318; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.234.30.140"; content:"Host"; http_header; classtype:trojan-activity; sid:100000319; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.235.148.130"; content:"Host"; http_header; classtype:trojan-activity; sid:100000320; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.235.5.49"; content:"Host"; http_header; classtype:trojan-activity; sid:100000321; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.236.142.115"; content:"Host"; http_header; classtype:trojan-activity; sid:100000322; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.236.222.236"; content:"Host"; http_header; classtype:trojan-activity; sid:100000323; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.236.59.16"; content:"Host"; http_header; classtype:trojan-activity; sid:100000324; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.236.68.119"; content:"Host"; http_header; classtype:trojan-activity; sid:100000325; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.237.103.168"; content:"Host"; http_header; classtype:trojan-activity; sid:100000326; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.237.119.207"; content:"Host"; http_header; classtype:trojan-activity; sid:100000327; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.237.125.222"; content:"Host"; http_header; classtype:trojan-activity; sid:100000328; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.237.19.169"; content:"Host"; http_header; classtype:trojan-activity; sid:100000329; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.237.211.96"; content:"Host"; http_header; classtype:trojan-activity; sid:100000330; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.237.233.123"; content:"Host"; http_header; classtype:trojan-activity; sid:100000331; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.237.66.14"; content:"Host"; http_header; classtype:trojan-activity; sid:100000332; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.237.98.102"; content:"Host"; http_header; classtype:trojan-activity; sid:100000333; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.238.116.184"; content:"Host"; http_header; classtype:trojan-activity; sid:100000334; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.238.124.156"; content:"Host"; http_header; classtype:trojan-activity; sid:100000335; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.238.125.202"; content:"Host"; http_header; classtype:trojan-activity; sid:100000336; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.238.155.26"; content:"Host"; http_header; classtype:trojan-activity; sid:100000337; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.238.159.11"; content:"Host"; http_header; classtype:trojan-activity; sid:100000338; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.238.195.247"; content:"Host"; http_header; classtype:trojan-activity; sid:100000339; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.238.80.64"; content:"Host"; http_header; classtype:trojan-activity; sid:100000340; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.239.101.17"; content:"Host"; http_header; classtype:trojan-activity; sid:100000341; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.239.101.59"; content:"Host"; http_header; classtype:trojan-activity; sid:100000342; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.239.102.177"; content:"Host"; http_header; classtype:trojan-activity; sid:100000343; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.239.103.85"; content:"Host"; http_header; classtype:trojan-activity; sid:100000344; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.239.123.145"; content:"Host"; http_header; classtype:trojan-activity; sid:100000345; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.239.123.156"; content:"Host"; http_header; classtype:trojan-activity; sid:100000346; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.239.123.31"; content:"Host"; http_header; classtype:trojan-activity; sid:100000347; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.239.127.182"; content:"Host"; http_header; classtype:trojan-activity; sid:100000348; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.239.127.28"; content:"Host"; http_header; classtype:trojan-activity; sid:100000349; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.239.224.187"; content:"Host"; http_header; classtype:trojan-activity; sid:100000350; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.239.96.6"; content:"Host"; http_header; classtype:trojan-activity; sid:100000351; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.239.97.209"; content:"Host"; http_header; classtype:trojan-activity; sid:100000352; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.239.97.78"; content:"Host"; http_header; classtype:trojan-activity; sid:100000353; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.239.98.37"; content:"Host"; http_header; classtype:trojan-activity; sid:100000354; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.239.98.92"; content:"Host"; http_header; classtype:trojan-activity; sid:100000355; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.240.149.11"; content:"Host"; http_header; classtype:trojan-activity; sid:100000356; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.240.222.131"; content:"Host"; http_header; classtype:trojan-activity; sid:100000357; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.240.254.9"; content:"Host"; http_header; classtype:trojan-activity; sid:100000358; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.241.131.45"; content:"Host"; http_header; classtype:trojan-activity; sid:100000359; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.242.13.83"; content:"Host"; http_header; classtype:trojan-activity; sid:100000360; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.242.149.119"; content:"Host"; http_header; classtype:trojan-activity; sid:100000361; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.242.159.232"; content:"Host"; http_header; classtype:trojan-activity; sid:100000362; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.242.246.65"; content:"Host"; http_header; classtype:trojan-activity; sid:100000363; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.242.34.49"; content:"Host"; http_header; classtype:trojan-activity; sid:100000364; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.242.38.209"; content:"Host"; http_header; classtype:trojan-activity; sid:100000365; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.242.60.124"; content:"Host"; http_header; classtype:trojan-activity; sid:100000366; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.242.98.94"; content:"Host"; http_header; classtype:trojan-activity; sid:100000367; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.245.221.124"; content:"Host"; http_header; classtype:trojan-activity; sid:100000368; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.246.18.134"; content:"Host"; http_header; classtype:trojan-activity; sid:100000369; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.246.19.246"; content:"Host"; http_header; classtype:trojan-activity; sid:100000370; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.246.227.247"; content:"Host"; http_header; classtype:trojan-activity; sid:100000371; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.246.229.70"; content:"Host"; http_header; classtype:trojan-activity; sid:100000372; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.246.239.138"; content:"Host"; http_header; classtype:trojan-activity; sid:100000373; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.246.246.237"; content:"Host"; http_header; classtype:trojan-activity; sid:100000374; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.247.165.183"; content:"Host"; http_header; classtype:trojan-activity; sid:100000375; rev:1;)
|
2021-07-30 00:11:06 +00:00
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.247.69.121"; content:"Host"; http_header; classtype:trojan-activity; sid:100000376; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.247.83.88"; content:"Host"; http_header; classtype:trojan-activity; sid:100000377; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.247.87.253"; content:"Host"; http_header; classtype:trojan-activity; sid:100000378; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.248.1.124"; content:"Host"; http_header; classtype:trojan-activity; sid:100000379; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.248.100.192"; content:"Host"; http_header; classtype:trojan-activity; sid:100000380; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.248.101.105"; content:"Host"; http_header; classtype:trojan-activity; sid:100000381; rev:1;)
|
2021-07-30 12:11:07 +00:00
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.248.102.68"; content:"Host"; http_header; classtype:trojan-activity; sid:100000382; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.248.103.106"; content:"Host"; http_header; classtype:trojan-activity; sid:100000383; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.248.105.214"; content:"Host"; http_header; classtype:trojan-activity; sid:100000384; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.248.106.235"; content:"Host"; http_header; classtype:trojan-activity; sid:100000385; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.248.107.67"; content:"Host"; http_header; classtype:trojan-activity; sid:100000386; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.248.111.131"; content:"Host"; http_header; classtype:trojan-activity; sid:100000387; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.248.113.126"; content:"Host"; http_header; classtype:trojan-activity; sid:100000388; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.248.113.178"; content:"Host"; http_header; classtype:trojan-activity; sid:100000389; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.248.114.208"; content:"Host"; http_header; classtype:trojan-activity; sid:100000390; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.248.114.59"; content:"Host"; http_header; classtype:trojan-activity; sid:100000391; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.248.115.164"; content:"Host"; http_header; classtype:trojan-activity; sid:100000392; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.248.116.232"; content:"Host"; http_header; classtype:trojan-activity; sid:100000393; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.248.117.199"; content:"Host"; http_header; classtype:trojan-activity; sid:100000394; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.248.125.50"; content:"Host"; http_header; classtype:trojan-activity; sid:100000395; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.248.142.181"; content:"Host"; http_header; classtype:trojan-activity; sid:100000396; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.248.155.180"; content:"Host"; http_header; classtype:trojan-activity; sid:100000397; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.248.166.50"; content:"Host"; http_header; classtype:trojan-activity; sid:100000398; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.248.184.35"; content:"Host"; http_header; classtype:trojan-activity; sid:100000399; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.248.185.102"; content:"Host"; http_header; classtype:trojan-activity; sid:100000400; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.248.185.28"; content:"Host"; http_header; classtype:trojan-activity; sid:100000401; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.248.185.36"; content:"Host"; http_header; classtype:trojan-activity; sid:100000402; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.248.186.77"; content:"Host"; http_header; classtype:trojan-activity; sid:100000403; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.248.189.150"; content:"Host"; http_header; classtype:trojan-activity; sid:100000404; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.248.189.24"; content:"Host"; http_header; classtype:trojan-activity; sid:100000405; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.248.190.186"; content:"Host"; http_header; classtype:trojan-activity; sid:100000406; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.248.190.226"; content:"Host"; http_header; classtype:trojan-activity; sid:100000407; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.248.245.184"; content:"Host"; http_header; classtype:trojan-activity; sid:100000408; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.248.245.235"; content:"Host"; http_header; classtype:trojan-activity; sid:100000409; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.248.246.198"; content:"Host"; http_header; classtype:trojan-activity; sid:100000410; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.248.61.250"; content:"Host"; http_header; classtype:trojan-activity; sid:100000411; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.248.80.164"; content:"Host"; http_header; classtype:trojan-activity; sid:100000412; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.248.81.212"; content:"Host"; http_header; classtype:trojan-activity; sid:100000413; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.248.81.72"; content:"Host"; http_header; classtype:trojan-activity; sid:100000414; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.248.83.101"; content:"Host"; http_header; classtype:trojan-activity; sid:100000415; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.248.83.192"; content:"Host"; http_header; classtype:trojan-activity; sid:100000416; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.249.105.133"; content:"Host"; http_header; classtype:trojan-activity; sid:100000417; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.249.169.242"; content:"Host"; http_header; classtype:trojan-activity; sid:100000418; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.249.186.158"; content:"Host"; http_header; classtype:trojan-activity; sid:100000419; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.249.194.126"; content:"Host"; http_header; classtype:trojan-activity; sid:100000420; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.249.237.88"; content:"Host"; http_header; classtype:trojan-activity; sid:100000421; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.249.26.41"; content:"Host"; http_header; classtype:trojan-activity; sid:100000422; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.249.33.160"; content:"Host"; http_header; classtype:trojan-activity; sid:100000423; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.249.36.179"; content:"Host"; http_header; classtype:trojan-activity; sid:100000424; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.249.83.248"; content:"Host"; http_header; classtype:trojan-activity; sid:100000425; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.250.183.168"; content:"Host"; http_header; classtype:trojan-activity; sid:100000426; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.250.195.136"; content:"Host"; http_header; classtype:trojan-activity; sid:100000427; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.250.200.243"; content:"Host"; http_header; classtype:trojan-activity; sid:100000428; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.250.220.41"; content:"Host"; http_header; classtype:trojan-activity; sid:100000429; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.251.187.53"; content:"Host"; http_header; classtype:trojan-activity; sid:100000430; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.251.223.97"; content:"Host"; http_header; classtype:trojan-activity; sid:100000431; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.251.224.141"; content:"Host"; http_header; classtype:trojan-activity; sid:100000432; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.251.237.223"; content:"Host"; http_header; classtype:trojan-activity; sid:100000433; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.251.7.1"; content:"Host"; http_header; classtype:trojan-activity; sid:100000434; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.252.137.195"; content:"Host"; http_header; classtype:trojan-activity; sid:100000435; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.252.231.235"; content:"Host"; http_header; classtype:trojan-activity; sid:100000436; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.252.237.165"; content:"Host"; http_header; classtype:trojan-activity; sid:100000437; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.253.11.38"; content:"Host"; http_header; classtype:trojan-activity; sid:100000438; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.253.152.211"; content:"Host"; http_header; classtype:trojan-activity; sid:100000439; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.254.199.114"; content:"Host"; http_header; classtype:trojan-activity; sid:100000440; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.254.218.245"; content:"Host"; http_header; classtype:trojan-activity; sid:100000441; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.254.37.228"; content:"Host"; http_header; classtype:trojan-activity; sid:100000442; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.254.70.225"; content:"Host"; http_header; classtype:trojan-activity; sid:100000443; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.254.94.87"; content:"Host"; http_header; classtype:trojan-activity; sid:100000444; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.255.185.151"; content:"Host"; http_header; classtype:trojan-activity; sid:100000445; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.255.202.117"; content:"Host"; http_header; classtype:trojan-activity; sid:100000446; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.255.236.160"; content:"Host"; http_header; classtype:trojan-activity; sid:100000447; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.255.236.168"; content:"Host"; http_header; classtype:trojan-activity; sid:100000448; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.255.56.208"; content:"Host"; http_header; classtype:trojan-activity; sid:100000449; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.26.161.238"; content:"Host"; http_header; classtype:trojan-activity; sid:100000450; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.27.124.111"; content:"Host"; http_header; classtype:trojan-activity; sid:100000451; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.27.124.118"; content:"Host"; http_header; classtype:trojan-activity; sid:100000452; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.27.124.121"; content:"Host"; http_header; classtype:trojan-activity; sid:100000453; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.27.124.123"; content:"Host"; http_header; classtype:trojan-activity; sid:100000454; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.27.124.128"; content:"Host"; http_header; classtype:trojan-activity; sid:100000455; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.27.124.130"; content:"Host"; http_header; classtype:trojan-activity; sid:100000456; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.27.124.132"; content:"Host"; http_header; classtype:trojan-activity; sid:100000457; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.27.124.138"; content:"Host"; http_header; classtype:trojan-activity; sid:100000458; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.27.124.143"; content:"Host"; http_header; classtype:trojan-activity; sid:100000459; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.27.124.144"; content:"Host"; http_header; classtype:trojan-activity; sid:100000460; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.27.124.145"; content:"Host"; http_header; classtype:trojan-activity; sid:100000461; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.27.124.151"; content:"Host"; http_header; classtype:trojan-activity; sid:100000462; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.27.124.153"; content:"Host"; http_header; classtype:trojan-activity; sid:100000463; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.27.124.160"; content:"Host"; http_header; classtype:trojan-activity; sid:100000464; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.27.124.163"; content:"Host"; http_header; classtype:trojan-activity; sid:100000465; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.27.124.180"; content:"Host"; http_header; classtype:trojan-activity; sid:100000466; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.27.80.121"; content:"Host"; http_header; classtype:trojan-activity; sid:100000467; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.27.85.113"; content:"Host"; http_header; classtype:trojan-activity; sid:100000468; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.27.88.116"; content:"Host"; http_header; classtype:trojan-activity; sid:100000469; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.30.1.133"; content:"Host"; http_header; classtype:trojan-activity; sid:100000470; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.30.1.149"; content:"Host"; http_header; classtype:trojan-activity; sid:100000471; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.30.1.152"; content:"Host"; http_header; classtype:trojan-activity; sid:100000472; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.30.1.155"; content:"Host"; http_header; classtype:trojan-activity; sid:100000473; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.30.1.158"; content:"Host"; http_header; classtype:trojan-activity; sid:100000474; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.30.1.163"; content:"Host"; http_header; classtype:trojan-activity; sid:100000475; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.30.1.178"; content:"Host"; http_header; classtype:trojan-activity; sid:100000476; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.30.1.181"; content:"Host"; http_header; classtype:trojan-activity; sid:100000477; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.30.1.194"; content:"Host"; http_header; classtype:trojan-activity; sid:100000478; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.30.1.200"; content:"Host"; http_header; classtype:trojan-activity; sid:100000479; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.30.1.230"; content:"Host"; http_header; classtype:trojan-activity; sid:100000480; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.30.1.55"; content:"Host"; http_header; classtype:trojan-activity; sid:100000481; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.30.1.56"; content:"Host"; http_header; classtype:trojan-activity; sid:100000482; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.30.1.90"; content:"Host"; http_header; classtype:trojan-activity; sid:100000483; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.30.1.91"; content:"Host"; http_header; classtype:trojan-activity; sid:100000484; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.30.110.27"; content:"Host"; http_header; classtype:trojan-activity; sid:100000485; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.30.110.30"; content:"Host"; http_header; classtype:trojan-activity; sid:100000486; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.30.110.32"; content:"Host"; http_header; classtype:trojan-activity; sid:100000487; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.30.110.33"; content:"Host"; http_header; classtype:trojan-activity; sid:100000488; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.30.110.42"; content:"Host"; http_header; classtype:trojan-activity; sid:100000489; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.30.110.43"; content:"Host"; http_header; classtype:trojan-activity; sid:100000490; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.30.110.51"; content:"Host"; http_header; classtype:trojan-activity; sid:100000491; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.30.110.52"; content:"Host"; http_header; classtype:trojan-activity; sid:100000492; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.30.110.65"; content:"Host"; http_header; classtype:trojan-activity; sid:100000493; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.30.37.79"; content:"Host"; http_header; classtype:trojan-activity; sid:100000494; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.30.38.100"; content:"Host"; http_header; classtype:trojan-activity; sid:100000495; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.30.38.101"; content:"Host"; http_header; classtype:trojan-activity; sid:100000496; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.30.38.19"; content:"Host"; http_header; classtype:trojan-activity; sid:100000497; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.30.4.103"; content:"Host"; http_header; classtype:trojan-activity; sid:100000498; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.30.4.172"; content:"Host"; http_header; classtype:trojan-activity; sid:100000499; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.30.4.57"; content:"Host"; http_header; classtype:trojan-activity; sid:100000500; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.30.4.62"; content:"Host"; http_header; classtype:trojan-activity; sid:100000501; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.30.4.70"; content:"Host"; http_header; classtype:trojan-activity; sid:100000502; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.30.4.73"; content:"Host"; http_header; classtype:trojan-activity; sid:100000503; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.30.4.77"; content:"Host"; http_header; classtype:trojan-activity; sid:100000504; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.31.0.113"; content:"Host"; http_header; classtype:trojan-activity; sid:100000505; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.31.0.118"; content:"Host"; http_header; classtype:trojan-activity; sid:100000506; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.31.0.212"; content:"Host"; http_header; classtype:trojan-activity; sid:100000507; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.31.247.104"; content:"Host"; http_header; classtype:trojan-activity; sid:100000508; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.31.8.172"; content:"Host"; http_header; classtype:trojan-activity; sid:100000509; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.53.227.57"; content:"Host"; http_header; classtype:trojan-activity; sid:100000510; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.53.227.66"; content:"Host"; http_header; classtype:trojan-activity; sid:100000511; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.72.143.77"; content:"Host"; http_header; classtype:trojan-activity; sid:100000512; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.72.153.37"; content:"Host"; http_header; classtype:trojan-activity; sid:100000513; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.72.162.159"; content:"Host"; http_header; classtype:trojan-activity; sid:100000514; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.72.176.84"; content:"Host"; http_header; classtype:trojan-activity; sid:100000515; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.72.238.183"; content:"Host"; http_header; classtype:trojan-activity; sid:100000516; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.80.118.168"; content:"Host"; http_header; classtype:trojan-activity; sid:100000517; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.81.137.154"; content:"Host"; http_header; classtype:trojan-activity; sid:100000518; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.81.43.78"; content:"Host"; http_header; classtype:trojan-activity; sid:100000519; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.81.6.195"; content:"Host"; http_header; classtype:trojan-activity; sid:100000520; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.82.143.48"; content:"Host"; http_header; classtype:trojan-activity; sid:100000521; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.82.148.10"; content:"Host"; http_header; classtype:trojan-activity; sid:100000522; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.86.153.214"; content:"Host"; http_header; classtype:trojan-activity; sid:100000523; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.86.167.102"; content:"Host"; http_header; classtype:trojan-activity; sid:100000524; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.87.164.51"; content:"Host"; http_header; classtype:trojan-activity; sid:100000525; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.9.132.182"; content:"Host"; http_header; classtype:trojan-activity; sid:100000526; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.91.167.119"; content:"Host"; http_header; classtype:trojan-activity; sid:100000527; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.91.210.84"; content:"Host"; http_header; classtype:trojan-activity; sid:100000528; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.93.247.254"; content:"Host"; http_header; classtype:trojan-activity; sid:100000529; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.93.28.193"; content:"Host"; http_header; classtype:trojan-activity; sid:100000530; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.95.51.0"; content:"Host"; http_header; classtype:trojan-activity; sid:100000531; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.95.80.125"; content:"Host"; http_header; classtype:trojan-activity; sid:100000532; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.95.80.182"; content:"Host"; http_header; classtype:trojan-activity; sid:100000533; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.95.80.225"; content:"Host"; http_header; classtype:trojan-activity; sid:100000534; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.95.81.124"; content:"Host"; http_header; classtype:trojan-activity; sid:100000535; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.95.81.134"; content:"Host"; http_header; classtype:trojan-activity; sid:100000536; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.95.81.154"; content:"Host"; http_header; classtype:trojan-activity; sid:100000537; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.95.81.21"; content:"Host"; http_header; classtype:trojan-activity; sid:100000538; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.95.81.220"; content:"Host"; http_header; classtype:trojan-activity; sid:100000539; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.95.81.69"; content:"Host"; http_header; classtype:trojan-activity; sid:100000540; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.95.82.141"; content:"Host"; http_header; classtype:trojan-activity; sid:100000541; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.95.82.163"; content:"Host"; http_header; classtype:trojan-activity; sid:100000542; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.95.82.179"; content:"Host"; http_header; classtype:trojan-activity; sid:100000543; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.95.82.57"; content:"Host"; http_header; classtype:trojan-activity; sid:100000544; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.95.83.147"; content:"Host"; http_header; classtype:trojan-activity; sid:100000545; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.95.83.254"; content:"Host"; http_header; classtype:trojan-activity; sid:100000546; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.95.9.117"; content:"Host"; http_header; classtype:trojan-activity; sid:100000547; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.95.9.37"; content:"Host"; http_header; classtype:trojan-activity; sid:100000548; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"112.95.90.203"; content:"Host"; http_header; classtype:trojan-activity; sid:100000549; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.104.239.111"; content:"Host"; http_header; classtype:trojan-activity; sid:100000550; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.11.95.254"; content:"Host"; http_header; classtype:trojan-activity; sid:100000551; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.110.149.217"; content:"Host"; http_header; classtype:trojan-activity; sid:100000552; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.110.167.181"; content:"Host"; http_header; classtype:trojan-activity; sid:100000553; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.110.199.104"; content:"Host"; http_header; classtype:trojan-activity; sid:100000554; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.110.241.10"; content:"Host"; http_header; classtype:trojan-activity; sid:100000555; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.116.130.58"; content:"Host"; http_header; classtype:trojan-activity; sid:100000556; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.116.131.231"; content:"Host"; http_header; classtype:trojan-activity; sid:100000557; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.116.155.90"; content:"Host"; http_header; classtype:trojan-activity; sid:100000558; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.116.216.213"; content:"Host"; http_header; classtype:trojan-activity; sid:100000559; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.116.217.156"; content:"Host"; http_header; classtype:trojan-activity; sid:100000560; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.116.217.97"; content:"Host"; http_header; classtype:trojan-activity; sid:100000561; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.116.218.122"; content:"Host"; http_header; classtype:trojan-activity; sid:100000562; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.116.91.56"; content:"Host"; http_header; classtype:trojan-activity; sid:100000563; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.118.132.147"; content:"Host"; http_header; classtype:trojan-activity; sid:100000564; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.118.132.181"; content:"Host"; http_header; classtype:trojan-activity; sid:100000565; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.118.133.180"; content:"Host"; http_header; classtype:trojan-activity; sid:100000566; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.118.133.24"; content:"Host"; http_header; classtype:trojan-activity; sid:100000567; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.118.133.4"; content:"Host"; http_header; classtype:trojan-activity; sid:100000568; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.118.188.20"; content:"Host"; http_header; classtype:trojan-activity; sid:100000569; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.118.194.254"; content:"Host"; http_header; classtype:trojan-activity; sid:100000570; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.118.197.168"; content:"Host"; http_header; classtype:trojan-activity; sid:100000571; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.13.240.209"; content:"Host"; http_header; classtype:trojan-activity; sid:100000572; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.13.27.38"; content:"Host"; http_header; classtype:trojan-activity; sid:100000573; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.15.205.24"; content:"Host"; http_header; classtype:trojan-activity; sid:100000574; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.160.100.172"; content:"Host"; http_header; classtype:trojan-activity; sid:100000575; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.161.78.185"; content:"Host"; http_header; classtype:trojan-activity; sid:100000576; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.161.88.163"; content:"Host"; http_header; classtype:trojan-activity; sid:100000577; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.169.164.235"; content:"Host"; http_header; classtype:trojan-activity; sid:100000578; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.169.177.121"; content:"Host"; http_header; classtype:trojan-activity; sid:100000579; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.17.177.72"; content:"Host"; http_header; classtype:trojan-activity; sid:100000580; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.170.164.75"; content:"Host"; http_header; classtype:trojan-activity; sid:100000581; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.170.166.124"; content:"Host"; http_header; classtype:trojan-activity; sid:100000582; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.170.167.27"; content:"Host"; http_header; classtype:trojan-activity; sid:100000583; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.172.2.197"; content:"Host"; http_header; classtype:trojan-activity; sid:100000584; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.173.222.52"; content:"Host"; http_header; classtype:trojan-activity; sid:100000585; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.178.136.253"; content:"Host"; http_header; classtype:trojan-activity; sid:100000586; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.178.138.44"; content:"Host"; http_header; classtype:trojan-activity; sid:100000587; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.178.237.87"; content:"Host"; http_header; classtype:trojan-activity; sid:100000588; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.180.136.38"; content:"Host"; http_header; classtype:trojan-activity; sid:100000589; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.182.79.19"; content:"Host"; http_header; classtype:trojan-activity; sid:100000590; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.184.189.156"; content:"Host"; http_header; classtype:trojan-activity; sid:100000591; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.188.114.225"; content:"Host"; http_header; classtype:trojan-activity; sid:100000592; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.188.114.242"; content:"Host"; http_header; classtype:trojan-activity; sid:100000593; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.188.220.88"; content:"Host"; http_header; classtype:trojan-activity; sid:100000594; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.188.248.52"; content:"Host"; http_header; classtype:trojan-activity; sid:100000595; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.188.249.68"; content:"Host"; http_header; classtype:trojan-activity; sid:100000596; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.190.123.123"; content:"Host"; http_header; classtype:trojan-activity; sid:100000597; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.194.130.177"; content:"Host"; http_header; classtype:trojan-activity; sid:100000598; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.194.136.206"; content:"Host"; http_header; classtype:trojan-activity; sid:100000599; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.195.166.161"; content:"Host"; http_header; classtype:trojan-activity; sid:100000600; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.195.167.101"; content:"Host"; http_header; classtype:trojan-activity; sid:100000601; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.195.171.124"; content:"Host"; http_header; classtype:trojan-activity; sid:100000602; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.201.23.191"; content:"Host"; http_header; classtype:trojan-activity; sid:100000603; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.215.222.225"; content:"Host"; http_header; classtype:trojan-activity; sid:100000604; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.219.112.202"; content:"Host"; http_header; classtype:trojan-activity; sid:100000605; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.224.170.203"; content:"Host"; http_header; classtype:trojan-activity; sid:100000606; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.224.188.214"; content:"Host"; http_header; classtype:trojan-activity; sid:100000607; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.224.226.244"; content:"Host"; http_header; classtype:trojan-activity; sid:100000608; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.225.20.48"; content:"Host"; http_header; classtype:trojan-activity; sid:100000609; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.226.173.150"; content:"Host"; http_header; classtype:trojan-activity; sid:100000610; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.226.22.134"; content:"Host"; http_header; classtype:trojan-activity; sid:100000611; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.226.247.146"; content:"Host"; http_header; classtype:trojan-activity; sid:100000612; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.227.167.57"; content:"Host"; http_header; classtype:trojan-activity; sid:100000613; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.229.143.32"; content:"Host"; http_header; classtype:trojan-activity; sid:100000614; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.231.158.186"; content:"Host"; http_header; classtype:trojan-activity; sid:100000615; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.231.248.209"; content:"Host"; http_header; classtype:trojan-activity; sid:100000616; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.232.218.206"; content:"Host"; http_header; classtype:trojan-activity; sid:100000617; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.232.245.228"; content:"Host"; http_header; classtype:trojan-activity; sid:100000618; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.232.29.135"; content:"Host"; http_header; classtype:trojan-activity; sid:100000619; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.232.36.197"; content:"Host"; http_header; classtype:trojan-activity; sid:100000620; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.234.195.228"; content:"Host"; http_header; classtype:trojan-activity; sid:100000621; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.234.205.126"; content:"Host"; http_header; classtype:trojan-activity; sid:100000622; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.235.114.80"; content:"Host"; http_header; classtype:trojan-activity; sid:100000623; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.235.221.106"; content:"Host"; http_header; classtype:trojan-activity; sid:100000624; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.235.234.99"; content:"Host"; http_header; classtype:trojan-activity; sid:100000625; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.235.92.94"; content:"Host"; http_header; classtype:trojan-activity; sid:100000626; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.239.216.142"; content:"Host"; http_header; classtype:trojan-activity; sid:100000627; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.245.187.224"; content:"Host"; http_header; classtype:trojan-activity; sid:100000628; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.245.190.45"; content:"Host"; http_header; classtype:trojan-activity; sid:100000629; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.246.134.187"; content:"Host"; http_header; classtype:trojan-activity; sid:100000630; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.4.48.169"; content:"Host"; http_header; classtype:trojan-activity; sid:100000631; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.53.228.47"; content:"Host"; http_header; classtype:trojan-activity; sid:100000632; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.58.232.197"; content:"Host"; http_header; classtype:trojan-activity; sid:100000633; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.59.128.133"; content:"Host"; http_header; classtype:trojan-activity; sid:100000634; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.59.187.10"; content:"Host"; http_header; classtype:trojan-activity; sid:100000635; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.81.203.230"; content:"Host"; http_header; classtype:trojan-activity; sid:100000636; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.81.234.177"; content:"Host"; http_header; classtype:trojan-activity; sid:100000637; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.87.172.55"; content:"Host"; http_header; classtype:trojan-activity; sid:100000638; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.87.185.235"; content:"Host"; http_header; classtype:trojan-activity; sid:100000639; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.87.187.116"; content:"Host"; http_header; classtype:trojan-activity; sid:100000640; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.88.111.214"; content:"Host"; http_header; classtype:trojan-activity; sid:100000641; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.88.154.69"; content:"Host"; http_header; classtype:trojan-activity; sid:100000642; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.88.154.70"; content:"Host"; http_header; classtype:trojan-activity; sid:100000643; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.88.24.80"; content:"Host"; http_header; classtype:trojan-activity; sid:100000644; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.88.25.113"; content:"Host"; http_header; classtype:trojan-activity; sid:100000645; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.88.84.34"; content:"Host"; http_header; classtype:trojan-activity; sid:100000646; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.89.247.177"; content:"Host"; http_header; classtype:trojan-activity; sid:100000647; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.89.40.251"; content:"Host"; http_header; classtype:trojan-activity; sid:100000648; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.89.41.41"; content:"Host"; http_header; classtype:trojan-activity; sid:100000649; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.9.241.3"; content:"Host"; http_header; classtype:trojan-activity; sid:100000650; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.90.177.92"; content:"Host"; http_header; classtype:trojan-activity; sid:100000651; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.90.179.126"; content:"Host"; http_header; classtype:trojan-activity; sid:100000652; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.90.179.97"; content:"Host"; http_header; classtype:trojan-activity; sid:100000653; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.90.191.239"; content:"Host"; http_header; classtype:trojan-activity; sid:100000654; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.90.20.8"; content:"Host"; http_header; classtype:trojan-activity; sid:100000655; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.92.158.253"; content:"Host"; http_header; classtype:trojan-activity; sid:100000656; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.92.196.114"; content:"Host"; http_header; classtype:trojan-activity; sid:100000657; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"113.93.225.245"; content:"Host"; http_header; classtype:trojan-activity; sid:100000658; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.220.65.102"; content:"Host"; http_header; classtype:trojan-activity; sid:100000659; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.224.199.149"; content:"Host"; http_header; classtype:trojan-activity; sid:100000660; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.226.64.71"; content:"Host"; http_header; classtype:trojan-activity; sid:100000661; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.227.142.86"; content:"Host"; http_header; classtype:trojan-activity; sid:100000662; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.235.26.206"; content:"Host"; http_header; classtype:trojan-activity; sid:100000663; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.236.20.73"; content:"Host"; http_header; classtype:trojan-activity; sid:100000664; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.239.109.91"; content:"Host"; http_header; classtype:trojan-activity; sid:100000665; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.239.11.219"; content:"Host"; http_header; classtype:trojan-activity; sid:100000666; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.239.140.133"; content:"Host"; http_header; classtype:trojan-activity; sid:100000667; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.239.140.185"; content:"Host"; http_header; classtype:trojan-activity; sid:100000668; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.239.140.245"; content:"Host"; http_header; classtype:trojan-activity; sid:100000669; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.239.141.147"; content:"Host"; http_header; classtype:trojan-activity; sid:100000670; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.239.142.116"; content:"Host"; http_header; classtype:trojan-activity; sid:100000671; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.239.142.127"; content:"Host"; http_header; classtype:trojan-activity; sid:100000672; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.239.143.117"; content:"Host"; http_header; classtype:trojan-activity; sid:100000673; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.239.143.201"; content:"Host"; http_header; classtype:trojan-activity; sid:100000674; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.239.143.246"; content:"Host"; http_header; classtype:trojan-activity; sid:100000675; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.239.143.6"; content:"Host"; http_header; classtype:trojan-activity; sid:100000676; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.239.16.239"; content:"Host"; http_header; classtype:trojan-activity; sid:100000677; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.239.16.251"; content:"Host"; http_header; classtype:trojan-activity; sid:100000678; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.239.16.26"; content:"Host"; http_header; classtype:trojan-activity; sid:100000679; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.239.17.137"; content:"Host"; http_header; classtype:trojan-activity; sid:100000680; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.239.17.17"; content:"Host"; http_header; classtype:trojan-activity; sid:100000681; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.239.17.182"; content:"Host"; http_header; classtype:trojan-activity; sid:100000682; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.239.17.255"; content:"Host"; http_header; classtype:trojan-activity; sid:100000683; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.239.17.44"; content:"Host"; http_header; classtype:trojan-activity; sid:100000684; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.239.17.72"; content:"Host"; http_header; classtype:trojan-activity; sid:100000685; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.239.17.94"; content:"Host"; http_header; classtype:trojan-activity; sid:100000686; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.239.176.161"; content:"Host"; http_header; classtype:trojan-activity; sid:100000687; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.239.176.18"; content:"Host"; http_header; classtype:trojan-activity; sid:100000688; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.239.176.237"; content:"Host"; http_header; classtype:trojan-activity; sid:100000689; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.239.176.45"; content:"Host"; http_header; classtype:trojan-activity; sid:100000690; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.239.176.52"; content:"Host"; http_header; classtype:trojan-activity; sid:100000691; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.239.176.86"; content:"Host"; http_header; classtype:trojan-activity; sid:100000692; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.239.176.91"; content:"Host"; http_header; classtype:trojan-activity; sid:100000693; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.239.177.10"; content:"Host"; http_header; classtype:trojan-activity; sid:100000694; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.239.177.157"; content:"Host"; http_header; classtype:trojan-activity; sid:100000695; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.239.177.181"; content:"Host"; http_header; classtype:trojan-activity; sid:100000696; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.239.177.203"; content:"Host"; http_header; classtype:trojan-activity; sid:100000697; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.239.177.215"; content:"Host"; http_header; classtype:trojan-activity; sid:100000698; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.239.177.42"; content:"Host"; http_header; classtype:trojan-activity; sid:100000699; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.239.177.50"; content:"Host"; http_header; classtype:trojan-activity; sid:100000700; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.239.177.85"; content:"Host"; http_header; classtype:trojan-activity; sid:100000701; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.239.178.13"; content:"Host"; http_header; classtype:trojan-activity; sid:100000702; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.239.178.15"; content:"Host"; http_header; classtype:trojan-activity; sid:100000703; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.239.178.154"; content:"Host"; http_header; classtype:trojan-activity; sid:100000704; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.239.178.220"; content:"Host"; http_header; classtype:trojan-activity; sid:100000705; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.239.178.230"; content:"Host"; http_header; classtype:trojan-activity; sid:100000706; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.239.179.10"; content:"Host"; http_header; classtype:trojan-activity; sid:100000707; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.239.179.11"; content:"Host"; http_header; classtype:trojan-activity; sid:100000708; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.239.179.167"; content:"Host"; http_header; classtype:trojan-activity; sid:100000709; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.239.179.178"; content:"Host"; http_header; classtype:trojan-activity; sid:100000710; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.239.179.218"; content:"Host"; http_header; classtype:trojan-activity; sid:100000711; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.239.179.5"; content:"Host"; http_header; classtype:trojan-activity; sid:100000712; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.239.18.142"; content:"Host"; http_header; classtype:trojan-activity; sid:100000713; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.239.18.180"; content:"Host"; http_header; classtype:trojan-activity; sid:100000714; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.239.18.209"; content:"Host"; http_header; classtype:trojan-activity; sid:100000715; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.239.18.38"; content:"Host"; http_header; classtype:trojan-activity; sid:100000716; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.239.180.100"; content:"Host"; http_header; classtype:trojan-activity; sid:100000717; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.239.180.165"; content:"Host"; http_header; classtype:trojan-activity; sid:100000718; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.239.180.18"; content:"Host"; http_header; classtype:trojan-activity; sid:100000719; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.239.180.192"; content:"Host"; http_header; classtype:trojan-activity; sid:100000720; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.239.180.237"; content:"Host"; http_header; classtype:trojan-activity; sid:100000721; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.239.180.46"; content:"Host"; http_header; classtype:trojan-activity; sid:100000722; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.239.180.85"; content:"Host"; http_header; classtype:trojan-activity; sid:100000723; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.239.181.126"; content:"Host"; http_header; classtype:trojan-activity; sid:100000724; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.239.181.127"; content:"Host"; http_header; classtype:trojan-activity; sid:100000725; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.239.181.14"; content:"Host"; http_header; classtype:trojan-activity; sid:100000726; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.239.181.150"; content:"Host"; http_header; classtype:trojan-activity; sid:100000727; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.239.181.204"; content:"Host"; http_header; classtype:trojan-activity; sid:100000728; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.239.181.25"; content:"Host"; http_header; classtype:trojan-activity; sid:100000729; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.239.181.65"; content:"Host"; http_header; classtype:trojan-activity; sid:100000730; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.239.182.132"; content:"Host"; http_header; classtype:trojan-activity; sid:100000731; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.239.182.163"; content:"Host"; http_header; classtype:trojan-activity; sid:100000732; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.239.182.186"; content:"Host"; http_header; classtype:trojan-activity; sid:100000733; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.239.182.203"; content:"Host"; http_header; classtype:trojan-activity; sid:100000734; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.239.182.254"; content:"Host"; http_header; classtype:trojan-activity; sid:100000735; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.239.182.29"; content:"Host"; http_header; classtype:trojan-activity; sid:100000736; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.239.182.55"; content:"Host"; http_header; classtype:trojan-activity; sid:100000737; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.239.183.141"; content:"Host"; http_header; classtype:trojan-activity; sid:100000738; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.239.183.157"; content:"Host"; http_header; classtype:trojan-activity; sid:100000739; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.239.183.173"; content:"Host"; http_header; classtype:trojan-activity; sid:100000740; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.239.183.222"; content:"Host"; http_header; classtype:trojan-activity; sid:100000741; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.239.183.33"; content:"Host"; http_header; classtype:trojan-activity; sid:100000742; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.239.183.9"; content:"Host"; http_header; classtype:trojan-activity; sid:100000743; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.239.19.125"; content:"Host"; http_header; classtype:trojan-activity; sid:100000744; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.239.19.185"; content:"Host"; http_header; classtype:trojan-activity; sid:100000745; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.239.19.24"; content:"Host"; http_header; classtype:trojan-activity; sid:100000746; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.239.51.45"; content:"Host"; http_header; classtype:trojan-activity; sid:100000747; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.239.59.253"; content:"Host"; http_header; classtype:trojan-activity; sid:100000748; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.239.91.189"; content:"Host"; http_header; classtype:trojan-activity; sid:100000749; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.241.5.178"; content:"Host"; http_header; classtype:trojan-activity; sid:100000750; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.30.54.64"; content:"Host"; http_header; classtype:trojan-activity; sid:100000751; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.41.54.145"; content:"Host"; http_header; classtype:trojan-activity; sid:100000752; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"114.79.172.42"; content:"Host"; http_header; classtype:trojan-activity; sid:100000753; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.165.216.112"; content:"Host"; http_header; classtype:trojan-activity; sid:100000754; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.195.215.242"; content:"Host"; http_header; classtype:trojan-activity; sid:100000755; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.202.83.92"; content:"Host"; http_header; classtype:trojan-activity; sid:100000756; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.202.90.96"; content:"Host"; http_header; classtype:trojan-activity; sid:100000757; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.207.26.93"; content:"Host"; http_header; classtype:trojan-activity; sid:100000758; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.216.222.172"; content:"Host"; http_header; classtype:trojan-activity; sid:100000759; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.23.112.218"; content:"Host"; http_header; classtype:trojan-activity; sid:100000760; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.230.81.19"; content:"Host"; http_header; classtype:trojan-activity; sid:100000761; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.237.9.146"; content:"Host"; http_header; classtype:trojan-activity; sid:100000762; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.42.32.124"; content:"Host"; http_header; classtype:trojan-activity; sid:100000763; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.48.12.80"; content:"Host"; http_header; classtype:trojan-activity; sid:100000764; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.48.128.252"; content:"Host"; http_header; classtype:trojan-activity; sid:100000765; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.48.131.125"; content:"Host"; http_header; classtype:trojan-activity; sid:100000766; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.48.142.21"; content:"Host"; http_header; classtype:trojan-activity; sid:100000767; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.48.144.80"; content:"Host"; http_header; classtype:trojan-activity; sid:100000768; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.48.146.140"; content:"Host"; http_header; classtype:trojan-activity; sid:100000769; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.48.150.151"; content:"Host"; http_header; classtype:trojan-activity; sid:100000770; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.48.150.64"; content:"Host"; http_header; classtype:trojan-activity; sid:100000771; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.48.187.61"; content:"Host"; http_header; classtype:trojan-activity; sid:100000772; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.48.208.67"; content:"Host"; http_header; classtype:trojan-activity; sid:100000773; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.48.210.228"; content:"Host"; http_header; classtype:trojan-activity; sid:100000774; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.48.214.159"; content:"Host"; http_header; classtype:trojan-activity; sid:100000775; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.48.215.231"; content:"Host"; http_header; classtype:trojan-activity; sid:100000776; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.48.230.190"; content:"Host"; http_header; classtype:trojan-activity; sid:100000777; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.48.233.125"; content:"Host"; http_header; classtype:trojan-activity; sid:100000778; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.48.47.21"; content:"Host"; http_header; classtype:trojan-activity; sid:100000779; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.49.101.2"; content:"Host"; http_header; classtype:trojan-activity; sid:100000780; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.49.218.56"; content:"Host"; http_header; classtype:trojan-activity; sid:100000781; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.49.29.209"; content:"Host"; http_header; classtype:trojan-activity; sid:100000782; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.49.37.161"; content:"Host"; http_header; classtype:trojan-activity; sid:100000783; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.49.4.252"; content:"Host"; http_header; classtype:trojan-activity; sid:100000784; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.49.96.189"; content:"Host"; http_header; classtype:trojan-activity; sid:100000785; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.50.0.83"; content:"Host"; http_header; classtype:trojan-activity; sid:100000786; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.50.102.224"; content:"Host"; http_header; classtype:trojan-activity; sid:100000787; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.50.103.124"; content:"Host"; http_header; classtype:trojan-activity; sid:100000788; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.50.151.145"; content:"Host"; http_header; classtype:trojan-activity; sid:100000789; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.50.157.17"; content:"Host"; http_header; classtype:trojan-activity; sid:100000790; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.50.184.87"; content:"Host"; http_header; classtype:trojan-activity; sid:100000791; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.50.19.148"; content:"Host"; http_header; classtype:trojan-activity; sid:100000792; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.50.20.154"; content:"Host"; http_header; classtype:trojan-activity; sid:100000793; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.50.248.13"; content:"Host"; http_header; classtype:trojan-activity; sid:100000794; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.50.53.166"; content:"Host"; http_header; classtype:trojan-activity; sid:100000795; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.50.66.5"; content:"Host"; http_header; classtype:trojan-activity; sid:100000796; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.50.67.112"; content:"Host"; http_header; classtype:trojan-activity; sid:100000797; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.50.7.6"; content:"Host"; http_header; classtype:trojan-activity; sid:100000798; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.50.8.100"; content:"Host"; http_header; classtype:trojan-activity; sid:100000799; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.50.83.154"; content:"Host"; http_header; classtype:trojan-activity; sid:100000800; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.50.86.180"; content:"Host"; http_header; classtype:trojan-activity; sid:100000801; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.50.92.227"; content:"Host"; http_header; classtype:trojan-activity; sid:100000802; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.50.99.80"; content:"Host"; http_header; classtype:trojan-activity; sid:100000803; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.51.106.126"; content:"Host"; http_header; classtype:trojan-activity; sid:100000804; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.51.120.141"; content:"Host"; http_header; classtype:trojan-activity; sid:100000805; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.51.121.206"; content:"Host"; http_header; classtype:trojan-activity; sid:100000806; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.51.93.143"; content:"Host"; http_header; classtype:trojan-activity; sid:100000807; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.52.150.94"; content:"Host"; http_header; classtype:trojan-activity; sid:100000808; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.52.160.130"; content:"Host"; http_header; classtype:trojan-activity; sid:100000809; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.52.161.13"; content:"Host"; http_header; classtype:trojan-activity; sid:100000810; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.52.172.3"; content:"Host"; http_header; classtype:trojan-activity; sid:100000811; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.52.21.133"; content:"Host"; http_header; classtype:trojan-activity; sid:100000812; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.52.22.195"; content:"Host"; http_header; classtype:trojan-activity; sid:100000813; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.52.245.243"; content:"Host"; http_header; classtype:trojan-activity; sid:100000814; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.52.61.94"; content:"Host"; http_header; classtype:trojan-activity; sid:100000815; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.53.229.115"; content:"Host"; http_header; classtype:trojan-activity; sid:100000816; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.53.230.126"; content:"Host"; http_header; classtype:trojan-activity; sid:100000817; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.53.254.141"; content:"Host"; http_header; classtype:trojan-activity; sid:100000818; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.53.52.106"; content:"Host"; http_header; classtype:trojan-activity; sid:100000819; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.53.77.225"; content:"Host"; http_header; classtype:trojan-activity; sid:100000820; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.54.195.157"; content:"Host"; http_header; classtype:trojan-activity; sid:100000821; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.54.214.90"; content:"Host"; http_header; classtype:trojan-activity; sid:100000822; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.54.223.235"; content:"Host"; http_header; classtype:trojan-activity; sid:100000823; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.54.241.19"; content:"Host"; http_header; classtype:trojan-activity; sid:100000824; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.55.0.69"; content:"Host"; http_header; classtype:trojan-activity; sid:100000825; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.55.1.215"; content:"Host"; http_header; classtype:trojan-activity; sid:100000826; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.55.105.64"; content:"Host"; http_header; classtype:trojan-activity; sid:100000827; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.55.148.62"; content:"Host"; http_header; classtype:trojan-activity; sid:100000828; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.55.151.153"; content:"Host"; http_header; classtype:trojan-activity; sid:100000829; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.55.151.39"; content:"Host"; http_header; classtype:trojan-activity; sid:100000830; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.55.158.38"; content:"Host"; http_header; classtype:trojan-activity; sid:100000831; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.55.166.96"; content:"Host"; http_header; classtype:trojan-activity; sid:100000832; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.55.169.152"; content:"Host"; http_header; classtype:trojan-activity; sid:100000833; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.55.176.192"; content:"Host"; http_header; classtype:trojan-activity; sid:100000834; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.55.188.229"; content:"Host"; http_header; classtype:trojan-activity; sid:100000835; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.55.189.55"; content:"Host"; http_header; classtype:trojan-activity; sid:100000836; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.55.190.227"; content:"Host"; http_header; classtype:trojan-activity; sid:100000837; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.55.195.216"; content:"Host"; http_header; classtype:trojan-activity; sid:100000838; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.55.28.84"; content:"Host"; http_header; classtype:trojan-activity; sid:100000839; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.55.31.51"; content:"Host"; http_header; classtype:trojan-activity; sid:100000840; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.55.50.183"; content:"Host"; http_header; classtype:trojan-activity; sid:100000841; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.55.58.233"; content:"Host"; http_header; classtype:trojan-activity; sid:100000842; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.55.8.13"; content:"Host"; http_header; classtype:trojan-activity; sid:100000843; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.56.115.223"; content:"Host"; http_header; classtype:trojan-activity; sid:100000844; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.56.129.190"; content:"Host"; http_header; classtype:trojan-activity; sid:100000845; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.56.131.63"; content:"Host"; http_header; classtype:trojan-activity; sid:100000846; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.56.132.189"; content:"Host"; http_header; classtype:trojan-activity; sid:100000847; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.56.133.162"; content:"Host"; http_header; classtype:trojan-activity; sid:100000848; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.56.134.159"; content:"Host"; http_header; classtype:trojan-activity; sid:100000849; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.56.135.145"; content:"Host"; http_header; classtype:trojan-activity; sid:100000850; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.56.137.136"; content:"Host"; http_header; classtype:trojan-activity; sid:100000851; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.56.137.201"; content:"Host"; http_header; classtype:trojan-activity; sid:100000852; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.56.137.214"; content:"Host"; http_header; classtype:trojan-activity; sid:100000853; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.56.143.10"; content:"Host"; http_header; classtype:trojan-activity; sid:100000854; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.56.143.117"; content:"Host"; http_header; classtype:trojan-activity; sid:100000855; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.56.144.27"; content:"Host"; http_header; classtype:trojan-activity; sid:100000856; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.56.146.74"; content:"Host"; http_header; classtype:trojan-activity; sid:100000857; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.56.151.104"; content:"Host"; http_header; classtype:trojan-activity; sid:100000858; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.56.151.56"; content:"Host"; http_header; classtype:trojan-activity; sid:100000859; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.56.154.109"; content:"Host"; http_header; classtype:trojan-activity; sid:100000860; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.56.169.14"; content:"Host"; http_header; classtype:trojan-activity; sid:100000861; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.56.172.87"; content:"Host"; http_header; classtype:trojan-activity; sid:100000862; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.56.177.195"; content:"Host"; http_header; classtype:trojan-activity; sid:100000863; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.56.179.163"; content:"Host"; http_header; classtype:trojan-activity; sid:100000864; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.56.179.2"; content:"Host"; http_header; classtype:trojan-activity; sid:100000865; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.56.183.64"; content:"Host"; http_header; classtype:trojan-activity; sid:100000866; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.56.188.62"; content:"Host"; http_header; classtype:trojan-activity; sid:100000867; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.56.25.252"; content:"Host"; http_header; classtype:trojan-activity; sid:100000868; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.56.27.73"; content:"Host"; http_header; classtype:trojan-activity; sid:100000869; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.58.103.103"; content:"Host"; http_header; classtype:trojan-activity; sid:100000870; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.58.104.138"; content:"Host"; http_header; classtype:trojan-activity; sid:100000871; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.58.106.229"; content:"Host"; http_header; classtype:trojan-activity; sid:100000872; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.58.107.224"; content:"Host"; http_header; classtype:trojan-activity; sid:100000873; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.58.149.133"; content:"Host"; http_header; classtype:trojan-activity; sid:100000874; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.58.164.248"; content:"Host"; http_header; classtype:trojan-activity; sid:100000875; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.58.52.219"; content:"Host"; http_header; classtype:trojan-activity; sid:100000876; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.58.7.63"; content:"Host"; http_header; classtype:trojan-activity; sid:100000877; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.58.91.255"; content:"Host"; http_header; classtype:trojan-activity; sid:100000878; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.59.103.106"; content:"Host"; http_header; classtype:trojan-activity; sid:100000879; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.59.208.110"; content:"Host"; http_header; classtype:trojan-activity; sid:100000880; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.59.212.35"; content:"Host"; http_header; classtype:trojan-activity; sid:100000881; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.59.217.32"; content:"Host"; http_header; classtype:trojan-activity; sid:100000882; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.59.253.186"; content:"Host"; http_header; classtype:trojan-activity; sid:100000883; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.59.97.95"; content:"Host"; http_header; classtype:trojan-activity; sid:100000884; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.60.202.129"; content:"Host"; http_header; classtype:trojan-activity; sid:100000885; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.61.106.45"; content:"Host"; http_header; classtype:trojan-activity; sid:100000886; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.61.112.60"; content:"Host"; http_header; classtype:trojan-activity; sid:100000887; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.61.118.70"; content:"Host"; http_header; classtype:trojan-activity; sid:100000888; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.61.124.27"; content:"Host"; http_header; classtype:trojan-activity; sid:100000889; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.61.129.224"; content:"Host"; http_header; classtype:trojan-activity; sid:100000890; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.61.138.52"; content:"Host"; http_header; classtype:trojan-activity; sid:100000891; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.61.172.62"; content:"Host"; http_header; classtype:trojan-activity; sid:100000892; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.61.92.249"; content:"Host"; http_header; classtype:trojan-activity; sid:100000893; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.62.108.35"; content:"Host"; http_header; classtype:trojan-activity; sid:100000894; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.62.156.132"; content:"Host"; http_header; classtype:trojan-activity; sid:100000895; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.62.173.145"; content:"Host"; http_header; classtype:trojan-activity; sid:100000896; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.63.117.199"; content:"Host"; http_header; classtype:trojan-activity; sid:100000897; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.63.133.94"; content:"Host"; http_header; classtype:trojan-activity; sid:100000898; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.63.143.137"; content:"Host"; http_header; classtype:trojan-activity; sid:100000899; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.63.178.164"; content:"Host"; http_header; classtype:trojan-activity; sid:100000900; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.63.201.10"; content:"Host"; http_header; classtype:trojan-activity; sid:100000901; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.63.203.192"; content:"Host"; http_header; classtype:trojan-activity; sid:100000902; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.63.207.11"; content:"Host"; http_header; classtype:trojan-activity; sid:100000903; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.63.38.213"; content:"Host"; http_header; classtype:trojan-activity; sid:100000904; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.69.18.3"; content:"Host"; http_header; classtype:trojan-activity; sid:100000905; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.69.62.91"; content:"Host"; http_header; classtype:trojan-activity; sid:100000906; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.72.116.40"; content:"Host"; http_header; classtype:trojan-activity; sid:100000907; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.73.161.237"; content:"Host"; http_header; classtype:trojan-activity; sid:100000908; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.74.16.106"; content:"Host"; http_header; classtype:trojan-activity; sid:100000909; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.75.217.79"; content:"Host"; http_header; classtype:trojan-activity; sid:100000910; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.97.140.117"; content:"Host"; http_header; classtype:trojan-activity; sid:100000911; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"115.98.200.21"; content:"Host"; http_header; classtype:trojan-activity; sid:100000912; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"116.10.133.219"; content:"Host"; http_header; classtype:trojan-activity; sid:100000913; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"116.102.224.22"; content:"Host"; http_header; classtype:trojan-activity; sid:100000914; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"116.132.75.49"; content:"Host"; http_header; classtype:trojan-activity; sid:100000915; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"116.149.242.111"; content:"Host"; http_header; classtype:trojan-activity; sid:100000916; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"116.177.15.105"; content:"Host"; http_header; classtype:trojan-activity; sid:100000917; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"116.209.180.72"; content:"Host"; http_header; classtype:trojan-activity; sid:100000918; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"116.209.31.72"; content:"Host"; http_header; classtype:trojan-activity; sid:100000919; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"116.211.100.26"; content:"Host"; http_header; classtype:trojan-activity; sid:100000920; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"116.212.132.188"; content:"Host"; http_header; classtype:trojan-activity; sid:100000921; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"116.212.142.147"; content:"Host"; http_header; classtype:trojan-activity; sid:100000922; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"116.212.142.42"; content:"Host"; http_header; classtype:trojan-activity; sid:100000923; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"116.212.142.69"; content:"Host"; http_header; classtype:trojan-activity; sid:100000924; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"116.212.152.91"; content:"Host"; http_header; classtype:trojan-activity; sid:100000925; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"116.212.156.134"; content:"Host"; http_header; classtype:trojan-activity; sid:100000926; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"116.212.156.31"; content:"Host"; http_header; classtype:trojan-activity; sid:100000927; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"116.24.101.223"; content:"Host"; http_header; classtype:trojan-activity; sid:100000928; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"116.24.152.197"; content:"Host"; http_header; classtype:trojan-activity; sid:100000929; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"116.24.189.12"; content:"Host"; http_header; classtype:trojan-activity; sid:100000930; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"116.24.189.25"; content:"Host"; http_header; classtype:trojan-activity; sid:100000931; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"116.24.191.198"; content:"Host"; http_header; classtype:trojan-activity; sid:100000932; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"116.25.134.176"; content:"Host"; http_header; classtype:trojan-activity; sid:100000933; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"116.25.226.52"; content:"Host"; http_header; classtype:trojan-activity; sid:100000934; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"116.25.249.136"; content:"Host"; http_header; classtype:trojan-activity; sid:100000935; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"116.25.250.11"; content:"Host"; http_header; classtype:trojan-activity; sid:100000936; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"116.3.50.245"; content:"Host"; http_header; classtype:trojan-activity; sid:100000937; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"116.7.11.100"; content:"Host"; http_header; classtype:trojan-activity; sid:100000938; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"116.7.17.36"; content:"Host"; http_header; classtype:trojan-activity; sid:100000939; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"116.72.195.149"; content:"Host"; http_header; classtype:trojan-activity; sid:100000940; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"116.72.47.72"; content:"Host"; http_header; classtype:trojan-activity; sid:100000941; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"116.73.209.58"; content:"Host"; http_header; classtype:trojan-activity; sid:100000942; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"116.75.199.137"; content:"Host"; http_header; classtype:trojan-activity; sid:100000943; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"116.75.199.233"; content:"Host"; http_header; classtype:trojan-activity; sid:100000944; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.11.230.239"; content:"Host"; http_header; classtype:trojan-activity; sid:100000945; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.12.191.146"; content:"Host"; http_header; classtype:trojan-activity; sid:100000946; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.12.207.67"; content:"Host"; http_header; classtype:trojan-activity; sid:100000947; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.12.210.85"; content:"Host"; http_header; classtype:trojan-activity; sid:100000948; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.12.53.151"; content:"Host"; http_header; classtype:trojan-activity; sid:100000949; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.12.54.205"; content:"Host"; http_header; classtype:trojan-activity; sid:100000950; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.132.4.248"; content:"Host"; http_header; classtype:trojan-activity; sid:100000951; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.14.128.21"; content:"Host"; http_header; classtype:trojan-activity; sid:100000952; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.176.115.16"; content:"Host"; http_header; classtype:trojan-activity; sid:100000953; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.194.164.197"; content:"Host"; http_header; classtype:trojan-activity; sid:100000954; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.194.168.68"; content:"Host"; http_header; classtype:trojan-activity; sid:100000955; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.194.170.3"; content:"Host"; http_header; classtype:trojan-activity; sid:100000956; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.194.173.60"; content:"Host"; http_header; classtype:trojan-activity; sid:100000957; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.194.174.194"; content:"Host"; http_header; classtype:trojan-activity; sid:100000958; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.196.22.215"; content:"Host"; http_header; classtype:trojan-activity; sid:100000959; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.196.30.115"; content:"Host"; http_header; classtype:trojan-activity; sid:100000960; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.196.30.127"; content:"Host"; http_header; classtype:trojan-activity; sid:100000961; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.196.30.188"; content:"Host"; http_header; classtype:trojan-activity; sid:100000962; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.196.48.231"; content:"Host"; http_header; classtype:trojan-activity; sid:100000963; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.196.50.172"; content:"Host"; http_header; classtype:trojan-activity; sid:100000964; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.196.76.153"; content:"Host"; http_header; classtype:trojan-activity; sid:100000965; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.20.222.138"; content:"Host"; http_header; classtype:trojan-activity; sid:100000966; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.20.223.7"; content:"Host"; http_header; classtype:trojan-activity; sid:100000967; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.20.224.16"; content:"Host"; http_header; classtype:trojan-activity; sid:100000968; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.201.194.51"; content:"Host"; http_header; classtype:trojan-activity; sid:100000969; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.201.200.140"; content:"Host"; http_header; classtype:trojan-activity; sid:100000970; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.201.202.52"; content:"Host"; http_header; classtype:trojan-activity; sid:100000971; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.201.206.48"; content:"Host"; http_header; classtype:trojan-activity; sid:100000972; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.213.11.109"; content:"Host"; http_header; classtype:trojan-activity; sid:100000973; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.213.14.177"; content:"Host"; http_header; classtype:trojan-activity; sid:100000974; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.213.40.237"; content:"Host"; http_header; classtype:trojan-activity; sid:100000975; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.213.43.145"; content:"Host"; http_header; classtype:trojan-activity; sid:100000976; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.213.45.94"; content:"Host"; http_header; classtype:trojan-activity; sid:100000977; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.215.212.107"; content:"Host"; http_header; classtype:trojan-activity; sid:100000978; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.215.249.24"; content:"Host"; http_header; classtype:trojan-activity; sid:100000979; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.215.251.231"; content:"Host"; http_header; classtype:trojan-activity; sid:100000980; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.215.253.128"; content:"Host"; http_header; classtype:trojan-activity; sid:100000981; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.215.255.201"; content:"Host"; http_header; classtype:trojan-activity; sid:100000982; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.216.136.233"; content:"Host"; http_header; classtype:trojan-activity; sid:100000983; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.221.182.142"; content:"Host"; http_header; classtype:trojan-activity; sid:100000984; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.221.182.255"; content:"Host"; http_header; classtype:trojan-activity; sid:100000985; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.221.187.106"; content:"Host"; http_header; classtype:trojan-activity; sid:100000986; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.221.187.114"; content:"Host"; http_header; classtype:trojan-activity; sid:100000987; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.221.187.172"; content:"Host"; http_header; classtype:trojan-activity; sid:100000988; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.221.188.155"; content:"Host"; http_header; classtype:trojan-activity; sid:100000989; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.221.188.242"; content:"Host"; http_header; classtype:trojan-activity; sid:100000990; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.221.189.243"; content:"Host"; http_header; classtype:trojan-activity; sid:100000991; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.222.163.94"; content:"Host"; http_header; classtype:trojan-activity; sid:100000992; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.222.165.164"; content:"Host"; http_header; classtype:trojan-activity; sid:100000993; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.222.167.35"; content:"Host"; http_header; classtype:trojan-activity; sid:100000994; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.223.249.113"; content:"Host"; http_header; classtype:trojan-activity; sid:100000995; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.223.80.45"; content:"Host"; http_header; classtype:trojan-activity; sid:100000996; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.223.88.158"; content:"Host"; http_header; classtype:trojan-activity; sid:100000997; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.223.95.59"; content:"Host"; http_header; classtype:trojan-activity; sid:100000998; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.247.114.151"; content:"Host"; http_header; classtype:trojan-activity; sid:100000999; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.251.28.237"; content:"Host"; http_header; classtype:trojan-activity; sid:100001000; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.251.28.79"; content:"Host"; http_header; classtype:trojan-activity; sid:100001001; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.251.52.134"; content:"Host"; http_header; classtype:trojan-activity; sid:100001002; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.251.53.60"; content:"Host"; http_header; classtype:trojan-activity; sid:100001003; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.251.57.72"; content:"Host"; http_header; classtype:trojan-activity; sid:100001004; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.251.61.181"; content:"Host"; http_header; classtype:trojan-activity; sid:100001005; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.251.63.172"; content:"Host"; http_header; classtype:trojan-activity; sid:100001006; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.26.124.96"; content:"Host"; http_header; classtype:trojan-activity; sid:100001007; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.26.235.4"; content:"Host"; http_header; classtype:trojan-activity; sid:100001008; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.26.88.119"; content:"Host"; http_header; classtype:trojan-activity; sid:100001009; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.63.3.123"; content:"Host"; http_header; classtype:trojan-activity; sid:100001010; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.63.8.244"; content:"Host"; http_header; classtype:trojan-activity; sid:100001011; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.83.197.78"; content:"Host"; http_header; classtype:trojan-activity; sid:100001012; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.9.153.70"; content:"Host"; http_header; classtype:trojan-activity; sid:100001013; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.9.222.43"; content:"Host"; http_header; classtype:trojan-activity; sid:100001014; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.90.10.80"; content:"Host"; http_header; classtype:trojan-activity; sid:100001015; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.94.58.81"; content:"Host"; http_header; classtype:trojan-activity; sid:100001016; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.95.243.231"; content:"Host"; http_header; classtype:trojan-activity; sid:100001017; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"117.95.243.72"; content:"Host"; http_header; classtype:trojan-activity; sid:100001018; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"118.151.221.74"; content:"Host"; http_header; classtype:trojan-activity; sid:100001019; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"118.175.126.130"; content:"Host"; http_header; classtype:trojan-activity; sid:100001020; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"118.176.157.64"; content:"Host"; http_header; classtype:trojan-activity; sid:100001021; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"118.176.216.173"; content:"Host"; http_header; classtype:trojan-activity; sid:100001022; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"118.223.32.74"; content:"Host"; http_header; classtype:trojan-activity; sid:100001023; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"118.232.12.130"; content:"Host"; http_header; classtype:trojan-activity; sid:100001024; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"118.232.128.147"; content:"Host"; http_header; classtype:trojan-activity; sid:100001025; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"118.232.170.68"; content:"Host"; http_header; classtype:trojan-activity; sid:100001026; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"118.232.208.215"; content:"Host"; http_header; classtype:trojan-activity; sid:100001027; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"118.232.209.108"; content:"Host"; http_header; classtype:trojan-activity; sid:100001028; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"118.232.214.72"; content:"Host"; http_header; classtype:trojan-activity; sid:100001029; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"118.232.88.146"; content:"Host"; http_header; classtype:trojan-activity; sid:100001030; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"118.232.96.150"; content:"Host"; http_header; classtype:trojan-activity; sid:100001031; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"118.232.96.6"; content:"Host"; http_header; classtype:trojan-activity; sid:100001032; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"118.233.165.213"; content:"Host"; http_header; classtype:trojan-activity; sid:100001033; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"118.233.221.128"; content:"Host"; http_header; classtype:trojan-activity; sid:100001034; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"118.233.221.162"; content:"Host"; http_header; classtype:trojan-activity; sid:100001035; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"118.233.63.194"; content:"Host"; http_header; classtype:trojan-activity; sid:100001036; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"118.250.3.208"; content:"Host"; http_header; classtype:trojan-activity; sid:100001037; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"118.250.49.208"; content:"Host"; http_header; classtype:trojan-activity; sid:100001038; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"118.250.50.42"; content:"Host"; http_header; classtype:trojan-activity; sid:100001039; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"118.254.177.143"; content:"Host"; http_header; classtype:trojan-activity; sid:100001040; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"118.40.233.143"; content:"Host"; http_header; classtype:trojan-activity; sid:100001041; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"118.43.180.33"; content:"Host"; http_header; classtype:trojan-activity; sid:100001042; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"118.46.205.226"; content:"Host"; http_header; classtype:trojan-activity; sid:100001043; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"118.69.209.142"; content:"Host"; http_header; classtype:trojan-activity; sid:100001044; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"118.75.125.124"; content:"Host"; http_header; classtype:trojan-activity; sid:100001045; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"118.75.49.21"; content:"Host"; http_header; classtype:trojan-activity; sid:100001046; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"118.76.252.220"; content:"Host"; http_header; classtype:trojan-activity; sid:100001047; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"118.79.108.124"; content:"Host"; http_header; classtype:trojan-activity; sid:100001048; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"118.79.117.204"; content:"Host"; http_header; classtype:trojan-activity; sid:100001049; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"118.79.119.28"; content:"Host"; http_header; classtype:trojan-activity; sid:100001050; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"118.79.134.195"; content:"Host"; http_header; classtype:trojan-activity; sid:100001051; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"118.79.147.138"; content:"Host"; http_header; classtype:trojan-activity; sid:100001052; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"118.79.220.96"; content:"Host"; http_header; classtype:trojan-activity; sid:100001053; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"118.79.4.182"; content:"Host"; http_header; classtype:trojan-activity; sid:100001054; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"118.79.4.96"; content:"Host"; http_header; classtype:trojan-activity; sid:100001055; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"118.79.44.242"; content:"Host"; http_header; classtype:trojan-activity; sid:100001056; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"118.79.50.186"; content:"Host"; http_header; classtype:trojan-activity; sid:100001057; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"118.79.61.61"; content:"Host"; http_header; classtype:trojan-activity; sid:100001058; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"118.79.64.223"; content:"Host"; http_header; classtype:trojan-activity; sid:100001059; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"118.79.72.101"; content:"Host"; http_header; classtype:trojan-activity; sid:100001060; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"118.80.168.187"; content:"Host"; http_header; classtype:trojan-activity; sid:100001061; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"118.83.109.34"; content:"Host"; http_header; classtype:trojan-activity; sid:100001062; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"118.91.41.135"; content:"Host"; http_header; classtype:trojan-activity; sid:100001063; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"118.99.179.164"; content:"Host"; http_header; classtype:trojan-activity; sid:100001064; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"118.99.183.235"; content:"Host"; http_header; classtype:trojan-activity; sid:100001065; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.100.35.78"; content:"Host"; http_header; classtype:trojan-activity; sid:100001066; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.102.41.228"; content:"Host"; http_header; classtype:trojan-activity; sid:100001067; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.102.92.107"; content:"Host"; http_header; classtype:trojan-activity; sid:100001068; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.102.92.243"; content:"Host"; http_header; classtype:trojan-activity; sid:100001069; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.108.47.15"; content:"Host"; http_header; classtype:trojan-activity; sid:100001070; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.109.247.178"; content:"Host"; http_header; classtype:trojan-activity; sid:100001071; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.112.18.69"; content:"Host"; http_header; classtype:trojan-activity; sid:100001072; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.113.54.57"; content:"Host"; http_header; classtype:trojan-activity; sid:100001073; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.115.241.164"; content:"Host"; http_header; classtype:trojan-activity; sid:100001074; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.115.248.210"; content:"Host"; http_header; classtype:trojan-activity; sid:100001075; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.118.10.123"; content:"Host"; http_header; classtype:trojan-activity; sid:100001076; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.119.178.181"; content:"Host"; http_header; classtype:trojan-activity; sid:100001077; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.119.51.180"; content:"Host"; http_header; classtype:trojan-activity; sid:100001078; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.122.115.249"; content:"Host"; http_header; classtype:trojan-activity; sid:100001079; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.123.125.0"; content:"Host"; http_header; classtype:trojan-activity; sid:100001080; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.123.217.148"; content:"Host"; http_header; classtype:trojan-activity; sid:100001081; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.123.218.82"; content:"Host"; http_header; classtype:trojan-activity; sid:100001082; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.123.245.6"; content:"Host"; http_header; classtype:trojan-activity; sid:100001083; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.130.240.26"; content:"Host"; http_header; classtype:trojan-activity; sid:100001084; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.135.0.252"; content:"Host"; http_header; classtype:trojan-activity; sid:100001085; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.139.192.231"; content:"Host"; http_header; classtype:trojan-activity; sid:100001086; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.14.143.145"; content:"Host"; http_header; classtype:trojan-activity; sid:100001087; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.162.211.162"; content:"Host"; http_header; classtype:trojan-activity; sid:100001088; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.162.87.7"; content:"Host"; http_header; classtype:trojan-activity; sid:100001089; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.164.80.48"; content:"Host"; http_header; classtype:trojan-activity; sid:100001090; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.165.138.195"; content:"Host"; http_header; classtype:trojan-activity; sid:100001091; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.165.15.10"; content:"Host"; http_header; classtype:trojan-activity; sid:100001092; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.165.15.14"; content:"Host"; http_header; classtype:trojan-activity; sid:100001093; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.165.238.124"; content:"Host"; http_header; classtype:trojan-activity; sid:100001094; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.165.46.170"; content:"Host"; http_header; classtype:trojan-activity; sid:100001095; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.167.119.110"; content:"Host"; http_header; classtype:trojan-activity; sid:100001096; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.177.250.168"; content:"Host"; http_header; classtype:trojan-activity; sid:100001097; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.177.255.84"; content:"Host"; http_header; classtype:trojan-activity; sid:100001098; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.178.158.162"; content:"Host"; http_header; classtype:trojan-activity; sid:100001099; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.178.205.44"; content:"Host"; http_header; classtype:trojan-activity; sid:100001100; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.178.216.169"; content:"Host"; http_header; classtype:trojan-activity; sid:100001101; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.179.125.14"; content:"Host"; http_header; classtype:trojan-activity; sid:100001102; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.179.148.253"; content:"Host"; http_header; classtype:trojan-activity; sid:100001103; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.179.159.229"; content:"Host"; http_header; classtype:trojan-activity; sid:100001104; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.179.17.10"; content:"Host"; http_header; classtype:trojan-activity; sid:100001105; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.179.236.136"; content:"Host"; http_header; classtype:trojan-activity; sid:100001106; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.179.237.215"; content:"Host"; http_header; classtype:trojan-activity; sid:100001107; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.179.238.173"; content:"Host"; http_header; classtype:trojan-activity; sid:100001108; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.179.250.231"; content:"Host"; http_header; classtype:trojan-activity; sid:100001109; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.179.251.0"; content:"Host"; http_header; classtype:trojan-activity; sid:100001110; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.179.252.30"; content:"Host"; http_header; classtype:trojan-activity; sid:100001111; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.179.83.148"; content:"Host"; http_header; classtype:trojan-activity; sid:100001112; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.179.85.162"; content:"Host"; http_header; classtype:trojan-activity; sid:100001113; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.18.88.113"; content:"Host"; http_header; classtype:trojan-activity; sid:100001114; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.180.10.219"; content:"Host"; http_header; classtype:trojan-activity; sid:100001115; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.180.111.241"; content:"Host"; http_header; classtype:trojan-activity; sid:100001116; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.180.124.142"; content:"Host"; http_header; classtype:trojan-activity; sid:100001117; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.180.16.92"; content:"Host"; http_header; classtype:trojan-activity; sid:100001118; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.180.218.197"; content:"Host"; http_header; classtype:trojan-activity; sid:100001119; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.180.54.13"; content:"Host"; http_header; classtype:trojan-activity; sid:100001120; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.180.71.148"; content:"Host"; http_header; classtype:trojan-activity; sid:100001121; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.180.73.19"; content:"Host"; http_header; classtype:trojan-activity; sid:100001122; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.180.91.205"; content:"Host"; http_header; classtype:trojan-activity; sid:100001123; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.181.117.61"; content:"Host"; http_header; classtype:trojan-activity; sid:100001124; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.181.33.60"; content:"Host"; http_header; classtype:trojan-activity; sid:100001125; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.182.14.194"; content:"Host"; http_header; classtype:trojan-activity; sid:100001126; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.182.40.185"; content:"Host"; http_header; classtype:trojan-activity; sid:100001127; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.182.53.29"; content:"Host"; http_header; classtype:trojan-activity; sid:100001128; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.183.116.46"; content:"Host"; http_header; classtype:trojan-activity; sid:100001129; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.183.118.183"; content:"Host"; http_header; classtype:trojan-activity; sid:100001130; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.185.46.220"; content:"Host"; http_header; classtype:trojan-activity; sid:100001131; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.185.82.73"; content:"Host"; http_header; classtype:trojan-activity; sid:100001132; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.186.206.1"; content:"Host"; http_header; classtype:trojan-activity; sid:100001133; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.186.209.57"; content:"Host"; http_header; classtype:trojan-activity; sid:100001134; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.186.97.39"; content:"Host"; http_header; classtype:trojan-activity; sid:100001135; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.187.232.112"; content:"Host"; http_header; classtype:trojan-activity; sid:100001136; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.187.234.77"; content:"Host"; http_header; classtype:trojan-activity; sid:100001137; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.187.242.87"; content:"Host"; http_header; classtype:trojan-activity; sid:100001138; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.187.252.76"; content:"Host"; http_header; classtype:trojan-activity; sid:100001139; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.187.73.161"; content:"Host"; http_header; classtype:trojan-activity; sid:100001140; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.189.177.75"; content:"Host"; http_header; classtype:trojan-activity; sid:100001141; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.189.247.136"; content:"Host"; http_header; classtype:trojan-activity; sid:100001142; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.190.23.202"; content:"Host"; http_header; classtype:trojan-activity; sid:100001143; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.190.236.24"; content:"Host"; http_header; classtype:trojan-activity; sid:100001144; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.191.145.61"; content:"Host"; http_header; classtype:trojan-activity; sid:100001145; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.191.194.231"; content:"Host"; http_header; classtype:trojan-activity; sid:100001146; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.191.211.175"; content:"Host"; http_header; classtype:trojan-activity; sid:100001147; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.191.224.181"; content:"Host"; http_header; classtype:trojan-activity; sid:100001148; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.193.148.213"; content:"Host"; http_header; classtype:trojan-activity; sid:100001149; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.201.196.37"; content:"Host"; http_header; classtype:trojan-activity; sid:100001150; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.202.255.162"; content:"Host"; http_header; classtype:trojan-activity; sid:100001151; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.204.30.144"; content:"Host"; http_header; classtype:trojan-activity; sid:100001152; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.206.176.63"; content:"Host"; http_header; classtype:trojan-activity; sid:100001153; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.206.76.70"; content:"Host"; http_header; classtype:trojan-activity; sid:100001154; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.206.86.8"; content:"Host"; http_header; classtype:trojan-activity; sid:100001155; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.236.128.231"; content:"Host"; http_header; classtype:trojan-activity; sid:100001156; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.250.233.139"; content:"Host"; http_header; classtype:trojan-activity; sid:100001157; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.251.119.206"; content:"Host"; http_header; classtype:trojan-activity; sid:100001158; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.251.49.49"; content:"Host"; http_header; classtype:trojan-activity; sid:100001159; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.4.183.111"; content:"Host"; http_header; classtype:trojan-activity; sid:100001160; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.4.198.246"; content:"Host"; http_header; classtype:trojan-activity; sid:100001161; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.56.143.46"; content:"Host"; http_header; classtype:trojan-activity; sid:100001162; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.56.143.71"; content:"Host"; http_header; classtype:trojan-activity; sid:100001163; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.56.249.56"; content:"Host"; http_header; classtype:trojan-activity; sid:100001164; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"119.77.164.181"; content:"Host"; http_header; classtype:trojan-activity; sid:100001165; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"12.207.39.227"; content:"Host"; http_header; classtype:trojan-activity; sid:100001166; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.0.255.249"; content:"Host"; http_header; classtype:trojan-activity; sid:100001167; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.12.133.15"; content:"Host"; http_header; classtype:trojan-activity; sid:100001168; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.12.237.243"; content:"Host"; http_header; classtype:trojan-activity; sid:100001169; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.193.91.178"; content:"Host"; http_header; classtype:trojan-activity; sid:100001170; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.193.91.181"; content:"Host"; http_header; classtype:trojan-activity; sid:100001171; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.193.91.185"; content:"Host"; http_header; classtype:trojan-activity; sid:100001172; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.193.91.186"; content:"Host"; http_header; classtype:trojan-activity; sid:100001173; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.193.91.190"; content:"Host"; http_header; classtype:trojan-activity; sid:100001174; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.193.91.191"; content:"Host"; http_header; classtype:trojan-activity; sid:100001175; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.193.91.201"; content:"Host"; http_header; classtype:trojan-activity; sid:100001176; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.193.91.204"; content:"Host"; http_header; classtype:trojan-activity; sid:100001177; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.193.91.210"; content:"Host"; http_header; classtype:trojan-activity; sid:100001178; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.193.91.215"; content:"Host"; http_header; classtype:trojan-activity; sid:100001179; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.209.121.243"; content:"Host"; http_header; classtype:trojan-activity; sid:100001180; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.209.126.228"; content:"Host"; http_header; classtype:trojan-activity; sid:100001181; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.209.126.239"; content:"Host"; http_header; classtype:trojan-activity; sid:100001182; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.209.99.127"; content:"Host"; http_header; classtype:trojan-activity; sid:100001183; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.37.236.162"; content:"Host"; http_header; classtype:trojan-activity; sid:100001184; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.4.158.147"; content:"Host"; http_header; classtype:trojan-activity; sid:100001185; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.40.148.140"; content:"Host"; http_header; classtype:trojan-activity; sid:100001186; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.50.66.60"; content:"Host"; http_header; classtype:trojan-activity; sid:100001187; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.6.138.32"; content:"Host"; http_header; classtype:trojan-activity; sid:100001188; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.6.237.220"; content:"Host"; http_header; classtype:trojan-activity; sid:100001189; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.6.54.80"; content:"Host"; http_header; classtype:trojan-activity; sid:100001190; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.6.7.3"; content:"Host"; http_header; classtype:trojan-activity; sid:100001191; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.63.206.41"; content:"Host"; http_header; classtype:trojan-activity; sid:100001192; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.63.221.76"; content:"Host"; http_header; classtype:trojan-activity; sid:100001193; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.7.105.9"; content:"Host"; http_header; classtype:trojan-activity; sid:100001194; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.7.32.136"; content:"Host"; http_header; classtype:trojan-activity; sid:100001195; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.7.37.166"; content:"Host"; http_header; classtype:trojan-activity; sid:100001196; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.7.81.24"; content:"Host"; http_header; classtype:trojan-activity; sid:100001197; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.84.108.239"; content:"Host"; http_header; classtype:trojan-activity; sid:100001198; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.84.116.185"; content:"Host"; http_header; classtype:trojan-activity; sid:100001199; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.84.118.100"; content:"Host"; http_header; classtype:trojan-activity; sid:100001200; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.85.164.108"; content:"Host"; http_header; classtype:trojan-activity; sid:100001201; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.85.164.123"; content:"Host"; http_header; classtype:trojan-activity; sid:100001202; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.85.164.143"; content:"Host"; http_header; classtype:trojan-activity; sid:100001203; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.85.164.186"; content:"Host"; http_header; classtype:trojan-activity; sid:100001204; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.85.165.176"; content:"Host"; http_header; classtype:trojan-activity; sid:100001205; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.85.165.220"; content:"Host"; http_header; classtype:trojan-activity; sid:100001206; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.85.165.226"; content:"Host"; http_header; classtype:trojan-activity; sid:100001207; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.85.165.48"; content:"Host"; http_header; classtype:trojan-activity; sid:100001208; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.85.166.156"; content:"Host"; http_header; classtype:trojan-activity; sid:100001209; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.85.166.26"; content:"Host"; http_header; classtype:trojan-activity; sid:100001210; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.85.166.65"; content:"Host"; http_header; classtype:trojan-activity; sid:100001211; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.85.167.102"; content:"Host"; http_header; classtype:trojan-activity; sid:100001212; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.85.167.127"; content:"Host"; http_header; classtype:trojan-activity; sid:100001213; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.85.167.32"; content:"Host"; http_header; classtype:trojan-activity; sid:100001214; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.85.167.43"; content:"Host"; http_header; classtype:trojan-activity; sid:100001215; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.85.170.127"; content:"Host"; http_header; classtype:trojan-activity; sid:100001216; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.85.170.173"; content:"Host"; http_header; classtype:trojan-activity; sid:100001217; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.85.172.123"; content:"Host"; http_header; classtype:trojan-activity; sid:100001218; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.85.172.127"; content:"Host"; http_header; classtype:trojan-activity; sid:100001219; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.85.172.129"; content:"Host"; http_header; classtype:trojan-activity; sid:100001220; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.85.172.179"; content:"Host"; http_header; classtype:trojan-activity; sid:100001221; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.85.172.200"; content:"Host"; http_header; classtype:trojan-activity; sid:100001222; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.85.172.239"; content:"Host"; http_header; classtype:trojan-activity; sid:100001223; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.85.173.122"; content:"Host"; http_header; classtype:trojan-activity; sid:100001224; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.85.173.134"; content:"Host"; http_header; classtype:trojan-activity; sid:100001225; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.85.173.164"; content:"Host"; http_header; classtype:trojan-activity; sid:100001226; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.85.173.32"; content:"Host"; http_header; classtype:trojan-activity; sid:100001227; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.85.173.62"; content:"Host"; http_header; classtype:trojan-activity; sid:100001228; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.85.174.101"; content:"Host"; http_header; classtype:trojan-activity; sid:100001229; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.85.175.98"; content:"Host"; http_header; classtype:trojan-activity; sid:100001230; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.85.184.183"; content:"Host"; http_header; classtype:trojan-activity; sid:100001231; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.85.185.101"; content:"Host"; http_header; classtype:trojan-activity; sid:100001232; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.85.185.227"; content:"Host"; http_header; classtype:trojan-activity; sid:100001233; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.85.186.175"; content:"Host"; http_header; classtype:trojan-activity; sid:100001234; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.85.186.99"; content:"Host"; http_header; classtype:trojan-activity; sid:100001235; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.85.187.124"; content:"Host"; http_header; classtype:trojan-activity; sid:100001236; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.85.196.231"; content:"Host"; http_header; classtype:trojan-activity; sid:100001237; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.85.196.45"; content:"Host"; http_header; classtype:trojan-activity; sid:100001238; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.85.196.93"; content:"Host"; http_header; classtype:trojan-activity; sid:100001239; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.85.196.95"; content:"Host"; http_header; classtype:trojan-activity; sid:100001240; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.85.198.225"; content:"Host"; http_header; classtype:trojan-activity; sid:100001241; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.85.208.143"; content:"Host"; http_header; classtype:trojan-activity; sid:100001242; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.85.209.133"; content:"Host"; http_header; classtype:trojan-activity; sid:100001243; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.85.236.35"; content:"Host"; http_header; classtype:trojan-activity; sid:100001244; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.85.236.75"; content:"Host"; http_header; classtype:trojan-activity; sid:100001245; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.85.237.13"; content:"Host"; http_header; classtype:trojan-activity; sid:100001246; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.85.237.166"; content:"Host"; http_header; classtype:trojan-activity; sid:100001247; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.85.237.185"; content:"Host"; http_header; classtype:trojan-activity; sid:100001248; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.85.237.254"; content:"Host"; http_header; classtype:trojan-activity; sid:100001249; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.85.237.83"; content:"Host"; http_header; classtype:trojan-activity; sid:100001250; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.85.239.128"; content:"Host"; http_header; classtype:trojan-activity; sid:100001251; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.85.239.132"; content:"Host"; http_header; classtype:trojan-activity; sid:100001252; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.85.239.14"; content:"Host"; http_header; classtype:trojan-activity; sid:100001253; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.85.239.186"; content:"Host"; http_header; classtype:trojan-activity; sid:100001254; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.85.239.51"; content:"Host"; http_header; classtype:trojan-activity; sid:100001255; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.85.253.178"; content:"Host"; http_header; classtype:trojan-activity; sid:100001256; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.85.253.39"; content:"Host"; http_header; classtype:trojan-activity; sid:100001257; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.85.254.32"; content:"Host"; http_header; classtype:trojan-activity; sid:100001258; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.85.255.49"; content:"Host"; http_header; classtype:trojan-activity; sid:100001259; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.86.144.172"; content:"Host"; http_header; classtype:trojan-activity; sid:100001260; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.86.145.102"; content:"Host"; http_header; classtype:trojan-activity; sid:100001261; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.86.146.185"; content:"Host"; http_header; classtype:trojan-activity; sid:100001262; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.87.32.152"; content:"Host"; http_header; classtype:trojan-activity; sid:100001263; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.87.33.101"; content:"Host"; http_header; classtype:trojan-activity; sid:100001264; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.87.49.79"; content:"Host"; http_header; classtype:trojan-activity; sid:100001265; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"120.9.44.107"; content:"Host"; http_header; classtype:trojan-activity; sid:100001266; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"121.128.103.44"; content:"Host"; http_header; classtype:trojan-activity; sid:100001267; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"121.129.5.221"; content:"Host"; http_header; classtype:trojan-activity; sid:100001268; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"121.130.79.212"; content:"Host"; http_header; classtype:trojan-activity; sid:100001269; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"121.141.11.56"; content:"Host"; http_header; classtype:trojan-activity; sid:100001270; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"121.142.127.21"; content:"Host"; http_header; classtype:trojan-activity; sid:100001271; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"121.146.19.128"; content:"Host"; http_header; classtype:trojan-activity; sid:100001272; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"121.148.94.142"; content:"Host"; http_header; classtype:trojan-activity; sid:100001273; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"121.16.227.34"; content:"Host"; http_header; classtype:trojan-activity; sid:100001274; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"121.161.54.137"; content:"Host"; http_header; classtype:trojan-activity; sid:100001275; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"121.170.8.146"; content:"Host"; http_header; classtype:trojan-activity; sid:100001276; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"121.171.192.125"; content:"Host"; http_header; classtype:trojan-activity; sid:100001277; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"121.176.211.232"; content:"Host"; http_header; classtype:trojan-activity; sid:100001278; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"121.178.107.199"; content:"Host"; http_header; classtype:trojan-activity; sid:100001279; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"121.179.124.109"; content:"Host"; http_header; classtype:trojan-activity; sid:100001280; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"121.179.174.78"; content:"Host"; http_header; classtype:trojan-activity; sid:100001281; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"121.186.60.63"; content:"Host"; http_header; classtype:trojan-activity; sid:100001282; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"121.226.158.68"; content:"Host"; http_header; classtype:trojan-activity; sid:100001283; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"121.23.119.180"; content:"Host"; http_header; classtype:trojan-activity; sid:100001284; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"121.230.136.144"; content:"Host"; http_header; classtype:trojan-activity; sid:100001285; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"121.233.103.62"; content:"Host"; http_header; classtype:trojan-activity; sid:100001286; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"121.239.26.108"; content:"Host"; http_header; classtype:trojan-activity; sid:100001287; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"121.24.87.248"; content:"Host"; http_header; classtype:trojan-activity; sid:100001288; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"121.25.60.157"; content:"Host"; http_header; classtype:trojan-activity; sid:100001289; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"121.25.70.56"; content:"Host"; http_header; classtype:trojan-activity; sid:100001290; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"121.25.78.78"; content:"Host"; http_header; classtype:trojan-activity; sid:100001291; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"121.254.76.17"; content:"Host"; http_header; classtype:trojan-activity; sid:100001292; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"121.34.149.76"; content:"Host"; http_header; classtype:trojan-activity; sid:100001293; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"121.34.150.8"; content:"Host"; http_header; classtype:trojan-activity; sid:100001294; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"121.61.109.131"; content:"Host"; http_header; classtype:trojan-activity; sid:100001295; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"121.61.65.203"; content:"Host"; http_header; classtype:trojan-activity; sid:100001296; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"121.61.66.107"; content:"Host"; http_header; classtype:trojan-activity; sid:100001297; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"121.61.69.136"; content:"Host"; http_header; classtype:trojan-activity; sid:100001298; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"121.61.96.209"; content:"Host"; http_header; classtype:trojan-activity; sid:100001299; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"121.61.96.234"; content:"Host"; http_header; classtype:trojan-activity; sid:100001300; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"121.61.96.74"; content:"Host"; http_header; classtype:trojan-activity; sid:100001301; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"121.62.203.252"; content:"Host"; http_header; classtype:trojan-activity; sid:100001302; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"121.62.217.24"; content:"Host"; http_header; classtype:trojan-activity; sid:100001303; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"121.67.99.220"; content:"Host"; http_header; classtype:trojan-activity; sid:100001304; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"121.8.107.214"; content:"Host"; http_header; classtype:trojan-activity; sid:100001305; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"122.11.138.44"; content:"Host"; http_header; classtype:trojan-activity; sid:100001306; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"122.138.189.182"; content:"Host"; http_header; classtype:trojan-activity; sid:100001307; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"122.142.222.162"; content:"Host"; http_header; classtype:trojan-activity; sid:100001308; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"122.159.182.13"; content:"Host"; http_header; classtype:trojan-activity; sid:100001309; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"122.160.10.209"; content:"Host"; http_header; classtype:trojan-activity; sid:100001310; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"122.160.147.53"; content:"Host"; http_header; classtype:trojan-activity; sid:100001311; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"122.188.150.131"; content:"Host"; http_header; classtype:trojan-activity; sid:100001312; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"122.188.192.210"; content:"Host"; http_header; classtype:trojan-activity; sid:100001313; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"122.189.101.49"; content:"Host"; http_header; classtype:trojan-activity; sid:100001314; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"122.189.13.125"; content:"Host"; http_header; classtype:trojan-activity; sid:100001315; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"122.189.146.124"; content:"Host"; http_header; classtype:trojan-activity; sid:100001316; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"122.189.207.158"; content:"Host"; http_header; classtype:trojan-activity; sid:100001317; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"122.189.21.150"; content:"Host"; http_header; classtype:trojan-activity; sid:100001318; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"122.190.255.118"; content:"Host"; http_header; classtype:trojan-activity; sid:100001319; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"122.191.190.229"; content:"Host"; http_header; classtype:trojan-activity; sid:100001320; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"122.191.245.163"; content:"Host"; http_header; classtype:trojan-activity; sid:100001321; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"122.192.191.7"; content:"Host"; http_header; classtype:trojan-activity; sid:100001322; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"122.193.137.58"; content:"Host"; http_header; classtype:trojan-activity; sid:100001323; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"122.193.144.18"; content:"Host"; http_header; classtype:trojan-activity; sid:100001324; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"122.194.122.58"; content:"Host"; http_header; classtype:trojan-activity; sid:100001325; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"122.195.15.223"; content:"Host"; http_header; classtype:trojan-activity; sid:100001326; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"122.195.17.243"; content:"Host"; http_header; classtype:trojan-activity; sid:100001327; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"122.195.86.6"; content:"Host"; http_header; classtype:trojan-activity; sid:100001328; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"122.202.41.23"; content:"Host"; http_header; classtype:trojan-activity; sid:100001329; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"122.230.251.42"; content:"Host"; http_header; classtype:trojan-activity; sid:100001330; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"122.254.183.207"; content:"Host"; http_header; classtype:trojan-activity; sid:100001331; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"122.254.3.66"; content:"Host"; http_header; classtype:trojan-activity; sid:100001332; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"122.6.254.36"; content:"Host"; http_header; classtype:trojan-activity; sid:100001333; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"122.96.13.194"; content:"Host"; http_header; classtype:trojan-activity; sid:100001334; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.0.193.181"; content:"Host"; http_header; classtype:trojan-activity; sid:100001335; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.0.194.93"; content:"Host"; http_header; classtype:trojan-activity; sid:100001336; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.0.240.58"; content:"Host"; http_header; classtype:trojan-activity; sid:100001337; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.10.129.236"; content:"Host"; http_header; classtype:trojan-activity; sid:100001338; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.10.143.223"; content:"Host"; http_header; classtype:trojan-activity; sid:100001339; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.10.18.25"; content:"Host"; http_header; classtype:trojan-activity; sid:100001340; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.10.187.46"; content:"Host"; http_header; classtype:trojan-activity; sid:100001341; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.10.193.114"; content:"Host"; http_header; classtype:trojan-activity; sid:100001342; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.10.234.51"; content:"Host"; http_header; classtype:trojan-activity; sid:100001343; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.10.39.0"; content:"Host"; http_header; classtype:trojan-activity; sid:100001344; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.10.63.6"; content:"Host"; http_header; classtype:trojan-activity; sid:100001345; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.11.12.60"; content:"Host"; http_header; classtype:trojan-activity; sid:100001346; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.11.162.25"; content:"Host"; http_header; classtype:trojan-activity; sid:100001347; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.11.167.53"; content:"Host"; http_header; classtype:trojan-activity; sid:100001348; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.11.175.213"; content:"Host"; http_header; classtype:trojan-activity; sid:100001349; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.11.240.201"; content:"Host"; http_header; classtype:trojan-activity; sid:100001350; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.11.3.207"; content:"Host"; http_header; classtype:trojan-activity; sid:100001351; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.11.4.232"; content:"Host"; http_header; classtype:trojan-activity; sid:100001352; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.11.49.5"; content:"Host"; http_header; classtype:trojan-activity; sid:100001353; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.11.76.141"; content:"Host"; http_header; classtype:trojan-activity; sid:100001354; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.110.100.199"; content:"Host"; http_header; classtype:trojan-activity; sid:100001355; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.110.124.238"; content:"Host"; http_header; classtype:trojan-activity; sid:100001356; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.110.124.244"; content:"Host"; http_header; classtype:trojan-activity; sid:100001357; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.110.155.10"; content:"Host"; http_header; classtype:trojan-activity; sid:100001358; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.110.170.237"; content:"Host"; http_header; classtype:trojan-activity; sid:100001359; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.110.182.187"; content:"Host"; http_header; classtype:trojan-activity; sid:100001360; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.110.19.248"; content:"Host"; http_header; classtype:trojan-activity; sid:100001361; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.110.195.93"; content:"Host"; http_header; classtype:trojan-activity; sid:100001362; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.110.200.98"; content:"Host"; http_header; classtype:trojan-activity; sid:100001363; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.112.176.34"; content:"Host"; http_header; classtype:trojan-activity; sid:100001364; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.12.166.198"; content:"Host"; http_header; classtype:trojan-activity; sid:100001365; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.12.198.69"; content:"Host"; http_header; classtype:trojan-activity; sid:100001366; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.12.232.96"; content:"Host"; http_header; classtype:trojan-activity; sid:100001367; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.12.239.194"; content:"Host"; http_header; classtype:trojan-activity; sid:100001368; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.12.25.244"; content:"Host"; http_header; classtype:trojan-activity; sid:100001369; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.12.32.27"; content:"Host"; http_header; classtype:trojan-activity; sid:100001370; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.128.234.10"; content:"Host"; http_header; classtype:trojan-activity; sid:100001371; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.128.57.57"; content:"Host"; http_header; classtype:trojan-activity; sid:100001372; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.129.130.136"; content:"Host"; http_header; classtype:trojan-activity; sid:100001373; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.129.130.153"; content:"Host"; http_header; classtype:trojan-activity; sid:100001374; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.129.130.252"; content:"Host"; http_header; classtype:trojan-activity; sid:100001375; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.129.132.132"; content:"Host"; http_header; classtype:trojan-activity; sid:100001376; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.129.132.253"; content:"Host"; http_header; classtype:trojan-activity; sid:100001377; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.129.133.239"; content:"Host"; http_header; classtype:trojan-activity; sid:100001378; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.129.134.199"; content:"Host"; http_header; classtype:trojan-activity; sid:100001379; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.129.134.250"; content:"Host"; http_header; classtype:trojan-activity; sid:100001380; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.129.135.217"; content:"Host"; http_header; classtype:trojan-activity; sid:100001381; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.129.152.181"; content:"Host"; http_header; classtype:trojan-activity; sid:100001382; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.129.154.188"; content:"Host"; http_header; classtype:trojan-activity; sid:100001383; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.129.155.151"; content:"Host"; http_header; classtype:trojan-activity; sid:100001384; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.129.164.222"; content:"Host"; http_header; classtype:trojan-activity; sid:100001385; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.129.27.44"; content:"Host"; http_header; classtype:trojan-activity; sid:100001386; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.130.108.239"; content:"Host"; http_header; classtype:trojan-activity; sid:100001387; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.130.16.247"; content:"Host"; http_header; classtype:trojan-activity; sid:100001388; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.130.174.88"; content:"Host"; http_header; classtype:trojan-activity; sid:100001389; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.130.218.153"; content:"Host"; http_header; classtype:trojan-activity; sid:100001390; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.130.219.233"; content:"Host"; http_header; classtype:trojan-activity; sid:100001391; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.130.9.187"; content:"Host"; http_header; classtype:trojan-activity; sid:100001392; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.130.99.147"; content:"Host"; http_header; classtype:trojan-activity; sid:100001393; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.132.120.130"; content:"Host"; http_header; classtype:trojan-activity; sid:100001394; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.132.134.174"; content:"Host"; http_header; classtype:trojan-activity; sid:100001395; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.132.139.28"; content:"Host"; http_header; classtype:trojan-activity; sid:100001396; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.132.218.249"; content:"Host"; http_header; classtype:trojan-activity; sid:100001397; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.132.47.143"; content:"Host"; http_header; classtype:trojan-activity; sid:100001398; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.133.144.144"; content:"Host"; http_header; classtype:trojan-activity; sid:100001399; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.133.147.202"; content:"Host"; http_header; classtype:trojan-activity; sid:100001400; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.133.164.87"; content:"Host"; http_header; classtype:trojan-activity; sid:100001401; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.134.17.244"; content:"Host"; http_header; classtype:trojan-activity; sid:100001402; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.135.14.247"; content:"Host"; http_header; classtype:trojan-activity; sid:100001403; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.135.199.28"; content:"Host"; http_header; classtype:trojan-activity; sid:100001404; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.135.249.151"; content:"Host"; http_header; classtype:trojan-activity; sid:100001405; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.135.31.133"; content:"Host"; http_header; classtype:trojan-activity; sid:100001406; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.14.104.158"; content:"Host"; http_header; classtype:trojan-activity; sid:100001407; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.14.115.227"; content:"Host"; http_header; classtype:trojan-activity; sid:100001408; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.14.115.249"; content:"Host"; http_header; classtype:trojan-activity; sid:100001409; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.14.117.47"; content:"Host"; http_header; classtype:trojan-activity; sid:100001410; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.14.174.49"; content:"Host"; http_header; classtype:trojan-activity; sid:100001411; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.14.194.35"; content:"Host"; http_header; classtype:trojan-activity; sid:100001412; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.14.200.20"; content:"Host"; http_header; classtype:trojan-activity; sid:100001413; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.14.231.67"; content:"Host"; http_header; classtype:trojan-activity; sid:100001414; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.14.248.81"; content:"Host"; http_header; classtype:trojan-activity; sid:100001415; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.14.85.63"; content:"Host"; http_header; classtype:trojan-activity; sid:100001416; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.14.92.18"; content:"Host"; http_header; classtype:trojan-activity; sid:100001417; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.152.46.46"; content:"Host"; http_header; classtype:trojan-activity; sid:100001418; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.154.25.144"; content:"Host"; http_header; classtype:trojan-activity; sid:100001419; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.156.28.170"; content:"Host"; http_header; classtype:trojan-activity; sid:100001420; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.158.235.214"; content:"Host"; http_header; classtype:trojan-activity; sid:100001421; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.159.115.133"; content:"Host"; http_header; classtype:trojan-activity; sid:100001422; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.164.177.12"; content:"Host"; http_header; classtype:trojan-activity; sid:100001423; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.183.16.122"; content:"Host"; http_header; classtype:trojan-activity; sid:100001424; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.188.191.232"; content:"Host"; http_header; classtype:trojan-activity; sid:100001425; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.190.156.42"; content:"Host"; http_header; classtype:trojan-activity; sid:100001426; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.192.209.38"; content:"Host"; http_header; classtype:trojan-activity; sid:100001427; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.193.53.237"; content:"Host"; http_header; classtype:trojan-activity; sid:100001428; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.194.235.37"; content:"Host"; http_header; classtype:trojan-activity; sid:100001429; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.194.35.146"; content:"Host"; http_header; classtype:trojan-activity; sid:100001430; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.194.52.79"; content:"Host"; http_header; classtype:trojan-activity; sid:100001431; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.194.60.238"; content:"Host"; http_header; classtype:trojan-activity; sid:100001432; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.194.80.69"; content:"Host"; http_header; classtype:trojan-activity; sid:100001433; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.194.80.71"; content:"Host"; http_header; classtype:trojan-activity; sid:100001434; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.195.184.191"; content:"Host"; http_header; classtype:trojan-activity; sid:100001435; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.231.232.225"; content:"Host"; http_header; classtype:trojan-activity; sid:100001436; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.233.140.227"; content:"Host"; http_header; classtype:trojan-activity; sid:100001437; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.234.234.219"; content:"Host"; http_header; classtype:trojan-activity; sid:100001438; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.234.98.49"; content:"Host"; http_header; classtype:trojan-activity; sid:100001439; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.235.183.150"; content:"Host"; http_header; classtype:trojan-activity; sid:100001440; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.24.144.119"; content:"Host"; http_header; classtype:trojan-activity; sid:100001441; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.24.77.57"; content:"Host"; http_header; classtype:trojan-activity; sid:100001442; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.240.103.89"; content:"Host"; http_header; classtype:trojan-activity; sid:100001443; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.240.143.236"; content:"Host"; http_header; classtype:trojan-activity; sid:100001444; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.240.181.57"; content:"Host"; http_header; classtype:trojan-activity; sid:100001445; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.240.20.187"; content:"Host"; http_header; classtype:trojan-activity; sid:100001446; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.240.79.61"; content:"Host"; http_header; classtype:trojan-activity; sid:100001447; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.241.11.41"; content:"Host"; http_header; classtype:trojan-activity; sid:100001448; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.241.123.185"; content:"Host"; http_header; classtype:trojan-activity; sid:100001449; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.241.148.58"; content:"Host"; http_header; classtype:trojan-activity; sid:100001450; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.241.184.124"; content:"Host"; http_header; classtype:trojan-activity; sid:100001451; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.241.185.249"; content:"Host"; http_header; classtype:trojan-activity; sid:100001452; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.27.44.130"; content:"Host"; http_header; classtype:trojan-activity; sid:100001453; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.4.1.152"; content:"Host"; http_header; classtype:trojan-activity; sid:100001454; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.4.254.105"; content:"Host"; http_header; classtype:trojan-activity; sid:100001455; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.4.255.37"; content:"Host"; http_header; classtype:trojan-activity; sid:100001456; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.4.67.207"; content:"Host"; http_header; classtype:trojan-activity; sid:100001457; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.4.70.127"; content:"Host"; http_header; classtype:trojan-activity; sid:100001458; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.4.83.206"; content:"Host"; http_header; classtype:trojan-activity; sid:100001459; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.4.83.251"; content:"Host"; http_header; classtype:trojan-activity; sid:100001460; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.4.89.150"; content:"Host"; http_header; classtype:trojan-activity; sid:100001461; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.4.92.96"; content:"Host"; http_header; classtype:trojan-activity; sid:100001462; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.4.95.108"; content:"Host"; http_header; classtype:trojan-activity; sid:100001463; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.5.122.254"; content:"Host"; http_header; classtype:trojan-activity; sid:100001464; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.5.126.220"; content:"Host"; http_header; classtype:trojan-activity; sid:100001465; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.5.127.47"; content:"Host"; http_header; classtype:trojan-activity; sid:100001466; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.5.19.170"; content:"Host"; http_header; classtype:trojan-activity; sid:100001467; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.5.19.26"; content:"Host"; http_header; classtype:trojan-activity; sid:100001468; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.5.23.90"; content:"Host"; http_header; classtype:trojan-activity; sid:100001469; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.8.128.52"; content:"Host"; http_header; classtype:trojan-activity; sid:100001470; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.8.16.75"; content:"Host"; http_header; classtype:trojan-activity; sid:100001471; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.8.227.79"; content:"Host"; http_header; classtype:trojan-activity; sid:100001472; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.8.239.91"; content:"Host"; http_header; classtype:trojan-activity; sid:100001473; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.8.3.151"; content:"Host"; http_header; classtype:trojan-activity; sid:100001474; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.8.30.108"; content:"Host"; http_header; classtype:trojan-activity; sid:100001475; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.8.54.244"; content:"Host"; http_header; classtype:trojan-activity; sid:100001476; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.8.57.228"; content:"Host"; http_header; classtype:trojan-activity; sid:100001477; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.8.81.149"; content:"Host"; http_header; classtype:trojan-activity; sid:100001478; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.9.192.107"; content:"Host"; http_header; classtype:trojan-activity; sid:100001479; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.9.36.121"; content:"Host"; http_header; classtype:trojan-activity; sid:100001480; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.9.77.195"; content:"Host"; http_header; classtype:trojan-activity; sid:100001481; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.97.137.223"; content:"Host"; http_header; classtype:trojan-activity; sid:100001482; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123.97.154.251"; content:"Host"; http_header; classtype:trojan-activity; sid:100001483; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"123muanhanh.net"; content:"Host"; http_header; classtype:trojan-activity; sid:100001484; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"124.128.134.98"; content:"Host"; http_header; classtype:trojan-activity; sid:100001485; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"124.129.139.177"; content:"Host"; http_header; classtype:trojan-activity; sid:100001486; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"124.129.199.177"; content:"Host"; http_header; classtype:trojan-activity; sid:100001487; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"124.129.68.113"; content:"Host"; http_header; classtype:trojan-activity; sid:100001488; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"124.130.40.115"; content:"Host"; http_header; classtype:trojan-activity; sid:100001489; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"124.130.85.181"; content:"Host"; http_header; classtype:trojan-activity; sid:100001490; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"124.131.101.177"; content:"Host"; http_header; classtype:trojan-activity; sid:100001491; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"124.131.104.112"; content:"Host"; http_header; classtype:trojan-activity; sid:100001492; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"124.131.135.161"; content:"Host"; http_header; classtype:trojan-activity; sid:100001493; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"124.131.146.73"; content:"Host"; http_header; classtype:trojan-activity; sid:100001494; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"124.131.172.96"; content:"Host"; http_header; classtype:trojan-activity; sid:100001495; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"124.131.22.105"; content:"Host"; http_header; classtype:trojan-activity; sid:100001496; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"124.131.42.245"; content:"Host"; http_header; classtype:trojan-activity; sid:100001497; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"124.131.92.80"; content:"Host"; http_header; classtype:trojan-activity; sid:100001498; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"124.131.94.49"; content:"Host"; http_header; classtype:trojan-activity; sid:100001499; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"124.132.2.170"; content:"Host"; http_header; classtype:trojan-activity; sid:100001500; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"124.132.21.230"; content:"Host"; http_header; classtype:trojan-activity; sid:100001501; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"124.132.73.172"; content:"Host"; http_header; classtype:trojan-activity; sid:100001502; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"124.135.151.71"; content:"Host"; http_header; classtype:trojan-activity; sid:100001503; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"124.135.46.139"; content:"Host"; http_header; classtype:trojan-activity; sid:100001504; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"124.152.112.100"; content:"Host"; http_header; classtype:trojan-activity; sid:100001505; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"124.153.136.175"; content:"Host"; http_header; classtype:trojan-activity; sid:100001506; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"124.153.236.6"; content:"Host"; http_header; classtype:trojan-activity; sid:100001507; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"124.160.126.238"; content:"Host"; http_header; classtype:trojan-activity; sid:100001508; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"124.163.102.106"; content:"Host"; http_header; classtype:trojan-activity; sid:100001509; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"124.163.131.135"; content:"Host"; http_header; classtype:trojan-activity; sid:100001510; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"124.163.135.6"; content:"Host"; http_header; classtype:trojan-activity; sid:100001511; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"124.163.162.106"; content:"Host"; http_header; classtype:trojan-activity; sid:100001512; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"124.163.32.44"; content:"Host"; http_header; classtype:trojan-activity; sid:100001513; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"124.163.66.35"; content:"Host"; http_header; classtype:trojan-activity; sid:100001514; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"124.163.77.202"; content:"Host"; http_header; classtype:trojan-activity; sid:100001515; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"124.163.86.63"; content:"Host"; http_header; classtype:trojan-activity; sid:100001516; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"124.165.123.7"; content:"Host"; http_header; classtype:trojan-activity; sid:100001517; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"124.187.111.160"; content:"Host"; http_header; classtype:trojan-activity; sid:100001518; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"124.226.25.249"; content:"Host"; http_header; classtype:trojan-activity; sid:100001519; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"124.230.175.112"; content:"Host"; http_header; classtype:trojan-activity; sid:100001520; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"124.230.207.79"; content:"Host"; http_header; classtype:trojan-activity; sid:100001521; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"124.230.96.15"; content:"Host"; http_header; classtype:trojan-activity; sid:100001522; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"124.231.64.112"; content:"Host"; http_header; classtype:trojan-activity; sid:100001523; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"124.44.91.1"; content:"Host"; http_header; classtype:trojan-activity; sid:100001524; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"124.5.112.43"; content:"Host"; http_header; classtype:trojan-activity; sid:100001525; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"124.6.0.4"; content:"Host"; http_header; classtype:trojan-activity; sid:100001526; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"124.67.89.20"; content:"Host"; http_header; classtype:trojan-activity; sid:100001527; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"124.67.89.28"; content:"Host"; http_header; classtype:trojan-activity; sid:100001528; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"124.91.184.190"; content:"Host"; http_header; classtype:trojan-activity; sid:100001529; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"124.91.209.120"; content:"Host"; http_header; classtype:trojan-activity; sid:100001530; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"124.91.237.139"; content:"Host"; http_header; classtype:trojan-activity; sid:100001531; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"124.91.5.145"; content:"Host"; http_header; classtype:trojan-activity; sid:100001532; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"124.93.81.173"; content:"Host"; http_header; classtype:trojan-activity; sid:100001533; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.104.102.210"; content:"Host"; http_header; classtype:trojan-activity; sid:100001534; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.105.194.48"; content:"Host"; http_header; classtype:trojan-activity; sid:100001535; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.105.215.199"; content:"Host"; http_header; classtype:trojan-activity; sid:100001536; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.106.114.177"; content:"Host"; http_header; classtype:trojan-activity; sid:100001537; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.106.251.56"; content:"Host"; http_header; classtype:trojan-activity; sid:100001538; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.121.140.183"; content:"Host"; http_header; classtype:trojan-activity; sid:100001539; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.125.101.47"; content:"Host"; http_header; classtype:trojan-activity; sid:100001540; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.126.67.1"; content:"Host"; http_header; classtype:trojan-activity; sid:100001541; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.126.77.146"; content:"Host"; http_header; classtype:trojan-activity; sid:100001542; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.131.158.165"; content:"Host"; http_header; classtype:trojan-activity; sid:100001543; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.138.58.177"; content:"Host"; http_header; classtype:trojan-activity; sid:100001544; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.142.180.113"; content:"Host"; http_header; classtype:trojan-activity; sid:100001545; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.180.158.50"; content:"Host"; http_header; classtype:trojan-activity; sid:100001546; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.26.22.53"; content:"Host"; http_header; classtype:trojan-activity; sid:100001547; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.36.150.140"; content:"Host"; http_header; classtype:trojan-activity; sid:100001548; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.36.195.101"; content:"Host"; http_header; classtype:trojan-activity; sid:100001549; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.40.114.127"; content:"Host"; http_header; classtype:trojan-activity; sid:100001550; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.40.152.100"; content:"Host"; http_header; classtype:trojan-activity; sid:100001551; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.40.17.14"; content:"Host"; http_header; classtype:trojan-activity; sid:100001552; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.40.73.110"; content:"Host"; http_header; classtype:trojan-activity; sid:100001553; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.40.74.138"; content:"Host"; http_header; classtype:trojan-activity; sid:100001554; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.41.1.126"; content:"Host"; http_header; classtype:trojan-activity; sid:100001555; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.41.1.241"; content:"Host"; http_header; classtype:trojan-activity; sid:100001556; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.41.11.133"; content:"Host"; http_header; classtype:trojan-activity; sid:100001557; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.41.139.206"; content:"Host"; http_header; classtype:trojan-activity; sid:100001558; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.41.141.157"; content:"Host"; http_header; classtype:trojan-activity; sid:100001559; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.41.142.15"; content:"Host"; http_header; classtype:trojan-activity; sid:100001560; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.41.196.236"; content:"Host"; http_header; classtype:trojan-activity; sid:100001561; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.41.215.99"; content:"Host"; http_header; classtype:trojan-activity; sid:100001562; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.41.220.132"; content:"Host"; http_header; classtype:trojan-activity; sid:100001563; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.41.225.143"; content:"Host"; http_header; classtype:trojan-activity; sid:100001564; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.41.233.109"; content:"Host"; http_header; classtype:trojan-activity; sid:100001565; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.41.3.177"; content:"Host"; http_header; classtype:trojan-activity; sid:100001566; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.41.3.212"; content:"Host"; http_header; classtype:trojan-activity; sid:100001567; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.41.4.101"; content:"Host"; http_header; classtype:trojan-activity; sid:100001568; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.41.5.59"; content:"Host"; http_header; classtype:trojan-activity; sid:100001569; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.41.77.179"; content:"Host"; http_header; classtype:trojan-activity; sid:100001570; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.41.77.232"; content:"Host"; http_header; classtype:trojan-activity; sid:100001571; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.41.82.182"; content:"Host"; http_header; classtype:trojan-activity; sid:100001572; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.41.97.119"; content:"Host"; http_header; classtype:trojan-activity; sid:100001573; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.42.121.89"; content:"Host"; http_header; classtype:trojan-activity; sid:100001574; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.42.127.249"; content:"Host"; http_header; classtype:trojan-activity; sid:100001575; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.42.236.209"; content:"Host"; http_header; classtype:trojan-activity; sid:100001576; rev:1;)
|
2021-07-30 00:11:06 +00:00
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.42.97.216"; content:"Host"; http_header; classtype:trojan-activity; sid:100001577; rev:1;)
|
2021-07-30 12:11:07 +00:00
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.43.1.133"; content:"Host"; http_header; classtype:trojan-activity; sid:100001578; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.43.165.143"; content:"Host"; http_header; classtype:trojan-activity; sid:100001579; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.43.177.16"; content:"Host"; http_header; classtype:trojan-activity; sid:100001580; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.43.213.236"; content:"Host"; http_header; classtype:trojan-activity; sid:100001581; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.43.22.123"; content:"Host"; http_header; classtype:trojan-activity; sid:100001582; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.43.33.73"; content:"Host"; http_header; classtype:trojan-activity; sid:100001583; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.43.5.153"; content:"Host"; http_header; classtype:trojan-activity; sid:100001584; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.43.6.15"; content:"Host"; http_header; classtype:trojan-activity; sid:100001585; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.43.66.150"; content:"Host"; http_header; classtype:trojan-activity; sid:100001586; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.43.9.24"; content:"Host"; http_header; classtype:trojan-activity; sid:100001587; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.43.91.136"; content:"Host"; http_header; classtype:trojan-activity; sid:100001588; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.43.91.45"; content:"Host"; http_header; classtype:trojan-activity; sid:100001589; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.43.93.42"; content:"Host"; http_header; classtype:trojan-activity; sid:100001590; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.44.11.142"; content:"Host"; http_header; classtype:trojan-activity; sid:100001591; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.44.13.29"; content:"Host"; http_header; classtype:trojan-activity; sid:100001592; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.44.147.206"; content:"Host"; http_header; classtype:trojan-activity; sid:100001593; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.44.157.32"; content:"Host"; http_header; classtype:trojan-activity; sid:100001594; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.44.194.87"; content:"Host"; http_header; classtype:trojan-activity; sid:100001595; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.44.206.171"; content:"Host"; http_header; classtype:trojan-activity; sid:100001596; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.44.214.240"; content:"Host"; http_header; classtype:trojan-activity; sid:100001597; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.44.244.76"; content:"Host"; http_header; classtype:trojan-activity; sid:100001598; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.44.246.46"; content:"Host"; http_header; classtype:trojan-activity; sid:100001599; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.44.254.214"; content:"Host"; http_header; classtype:trojan-activity; sid:100001600; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.44.255.109"; content:"Host"; http_header; classtype:trojan-activity; sid:100001601; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.44.36.219"; content:"Host"; http_header; classtype:trojan-activity; sid:100001602; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.44.43.229"; content:"Host"; http_header; classtype:trojan-activity; sid:100001603; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.44.47.144"; content:"Host"; http_header; classtype:trojan-activity; sid:100001604; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.44.66.141"; content:"Host"; http_header; classtype:trojan-activity; sid:100001605; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.44.70.34"; content:"Host"; http_header; classtype:trojan-activity; sid:100001606; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.45.138.79"; content:"Host"; http_header; classtype:trojan-activity; sid:100001607; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.45.153.121"; content:"Host"; http_header; classtype:trojan-activity; sid:100001608; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.45.185.111"; content:"Host"; http_header; classtype:trojan-activity; sid:100001609; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.45.26.23"; content:"Host"; http_header; classtype:trojan-activity; sid:100001610; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.45.41.24"; content:"Host"; http_header; classtype:trojan-activity; sid:100001611; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.45.50.123"; content:"Host"; http_header; classtype:trojan-activity; sid:100001612; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.45.55.154"; content:"Host"; http_header; classtype:trojan-activity; sid:100001613; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.45.59.61"; content:"Host"; http_header; classtype:trojan-activity; sid:100001614; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.45.60.136"; content:"Host"; http_header; classtype:trojan-activity; sid:100001615; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.45.65.0"; content:"Host"; http_header; classtype:trojan-activity; sid:100001616; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.45.8.240"; content:"Host"; http_header; classtype:trojan-activity; sid:100001617; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.46.161.142"; content:"Host"; http_header; classtype:trojan-activity; sid:100001618; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.46.164.218"; content:"Host"; http_header; classtype:trojan-activity; sid:100001619; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.46.183.139"; content:"Host"; http_header; classtype:trojan-activity; sid:100001620; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.46.185.182"; content:"Host"; http_header; classtype:trojan-activity; sid:100001621; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.46.206.209"; content:"Host"; http_header; classtype:trojan-activity; sid:100001622; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.46.222.45"; content:"Host"; http_header; classtype:trojan-activity; sid:100001623; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.46.251.144"; content:"Host"; http_header; classtype:trojan-activity; sid:100001624; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.47.106.136"; content:"Host"; http_header; classtype:trojan-activity; sid:100001625; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.47.106.51"; content:"Host"; http_header; classtype:trojan-activity; sid:100001626; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.47.109.223"; content:"Host"; http_header; classtype:trojan-activity; sid:100001627; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.47.195.119"; content:"Host"; http_header; classtype:trojan-activity; sid:100001628; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.47.195.41"; content:"Host"; http_header; classtype:trojan-activity; sid:100001629; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.47.199.192"; content:"Host"; http_header; classtype:trojan-activity; sid:100001630; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.47.203.175"; content:"Host"; http_header; classtype:trojan-activity; sid:100001631; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.47.204.46"; content:"Host"; http_header; classtype:trojan-activity; sid:100001632; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.47.219.14"; content:"Host"; http_header; classtype:trojan-activity; sid:100001633; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.47.221.42"; content:"Host"; http_header; classtype:trojan-activity; sid:100001634; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.47.240.152"; content:"Host"; http_header; classtype:trojan-activity; sid:100001635; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.47.244.77"; content:"Host"; http_header; classtype:trojan-activity; sid:100001636; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.47.247.109"; content:"Host"; http_header; classtype:trojan-activity; sid:100001637; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.47.247.130"; content:"Host"; http_header; classtype:trojan-activity; sid:100001638; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.47.247.43"; content:"Host"; http_header; classtype:trojan-activity; sid:100001639; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.47.49.201"; content:"Host"; http_header; classtype:trojan-activity; sid:100001640; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.47.55.233"; content:"Host"; http_header; classtype:trojan-activity; sid:100001641; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.47.60.139"; content:"Host"; http_header; classtype:trojan-activity; sid:100001642; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.47.64.70"; content:"Host"; http_header; classtype:trojan-activity; sid:100001643; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.47.85.202"; content:"Host"; http_header; classtype:trojan-activity; sid:100001644; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.47.87.235"; content:"Host"; http_header; classtype:trojan-activity; sid:100001645; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.47.90.143"; content:"Host"; http_header; classtype:trojan-activity; sid:100001646; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.65.36.112"; content:"Host"; http_header; classtype:trojan-activity; sid:100001647; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.90.254.132"; content:"Host"; http_header; classtype:trojan-activity; sid:100001648; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"125.94.178.9"; content:"Host"; http_header; classtype:trojan-activity; sid:100001649; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"128.116.229.180"; content:"Host"; http_header; classtype:trojan-activity; sid:100001650; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"13.212.85.21"; content:"Host"; http_header; classtype:trojan-activity; sid:100001651; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"130.255.159.133"; content:"Host"; http_header; classtype:trojan-activity; sid:100001652; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"135.125.205.204"; content:"Host"; http_header; classtype:trojan-activity; sid:100001653; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"135.148.55.139"; content:"Host"; http_header; classtype:trojan-activity; sid:100001654; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"136.144.41.127"; content:"Host"; http_header; classtype:trojan-activity; sid:100001655; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"136.144.41.14"; content:"Host"; http_header; classtype:trojan-activity; sid:100001656; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"136.144.41.150"; content:"Host"; http_header; classtype:trojan-activity; sid:100001657; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"136.144.41.194"; content:"Host"; http_header; classtype:trojan-activity; sid:100001658; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"137.175.56.104"; content:"Host"; http_header; classtype:trojan-activity; sid:100001659; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"138.99.204.224"; content:"Host"; http_header; classtype:trojan-activity; sid:100001660; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"139.216.102.151"; content:"Host"; http_header; classtype:trojan-activity; sid:100001661; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"139.216.232.124"; content:"Host"; http_header; classtype:trojan-activity; sid:100001662; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"139.99.117.248"; content:"Host"; http_header; classtype:trojan-activity; sid:100001663; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"14.102.17.222"; content:"Host"; http_header; classtype:trojan-activity; sid:100001664; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"14.109.255.204"; content:"Host"; http_header; classtype:trojan-activity; sid:100001665; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"14.136.80.242"; content:"Host"; http_header; classtype:trojan-activity; sid:100001666; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"14.160.2.206"; content:"Host"; http_header; classtype:trojan-activity; sid:100001667; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"14.161.191.53"; content:"Host"; http_header; classtype:trojan-activity; sid:100001668; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"14.161.197.66"; content:"Host"; http_header; classtype:trojan-activity; sid:100001669; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"14.161.27.74"; content:"Host"; http_header; classtype:trojan-activity; sid:100001670; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"14.170.133.28"; content:"Host"; http_header; classtype:trojan-activity; sid:100001671; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"14.172.22.192"; content:"Host"; http_header; classtype:trojan-activity; sid:100001672; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"14.173.103.86"; content:"Host"; http_header; classtype:trojan-activity; sid:100001673; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"14.177.43.137"; content:"Host"; http_header; classtype:trojan-activity; sid:100001674; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"14.179.62.220"; content:"Host"; http_header; classtype:trojan-activity; sid:100001675; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"14.183.118.194"; content:"Host"; http_header; classtype:trojan-activity; sid:100001676; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"14.188.118.202"; content:"Host"; http_header; classtype:trojan-activity; sid:100001677; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"14.189.232.104"; content:"Host"; http_header; classtype:trojan-activity; sid:100001678; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"14.189.247.243"; content:"Host"; http_header; classtype:trojan-activity; sid:100001679; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"14.191.19.38"; content:"Host"; http_header; classtype:trojan-activity; sid:100001680; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"14.192.244.196"; content:"Host"; http_header; classtype:trojan-activity; sid:100001681; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"14.202.243.246"; content:"Host"; http_header; classtype:trojan-activity; sid:100001682; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"14.226.172.231"; content:"Host"; http_header; classtype:trojan-activity; sid:100001683; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"14.226.175.189"; content:"Host"; http_header; classtype:trojan-activity; sid:100001684; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"14.226.184.8"; content:"Host"; http_header; classtype:trojan-activity; sid:100001685; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"14.230.63.26"; content:"Host"; http_header; classtype:trojan-activity; sid:100001686; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"14.230.67.25"; content:"Host"; http_header; classtype:trojan-activity; sid:100001687; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"14.231.124.19"; content:"Host"; http_header; classtype:trojan-activity; sid:100001688; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"14.232.231.220"; content:"Host"; http_header; classtype:trojan-activity; sid:100001689; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"14.232.85.244"; content:"Host"; http_header; classtype:trojan-activity; sid:100001690; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"14.234.143.194"; content:"Host"; http_header; classtype:trojan-activity; sid:100001691; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"14.237.247.148"; content:"Host"; http_header; classtype:trojan-activity; sid:100001692; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"14.241.227.216"; content:"Host"; http_header; classtype:trojan-activity; sid:100001693; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"14.241.244.250"; content:"Host"; http_header; classtype:trojan-activity; sid:100001694; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"14.251.17.115"; content:"Host"; http_header; classtype:trojan-activity; sid:100001695; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"14.252.246.176"; content:"Host"; http_header; classtype:trojan-activity; sid:100001696; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"14.252.67.224"; content:"Host"; http_header; classtype:trojan-activity; sid:100001697; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"14.32.224.137"; content:"Host"; http_header; classtype:trojan-activity; sid:100001698; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"14.32.54.142"; content:"Host"; http_header; classtype:trojan-activity; sid:100001699; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"14.34.157.101"; content:"Host"; http_header; classtype:trojan-activity; sid:100001700; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"14.37.222.190"; content:"Host"; http_header; classtype:trojan-activity; sid:100001701; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"14.37.24.72"; content:"Host"; http_header; classtype:trojan-activity; sid:100001702; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"14.39.184.13"; content:"Host"; http_header; classtype:trojan-activity; sid:100001703; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"14.42.160.123"; content:"Host"; http_header; classtype:trojan-activity; sid:100001704; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"14.42.237.237"; content:"Host"; http_header; classtype:trojan-activity; sid:100001705; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"14.45.113.241"; content:"Host"; http_header; classtype:trojan-activity; sid:100001706; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"14.45.127.110"; content:"Host"; http_header; classtype:trojan-activity; sid:100001707; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"14.46.25.17"; content:"Host"; http_header; classtype:trojan-activity; sid:100001708; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"14.49.81.41"; content:"Host"; http_header; classtype:trojan-activity; sid:100001709; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"14.50.129.248"; content:"Host"; http_header; classtype:trojan-activity; sid:100001710; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"14.54.171.251"; content:"Host"; http_header; classtype:trojan-activity; sid:100001711; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"14.55.29.61"; content:"Host"; http_header; classtype:trojan-activity; sid:100001712; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"140.237.28.234"; content:"Host"; http_header; classtype:trojan-activity; sid:100001713; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"141.136.94.192"; content:"Host"; http_header; classtype:trojan-activity; sid:100001714; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"142.177.56.127"; content:"Host"; http_header; classtype:trojan-activity; sid:100001715; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"143.0.247.106"; content:"Host"; http_header; classtype:trojan-activity; sid:100001716; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"144.139.130.6"; content:"Host"; http_header; classtype:trojan-activity; sid:100001717; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"144.48.250.153"; content:"Host"; http_header; classtype:trojan-activity; sid:100001718; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"147.124.222.75"; content:"Host"; http_header; classtype:trojan-activity; sid:100001719; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"149.20.176.179"; content:"Host"; http_header; classtype:trojan-activity; sid:100001720; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"149.3.73.225"; content:"Host"; http_header; classtype:trojan-activity; sid:100001721; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"150.116.111.48"; content:"Host"; http_header; classtype:trojan-activity; sid:100001722; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"151.51.128.173"; content:"Host"; http_header; classtype:trojan-activity; sid:100001723; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"152.89.239.4"; content:"Host"; http_header; classtype:trojan-activity; sid:100001724; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"153.101.139.197"; content:"Host"; http_header; classtype:trojan-activity; sid:100001725; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"153.101.155.229"; content:"Host"; http_header; classtype:trojan-activity; sid:100001726; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"153.101.232.249"; content:"Host"; http_header; classtype:trojan-activity; sid:100001727; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"153.101.240.6"; content:"Host"; http_header; classtype:trojan-activity; sid:100001728; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"153.101.9.18"; content:"Host"; http_header; classtype:trojan-activity; sid:100001729; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"153.3.130.249"; content:"Host"; http_header; classtype:trojan-activity; sid:100001730; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"153.3.152.61"; content:"Host"; http_header; classtype:trojan-activity; sid:100001731; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"153.3.32.177"; content:"Host"; http_header; classtype:trojan-activity; sid:100001732; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"153.3.36.14"; content:"Host"; http_header; classtype:trojan-activity; sid:100001733; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"153.3.65.77"; content:"Host"; http_header; classtype:trojan-activity; sid:100001734; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"153.35.141.190"; content:"Host"; http_header; classtype:trojan-activity; sid:100001735; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"153.35.27.64"; content:"Host"; http_header; classtype:trojan-activity; sid:100001736; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"153.36.133.146"; content:"Host"; http_header; classtype:trojan-activity; sid:100001737; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"153.37.121.51"; content:"Host"; http_header; classtype:trojan-activity; sid:100001738; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"153.37.202.149"; content:"Host"; http_header; classtype:trojan-activity; sid:100001739; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"153.37.241.231"; content:"Host"; http_header; classtype:trojan-activity; sid:100001740; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"153.99.151.12"; content:"Host"; http_header; classtype:trojan-activity; sid:100001741; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"154.126.178.16"; content:"Host"; http_header; classtype:trojan-activity; sid:100001742; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"155.94.228.223"; content:"Host"; http_header; classtype:trojan-activity; sid:100001743; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"156.155.195.179"; content:"Host"; http_header; classtype:trojan-activity; sid:100001744; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"156.96.156.105"; content:"Host"; http_header; classtype:trojan-activity; sid:100001745; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"157.122.107.134"; content:"Host"; http_header; classtype:trojan-activity; sid:100001746; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"158.101.165.14"; content:"Host"; http_header; classtype:trojan-activity; sid:100001747; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"158.222.165.33"; content:"Host"; http_header; classtype:trojan-activity; sid:100001748; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"159.196.231.206"; content:"Host"; http_header; classtype:trojan-activity; sid:100001749; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"162.155.192.189"; content:"Host"; http_header; classtype:trojan-activity; sid:100001750; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"162.194.28.60"; content:"Host"; http_header; classtype:trojan-activity; sid:100001751; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"162.199.213.252"; content:"Host"; http_header; classtype:trojan-activity; sid:100001752; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"162.209.98.174"; content:"Host"; http_header; classtype:trojan-activity; sid:100001753; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"162.223.91.111"; content:"Host"; http_header; classtype:trojan-activity; sid:100001754; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"163.125.137.161"; content:"Host"; http_header; classtype:trojan-activity; sid:100001755; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"163.125.174.87"; content:"Host"; http_header; classtype:trojan-activity; sid:100001756; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"163.125.180.14"; content:"Host"; http_header; classtype:trojan-activity; sid:100001757; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"163.125.183.58"; content:"Host"; http_header; classtype:trojan-activity; sid:100001758; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"163.125.187.186"; content:"Host"; http_header; classtype:trojan-activity; sid:100001759; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"163.125.192.169"; content:"Host"; http_header; classtype:trojan-activity; sid:100001760; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"163.125.195.201"; content:"Host"; http_header; classtype:trojan-activity; sid:100001761; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"163.125.195.210"; content:"Host"; http_header; classtype:trojan-activity; sid:100001762; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"163.125.231.66"; content:"Host"; http_header; classtype:trojan-activity; sid:100001763; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"163.125.237.124"; content:"Host"; http_header; classtype:trojan-activity; sid:100001764; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"163.125.244.189"; content:"Host"; http_header; classtype:trojan-activity; sid:100001765; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"163.125.247.217"; content:"Host"; http_header; classtype:trojan-activity; sid:100001766; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"163.125.68.152"; content:"Host"; http_header; classtype:trojan-activity; sid:100001767; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"163.125.68.20"; content:"Host"; http_header; classtype:trojan-activity; sid:100001768; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"163.142.100.231"; content:"Host"; http_header; classtype:trojan-activity; sid:100001769; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"163.142.101.108"; content:"Host"; http_header; classtype:trojan-activity; sid:100001770; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"163.142.103.100"; content:"Host"; http_header; classtype:trojan-activity; sid:100001771; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"163.142.123.107"; content:"Host"; http_header; classtype:trojan-activity; sid:100001772; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"163.142.123.200"; content:"Host"; http_header; classtype:trojan-activity; sid:100001773; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"163.142.228.81"; content:"Host"; http_header; classtype:trojan-activity; sid:100001774; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"163.179.160.141"; content:"Host"; http_header; classtype:trojan-activity; sid:100001775; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"163.179.161.150"; content:"Host"; http_header; classtype:trojan-activity; sid:100001776; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"163.179.163.252"; content:"Host"; http_header; classtype:trojan-activity; sid:100001777; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"163.179.164.216"; content:"Host"; http_header; classtype:trojan-activity; sid:100001778; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"163.179.164.24"; content:"Host"; http_header; classtype:trojan-activity; sid:100001779; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"163.179.164.60"; content:"Host"; http_header; classtype:trojan-activity; sid:100001780; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"163.179.165.104"; content:"Host"; http_header; classtype:trojan-activity; sid:100001781; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"163.179.166.193"; content:"Host"; http_header; classtype:trojan-activity; sid:100001782; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"163.179.168.70"; content:"Host"; http_header; classtype:trojan-activity; sid:100001783; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"163.179.169.217"; content:"Host"; http_header; classtype:trojan-activity; sid:100001784; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"163.179.170.148"; content:"Host"; http_header; classtype:trojan-activity; sid:100001785; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"163.179.170.31"; content:"Host"; http_header; classtype:trojan-activity; sid:100001786; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"163.179.171.135"; content:"Host"; http_header; classtype:trojan-activity; sid:100001787; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"163.179.171.8"; content:"Host"; http_header; classtype:trojan-activity; sid:100001788; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"163.179.172.111"; content:"Host"; http_header; classtype:trojan-activity; sid:100001789; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"163.179.172.125"; content:"Host"; http_header; classtype:trojan-activity; sid:100001790; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"163.179.174.217"; content:"Host"; http_header; classtype:trojan-activity; sid:100001791; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"163.179.217.145"; content:"Host"; http_header; classtype:trojan-activity; sid:100001792; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"163.179.217.247"; content:"Host"; http_header; classtype:trojan-activity; sid:100001793; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"163.204.211.220"; content:"Host"; http_header; classtype:trojan-activity; sid:100001794; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"163.204.216.171"; content:"Host"; http_header; classtype:trojan-activity; sid:100001795; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"163.204.220.253"; content:"Host"; http_header; classtype:trojan-activity; sid:100001796; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"163.204.221.5"; content:"Host"; http_header; classtype:trojan-activity; sid:100001797; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"163.204.221.67"; content:"Host"; http_header; classtype:trojan-activity; sid:100001798; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"163.204.223.242"; content:"Host"; http_header; classtype:trojan-activity; sid:100001799; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"163.53.206.228"; content:"Host"; http_header; classtype:trojan-activity; sid:100001800; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"163.53.253.241"; content:"Host"; http_header; classtype:trojan-activity; sid:100001801; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"168.138.143.186"; content:"Host"; http_header; classtype:trojan-activity; sid:100001802; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"170.78.71.93"; content:"Host"; http_header; classtype:trojan-activity; sid:100001803; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"171.112.176.136"; content:"Host"; http_header; classtype:trojan-activity; sid:100001804; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"171.112.179.254"; content:"Host"; http_header; classtype:trojan-activity; sid:100001805; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"171.112.28.232"; content:"Host"; http_header; classtype:trojan-activity; sid:100001806; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"171.116.40.232"; content:"Host"; http_header; classtype:trojan-activity; sid:100001807; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"171.119.192.140"; content:"Host"; http_header; classtype:trojan-activity; sid:100001808; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"171.119.199.43"; content:"Host"; http_header; classtype:trojan-activity; sid:100001809; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"171.119.223.181"; content:"Host"; http_header; classtype:trojan-activity; sid:100001810; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"171.119.240.37"; content:"Host"; http_header; classtype:trojan-activity; sid:100001811; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"171.121.255.14"; content:"Host"; http_header; classtype:trojan-activity; sid:100001812; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"171.123.124.127"; content:"Host"; http_header; classtype:trojan-activity; sid:100001813; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"171.123.152.137"; content:"Host"; http_header; classtype:trojan-activity; sid:100001814; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"171.124.236.8"; content:"Host"; http_header; classtype:trojan-activity; sid:100001815; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"171.125.207.90"; content:"Host"; http_header; classtype:trojan-activity; sid:100001816; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"171.125.22.104"; content:"Host"; http_header; classtype:trojan-activity; sid:100001817; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"171.125.23.229"; content:"Host"; http_header; classtype:trojan-activity; sid:100001818; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"171.125.237.125"; content:"Host"; http_header; classtype:trojan-activity; sid:100001819; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"171.125.50.181"; content:"Host"; http_header; classtype:trojan-activity; sid:100001820; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"171.125.97.32"; content:"Host"; http_header; classtype:trojan-activity; sid:100001821; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"171.217.31.2"; content:"Host"; http_header; classtype:trojan-activity; sid:100001822; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"171.240.154.171"; content:"Host"; http_header; classtype:trojan-activity; sid:100001823; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"171.34.177.143"; content:"Host"; http_header; classtype:trojan-activity; sid:100001824; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"171.35.160.154"; content:"Host"; http_header; classtype:trojan-activity; sid:100001825; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"171.35.161.152"; content:"Host"; http_header; classtype:trojan-activity; sid:100001826; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"171.35.161.99"; content:"Host"; http_header; classtype:trojan-activity; sid:100001827; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"171.35.163.81"; content:"Host"; http_header; classtype:trojan-activity; sid:100001828; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"171.35.166.114"; content:"Host"; http_header; classtype:trojan-activity; sid:100001829; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"171.35.171.205"; content:"Host"; http_header; classtype:trojan-activity; sid:100001830; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"171.35.172.227"; content:"Host"; http_header; classtype:trojan-activity; sid:100001831; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"171.36.147.6"; content:"Host"; http_header; classtype:trojan-activity; sid:100001832; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"171.36.166.74"; content:"Host"; http_header; classtype:trojan-activity; sid:100001833; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"171.37.0.118"; content:"Host"; http_header; classtype:trojan-activity; sid:100001834; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"171.37.95.203"; content:"Host"; http_header; classtype:trojan-activity; sid:100001835; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"171.38.145.178"; content:"Host"; http_header; classtype:trojan-activity; sid:100001836; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"171.38.150.254"; content:"Host"; http_header; classtype:trojan-activity; sid:100001837; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"171.38.195.177"; content:"Host"; http_header; classtype:trojan-activity; sid:100001838; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"171.38.217.70"; content:"Host"; http_header; classtype:trojan-activity; sid:100001839; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"171.38.85.56"; content:"Host"; http_header; classtype:trojan-activity; sid:100001840; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"171.40.120.65"; content:"Host"; http_header; classtype:trojan-activity; sid:100001841; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"171.40.183.162"; content:"Host"; http_header; classtype:trojan-activity; sid:100001842; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"171.42.161.18"; content:"Host"; http_header; classtype:trojan-activity; sid:100001843; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"171.42.62.52"; content:"Host"; http_header; classtype:trojan-activity; sid:100001844; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"171.44.240.47"; content:"Host"; http_header; classtype:trojan-activity; sid:100001845; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"171.81.70.223"; content:"Host"; http_header; classtype:trojan-activity; sid:100001846; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"172.105.36.168"; content:"Host"; http_header; classtype:trojan-activity; sid:100001847; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"172.245.110.122"; content:"Host"; http_header; classtype:trojan-activity; sid:100001848; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"172.245.119.43"; content:"Host"; http_header; classtype:trojan-activity; sid:100001849; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"172.245.27.25"; content:"Host"; http_header; classtype:trojan-activity; sid:100001850; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"172.245.7.14"; content:"Host"; http_header; classtype:trojan-activity; sid:100001851; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"172.88.228.41"; content:"Host"; http_header; classtype:trojan-activity; sid:100001852; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"173.167.85.89"; content:"Host"; http_header; classtype:trojan-activity; sid:100001853; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"173.19.58.108"; content:"Host"; http_header; classtype:trojan-activity; sid:100001854; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"173.220.222.227"; content:"Host"; http_header; classtype:trojan-activity; sid:100001855; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"173.235.209.70"; content:"Host"; http_header; classtype:trojan-activity; sid:100001856; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"173.49.116.46"; content:"Host"; http_header; classtype:trojan-activity; sid:100001857; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"173.52.95.134"; content:"Host"; http_header; classtype:trojan-activity; sid:100001858; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"173.52.97.25"; content:"Host"; http_header; classtype:trojan-activity; sid:100001859; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"173.56.119.108"; content:"Host"; http_header; classtype:trojan-activity; sid:100001860; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"173.56.92.166"; content:"Host"; http_header; classtype:trojan-activity; sid:100001861; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"173.63.39.192"; content:"Host"; http_header; classtype:trojan-activity; sid:100001862; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"173.68.158.62"; content:"Host"; http_header; classtype:trojan-activity; sid:100001863; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"173.77.217.250"; content:"Host"; http_header; classtype:trojan-activity; sid:100001864; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"174.106.33.85"; content:"Host"; http_header; classtype:trojan-activity; sid:100001865; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"174.61.3.149"; content:"Host"; http_header; classtype:trojan-activity; sid:100001866; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"174.73.246.193"; content:"Host"; http_header; classtype:trojan-activity; sid:100001867; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"174.81.78.7"; content:"Host"; http_header; classtype:trojan-activity; sid:100001868; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.0.60.28"; content:"Host"; http_header; classtype:trojan-activity; sid:100001869; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.0.62.107"; content:"Host"; http_header; classtype:trojan-activity; sid:100001870; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.10.110.5"; content:"Host"; http_header; classtype:trojan-activity; sid:100001871; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.10.18.167"; content:"Host"; http_header; classtype:trojan-activity; sid:100001872; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.10.19.32"; content:"Host"; http_header; classtype:trojan-activity; sid:100001873; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.10.213.201"; content:"Host"; http_header; classtype:trojan-activity; sid:100001874; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.10.243.83"; content:"Host"; http_header; classtype:trojan-activity; sid:100001875; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.10.50.26"; content:"Host"; http_header; classtype:trojan-activity; sid:100001876; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.10.74.254"; content:"Host"; http_header; classtype:trojan-activity; sid:100001877; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.10.75.44"; content:"Host"; http_header; classtype:trojan-activity; sid:100001878; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.10.90.36"; content:"Host"; http_header; classtype:trojan-activity; sid:100001879; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.11.20.216"; content:"Host"; http_header; classtype:trojan-activity; sid:100001880; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.11.200.158"; content:"Host"; http_header; classtype:trojan-activity; sid:100001881; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.11.52.152"; content:"Host"; http_header; classtype:trojan-activity; sid:100001882; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.11.52.47"; content:"Host"; http_header; classtype:trojan-activity; sid:100001883; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.11.53.191"; content:"Host"; http_header; classtype:trojan-activity; sid:100001884; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.11.71.135"; content:"Host"; http_header; classtype:trojan-activity; sid:100001885; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.11.72.113"; content:"Host"; http_header; classtype:trojan-activity; sid:100001886; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.11.72.244"; content:"Host"; http_header; classtype:trojan-activity; sid:100001887; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.11.8.238"; content:"Host"; http_header; classtype:trojan-activity; sid:100001888; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.113.50.212"; content:"Host"; http_header; classtype:trojan-activity; sid:100001889; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.113.50.216"; content:"Host"; http_header; classtype:trojan-activity; sid:100001890; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.113.50.217"; content:"Host"; http_header; classtype:trojan-activity; sid:100001891; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.113.50.232"; content:"Host"; http_header; classtype:trojan-activity; sid:100001892; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.113.50.233"; content:"Host"; http_header; classtype:trojan-activity; sid:100001893; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.120.243.137"; content:"Host"; http_header; classtype:trojan-activity; sid:100001894; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.146.20.96"; content:"Host"; http_header; classtype:trojan-activity; sid:100001895; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.146.217.159"; content:"Host"; http_header; classtype:trojan-activity; sid:100001896; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.160.121.40"; content:"Host"; http_header; classtype:trojan-activity; sid:100001897; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.160.124.111"; content:"Host"; http_header; classtype:trojan-activity; sid:100001898; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.160.247.137"; content:"Host"; http_header; classtype:trojan-activity; sid:100001899; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.160.55.96"; content:"Host"; http_header; classtype:trojan-activity; sid:100001900; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.162.117.36"; content:"Host"; http_header; classtype:trojan-activity; sid:100001901; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.162.163.254"; content:"Host"; http_header; classtype:trojan-activity; sid:100001902; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.163.68.83"; content:"Host"; http_header; classtype:trojan-activity; sid:100001903; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.164.71.62"; content:"Host"; http_header; classtype:trojan-activity; sid:100001904; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.165.29.142"; content:"Host"; http_header; classtype:trojan-activity; sid:100001905; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.168.158.72"; content:"Host"; http_header; classtype:trojan-activity; sid:100001906; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.168.234.190"; content:"Host"; http_header; classtype:trojan-activity; sid:100001907; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.168.86.28"; content:"Host"; http_header; classtype:trojan-activity; sid:100001908; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.169.206.125"; content:"Host"; http_header; classtype:trojan-activity; sid:100001909; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.169.28.172"; content:"Host"; http_header; classtype:trojan-activity; sid:100001910; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.17.56.236"; content:"Host"; http_header; classtype:trojan-activity; sid:100001911; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.170.71.192"; content:"Host"; http_header; classtype:trojan-activity; sid:100001912; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.172.207.58"; content:"Host"; http_header; classtype:trojan-activity; sid:100001913; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.172.50.111"; content:"Host"; http_header; classtype:trojan-activity; sid:100001914; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.172.62.101"; content:"Host"; http_header; classtype:trojan-activity; sid:100001915; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.192.167.15"; content:"Host"; http_header; classtype:trojan-activity; sid:100001916; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.199.0.161"; content:"Host"; http_header; classtype:trojan-activity; sid:100001917; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.201.20.97"; content:"Host"; http_header; classtype:trojan-activity; sid:100001918; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.202.73.59"; content:"Host"; http_header; classtype:trojan-activity; sid:100001919; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.212.195.193"; content:"Host"; http_header; classtype:trojan-activity; sid:100001920; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.213.25.192"; content:"Host"; http_header; classtype:trojan-activity; sid:100001921; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.215.141.197"; content:"Host"; http_header; classtype:trojan-activity; sid:100001922; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.42.44.23"; content:"Host"; http_header; classtype:trojan-activity; sid:100001923; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.44.158.237"; content:"Host"; http_header; classtype:trojan-activity; sid:100001924; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.44.4.231"; content:"Host"; http_header; classtype:trojan-activity; sid:100001925; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.8.113.22"; content:"Host"; http_header; classtype:trojan-activity; sid:100001926; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.8.31.194"; content:"Host"; http_header; classtype:trojan-activity; sid:100001927; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.9.132.216"; content:"Host"; http_header; classtype:trojan-activity; sid:100001928; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.9.171.142"; content:"Host"; http_header; classtype:trojan-activity; sid:100001929; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.9.220.246"; content:"Host"; http_header; classtype:trojan-activity; sid:100001930; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.9.220.251"; content:"Host"; http_header; classtype:trojan-activity; sid:100001931; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.9.232.187"; content:"Host"; http_header; classtype:trojan-activity; sid:100001932; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.9.38.227"; content:"Host"; http_header; classtype:trojan-activity; sid:100001933; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"175.9.89.7"; content:"Host"; http_header; classtype:trojan-activity; sid:100001934; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"176.103.16.188"; content:"Host"; http_header; classtype:trojan-activity; sid:100001935; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"176.12.117.66"; content:"Host"; http_header; classtype:trojan-activity; sid:100001936; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"176.12.117.70"; content:"Host"; http_header; classtype:trojan-activity; sid:100001937; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"176.123.5.170"; content:"Host"; http_header; classtype:trojan-activity; sid:100001938; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"176.123.5.44"; content:"Host"; http_header; classtype:trojan-activity; sid:100001939; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"176.123.6.196"; content:"Host"; http_header; classtype:trojan-activity; sid:100001940; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"176.123.7.127"; content:"Host"; http_header; classtype:trojan-activity; sid:100001941; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"176.214.197.33"; content:"Host"; http_header; classtype:trojan-activity; sid:100001942; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"176.221.188.14"; content:"Host"; http_header; classtype:trojan-activity; sid:100001943; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"176.221.188.251"; content:"Host"; http_header; classtype:trojan-activity; sid:100001944; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"176.221.242.166"; content:"Host"; http_header; classtype:trojan-activity; sid:100001945; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"176.240.18.92"; content:"Host"; http_header; classtype:trojan-activity; sid:100001946; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"176.35.202.86"; content:"Host"; http_header; classtype:trojan-activity; sid:100001947; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"177.11.92.78"; content:"Host"; http_header; classtype:trojan-activity; sid:100001948; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"177.131.226.235"; content:"Host"; http_header; classtype:trojan-activity; sid:100001949; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"177.136.173.36"; content:"Host"; http_header; classtype:trojan-activity; sid:100001950; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"177.192.202.230"; content:"Host"; http_header; classtype:trojan-activity; sid:100001951; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"177.212.163.114"; content:"Host"; http_header; classtype:trojan-activity; sid:100001952; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"177.22.226.148"; content:"Host"; http_header; classtype:trojan-activity; sid:100001953; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"177.22.235.119"; content:"Host"; http_header; classtype:trojan-activity; sid:100001954; rev:1;)
|
2021-07-30 00:11:06 +00:00
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"177.38.187.16"; content:"Host"; http_header; classtype:trojan-activity; sid:100001955; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"177.52.77.136"; content:"Host"; http_header; classtype:trojan-activity; sid:100001956; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"177.52.77.99"; content:"Host"; http_header; classtype:trojan-activity; sid:100001957; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"177.54.82.154"; content:"Host"; http_header; classtype:trojan-activity; sid:100001958; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"178.134.185.36"; content:"Host"; http_header; classtype:trojan-activity; sid:100001959; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"178.134.185.75"; content:"Host"; http_header; classtype:trojan-activity; sid:100001960; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"178.141.11.211"; content:"Host"; http_header; classtype:trojan-activity; sid:100001961; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"178.141.154.207"; content:"Host"; http_header; classtype:trojan-activity; sid:100001962; rev:1;)
|
2021-07-30 12:11:07 +00:00
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"178.141.49.24"; content:"Host"; http_header; classtype:trojan-activity; sid:100001963; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"178.141.68.236"; content:"Host"; http_header; classtype:trojan-activity; sid:100001964; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"178.141.73.51"; content:"Host"; http_header; classtype:trojan-activity; sid:100001965; rev:1;)
|
2021-07-30 00:11:06 +00:00
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"178.150.174.65"; content:"Host"; http_header; classtype:trojan-activity; sid:100001966; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"178.151.143.2"; content:"Host"; http_header; classtype:trojan-activity; sid:100001967; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"178.169.210.253"; content:"Host"; http_header; classtype:trojan-activity; sid:100001968; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"178.173.143.86"; content:"Host"; http_header; classtype:trojan-activity; sid:100001969; rev:1;)
|
2021-07-30 12:11:07 +00:00
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"178.174.155.104"; content:"Host"; http_header; classtype:trojan-activity; sid:100001970; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"178.19.183.14"; content:"Host"; http_header; classtype:trojan-activity; sid:100001971; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"178.205.101.33"; content:"Host"; http_header; classtype:trojan-activity; sid:100001972; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"178.21.164.68"; content:"Host"; http_header; classtype:trojan-activity; sid:100001973; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"178.22.117.102"; content:"Host"; http_header; classtype:trojan-activity; sid:100001974; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"178.222.252.130"; content:"Host"; http_header; classtype:trojan-activity; sid:100001975; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"178.235.209.52"; content:"Host"; http_header; classtype:trojan-activity; sid:100001976; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"178.34.11.157"; content:"Host"; http_header; classtype:trojan-activity; sid:100001977; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"178.34.183.30"; content:"Host"; http_header; classtype:trojan-activity; sid:100001978; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"178.34.45.119"; content:"Host"; http_header; classtype:trojan-activity; sid:100001979; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"178.48.235.59"; content:"Host"; http_header; classtype:trojan-activity; sid:100001980; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"178.95.146.118"; content:"Host"; http_header; classtype:trojan-activity; sid:100001981; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"178.95.86.208"; content:"Host"; http_header; classtype:trojan-activity; sid:100001982; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"179.159.58.134"; content:"Host"; http_header; classtype:trojan-activity; sid:100001983; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"179.42.105.216"; content:"Host"; http_header; classtype:trojan-activity; sid:100001984; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"179.43.140.150"; content:"Host"; http_header; classtype:trojan-activity; sid:100001985; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"179.43.187.131"; content:"Host"; http_header; classtype:trojan-activity; sid:100001986; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"179.56.146.15"; content:"Host"; http_header; classtype:trojan-activity; sid:100001987; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"180.107.111.149"; content:"Host"; http_header; classtype:trojan-activity; sid:100001988; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"180.108.163.4"; content:"Host"; http_header; classtype:trojan-activity; sid:100001989; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"180.110.182.249"; content:"Host"; http_header; classtype:trojan-activity; sid:100001990; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"180.115.7.224"; content:"Host"; http_header; classtype:trojan-activity; sid:100001991; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"180.116.217.151"; content:"Host"; http_header; classtype:trojan-activity; sid:100001992; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"180.116.223.213"; content:"Host"; http_header; classtype:trojan-activity; sid:100001993; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"180.116.27.164"; content:"Host"; http_header; classtype:trojan-activity; sid:100001994; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"180.116.90.218"; content:"Host"; http_header; classtype:trojan-activity; sid:100001995; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"180.117.32.144"; content:"Host"; http_header; classtype:trojan-activity; sid:100001996; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"180.124.135.215"; content:"Host"; http_header; classtype:trojan-activity; sid:100001997; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"180.137.148.15"; content:"Host"; http_header; classtype:trojan-activity; sid:100001998; rev:1;)
|
2021-07-30 00:11:06 +00:00
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"180.176.105.41"; content:"Host"; http_header; classtype:trojan-activity; sid:100001999; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"180.176.165.230"; content:"Host"; http_header; classtype:trojan-activity; sid:100002000; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"180.177.104.65"; content:"Host"; http_header; classtype:trojan-activity; sid:100002001; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"180.177.180.6"; content:"Host"; http_header; classtype:trojan-activity; sid:100002002; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"180.177.212.149"; content:"Host"; http_header; classtype:trojan-activity; sid:100002003; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"180.177.242.73"; content:"Host"; http_header; classtype:trojan-activity; sid:100002004; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"180.177.5.36"; content:"Host"; http_header; classtype:trojan-activity; sid:100002005; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"180.177.82.113"; content:"Host"; http_header; classtype:trojan-activity; sid:100002006; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"180.214.239.39"; content:"Host"; http_header; classtype:trojan-activity; sid:100002007; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"180.218.5.171"; content:"Host"; http_header; classtype:trojan-activity; sid:100002008; rev:1;)
|
2021-07-30 12:11:07 +00:00
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"180.250.7.106"; content:"Host"; http_header; classtype:trojan-activity; sid:100002009; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"180.94.170.166"; content:"Host"; http_header; classtype:trojan-activity; sid:100002010; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"181.112.138.154"; content:"Host"; http_header; classtype:trojan-activity; sid:100002011; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"181.112.218.238"; content:"Host"; http_header; classtype:trojan-activity; sid:100002012; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"181.112.218.6"; content:"Host"; http_header; classtype:trojan-activity; sid:100002013; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"181.143.197.179"; content:"Host"; http_header; classtype:trojan-activity; sid:100002014; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"181.143.60.163"; content:"Host"; http_header; classtype:trojan-activity; sid:100002015; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"181.168.213.117"; content:"Host"; http_header; classtype:trojan-activity; sid:100002016; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"181.188.105.127"; content:"Host"; http_header; classtype:trojan-activity; sid:100002017; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"181.199.170.210"; content:"Host"; http_header; classtype:trojan-activity; sid:100002018; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"181.199.170.222"; content:"Host"; http_header; classtype:trojan-activity; sid:100002019; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"181.199.170.230"; content:"Host"; http_header; classtype:trojan-activity; sid:100002020; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"181.199.170.240"; content:"Host"; http_header; classtype:trojan-activity; sid:100002021; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"181.210.45.42"; content:"Host"; http_header; classtype:trojan-activity; sid:100002022; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"181.211.190.10"; content:"Host"; http_header; classtype:trojan-activity; sid:100002023; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"181.224.242.131"; content:"Host"; http_header; classtype:trojan-activity; sid:100002024; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"181.48.241.226"; content:"Host"; http_header; classtype:trojan-activity; sid:100002025; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"181.49.225.83"; content:"Host"; http_header; classtype:trojan-activity; sid:100002026; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"181.49.236.4"; content:"Host"; http_header; classtype:trojan-activity; sid:100002027; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"181.49.59.162"; content:"Host"; http_header; classtype:trojan-activity; sid:100002028; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.112.29.126"; content:"Host"; http_header; classtype:trojan-activity; sid:100002029; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.112.30.21"; content:"Host"; http_header; classtype:trojan-activity; sid:100002030; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.112.34.29"; content:"Host"; http_header; classtype:trojan-activity; sid:100002031; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.112.49.80"; content:"Host"; http_header; classtype:trojan-activity; sid:100002032; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.112.5.183"; content:"Host"; http_header; classtype:trojan-activity; sid:100002033; rev:1;)
|
2021-07-30 00:11:06 +00:00
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.112.61.229"; content:"Host"; http_header; classtype:trojan-activity; sid:100002034; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.112.97.64"; content:"Host"; http_header; classtype:trojan-activity; sid:100002035; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.113.132.246"; content:"Host"; http_header; classtype:trojan-activity; sid:100002036; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.113.201.228"; content:"Host"; http_header; classtype:trojan-activity; sid:100002037; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.113.203.125"; content:"Host"; http_header; classtype:trojan-activity; sid:100002038; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.113.240.225"; content:"Host"; http_header; classtype:trojan-activity; sid:100002039; rev:1;)
|
2021-07-30 12:11:07 +00:00
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.113.26.115"; content:"Host"; http_header; classtype:trojan-activity; sid:100002040; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.113.63.13"; content:"Host"; http_header; classtype:trojan-activity; sid:100002041; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.114.107.204"; content:"Host"; http_header; classtype:trojan-activity; sid:100002042; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.114.203.120"; content:"Host"; http_header; classtype:trojan-activity; sid:100002043; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.114.215.129"; content:"Host"; http_header; classtype:trojan-activity; sid:100002044; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.114.242.189"; content:"Host"; http_header; classtype:trojan-activity; sid:100002045; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.114.250.176"; content:"Host"; http_header; classtype:trojan-activity; sid:100002046; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.114.57.118"; content:"Host"; http_header; classtype:trojan-activity; sid:100002047; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.114.57.32"; content:"Host"; http_header; classtype:trojan-activity; sid:100002048; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.114.57.39"; content:"Host"; http_header; classtype:trojan-activity; sid:100002049; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.114.69.244"; content:"Host"; http_header; classtype:trojan-activity; sid:100002050; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.114.71.173"; content:"Host"; http_header; classtype:trojan-activity; sid:100002051; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.114.77.200"; content:"Host"; http_header; classtype:trojan-activity; sid:100002052; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.114.77.222"; content:"Host"; http_header; classtype:trojan-activity; sid:100002053; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.114.79.194"; content:"Host"; http_header; classtype:trojan-activity; sid:100002054; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.114.81.253"; content:"Host"; http_header; classtype:trojan-activity; sid:100002055; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.114.88.155"; content:"Host"; http_header; classtype:trojan-activity; sid:100002056; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.115.178.130"; content:"Host"; http_header; classtype:trojan-activity; sid:100002057; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.116.100.26"; content:"Host"; http_header; classtype:trojan-activity; sid:100002058; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.116.102.90"; content:"Host"; http_header; classtype:trojan-activity; sid:100002059; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.116.105.13"; content:"Host"; http_header; classtype:trojan-activity; sid:100002060; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.116.110.196"; content:"Host"; http_header; classtype:trojan-activity; sid:100002061; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.116.111.238"; content:"Host"; http_header; classtype:trojan-activity; sid:100002062; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.116.140.45"; content:"Host"; http_header; classtype:trojan-activity; sid:100002063; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.116.38.19"; content:"Host"; http_header; classtype:trojan-activity; sid:100002064; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.116.64.209"; content:"Host"; http_header; classtype:trojan-activity; sid:100002065; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.116.66.117"; content:"Host"; http_header; classtype:trojan-activity; sid:100002066; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.116.85.64"; content:"Host"; http_header; classtype:trojan-activity; sid:100002067; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.116.96.180"; content:"Host"; http_header; classtype:trojan-activity; sid:100002068; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.116.97.224"; content:"Host"; http_header; classtype:trojan-activity; sid:100002069; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.116.97.240"; content:"Host"; http_header; classtype:trojan-activity; sid:100002070; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.116.97.36"; content:"Host"; http_header; classtype:trojan-activity; sid:100002071; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.117.160.192"; content:"Host"; http_header; classtype:trojan-activity; sid:100002072; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.117.27.37"; content:"Host"; http_header; classtype:trojan-activity; sid:100002073; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.117.28.182"; content:"Host"; http_header; classtype:trojan-activity; sid:100002074; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.117.40.241"; content:"Host"; http_header; classtype:trojan-activity; sid:100002075; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.117.42.111"; content:"Host"; http_header; classtype:trojan-activity; sid:100002076; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.117.42.114"; content:"Host"; http_header; classtype:trojan-activity; sid:100002077; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.117.42.147"; content:"Host"; http_header; classtype:trojan-activity; sid:100002078; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.117.48.155"; content:"Host"; http_header; classtype:trojan-activity; sid:100002079; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.117.49.6"; content:"Host"; http_header; classtype:trojan-activity; sid:100002080; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.117.50.55"; content:"Host"; http_header; classtype:trojan-activity; sid:100002081; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.117.51.62"; content:"Host"; http_header; classtype:trojan-activity; sid:100002082; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.117.64.40"; content:"Host"; http_header; classtype:trojan-activity; sid:100002083; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.118.147.249"; content:"Host"; http_header; classtype:trojan-activity; sid:100002084; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.119.106.148"; content:"Host"; http_header; classtype:trojan-activity; sid:100002085; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.119.107.156"; content:"Host"; http_header; classtype:trojan-activity; sid:100002086; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.119.11.127"; content:"Host"; http_header; classtype:trojan-activity; sid:100002087; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.119.111.204"; content:"Host"; http_header; classtype:trojan-activity; sid:100002088; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.119.111.229"; content:"Host"; http_header; classtype:trojan-activity; sid:100002089; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.119.13.1"; content:"Host"; http_header; classtype:trojan-activity; sid:100002090; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.119.160.20"; content:"Host"; http_header; classtype:trojan-activity; sid:100002091; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.119.162.228"; content:"Host"; http_header; classtype:trojan-activity; sid:100002092; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.119.167.194"; content:"Host"; http_header; classtype:trojan-activity; sid:100002093; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.119.180.118"; content:"Host"; http_header; classtype:trojan-activity; sid:100002094; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.119.187.184"; content:"Host"; http_header; classtype:trojan-activity; sid:100002095; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.119.191.190"; content:"Host"; http_header; classtype:trojan-activity; sid:100002096; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.119.196.191"; content:"Host"; http_header; classtype:trojan-activity; sid:100002097; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.119.202.122"; content:"Host"; http_header; classtype:trojan-activity; sid:100002098; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.119.209.132"; content:"Host"; http_header; classtype:trojan-activity; sid:100002099; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.119.224.197"; content:"Host"; http_header; classtype:trojan-activity; sid:100002100; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.119.226.39"; content:"Host"; http_header; classtype:trojan-activity; sid:100002101; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.119.246.131"; content:"Host"; http_header; classtype:trojan-activity; sid:100002102; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.119.250.231"; content:"Host"; http_header; classtype:trojan-activity; sid:100002103; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.119.54.245"; content:"Host"; http_header; classtype:trojan-activity; sid:100002104; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.119.55.27"; content:"Host"; http_header; classtype:trojan-activity; sid:100002105; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.119.9.214"; content:"Host"; http_header; classtype:trojan-activity; sid:100002106; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.120.0.91"; content:"Host"; http_header; classtype:trojan-activity; sid:100002107; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.120.12.65"; content:"Host"; http_header; classtype:trojan-activity; sid:100002108; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.120.198.225"; content:"Host"; http_header; classtype:trojan-activity; sid:100002109; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.120.36.179"; content:"Host"; http_header; classtype:trojan-activity; sid:100002110; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.120.43.176"; content:"Host"; http_header; classtype:trojan-activity; sid:100002111; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.120.52.162"; content:"Host"; http_header; classtype:trojan-activity; sid:100002112; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.120.55.34"; content:"Host"; http_header; classtype:trojan-activity; sid:100002113; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.121.119.119"; content:"Host"; http_header; classtype:trojan-activity; sid:100002114; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.121.13.253"; content:"Host"; http_header; classtype:trojan-activity; sid:100002115; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.121.15.220"; content:"Host"; http_header; classtype:trojan-activity; sid:100002116; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.121.157.75"; content:"Host"; http_header; classtype:trojan-activity; sid:100002117; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.121.158.222"; content:"Host"; http_header; classtype:trojan-activity; sid:100002118; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.121.184.239"; content:"Host"; http_header; classtype:trojan-activity; sid:100002119; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.121.200.183"; content:"Host"; http_header; classtype:trojan-activity; sid:100002120; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.121.219.246"; content:"Host"; http_header; classtype:trojan-activity; sid:100002121; rev:1;)
|
2021-07-30 00:11:06 +00:00
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.121.231.73"; content:"Host"; http_header; classtype:trojan-activity; sid:100002122; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.121.238.169"; content:"Host"; http_header; classtype:trojan-activity; sid:100002123; rev:1;)
|
2021-07-30 12:11:07 +00:00
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.121.238.20"; content:"Host"; http_header; classtype:trojan-activity; sid:100002124; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.121.242.30"; content:"Host"; http_header; classtype:trojan-activity; sid:100002125; rev:1;)
|
2021-07-30 00:11:06 +00:00
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.121.25.131"; content:"Host"; http_header; classtype:trojan-activity; sid:100002126; rev:1;)
|
2021-07-30 12:11:07 +00:00
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.121.35.77"; content:"Host"; http_header; classtype:trojan-activity; sid:100002127; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.121.46.27"; content:"Host"; http_header; classtype:trojan-activity; sid:100002128; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.121.69.17"; content:"Host"; http_header; classtype:trojan-activity; sid:100002129; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.121.70.193"; content:"Host"; http_header; classtype:trojan-activity; sid:100002130; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.121.81.227"; content:"Host"; http_header; classtype:trojan-activity; sid:100002131; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.121.83.64"; content:"Host"; http_header; classtype:trojan-activity; sid:100002132; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.121.85.119"; content:"Host"; http_header; classtype:trojan-activity; sid:100002133; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.121.92.173"; content:"Host"; http_header; classtype:trojan-activity; sid:100002134; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.121.92.18"; content:"Host"; http_header; classtype:trojan-activity; sid:100002135; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.122.162.192"; content:"Host"; http_header; classtype:trojan-activity; sid:100002136; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.122.200.176"; content:"Host"; http_header; classtype:trojan-activity; sid:100002137; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.122.204.3"; content:"Host"; http_header; classtype:trojan-activity; sid:100002138; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.122.208.6"; content:"Host"; http_header; classtype:trojan-activity; sid:100002139; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.122.209.21"; content:"Host"; http_header; classtype:trojan-activity; sid:100002140; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.122.211.252"; content:"Host"; http_header; classtype:trojan-activity; sid:100002141; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.122.223.180"; content:"Host"; http_header; classtype:trojan-activity; sid:100002142; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.122.244.67"; content:"Host"; http_header; classtype:trojan-activity; sid:100002143; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.122.252.250"; content:"Host"; http_header; classtype:trojan-activity; sid:100002144; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.123.141.176"; content:"Host"; http_header; classtype:trojan-activity; sid:100002145; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.123.165.108"; content:"Host"; http_header; classtype:trojan-activity; sid:100002146; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.123.193.63"; content:"Host"; http_header; classtype:trojan-activity; sid:100002147; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.123.201.93"; content:"Host"; http_header; classtype:trojan-activity; sid:100002148; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.123.210.176"; content:"Host"; http_header; classtype:trojan-activity; sid:100002149; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.123.211.18"; content:"Host"; http_header; classtype:trojan-activity; sid:100002150; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.124.122.226"; content:"Host"; http_header; classtype:trojan-activity; sid:100002151; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.124.134.30"; content:"Host"; http_header; classtype:trojan-activity; sid:100002152; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.124.135.75"; content:"Host"; http_header; classtype:trojan-activity; sid:100002153; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.124.150.231"; content:"Host"; http_header; classtype:trojan-activity; sid:100002154; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.124.16.118"; content:"Host"; http_header; classtype:trojan-activity; sid:100002155; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.124.185.178"; content:"Host"; http_header; classtype:trojan-activity; sid:100002156; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.124.21.109"; content:"Host"; http_header; classtype:trojan-activity; sid:100002157; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.124.61.27"; content:"Host"; http_header; classtype:trojan-activity; sid:100002158; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.124.79.75"; content:"Host"; http_header; classtype:trojan-activity; sid:100002159; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.124.88.151"; content:"Host"; http_header; classtype:trojan-activity; sid:100002160; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.124.9.71"; content:"Host"; http_header; classtype:trojan-activity; sid:100002161; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.124.95.150"; content:"Host"; http_header; classtype:trojan-activity; sid:100002162; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.126.102.1"; content:"Host"; http_header; classtype:trojan-activity; sid:100002163; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.126.113.5"; content:"Host"; http_header; classtype:trojan-activity; sid:100002164; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.126.122.194"; content:"Host"; http_header; classtype:trojan-activity; sid:100002165; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.126.136.210"; content:"Host"; http_header; classtype:trojan-activity; sid:100002166; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.126.137.83"; content:"Host"; http_header; classtype:trojan-activity; sid:100002167; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.126.182.174"; content:"Host"; http_header; classtype:trojan-activity; sid:100002168; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.126.196.37"; content:"Host"; http_header; classtype:trojan-activity; sid:100002169; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.126.230.246"; content:"Host"; http_header; classtype:trojan-activity; sid:100002170; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.126.66.196"; content:"Host"; http_header; classtype:trojan-activity; sid:100002171; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.126.78.191"; content:"Host"; http_header; classtype:trojan-activity; sid:100002172; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.126.81.74"; content:"Host"; http_header; classtype:trojan-activity; sid:100002173; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.126.85.196"; content:"Host"; http_header; classtype:trojan-activity; sid:100002174; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.126.89.161"; content:"Host"; http_header; classtype:trojan-activity; sid:100002175; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.126.89.199"; content:"Host"; http_header; classtype:trojan-activity; sid:100002176; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.126.90.129"; content:"Host"; http_header; classtype:trojan-activity; sid:100002177; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.126.91.50"; content:"Host"; http_header; classtype:trojan-activity; sid:100002178; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.126.93.96"; content:"Host"; http_header; classtype:trojan-activity; sid:100002179; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.126.94.122"; content:"Host"; http_header; classtype:trojan-activity; sid:100002180; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.126.95.124"; content:"Host"; http_header; classtype:trojan-activity; sid:100002181; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.127.1.54"; content:"Host"; http_header; classtype:trojan-activity; sid:100002182; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.127.136.153"; content:"Host"; http_header; classtype:trojan-activity; sid:100002183; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.127.164.206"; content:"Host"; http_header; classtype:trojan-activity; sid:100002184; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.127.182.12"; content:"Host"; http_header; classtype:trojan-activity; sid:100002185; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.127.205.242"; content:"Host"; http_header; classtype:trojan-activity; sid:100002186; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.127.210.113"; content:"Host"; http_header; classtype:trojan-activity; sid:100002187; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.127.211.73"; content:"Host"; http_header; classtype:trojan-activity; sid:100002188; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.127.218.204"; content:"Host"; http_header; classtype:trojan-activity; sid:100002189; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.127.4.193"; content:"Host"; http_header; classtype:trojan-activity; sid:100002190; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.127.73.110"; content:"Host"; http_header; classtype:trojan-activity; sid:100002191; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.127.81.131"; content:"Host"; http_header; classtype:trojan-activity; sid:100002192; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.127.87.145"; content:"Host"; http_header; classtype:trojan-activity; sid:100002193; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.127.97.121"; content:"Host"; http_header; classtype:trojan-activity; sid:100002194; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.155.216.15"; content:"Host"; http_header; classtype:trojan-activity; sid:100002195; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.160.98.250"; content:"Host"; http_header; classtype:trojan-activity; sid:100002196; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.172.232.105"; content:"Host"; http_header; classtype:trojan-activity; sid:100002197; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.207.218.112"; content:"Host"; http_header; classtype:trojan-activity; sid:100002198; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.233.0.252"; content:"Host"; http_header; classtype:trojan-activity; sid:100002199; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.253.205.235"; content:"Host"; http_header; classtype:trojan-activity; sid:100002200; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.52.51.215"; content:"Host"; http_header; classtype:trojan-activity; sid:100002201; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.53.50.146"; content:"Host"; http_header; classtype:trojan-activity; sid:100002202; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.56.73.238"; content:"Host"; http_header; classtype:trojan-activity; sid:100002203; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.57.50.112"; content:"Host"; http_header; classtype:trojan-activity; sid:100002204; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.59.60.62"; content:"Host"; http_header; classtype:trojan-activity; sid:100002205; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.59.93.52"; content:"Host"; http_header; classtype:trojan-activity; sid:100002206; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"182.75.213.94"; content:"Host"; http_header; classtype:trojan-activity; sid:100002207; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"183.102.171.182"; content:"Host"; http_header; classtype:trojan-activity; sid:100002208; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"183.102.227.174"; content:"Host"; http_header; classtype:trojan-activity; sid:100002209; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"183.102.55.15"; content:"Host"; http_header; classtype:trojan-activity; sid:100002210; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"183.108.201.171"; content:"Host"; http_header; classtype:trojan-activity; sid:100002211; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"183.109.169.45"; content:"Host"; http_header; classtype:trojan-activity; sid:100002212; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"183.13.21.83"; content:"Host"; http_header; classtype:trojan-activity; sid:100002213; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"183.135.152.88"; content:"Host"; http_header; classtype:trojan-activity; sid:100002214; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"183.142.124.205"; content:"Host"; http_header; classtype:trojan-activity; sid:100002215; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"183.148.44.70"; content:"Host"; http_header; classtype:trojan-activity; sid:100002216; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"183.148.48.97"; content:"Host"; http_header; classtype:trojan-activity; sid:100002217; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"183.150.65.253"; content:"Host"; http_header; classtype:trojan-activity; sid:100002218; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"183.152.5.91"; content:"Host"; http_header; classtype:trojan-activity; sid:100002219; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"183.16.209.174"; content:"Host"; http_header; classtype:trojan-activity; sid:100002220; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"183.184.21.115"; content:"Host"; http_header; classtype:trojan-activity; sid:100002221; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"183.186.242.242"; content:"Host"; http_header; classtype:trojan-activity; sid:100002222; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"183.188.197.57"; content:"Host"; http_header; classtype:trojan-activity; sid:100002223; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"183.188.20.250"; content:"Host"; http_header; classtype:trojan-activity; sid:100002224; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"183.188.200.143"; content:"Host"; http_header; classtype:trojan-activity; sid:100002225; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"183.188.200.254"; content:"Host"; http_header; classtype:trojan-activity; sid:100002226; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"183.249.7.128"; content:"Host"; http_header; classtype:trojan-activity; sid:100002227; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"183.92.196.97"; content:"Host"; http_header; classtype:trojan-activity; sid:100002228; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"183.94.61.189"; content:"Host"; http_header; classtype:trojan-activity; sid:100002229; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"183.97.139.14"; content:"Host"; http_header; classtype:trojan-activity; sid:100002230; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"183.97.4.83"; content:"Host"; http_header; classtype:trojan-activity; sid:100002231; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"184.164.185.41"; content:"Host"; http_header; classtype:trojan-activity; sid:100002232; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"184.175.115.10"; content:"Host"; http_header; classtype:trojan-activity; sid:100002233; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"184.74.135.242"; content:"Host"; http_header; classtype:trojan-activity; sid:100002234; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"185.106.209.68"; content:"Host"; http_header; classtype:trojan-activity; sid:100002235; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"185.12.78.161"; content:"Host"; http_header; classtype:trojan-activity; sid:100002236; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"185.138.33.0"; content:"Host"; http_header; classtype:trojan-activity; sid:100002237; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"185.150.117.29"; content:"Host"; http_header; classtype:trojan-activity; sid:100002238; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"185.154.196.87"; content:"Host"; http_header; classtype:trojan-activity; sid:100002239; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"185.157.168.198"; content:"Host"; http_header; classtype:trojan-activity; sid:100002240; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"185.172.110.204"; content:"Host"; http_header; classtype:trojan-activity; sid:100002241; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"185.172.110.235"; content:"Host"; http_header; classtype:trojan-activity; sid:100002242; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"185.181.10.234"; content:"Host"; http_header; classtype:trojan-activity; sid:100002243; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"185.215.113.32"; content:"Host"; http_header; classtype:trojan-activity; sid:100002244; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"185.215.113.55"; content:"Host"; http_header; classtype:trojan-activity; sid:100002245; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"185.215.113.77"; content:"Host"; http_header; classtype:trojan-activity; sid:100002246; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"185.216.25.160"; content:"Host"; http_header; classtype:trojan-activity; sid:100002247; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"185.221.3.244"; content:"Host"; http_header; classtype:trojan-activity; sid:100002248; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"185.222.57.252"; content:"Host"; http_header; classtype:trojan-activity; sid:100002249; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"185.222.57.71"; content:"Host"; http_header; classtype:trojan-activity; sid:100002250; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"185.222.58.118"; content:"Host"; http_header; classtype:trojan-activity; sid:100002251; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"185.228.141.74"; content:"Host"; http_header; classtype:trojan-activity; sid:100002252; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"185.238.123.74"; content:"Host"; http_header; classtype:trojan-activity; sid:100002253; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"185.238.159.70"; content:"Host"; http_header; classtype:trojan-activity; sid:100002254; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"185.26.113.95"; content:"Host"; http_header; classtype:trojan-activity; sid:100002255; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"185.81.157.186"; content:"Host"; http_header; classtype:trojan-activity; sid:100002256; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"186.120.114.44"; content:"Host"; http_header; classtype:trojan-activity; sid:100002257; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"186.179.219.164"; content:"Host"; http_header; classtype:trojan-activity; sid:100002258; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"186.179.243.112"; content:"Host"; http_header; classtype:trojan-activity; sid:100002259; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"186.179.243.77"; content:"Host"; http_header; classtype:trojan-activity; sid:100002260; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"186.179.243.91"; content:"Host"; http_header; classtype:trojan-activity; sid:100002261; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"186.179.253.150"; content:"Host"; http_header; classtype:trojan-activity; sid:100002262; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"186.225.120.173"; content:"Host"; http_header; classtype:trojan-activity; sid:100002263; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"186.230.39.13"; content:"Host"; http_header; classtype:trojan-activity; sid:100002264; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"186.232.44.86"; content:"Host"; http_header; classtype:trojan-activity; sid:100002265; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"186.33.104.151"; content:"Host"; http_header; classtype:trojan-activity; sid:100002266; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"186.33.104.45"; content:"Host"; http_header; classtype:trojan-activity; sid:100002267; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"186.33.107.64"; content:"Host"; http_header; classtype:trojan-activity; sid:100002268; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"186.33.110.239"; content:"Host"; http_header; classtype:trojan-activity; sid:100002269; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"186.33.113.195"; content:"Host"; http_header; classtype:trojan-activity; sid:100002270; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"186.33.113.246"; content:"Host"; http_header; classtype:trojan-activity; sid:100002271; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"186.33.113.98"; content:"Host"; http_header; classtype:trojan-activity; sid:100002272; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"186.33.114.3"; content:"Host"; http_header; classtype:trojan-activity; sid:100002273; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"186.33.114.43"; content:"Host"; http_header; classtype:trojan-activity; sid:100002274; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"186.33.115.149"; content:"Host"; http_header; classtype:trojan-activity; sid:100002275; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"186.33.115.196"; content:"Host"; http_header; classtype:trojan-activity; sid:100002276; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"186.33.116.35"; content:"Host"; http_header; classtype:trojan-activity; sid:100002277; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"186.33.117.132"; content:"Host"; http_header; classtype:trojan-activity; sid:100002278; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"186.33.118.143"; content:"Host"; http_header; classtype:trojan-activity; sid:100002279; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"186.33.119.6"; content:"Host"; http_header; classtype:trojan-activity; sid:100002280; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"186.33.125.142"; content:"Host"; http_header; classtype:trojan-activity; sid:100002281; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"186.33.126.208"; content:"Host"; http_header; classtype:trojan-activity; sid:100002282; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"186.33.126.22"; content:"Host"; http_header; classtype:trojan-activity; sid:100002283; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"186.33.76.108"; content:"Host"; http_header; classtype:trojan-activity; sid:100002284; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"186.33.76.73"; content:"Host"; http_header; classtype:trojan-activity; sid:100002285; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"186.33.78.206"; content:"Host"; http_header; classtype:trojan-activity; sid:100002286; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"186.34.4.40"; content:"Host"; http_header; classtype:trojan-activity; sid:100002287; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"186.45.130.48"; content:"Host"; http_header; classtype:trojan-activity; sid:100002288; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"186.73.188.132"; content:"Host"; http_header; classtype:trojan-activity; sid:100002289; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"186.73.188.134"; content:"Host"; http_header; classtype:trojan-activity; sid:100002290; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"187.108.42.66"; content:"Host"; http_header; classtype:trojan-activity; sid:100002291; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"187.188.124.229"; content:"Host"; http_header; classtype:trojan-activity; sid:100002292; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"188.10.231.246"; content:"Host"; http_header; classtype:trojan-activity; sid:100002293; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"188.113.81.17"; content:"Host"; http_header; classtype:trojan-activity; sid:100002294; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"188.12.87.231"; content:"Host"; http_header; classtype:trojan-activity; sid:100002295; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"188.13.179.87"; content:"Host"; http_header; classtype:trojan-activity; sid:100002296; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"188.134.18.36"; content:"Host"; http_header; classtype:trojan-activity; sid:100002297; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"188.138.200.32"; content:"Host"; http_header; classtype:trojan-activity; sid:100002298; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"188.148.236.183"; content:"Host"; http_header; classtype:trojan-activity; sid:100002299; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"188.16.150.168"; content:"Host"; http_header; classtype:trojan-activity; sid:100002300; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"188.169.167.249"; content:"Host"; http_header; classtype:trojan-activity; sid:100002301; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"188.169.178.50"; content:"Host"; http_header; classtype:trojan-activity; sid:100002302; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"188.169.179.127"; content:"Host"; http_header; classtype:trojan-activity; sid:100002303; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"188.169.179.151"; content:"Host"; http_header; classtype:trojan-activity; sid:100002304; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"188.169.20.48"; content:"Host"; http_header; classtype:trojan-activity; sid:100002305; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"188.169.30.30"; content:"Host"; http_header; classtype:trojan-activity; sid:100002306; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"188.19.186.157"; content:"Host"; http_header; classtype:trojan-activity; sid:100002307; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"188.225.33.92"; content:"Host"; http_header; classtype:trojan-activity; sid:100002308; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"188.242.167.159"; content:"Host"; http_header; classtype:trojan-activity; sid:100002309; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"188.83.202.25"; content:"Host"; http_header; classtype:trojan-activity; sid:100002310; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"188.84.105.75"; content:"Host"; http_header; classtype:trojan-activity; sid:100002311; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"189.203.214.232"; content:"Host"; http_header; classtype:trojan-activity; sid:100002312; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"189.222.177.90"; content:"Host"; http_header; classtype:trojan-activity; sid:100002313; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"189.39.193.64"; content:"Host"; http_header; classtype:trojan-activity; sid:100002314; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"190.110.161.252"; content:"Host"; http_header; classtype:trojan-activity; sid:100002315; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"190.110.222.174"; content:"Host"; http_header; classtype:trojan-activity; sid:100002316; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"190.111.151.164"; content:"Host"; http_header; classtype:trojan-activity; sid:100002317; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"190.12.99.194"; content:"Host"; http_header; classtype:trojan-activity; sid:100002318; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"190.122.112.10"; content:"Host"; http_header; classtype:trojan-activity; sid:100002319; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"190.122.112.14"; content:"Host"; http_header; classtype:trojan-activity; sid:100002320; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"190.122.112.16"; content:"Host"; http_header; classtype:trojan-activity; sid:100002321; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"190.122.112.160"; content:"Host"; http_header; classtype:trojan-activity; sid:100002322; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"190.122.112.18"; content:"Host"; http_header; classtype:trojan-activity; sid:100002323; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"190.122.112.36"; content:"Host"; http_header; classtype:trojan-activity; sid:100002324; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"190.122.112.37"; content:"Host"; http_header; classtype:trojan-activity; sid:100002325; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"190.122.112.4"; content:"Host"; http_header; classtype:trojan-activity; sid:100002326; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"190.122.112.41"; content:"Host"; http_header; classtype:trojan-activity; sid:100002327; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"190.122.112.42"; content:"Host"; http_header; classtype:trojan-activity; sid:100002328; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"190.122.112.45"; content:"Host"; http_header; classtype:trojan-activity; sid:100002329; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"190.122.112.47"; content:"Host"; http_header; classtype:trojan-activity; sid:100002330; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"190.122.112.49"; content:"Host"; http_header; classtype:trojan-activity; sid:100002331; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"190.122.112.5"; content:"Host"; http_header; classtype:trojan-activity; sid:100002332; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"190.122.112.53"; content:"Host"; http_header; classtype:trojan-activity; sid:100002333; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"190.122.112.6"; content:"Host"; http_header; classtype:trojan-activity; sid:100002334; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"190.122.112.62"; content:"Host"; http_header; classtype:trojan-activity; sid:100002335; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"190.122.112.67"; content:"Host"; http_header; classtype:trojan-activity; sid:100002336; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"190.122.112.69"; content:"Host"; http_header; classtype:trojan-activity; sid:100002337; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"190.122.112.72"; content:"Host"; http_header; classtype:trojan-activity; sid:100002338; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"190.122.112.74"; content:"Host"; http_header; classtype:trojan-activity; sid:100002339; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"190.122.112.8"; content:"Host"; http_header; classtype:trojan-activity; sid:100002340; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"190.122.112.81"; content:"Host"; http_header; classtype:trojan-activity; sid:100002341; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"190.122.112.82"; content:"Host"; http_header; classtype:trojan-activity; sid:100002342; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"190.122.112.84"; content:"Host"; http_header; classtype:trojan-activity; sid:100002343; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"190.122.112.85"; content:"Host"; http_header; classtype:trojan-activity; sid:100002344; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"190.122.112.91"; content:"Host"; http_header; classtype:trojan-activity; sid:100002345; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"190.122.112.93"; content:"Host"; http_header; classtype:trojan-activity; sid:100002346; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"190.147.16.184"; content:"Host"; http_header; classtype:trojan-activity; sid:100002347; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"190.159.240.9"; content:"Host"; http_header; classtype:trojan-activity; sid:100002348; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"190.213.226.63"; content:"Host"; http_header; classtype:trojan-activity; sid:100002349; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"190.214.24.194"; content:"Host"; http_header; classtype:trojan-activity; sid:100002350; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"190.216.140.123"; content:"Host"; http_header; classtype:trojan-activity; sid:100002351; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"190.240.40.169"; content:"Host"; http_header; classtype:trojan-activity; sid:100002352; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"190.85.213.51"; content:"Host"; http_header; classtype:trojan-activity; sid:100002353; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"190.98.37.135"; content:"Host"; http_header; classtype:trojan-activity; sid:100002354; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"190.98.37.200"; content:"Host"; http_header; classtype:trojan-activity; sid:100002355; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"190.98.41.33"; content:"Host"; http_header; classtype:trojan-activity; sid:100002356; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"191.207.52.16"; content:"Host"; http_header; classtype:trojan-activity; sid:100002357; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"191.211.8.3"; content:"Host"; http_header; classtype:trojan-activity; sid:100002358; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"191.243.186.16"; content:"Host"; http_header; classtype:trojan-activity; sid:100002359; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"191.255.248.220"; content:"Host"; http_header; classtype:trojan-activity; sid:100002360; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"191.33.171.242"; content:"Host"; http_header; classtype:trojan-activity; sid:100002361; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"192.162.48.97"; content:"Host"; http_header; classtype:trojan-activity; sid:100002362; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"192.210.163.166"; content:"Host"; http_header; classtype:trojan-activity; sid:100002363; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"192.210.173.40"; content:"Host"; http_header; classtype:trojan-activity; sid:100002364; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"192.210.214.144"; content:"Host"; http_header; classtype:trojan-activity; sid:100002365; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"192.210.232.73"; content:"Host"; http_header; classtype:trojan-activity; sid:100002366; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"192.227.228.106"; content:"Host"; http_header; classtype:trojan-activity; sid:100002367; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"192.3.13.125"; content:"Host"; http_header; classtype:trojan-activity; sid:100002368; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"192.99.144.245"; content:"Host"; http_header; classtype:trojan-activity; sid:100002369; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"193.107.151.209"; content:"Host"; http_header; classtype:trojan-activity; sid:100002370; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"193.121.24.16"; content:"Host"; http_header; classtype:trojan-activity; sid:100002371; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"193.93.77.186"; content:"Host"; http_header; classtype:trojan-activity; sid:100002372; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"194.132.235.192"; content:"Host"; http_header; classtype:trojan-activity; sid:100002373; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"194.145.227.2"; content:"Host"; http_header; classtype:trojan-activity; sid:100002374; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"194.147.142.230"; content:"Host"; http_header; classtype:trojan-activity; sid:100002375; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"194.152.35.139"; content:"Host"; http_header; classtype:trojan-activity; sid:100002376; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"194.169.213.3"; content:"Host"; http_header; classtype:trojan-activity; sid:100002377; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"194.190.49.103"; content:"Host"; http_header; classtype:trojan-activity; sid:100002378; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"194.190.97.214"; content:"Host"; http_header; classtype:trojan-activity; sid:100002379; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"194.226.139.141"; content:"Host"; http_header; classtype:trojan-activity; sid:100002380; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"194.26.29.184"; content:"Host"; http_header; classtype:trojan-activity; sid:100002381; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"194.38.20.199"; content:"Host"; http_header; classtype:trojan-activity; sid:100002382; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"194.54.160.248"; content:"Host"; http_header; classtype:trojan-activity; sid:100002383; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"194.87.138.169"; content:"Host"; http_header; classtype:trojan-activity; sid:100002384; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"194.87.138.171"; content:"Host"; http_header; classtype:trojan-activity; sid:100002385; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"194.88.153.71"; content:"Host"; http_header; classtype:trojan-activity; sid:100002386; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"195.133.40.108"; content:"Host"; http_header; classtype:trojan-activity; sid:100002387; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"195.133.40.11"; content:"Host"; http_header; classtype:trojan-activity; sid:100002388; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"195.133.40.119"; content:"Host"; http_header; classtype:trojan-activity; sid:100002389; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"195.133.40.125"; content:"Host"; http_header; classtype:trojan-activity; sid:100002390; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"195.133.40.139"; content:"Host"; http_header; classtype:trojan-activity; sid:100002391; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"195.133.40.212"; content:"Host"; http_header; classtype:trojan-activity; sid:100002392; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"195.144.235.42"; content:"Host"; http_header; classtype:trojan-activity; sid:100002393; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"195.158.104.190"; content:"Host"; http_header; classtype:trojan-activity; sid:100002394; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"195.162.70.104"; content:"Host"; http_header; classtype:trojan-activity; sid:100002395; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"195.190.102.77"; content:"Host"; http_header; classtype:trojan-activity; sid:100002396; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"195.228.231.218"; content:"Host"; http_header; classtype:trojan-activity; sid:100002397; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"195.24.94.187"; content:"Host"; http_header; classtype:trojan-activity; sid:100002398; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"195.64.163.3"; content:"Host"; http_header; classtype:trojan-activity; sid:100002399; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"196.2.11.215"; content:"Host"; http_header; classtype:trojan-activity; sid:100002400; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"196.202.26.182"; content:"Host"; http_header; classtype:trojan-activity; sid:100002401; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"196.208.204.69"; content:"Host"; http_header; classtype:trojan-activity; sid:100002402; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"196.218.214.7"; content:"Host"; http_header; classtype:trojan-activity; sid:100002403; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"196.221.148.90"; content:"Host"; http_header; classtype:trojan-activity; sid:100002404; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"196.221.166.203"; content:"Host"; http_header; classtype:trojan-activity; sid:100002405; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"197.232.66.139"; content:"Host"; http_header; classtype:trojan-activity; sid:100002406; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"198.12.107.11"; content:"Host"; http_header; classtype:trojan-activity; sid:100002407; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"198.12.110.183"; content:"Host"; http_header; classtype:trojan-activity; sid:100002408; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"198.12.81.125"; content:"Host"; http_header; classtype:trojan-activity; sid:100002409; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"198.12.91.134"; content:"Host"; http_header; classtype:trojan-activity; sid:100002410; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"198.12.91.161"; content:"Host"; http_header; classtype:trojan-activity; sid:100002411; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"198.46.132.159"; content:"Host"; http_header; classtype:trojan-activity; sid:100002412; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"198.46.202.103"; content:"Host"; http_header; classtype:trojan-activity; sid:100002413; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"199.19.226.117"; content:"Host"; http_header; classtype:trojan-activity; sid:100002414; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"199.195.253.174"; content:"Host"; http_header; classtype:trojan-activity; sid:100002415; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"1freeprivacytoolsforyou.xyz"; content:"Host"; http_header; classtype:trojan-activity; sid:100002416; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"2.196.128.209"; content:"Host"; http_header; classtype:trojan-activity; sid:100002417; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"2.36.231.201"; content:"Host"; http_header; classtype:trojan-activity; sid:100002418; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"2.37.149.230"; content:"Host"; http_header; classtype:trojan-activity; sid:100002419; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"2.45.111.158"; content:"Host"; http_header; classtype:trojan-activity; sid:100002420; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"2.55.66.102"; content:"Host"; http_header; classtype:trojan-activity; sid:100002421; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"2.55.68.11"; content:"Host"; http_header; classtype:trojan-activity; sid:100002422; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"2.55.85.242"; content:"Host"; http_header; classtype:trojan-activity; sid:100002423; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"2.55.92.184"; content:"Host"; http_header; classtype:trojan-activity; sid:100002424; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"2.56.59.130"; content:"Host"; http_header; classtype:trojan-activity; sid:100002425; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"2.56.59.76"; content:"Host"; http_header; classtype:trojan-activity; sid:100002426; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"2.83.152.16"; content:"Host"; http_header; classtype:trojan-activity; sid:100002427; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"200.111.189.70"; content:"Host"; http_header; classtype:trojan-activity; sid:100002428; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"200.125.165.178"; content:"Host"; http_header; classtype:trojan-activity; sid:100002429; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"200.2.161.171"; content:"Host"; http_header; classtype:trojan-activity; sid:100002430; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"200.30.132.50"; content:"Host"; http_header; classtype:trojan-activity; sid:100002431; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"200.31.19.179"; content:"Host"; http_header; classtype:trojan-activity; sid:100002432; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"200.53.31.176"; content:"Host"; http_header; classtype:trojan-activity; sid:100002433; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"200.55.92.57"; content:"Host"; http_header; classtype:trojan-activity; sid:100002434; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"201.143.22.28"; content:"Host"; http_header; classtype:trojan-activity; sid:100002435; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"201.171.236.139"; content:"Host"; http_header; classtype:trojan-activity; sid:100002436; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"201.184.146.122"; content:"Host"; http_header; classtype:trojan-activity; sid:100002437; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"201.184.163.170"; content:"Host"; http_header; classtype:trojan-activity; sid:100002438; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"201.187.102.73"; content:"Host"; http_header; classtype:trojan-activity; sid:100002439; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"201.191.4.211"; content:"Host"; http_header; classtype:trojan-activity; sid:100002440; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"201.200.254.86"; content:"Host"; http_header; classtype:trojan-activity; sid:100002441; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"201.203.221.20"; content:"Host"; http_header; classtype:trojan-activity; sid:100002442; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"201.203.27.37"; content:"Host"; http_header; classtype:trojan-activity; sid:100002443; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"201.77.124.160"; content:"Host"; http_header; classtype:trojan-activity; sid:100002444; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"201.93.162.177"; content:"Host"; http_header; classtype:trojan-activity; sid:100002445; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"202.107.233.41"; content:"Host"; http_header; classtype:trojan-activity; sid:100002446; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"202.110.79.92"; content:"Host"; http_header; classtype:trojan-activity; sid:100002447; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"202.110.9.144"; content:"Host"; http_header; classtype:trojan-activity; sid:100002448; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"202.12.80.74"; content:"Host"; http_header; classtype:trojan-activity; sid:100002449; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"202.150.176.27"; content:"Host"; http_header; classtype:trojan-activity; sid:100002450; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"202.175.103.10"; content:"Host"; http_header; classtype:trojan-activity; sid:100002451; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"202.178.113.240"; content:"Host"; http_header; classtype:trojan-activity; sid:100002452; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"202.178.113.32"; content:"Host"; http_header; classtype:trojan-activity; sid:100002453; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"202.178.125.203"; content:"Host"; http_header; classtype:trojan-activity; sid:100002454; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"202.29.95.12"; content:"Host"; http_header; classtype:trojan-activity; sid:100002455; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"202.51.176.114"; content:"Host"; http_header; classtype:trojan-activity; sid:100002456; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"202.51.181.238"; content:"Host"; http_header; classtype:trojan-activity; sid:100002457; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"202.51.191.174"; content:"Host"; http_header; classtype:trojan-activity; sid:100002458; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"203.128.169.86"; content:"Host"; http_header; classtype:trojan-activity; sid:100002459; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"203.17.151.81"; content:"Host"; http_header; classtype:trojan-activity; sid:100002460; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"203.176.129.73"; content:"Host"; http_header; classtype:trojan-activity; sid:100002461; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"203.189.156.107"; content:"Host"; http_header; classtype:trojan-activity; sid:100002462; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"203.203.34.107"; content:"Host"; http_header; classtype:trojan-activity; sid:100002463; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"203.204.232.18"; content:"Host"; http_header; classtype:trojan-activity; sid:100002464; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"203.217.118.61"; content:"Host"; http_header; classtype:trojan-activity; sid:100002465; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"203.229.21.56"; content:"Host"; http_header; classtype:trojan-activity; sid:100002466; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"203.236.190.28"; content:"Host"; http_header; classtype:trojan-activity; sid:100002467; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"203.70.166.107"; content:"Host"; http_header; classtype:trojan-activity; sid:100002468; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"203.70.207.18"; content:"Host"; http_header; classtype:trojan-activity; sid:100002469; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"203.77.80.159"; content:"Host"; http_header; classtype:trojan-activity; sid:100002470; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"203.80.119.166"; content:"Host"; http_header; classtype:trojan-activity; sid:100002471; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"203.80.171.138"; content:"Host"; http_header; classtype:trojan-activity; sid:100002472; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"203.82.36.34"; content:"Host"; http_header; classtype:trojan-activity; sid:100002473; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"205.185.115.164"; content:"Host"; http_header; classtype:trojan-activity; sid:100002474; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"205.185.126.121"; content:"Host"; http_header; classtype:trojan-activity; sid:100002475; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"206.47.41.166"; content:"Host"; http_header; classtype:trojan-activity; sid:100002476; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"207.136.4.53"; content:"Host"; http_header; classtype:trojan-activity; sid:100002477; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"207.237.12.108"; content:"Host"; http_header; classtype:trojan-activity; sid:100002478; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"207.44.28.234"; content:"Host"; http_header; classtype:trojan-activity; sid:100002479; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"207.5.32.6"; content:"Host"; http_header; classtype:trojan-activity; sid:100002480; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"208.101.111.3"; content:"Host"; http_header; classtype:trojan-activity; sid:100002481; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"208.163.58.18"; content:"Host"; http_header; classtype:trojan-activity; sid:100002482; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"208.96.90.190"; content:"Host"; http_header; classtype:trojan-activity; sid:100002483; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"209.141.37.219"; content:"Host"; http_header; classtype:trojan-activity; sid:100002484; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"209.141.40.190"; content:"Host"; http_header; classtype:trojan-activity; sid:100002485; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"209.141.41.11"; content:"Host"; http_header; classtype:trojan-activity; sid:100002486; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"209.141.48.229"; content:"Host"; http_header; classtype:trojan-activity; sid:100002487; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"209.141.54.197"; content:"Host"; http_header; classtype:trojan-activity; sid:100002488; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"209.141.59.56"; content:"Host"; http_header; classtype:trojan-activity; sid:100002489; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"209.141.60.62"; content:"Host"; http_header; classtype:trojan-activity; sid:100002490; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"210.113.211.169"; content:"Host"; http_header; classtype:trojan-activity; sid:100002491; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"210.121.99.126"; content:"Host"; http_header; classtype:trojan-activity; sid:100002492; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"210.126.16.88"; content:"Host"; http_header; classtype:trojan-activity; sid:100002493; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"210.180.237.212"; content:"Host"; http_header; classtype:trojan-activity; sid:100002494; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"210.245.2.9"; content:"Host"; http_header; classtype:trojan-activity; sid:100002495; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"210.50.202.46"; content:"Host"; http_header; classtype:trojan-activity; sid:100002496; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"210.57.245.109"; content:"Host"; http_header; classtype:trojan-activity; sid:100002497; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"211.106.163.207"; content:"Host"; http_header; classtype:trojan-activity; sid:100002498; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"211.172.11.175"; content:"Host"; http_header; classtype:trojan-activity; sid:100002499; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"211.204.215.157"; content:"Host"; http_header; classtype:trojan-activity; sid:100002500; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"211.210.66.179"; content:"Host"; http_header; classtype:trojan-activity; sid:100002501; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"211.210.93.93"; content:"Host"; http_header; classtype:trojan-activity; sid:100002502; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"211.219.48.234"; content:"Host"; http_header; classtype:trojan-activity; sid:100002503; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"211.227.227.182"; content:"Host"; http_header; classtype:trojan-activity; sid:100002504; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"211.230.105.92"; content:"Host"; http_header; classtype:trojan-activity; sid:100002505; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"211.245.73.139"; content:"Host"; http_header; classtype:trojan-activity; sid:100002506; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"211.250.48.238"; content:"Host"; http_header; classtype:trojan-activity; sid:100002507; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"211.26.124.71"; content:"Host"; http_header; classtype:trojan-activity; sid:100002508; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"211.32.30.102"; content:"Host"; http_header; classtype:trojan-activity; sid:100002509; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"211.32.30.48"; content:"Host"; http_header; classtype:trojan-activity; sid:100002510; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"211.44.230.29"; content:"Host"; http_header; classtype:trojan-activity; sid:100002511; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"211.47.83.200"; content:"Host"; http_header; classtype:trojan-activity; sid:100002512; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"211.47.99.88"; content:"Host"; http_header; classtype:trojan-activity; sid:100002513; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"211.48.108.227"; content:"Host"; http_header; classtype:trojan-activity; sid:100002514; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"211.51.181.106"; content:"Host"; http_header; classtype:trojan-activity; sid:100002515; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"211.76.32.237"; content:"Host"; http_header; classtype:trojan-activity; sid:100002516; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"212.107.239.43"; content:"Host"; http_header; classtype:trojan-activity; sid:100002517; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"212.143.128.213"; content:"Host"; http_header; classtype:trojan-activity; sid:100002518; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"212.143.227.22"; content:"Host"; http_header; classtype:trojan-activity; sid:100002519; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"212.192.241.44"; content:"Host"; http_header; classtype:trojan-activity; sid:100002520; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"212.192.241.72"; content:"Host"; http_header; classtype:trojan-activity; sid:100002521; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"212.200.115.20"; content:"Host"; http_header; classtype:trojan-activity; sid:100002522; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"212.46.197.114"; content:"Host"; http_header; classtype:trojan-activity; sid:100002523; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"212.60.74.154"; content:"Host"; http_header; classtype:trojan-activity; sid:100002524; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"213.101.190.120"; content:"Host"; http_header; classtype:trojan-activity; sid:100002525; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"213.135.178.253"; content:"Host"; http_header; classtype:trojan-activity; sid:100002526; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"213.135.232.66"; content:"Host"; http_header; classtype:trojan-activity; sid:100002527; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"213.14.173.117"; content:"Host"; http_header; classtype:trojan-activity; sid:100002528; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"213.14.175.162"; content:"Host"; http_header; classtype:trojan-activity; sid:100002529; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"213.149.182.113"; content:"Host"; http_header; classtype:trojan-activity; sid:100002530; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"213.149.190.193"; content:"Host"; http_header; classtype:trojan-activity; sid:100002531; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"213.16.63.103"; content:"Host"; http_header; classtype:trojan-activity; sid:100002532; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"213.235.183.42"; content:"Host"; http_header; classtype:trojan-activity; sid:100002533; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"213.243.216.3"; content:"Host"; http_header; classtype:trojan-activity; sid:100002534; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"213.27.8.6"; content:"Host"; http_header; classtype:trojan-activity; sid:100002535; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"213.89.212.4"; content:"Host"; http_header; classtype:trojan-activity; sid:100002536; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"213.91.244.58"; content:"Host"; http_header; classtype:trojan-activity; sid:100002537; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"216.170.240.98"; content:"Host"; http_header; classtype:trojan-activity; sid:100002538; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"216.183.54.169"; content:"Host"; http_header; classtype:trojan-activity; sid:100002539; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"216.209.130.123"; content:"Host"; http_header; classtype:trojan-activity; sid:100002540; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"216.36.12.98"; content:"Host"; http_header; classtype:trojan-activity; sid:100002541; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"217.11.75.162"; content:"Host"; http_header; classtype:trojan-activity; sid:100002542; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"217.133.23.120"; content:"Host"; http_header; classtype:trojan-activity; sid:100002543; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"217.145.193.216"; content:"Host"; http_header; classtype:trojan-activity; sid:100002544; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"217.165.229.192"; content:"Host"; http_header; classtype:trojan-activity; sid:100002545; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"217.8.228.92"; content:"Host"; http_header; classtype:trojan-activity; sid:100002546; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"218.11.125.56"; content:"Host"; http_header; classtype:trojan-activity; sid:100002547; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"218.11.22.160"; content:"Host"; http_header; classtype:trojan-activity; sid:100002548; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"218.11.82.171"; content:"Host"; http_header; classtype:trojan-activity; sid:100002549; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"218.12.149.175"; content:"Host"; http_header; classtype:trojan-activity; sid:100002550; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"218.12.183.248"; content:"Host"; http_header; classtype:trojan-activity; sid:100002551; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"218.155.136.57"; content:"Host"; http_header; classtype:trojan-activity; sid:100002552; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"218.212.177.134"; content:"Host"; http_header; classtype:trojan-activity; sid:100002553; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"218.214.102.125"; content:"Host"; http_header; classtype:trojan-activity; sid:100002554; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"218.234.205.139"; content:"Host"; http_header; classtype:trojan-activity; sid:100002555; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"218.238.246.3"; content:"Host"; http_header; classtype:trojan-activity; sid:100002556; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"218.35.207.119"; content:"Host"; http_header; classtype:trojan-activity; sid:100002557; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"218.35.227.133"; content:"Host"; http_header; classtype:trojan-activity; sid:100002558; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"218.35.68.35"; content:"Host"; http_header; classtype:trojan-activity; sid:100002559; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"218.35.81.81"; content:"Host"; http_header; classtype:trojan-activity; sid:100002560; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"218.38.241.103"; content:"Host"; http_header; classtype:trojan-activity; sid:100002561; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"218.38.241.105"; content:"Host"; http_header; classtype:trojan-activity; sid:100002562; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"218.48.247.9"; content:"Host"; http_header; classtype:trojan-activity; sid:100002563; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"218.56.79.158"; content:"Host"; http_header; classtype:trojan-activity; sid:100002564; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"218.57.106.71"; content:"Host"; http_header; classtype:trojan-activity; sid:100002565; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"218.59.15.34"; content:"Host"; http_header; classtype:trojan-activity; sid:100002566; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"218.59.15.67"; content:"Host"; http_header; classtype:trojan-activity; sid:100002567; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"218.68.68.176"; content:"Host"; http_header; classtype:trojan-activity; sid:100002568; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"218.89.77.38"; content:"Host"; http_header; classtype:trojan-activity; sid:100002569; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"218.93.132.81"; content:"Host"; http_header; classtype:trojan-activity; sid:100002570; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.114.210.105"; content:"Host"; http_header; classtype:trojan-activity; sid:100002571; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.132.205.97"; content:"Host"; http_header; classtype:trojan-activity; sid:100002572; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.140.21.210"; content:"Host"; http_header; classtype:trojan-activity; sid:100002573; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.154.117.219"; content:"Host"; http_header; classtype:trojan-activity; sid:100002574; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.154.119.199"; content:"Host"; http_header; classtype:trojan-activity; sid:100002575; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.154.136.96"; content:"Host"; http_header; classtype:trojan-activity; sid:100002576; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.154.99.39"; content:"Host"; http_header; classtype:trojan-activity; sid:100002577; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.155.100.166"; content:"Host"; http_header; classtype:trojan-activity; sid:100002578; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.155.100.225"; content:"Host"; http_header; classtype:trojan-activity; sid:100002579; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.155.174.215"; content:"Host"; http_header; classtype:trojan-activity; sid:100002580; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.155.24.159"; content:"Host"; http_header; classtype:trojan-activity; sid:100002581; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.155.24.253"; content:"Host"; http_header; classtype:trojan-activity; sid:100002582; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.155.249.44"; content:"Host"; http_header; classtype:trojan-activity; sid:100002583; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.155.25.242"; content:"Host"; http_header; classtype:trojan-activity; sid:100002584; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.155.26.108"; content:"Host"; http_header; classtype:trojan-activity; sid:100002585; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.155.26.170"; content:"Host"; http_header; classtype:trojan-activity; sid:100002586; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.155.27.99"; content:"Host"; http_header; classtype:trojan-activity; sid:100002587; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.155.28.14"; content:"Host"; http_header; classtype:trojan-activity; sid:100002588; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.155.29.30"; content:"Host"; http_header; classtype:trojan-activity; sid:100002589; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.155.31.207"; content:"Host"; http_header; classtype:trojan-activity; sid:100002590; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.155.56.214"; content:"Host"; http_header; classtype:trojan-activity; sid:100002591; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.155.75.229"; content:"Host"; http_header; classtype:trojan-activity; sid:100002592; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.155.98.187"; content:"Host"; http_header; classtype:trojan-activity; sid:100002593; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.156.102.252"; content:"Host"; http_header; classtype:trojan-activity; sid:100002594; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.156.17.61"; content:"Host"; http_header; classtype:trojan-activity; sid:100002595; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.156.19.147"; content:"Host"; http_header; classtype:trojan-activity; sid:100002596; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.156.208.250"; content:"Host"; http_header; classtype:trojan-activity; sid:100002597; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.156.211.18"; content:"Host"; http_header; classtype:trojan-activity; sid:100002598; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.156.59.143"; content:"Host"; http_header; classtype:trojan-activity; sid:100002599; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.156.64.62"; content:"Host"; http_header; classtype:trojan-activity; sid:100002600; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.156.91.233"; content:"Host"; http_header; classtype:trojan-activity; sid:100002601; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.156.92.168"; content:"Host"; http_header; classtype:trojan-activity; sid:100002602; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.157.139.165"; content:"Host"; http_header; classtype:trojan-activity; sid:100002603; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.157.145.109"; content:"Host"; http_header; classtype:trojan-activity; sid:100002604; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.157.145.190"; content:"Host"; http_header; classtype:trojan-activity; sid:100002605; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.157.150.247"; content:"Host"; http_header; classtype:trojan-activity; sid:100002606; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.157.151.216"; content:"Host"; http_header; classtype:trojan-activity; sid:100002607; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.157.160.239"; content:"Host"; http_header; classtype:trojan-activity; sid:100002608; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.157.169.183"; content:"Host"; http_header; classtype:trojan-activity; sid:100002609; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.157.178.159"; content:"Host"; http_header; classtype:trojan-activity; sid:100002610; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.157.203.218"; content:"Host"; http_header; classtype:trojan-activity; sid:100002611; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.157.206.200"; content:"Host"; http_header; classtype:trojan-activity; sid:100002612; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.157.213.143"; content:"Host"; http_header; classtype:trojan-activity; sid:100002613; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.157.213.174"; content:"Host"; http_header; classtype:trojan-activity; sid:100002614; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.157.215.88"; content:"Host"; http_header; classtype:trojan-activity; sid:100002615; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.157.219.194"; content:"Host"; http_header; classtype:trojan-activity; sid:100002616; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.157.23.99"; content:"Host"; http_header; classtype:trojan-activity; sid:100002617; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.157.245.239"; content:"Host"; http_header; classtype:trojan-activity; sid:100002618; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.157.246.254"; content:"Host"; http_header; classtype:trojan-activity; sid:100002619; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.157.25.230"; content:"Host"; http_header; classtype:trojan-activity; sid:100002620; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.157.255.118"; content:"Host"; http_header; classtype:trojan-activity; sid:100002621; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.157.39.44"; content:"Host"; http_header; classtype:trojan-activity; sid:100002622; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.157.42.157"; content:"Host"; http_header; classtype:trojan-activity; sid:100002623; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.157.66.117"; content:"Host"; http_header; classtype:trojan-activity; sid:100002624; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.68.1.84"; content:"Host"; http_header; classtype:trojan-activity; sid:100002625; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.68.163.7"; content:"Host"; http_header; classtype:trojan-activity; sid:100002626; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.68.171.144"; content:"Host"; http_header; classtype:trojan-activity; sid:100002627; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.68.244.6"; content:"Host"; http_header; classtype:trojan-activity; sid:100002628; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.68.251.184"; content:"Host"; http_header; classtype:trojan-activity; sid:100002629; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.68.5.140"; content:"Host"; http_header; classtype:trojan-activity; sid:100002630; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.69.101.7"; content:"Host"; http_header; classtype:trojan-activity; sid:100002631; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.69.91.170"; content:"Host"; http_header; classtype:trojan-activity; sid:100002632; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.71.217.73"; content:"Host"; http_header; classtype:trojan-activity; sid:100002633; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.80.217.209"; content:"Host"; http_header; classtype:trojan-activity; sid:100002634; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.85.144.12"; content:"Host"; http_header; classtype:trojan-activity; sid:100002635; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"219.85.56.111"; content:"Host"; http_header; classtype:trojan-activity; sid:100002636; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"220.121.228.224"; content:"Host"; http_header; classtype:trojan-activity; sid:100002637; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"220.127.168.144"; content:"Host"; http_header; classtype:trojan-activity; sid:100002638; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"220.158.140.178"; content:"Host"; http_header; classtype:trojan-activity; sid:100002639; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"220.161.118.2"; content:"Host"; http_header; classtype:trojan-activity; sid:100002640; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"220.168.240.80"; content:"Host"; http_header; classtype:trojan-activity; sid:100002641; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"220.191.21.196"; content:"Host"; http_header; classtype:trojan-activity; sid:100002642; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"220.200.22.2"; content:"Host"; http_header; classtype:trojan-activity; sid:100002643; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"220.201.80.135"; content:"Host"; http_header; classtype:trojan-activity; sid:100002644; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"220.249.172.55"; content:"Host"; http_header; classtype:trojan-activity; sid:100002645; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"220.72.29.45"; content:"Host"; http_header; classtype:trojan-activity; sid:100002646; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"220.74.61.75"; content:"Host"; http_header; classtype:trojan-activity; sid:100002647; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"220.79.180.243"; content:"Host"; http_header; classtype:trojan-activity; sid:100002648; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"220.83.177.93"; content:"Host"; http_header; classtype:trojan-activity; sid:100002649; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"220.90.61.48"; content:"Host"; http_header; classtype:trojan-activity; sid:100002650; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"220.93.239.104"; content:"Host"; http_header; classtype:trojan-activity; sid:100002651; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"220.95.54.147"; content:"Host"; http_header; classtype:trojan-activity; sid:100002652; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.0.121.64"; content:"Host"; http_header; classtype:trojan-activity; sid:100002653; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.0.142.160"; content:"Host"; http_header; classtype:trojan-activity; sid:100002654; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.0.144.24"; content:"Host"; http_header; classtype:trojan-activity; sid:100002655; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.0.147.3"; content:"Host"; http_header; classtype:trojan-activity; sid:100002656; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.0.148.218"; content:"Host"; http_header; classtype:trojan-activity; sid:100002657; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.0.208.96"; content:"Host"; http_header; classtype:trojan-activity; sid:100002658; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.0.50.16"; content:"Host"; http_header; classtype:trojan-activity; sid:100002659; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.1.165.112"; content:"Host"; http_header; classtype:trojan-activity; sid:100002660; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.1.224.50"; content:"Host"; http_header; classtype:trojan-activity; sid:100002661; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.1.225.201"; content:"Host"; http_header; classtype:trojan-activity; sid:100002662; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.1.225.34"; content:"Host"; http_header; classtype:trojan-activity; sid:100002663; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.1.226.169"; content:"Host"; http_header; classtype:trojan-activity; sid:100002664; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.1.226.232"; content:"Host"; http_header; classtype:trojan-activity; sid:100002665; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.1.226.73"; content:"Host"; http_header; classtype:trojan-activity; sid:100002666; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.1.227.83"; content:"Host"; http_header; classtype:trojan-activity; sid:100002667; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.13.148.209"; content:"Host"; http_header; classtype:trojan-activity; sid:100002668; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.13.178.118"; content:"Host"; http_header; classtype:trojan-activity; sid:100002669; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.135.97.211"; content:"Host"; http_header; classtype:trojan-activity; sid:100002670; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.14.164.148"; content:"Host"; http_header; classtype:trojan-activity; sid:100002671; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.14.178.244"; content:"Host"; http_header; classtype:trojan-activity; sid:100002672; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.14.237.54"; content:"Host"; http_header; classtype:trojan-activity; sid:100002673; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.144.178.226"; content:"Host"; http_header; classtype:trojan-activity; sid:100002674; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.144.51.33"; content:"Host"; http_header; classtype:trojan-activity; sid:100002675; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.15.117.94"; content:"Host"; http_header; classtype:trojan-activity; sid:100002676; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.15.125.254"; content:"Host"; http_header; classtype:trojan-activity; sid:100002677; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.15.125.7"; content:"Host"; http_header; classtype:trojan-activity; sid:100002678; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.15.126.67"; content:"Host"; http_header; classtype:trojan-activity; sid:100002679; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.15.171.141"; content:"Host"; http_header; classtype:trojan-activity; sid:100002680; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.15.179.157"; content:"Host"; http_header; classtype:trojan-activity; sid:100002681; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.15.226.2"; content:"Host"; http_header; classtype:trojan-activity; sid:100002682; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.15.239.8"; content:"Host"; http_header; classtype:trojan-activity; sid:100002683; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.15.252.77"; content:"Host"; http_header; classtype:trojan-activity; sid:100002684; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.15.255.35"; content:"Host"; http_header; classtype:trojan-activity; sid:100002685; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.15.3.96"; content:"Host"; http_header; classtype:trojan-activity; sid:100002686; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.15.5.77"; content:"Host"; http_header; classtype:trojan-activity; sid:100002687; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.15.60.145"; content:"Host"; http_header; classtype:trojan-activity; sid:100002688; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.15.7.139"; content:"Host"; http_header; classtype:trojan-activity; sid:100002689; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.15.8.74"; content:"Host"; http_header; classtype:trojan-activity; sid:100002690; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.15.85.179"; content:"Host"; http_header; classtype:trojan-activity; sid:100002691; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.15.95.50"; content:"Host"; http_header; classtype:trojan-activity; sid:100002692; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.15.96.31"; content:"Host"; http_header; classtype:trojan-activity; sid:100002693; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.155.229.103"; content:"Host"; http_header; classtype:trojan-activity; sid:100002694; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.157.191.178"; content:"Host"; http_header; classtype:trojan-activity; sid:100002695; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.158.139.154"; content:"Host"; http_header; classtype:trojan-activity; sid:100002696; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.160.177.223"; content:"Host"; http_header; classtype:trojan-activity; sid:100002697; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.160.177.66"; content:"Host"; http_header; classtype:trojan-activity; sid:100002698; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.160.7.234"; content:"Host"; http_header; classtype:trojan-activity; sid:100002699; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.167.61.157"; content:"Host"; http_header; classtype:trojan-activity; sid:100002700; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.196.121.23"; content:"Host"; http_header; classtype:trojan-activity; sid:100002701; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.201.49.207"; content:"Host"; http_header; classtype:trojan-activity; sid:100002702; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.203.92.189"; content:"Host"; http_header; classtype:trojan-activity; sid:100002703; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.205.163.34"; content:"Host"; http_header; classtype:trojan-activity; sid:100002704; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.209.196.134"; content:"Host"; http_header; classtype:trojan-activity; sid:100002705; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.214.198.161"; content:"Host"; http_header; classtype:trojan-activity; sid:100002706; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.214.226.67"; content:"Host"; http_header; classtype:trojan-activity; sid:100002707; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.214.248.88"; content:"Host"; http_header; classtype:trojan-activity; sid:100002708; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.215.119.183"; content:"Host"; http_header; classtype:trojan-activity; sid:100002709; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.215.211.148"; content:"Host"; http_header; classtype:trojan-activity; sid:100002710; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.215.254.58"; content:"Host"; http_header; classtype:trojan-activity; sid:100002711; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.215.63.99"; content:"Host"; http_header; classtype:trojan-activity; sid:100002712; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.232.176.215"; content:"Host"; http_header; classtype:trojan-activity; sid:100002713; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.232.182.49"; content:"Host"; http_header; classtype:trojan-activity; sid:100002714; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.232.29.14"; content:"Host"; http_header; classtype:trojan-activity; sid:100002715; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.234.186.69"; content:"Host"; http_header; classtype:trojan-activity; sid:100002716; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.235.72.233"; content:"Host"; http_header; classtype:trojan-activity; sid:100002717; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.235.73.53"; content:"Host"; http_header; classtype:trojan-activity; sid:100002718; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.3.109.88"; content:"Host"; http_header; classtype:trojan-activity; sid:100002719; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"221.3.80.167"; content:"Host"; http_header; classtype:trojan-activity; sid:100002720; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.102.109.245"; content:"Host"; http_header; classtype:trojan-activity; sid:100002721; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.102.125.183"; content:"Host"; http_header; classtype:trojan-activity; sid:100002722; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.105.145.190"; content:"Host"; http_header; classtype:trojan-activity; sid:100002723; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.105.195.109"; content:"Host"; http_header; classtype:trojan-activity; sid:100002724; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.107.29.75"; content:"Host"; http_header; classtype:trojan-activity; sid:100002725; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.114.215.49"; content:"Host"; http_header; classtype:trojan-activity; sid:100002726; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.114.95.114"; content:"Host"; http_header; classtype:trojan-activity; sid:100002727; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.121.112.246"; content:"Host"; http_header; classtype:trojan-activity; sid:100002728; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.124.62.56"; content:"Host"; http_header; classtype:trojan-activity; sid:100002729; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.128.55.227"; content:"Host"; http_header; classtype:trojan-activity; sid:100002730; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.133.100.88"; content:"Host"; http_header; classtype:trojan-activity; sid:100002731; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.133.119.231"; content:"Host"; http_header; classtype:trojan-activity; sid:100002732; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.133.69.118"; content:"Host"; http_header; classtype:trojan-activity; sid:100002733; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.134.162.102"; content:"Host"; http_header; classtype:trojan-activity; sid:100002734; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.134.163.250"; content:"Host"; http_header; classtype:trojan-activity; sid:100002735; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.134.172.158"; content:"Host"; http_header; classtype:trojan-activity; sid:100002736; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.134.172.60"; content:"Host"; http_header; classtype:trojan-activity; sid:100002737; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.134.173.177"; content:"Host"; http_header; classtype:trojan-activity; sid:100002738; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.134.173.94"; content:"Host"; http_header; classtype:trojan-activity; sid:100002739; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.134.174.185"; content:"Host"; http_header; classtype:trojan-activity; sid:100002740; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.134.175.222"; content:"Host"; http_header; classtype:trojan-activity; sid:100002741; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.135.196.172"; content:"Host"; http_header; classtype:trojan-activity; sid:100002742; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.135.218.28"; content:"Host"; http_header; classtype:trojan-activity; sid:100002743; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.135.221.174"; content:"Host"; http_header; classtype:trojan-activity; sid:100002744; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.135.223.212"; content:"Host"; http_header; classtype:trojan-activity; sid:100002745; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.135.40.13"; content:"Host"; http_header; classtype:trojan-activity; sid:100002746; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.135.85.79"; content:"Host"; http_header; classtype:trojan-activity; sid:100002747; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.136.101.237"; content:"Host"; http_header; classtype:trojan-activity; sid:100002748; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.136.182.120"; content:"Host"; http_header; classtype:trojan-activity; sid:100002749; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.136.246.75"; content:"Host"; http_header; classtype:trojan-activity; sid:100002750; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.136.26.119"; content:"Host"; http_header; classtype:trojan-activity; sid:100002751; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.136.44.97"; content:"Host"; http_header; classtype:trojan-activity; sid:100002752; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.136.52.141"; content:"Host"; http_header; classtype:trojan-activity; sid:100002753; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.137.10.112"; content:"Host"; http_header; classtype:trojan-activity; sid:100002754; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.137.101.159"; content:"Host"; http_header; classtype:trojan-activity; sid:100002755; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.137.102.114"; content:"Host"; http_header; classtype:trojan-activity; sid:100002756; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.137.102.35"; content:"Host"; http_header; classtype:trojan-activity; sid:100002757; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.137.107.137"; content:"Host"; http_header; classtype:trojan-activity; sid:100002758; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.137.139.190"; content:"Host"; http_header; classtype:trojan-activity; sid:100002759; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.137.139.47"; content:"Host"; http_header; classtype:trojan-activity; sid:100002760; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.137.235.155"; content:"Host"; http_header; classtype:trojan-activity; sid:100002761; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.137.3.18"; content:"Host"; http_header; classtype:trojan-activity; sid:100002762; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.137.51.76"; content:"Host"; http_header; classtype:trojan-activity; sid:100002763; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.137.54.92"; content:"Host"; http_header; classtype:trojan-activity; sid:100002764; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.137.72.216"; content:"Host"; http_header; classtype:trojan-activity; sid:100002765; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.137.72.35"; content:"Host"; http_header; classtype:trojan-activity; sid:100002766; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.137.76.236"; content:"Host"; http_header; classtype:trojan-activity; sid:100002767; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.137.77.67"; content:"Host"; http_header; classtype:trojan-activity; sid:100002768; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.137.8.107"; content:"Host"; http_header; classtype:trojan-activity; sid:100002769; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.137.85.26"; content:"Host"; http_header; classtype:trojan-activity; sid:100002770; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.137.96.54"; content:"Host"; http_header; classtype:trojan-activity; sid:100002771; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.138.101.219"; content:"Host"; http_header; classtype:trojan-activity; sid:100002772; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.138.102.199"; content:"Host"; http_header; classtype:trojan-activity; sid:100002773; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.138.103.12"; content:"Host"; http_header; classtype:trojan-activity; sid:100002774; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.138.103.45"; content:"Host"; http_header; classtype:trojan-activity; sid:100002775; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.138.118.31"; content:"Host"; http_header; classtype:trojan-activity; sid:100002776; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.138.119.32"; content:"Host"; http_header; classtype:trojan-activity; sid:100002777; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.138.182.240"; content:"Host"; http_header; classtype:trojan-activity; sid:100002778; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.138.189.0"; content:"Host"; http_header; classtype:trojan-activity; sid:100002779; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.138.235.233"; content:"Host"; http_header; classtype:trojan-activity; sid:100002780; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.139.56.69"; content:"Host"; http_header; classtype:trojan-activity; sid:100002781; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.139.83.211"; content:"Host"; http_header; classtype:trojan-activity; sid:100002782; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.140.16.139"; content:"Host"; http_header; classtype:trojan-activity; sid:100002783; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.140.162.165"; content:"Host"; http_header; classtype:trojan-activity; sid:100002784; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.140.176.40"; content:"Host"; http_header; classtype:trojan-activity; sid:100002785; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.140.183.246"; content:"Host"; http_header; classtype:trojan-activity; sid:100002786; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.140.185.217"; content:"Host"; http_header; classtype:trojan-activity; sid:100002787; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.140.213.116"; content:"Host"; http_header; classtype:trojan-activity; sid:100002788; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.140.213.71"; content:"Host"; http_header; classtype:trojan-activity; sid:100002789; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.140.250.171"; content:"Host"; http_header; classtype:trojan-activity; sid:100002790; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.141.103.96"; content:"Host"; http_header; classtype:trojan-activity; sid:100002791; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.141.105.254"; content:"Host"; http_header; classtype:trojan-activity; sid:100002792; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.141.115.172"; content:"Host"; http_header; classtype:trojan-activity; sid:100002793; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.141.116.61"; content:"Host"; http_header; classtype:trojan-activity; sid:100002794; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.141.147.46"; content:"Host"; http_header; classtype:trojan-activity; sid:100002795; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.141.15.166"; content:"Host"; http_header; classtype:trojan-activity; sid:100002796; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.141.172.148"; content:"Host"; http_header; classtype:trojan-activity; sid:100002797; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.141.213.139"; content:"Host"; http_header; classtype:trojan-activity; sid:100002798; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.141.40.116"; content:"Host"; http_header; classtype:trojan-activity; sid:100002799; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.141.62.226"; content:"Host"; http_header; classtype:trojan-activity; sid:100002800; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.141.8.63"; content:"Host"; http_header; classtype:trojan-activity; sid:100002801; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.141.82.75"; content:"Host"; http_header; classtype:trojan-activity; sid:100002802; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.141.88.120"; content:"Host"; http_header; classtype:trojan-activity; sid:100002803; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.142.231.193"; content:"Host"; http_header; classtype:trojan-activity; sid:100002804; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.142.241.190"; content:"Host"; http_header; classtype:trojan-activity; sid:100002805; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.174.69.122"; content:"Host"; http_header; classtype:trojan-activity; sid:100002806; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.185.131.8"; content:"Host"; http_header; classtype:trojan-activity; sid:100002807; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.208.116.180"; content:"Host"; http_header; classtype:trojan-activity; sid:100002808; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.217.144.82"; content:"Host"; http_header; classtype:trojan-activity; sid:100002809; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.241.14.199"; content:"Host"; http_header; classtype:trojan-activity; sid:100002810; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.241.14.234"; content:"Host"; http_header; classtype:trojan-activity; sid:100002811; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.241.193.11"; content:"Host"; http_header; classtype:trojan-activity; sid:100002812; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.241.194.153"; content:"Host"; http_header; classtype:trojan-activity; sid:100002813; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.243.14.67"; content:"Host"; http_header; classtype:trojan-activity; sid:100002814; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.248.36.3"; content:"Host"; http_header; classtype:trojan-activity; sid:100002815; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.253.45.141"; content:"Host"; http_header; classtype:trojan-activity; sid:100002816; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.78.201.36"; content:"Host"; http_header; classtype:trojan-activity; sid:100002817; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.88.111.63"; content:"Host"; http_header; classtype:trojan-activity; sid:100002818; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.95.95.135"; content:"Host"; http_header; classtype:trojan-activity; sid:100002819; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"222.99.147.31"; content:"Host"; http_header; classtype:trojan-activity; sid:100002820; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"223.13.124.201"; content:"Host"; http_header; classtype:trojan-activity; sid:100002821; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"223.154.80.38"; content:"Host"; http_header; classtype:trojan-activity; sid:100002822; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"223.212.75.105"; content:"Host"; http_header; classtype:trojan-activity; sid:100002823; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"223.213.179.227"; content:"Host"; http_header; classtype:trojan-activity; sid:100002824; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"223.252.173.28"; content:"Host"; http_header; classtype:trojan-activity; sid:100002825; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"23.115.118.232"; content:"Host"; http_header; classtype:trojan-activity; sid:100002826; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"23.121.154.175"; content:"Host"; http_header; classtype:trojan-activity; sid:100002827; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"23.124.203.20"; content:"Host"; http_header; classtype:trojan-activity; sid:100002828; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"23.125.186.135"; content:"Host"; http_header; classtype:trojan-activity; sid:100002829; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"23.126.120.25"; content:"Host"; http_header; classtype:trojan-activity; sid:100002830; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"23.229.29.42"; content:"Host"; http_header; classtype:trojan-activity; sid:100002831; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"23.94.160.125"; content:"Host"; http_header; classtype:trojan-activity; sid:100002832; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"23.94.183.101"; content:"Host"; http_header; classtype:trojan-activity; sid:100002833; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"23.94.50.159"; content:"Host"; http_header; classtype:trojan-activity; sid:100002834; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"23.95.9.5"; content:"Host"; http_header; classtype:trojan-activity; sid:100002835; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"24.0.90.200"; content:"Host"; http_header; classtype:trojan-activity; sid:100002836; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"24.10.121.183"; content:"Host"; http_header; classtype:trojan-activity; sid:100002837; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"24.103.74.180"; content:"Host"; http_header; classtype:trojan-activity; sid:100002838; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"24.11.141.134"; content:"Host"; http_header; classtype:trojan-activity; sid:100002839; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"24.115.102.2"; content:"Host"; http_header; classtype:trojan-activity; sid:100002840; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"24.119.158.74"; content:"Host"; http_header; classtype:trojan-activity; sid:100002841; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"24.139.39.207"; content:"Host"; http_header; classtype:trojan-activity; sid:100002842; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"24.158.25.98"; content:"Host"; http_header; classtype:trojan-activity; sid:100002843; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"24.176.184.138"; content:"Host"; http_header; classtype:trojan-activity; sid:100002844; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"24.176.206.12"; content:"Host"; http_header; classtype:trojan-activity; sid:100002845; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"24.178.76.242"; content:"Host"; http_header; classtype:trojan-activity; sid:100002846; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"24.184.1.41"; content:"Host"; http_header; classtype:trojan-activity; sid:100002847; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"24.189.29.194"; content:"Host"; http_header; classtype:trojan-activity; sid:100002848; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"24.192.191.109"; content:"Host"; http_header; classtype:trojan-activity; sid:100002849; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"24.193.223.117"; content:"Host"; http_header; classtype:trojan-activity; sid:100002850; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"24.30.95.55"; content:"Host"; http_header; classtype:trojan-activity; sid:100002851; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"24.39.181.18"; content:"Host"; http_header; classtype:trojan-activity; sid:100002852; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"24.39.34.242"; content:"Host"; http_header; classtype:trojan-activity; sid:100002853; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"24.42.229.143"; content:"Host"; http_header; classtype:trojan-activity; sid:100002854; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"24.44.76.228"; content:"Host"; http_header; classtype:trojan-activity; sid:100002855; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"24.51.91.113"; content:"Host"; http_header; classtype:trojan-activity; sid:100002856; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"24.53.163.10"; content:"Host"; http_header; classtype:trojan-activity; sid:100002857; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"24.53.163.9"; content:"Host"; http_header; classtype:trojan-activity; sid:100002858; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"24.68.127.176"; content:"Host"; http_header; classtype:trojan-activity; sid:100002859; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"24.72.83.228"; content:"Host"; http_header; classtype:trojan-activity; sid:100002860; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"24.85.246.47"; content:"Host"; http_header; classtype:trojan-activity; sid:100002861; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"24.88.169.93"; content:"Host"; http_header; classtype:trojan-activity; sid:100002862; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"24.90.88.77"; content:"Host"; http_header; classtype:trojan-activity; sid:100002863; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.105.106.201"; content:"Host"; http_header; classtype:trojan-activity; sid:100002864; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.121.39.216"; content:"Host"; http_header; classtype:trojan-activity; sid:100002865; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.124.34.236"; content:"Host"; http_header; classtype:trojan-activity; sid:100002866; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.147.29.52"; content:"Host"; http_header; classtype:trojan-activity; sid:100002867; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.156.171.129"; content:"Host"; http_header; classtype:trojan-activity; sid:100002868; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.184.54.86"; content:"Host"; http_header; classtype:trojan-activity; sid:100002869; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.187.250.73"; content:"Host"; http_header; classtype:trojan-activity; sid:100002870; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.187.251.61"; content:"Host"; http_header; classtype:trojan-activity; sid:100002871; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.191.53.113"; content:"Host"; http_header; classtype:trojan-activity; sid:100002872; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.193.158.218"; content:"Host"; http_header; classtype:trojan-activity; sid:100002873; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.193.59.170"; content:"Host"; http_header; classtype:trojan-activity; sid:100002874; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.193.71.161"; content:"Host"; http_header; classtype:trojan-activity; sid:100002875; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.194.106.217"; content:"Host"; http_header; classtype:trojan-activity; sid:100002876; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.194.11.210"; content:"Host"; http_header; classtype:trojan-activity; sid:100002877; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.194.113.131"; content:"Host"; http_header; classtype:trojan-activity; sid:100002878; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.194.154.191"; content:"Host"; http_header; classtype:trojan-activity; sid:100002879; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.194.156.28"; content:"Host"; http_header; classtype:trojan-activity; sid:100002880; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.194.164.21"; content:"Host"; http_header; classtype:trojan-activity; sid:100002881; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.194.208.152"; content:"Host"; http_header; classtype:trojan-activity; sid:100002882; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.194.34.28"; content:"Host"; http_header; classtype:trojan-activity; sid:100002883; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.197.12.44"; content:"Host"; http_header; classtype:trojan-activity; sid:100002884; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.197.130.108"; content:"Host"; http_header; classtype:trojan-activity; sid:100002885; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.197.17.36"; content:"Host"; http_header; classtype:trojan-activity; sid:100002886; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.197.19.190"; content:"Host"; http_header; classtype:trojan-activity; sid:100002887; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.197.29.71"; content:"Host"; http_header; classtype:trojan-activity; sid:100002888; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.197.37.3"; content:"Host"; http_header; classtype:trojan-activity; sid:100002889; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.197.58.57"; content:"Host"; http_header; classtype:trojan-activity; sid:100002890; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.198.184.19"; content:"Host"; http_header; classtype:trojan-activity; sid:100002891; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.198.197.63"; content:"Host"; http_header; classtype:trojan-activity; sid:100002892; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.198.22.21"; content:"Host"; http_header; classtype:trojan-activity; sid:100002893; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.198.246.248"; content:"Host"; http_header; classtype:trojan-activity; sid:100002894; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.198.58.31"; content:"Host"; http_header; classtype:trojan-activity; sid:100002895; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.199.14.210"; content:"Host"; http_header; classtype:trojan-activity; sid:100002896; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.199.14.46"; content:"Host"; http_header; classtype:trojan-activity; sid:100002897; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.199.144.38"; content:"Host"; http_header; classtype:trojan-activity; sid:100002898; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.199.186.53"; content:"Host"; http_header; classtype:trojan-activity; sid:100002899; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.199.206.201"; content:"Host"; http_header; classtype:trojan-activity; sid:100002900; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.199.237.80"; content:"Host"; http_header; classtype:trojan-activity; sid:100002901; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.199.39.189"; content:"Host"; http_header; classtype:trojan-activity; sid:100002902; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.199.88.186"; content:"Host"; http_header; classtype:trojan-activity; sid:100002903; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.200.1.105"; content:"Host"; http_header; classtype:trojan-activity; sid:100002904; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.200.155.132"; content:"Host"; http_header; classtype:trojan-activity; sid:100002905; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.201.169.110"; content:"Host"; http_header; classtype:trojan-activity; sid:100002906; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.201.3.104"; content:"Host"; http_header; classtype:trojan-activity; sid:100002907; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.202.108.43"; content:"Host"; http_header; classtype:trojan-activity; sid:100002908; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.202.137.73"; content:"Host"; http_header; classtype:trojan-activity; sid:100002909; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.202.21.28"; content:"Host"; http_header; classtype:trojan-activity; sid:100002910; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.202.228.155"; content:"Host"; http_header; classtype:trojan-activity; sid:100002911; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.202.51.68"; content:"Host"; http_header; classtype:trojan-activity; sid:100002912; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.203.123.114"; content:"Host"; http_header; classtype:trojan-activity; sid:100002913; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.203.130.144"; content:"Host"; http_header; classtype:trojan-activity; sid:100002914; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.203.145.219"; content:"Host"; http_header; classtype:trojan-activity; sid:100002915; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.203.170.114"; content:"Host"; http_header; classtype:trojan-activity; sid:100002916; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.203.186.37"; content:"Host"; http_header; classtype:trojan-activity; sid:100002917; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.203.195.218"; content:"Host"; http_header; classtype:trojan-activity; sid:100002918; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.203.200.191"; content:"Host"; http_header; classtype:trojan-activity; sid:100002919; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.203.226.147"; content:"Host"; http_header; classtype:trojan-activity; sid:100002920; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.203.226.219"; content:"Host"; http_header; classtype:trojan-activity; sid:100002921; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.203.243.98"; content:"Host"; http_header; classtype:trojan-activity; sid:100002922; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.203.251.38"; content:"Host"; http_header; classtype:trojan-activity; sid:100002923; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.203.4.35"; content:"Host"; http_header; classtype:trojan-activity; sid:100002924; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.203.51.136"; content:"Host"; http_header; classtype:trojan-activity; sid:100002925; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.203.77.170"; content:"Host"; http_header; classtype:trojan-activity; sid:100002926; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.203.98.145"; content:"Host"; http_header; classtype:trojan-activity; sid:100002927; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.204.234.128"; content:"Host"; http_header; classtype:trojan-activity; sid:100002928; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.204.238.190"; content:"Host"; http_header; classtype:trojan-activity; sid:100002929; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.204.241.91"; content:"Host"; http_header; classtype:trojan-activity; sid:100002930; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.205.152.206"; content:"Host"; http_header; classtype:trojan-activity; sid:100002931; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.206.10.41"; content:"Host"; http_header; classtype:trojan-activity; sid:100002932; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.206.116.118"; content:"Host"; http_header; classtype:trojan-activity; sid:100002933; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.206.126.128"; content:"Host"; http_header; classtype:trojan-activity; sid:100002934; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.206.19.25"; content:"Host"; http_header; classtype:trojan-activity; sid:100002935; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.206.239.131"; content:"Host"; http_header; classtype:trojan-activity; sid:100002936; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.206.252.151"; content:"Host"; http_header; classtype:trojan-activity; sid:100002937; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.206.80.115"; content:"Host"; http_header; classtype:trojan-activity; sid:100002938; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.207.125.175"; content:"Host"; http_header; classtype:trojan-activity; sid:100002939; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.207.251.30"; content:"Host"; http_header; classtype:trojan-activity; sid:100002940; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.208.104.130"; content:"Host"; http_header; classtype:trojan-activity; sid:100002941; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.208.145.158"; content:"Host"; http_header; classtype:trojan-activity; sid:100002942; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.208.163.247"; content:"Host"; http_header; classtype:trojan-activity; sid:100002943; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.208.22.84"; content:"Host"; http_header; classtype:trojan-activity; sid:100002944; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.208.34.2"; content:"Host"; http_header; classtype:trojan-activity; sid:100002945; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.208.37.17"; content:"Host"; http_header; classtype:trojan-activity; sid:100002946; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.208.8.161"; content:"Host"; http_header; classtype:trojan-activity; sid:100002947; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.208.90.69"; content:"Host"; http_header; classtype:trojan-activity; sid:100002948; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.209.107.22"; content:"Host"; http_header; classtype:trojan-activity; sid:100002949; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.209.161.235"; content:"Host"; http_header; classtype:trojan-activity; sid:100002950; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.209.200.74"; content:"Host"; http_header; classtype:trojan-activity; sid:100002951; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.209.233.192"; content:"Host"; http_header; classtype:trojan-activity; sid:100002952; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.209.51.114"; content:"Host"; http_header; classtype:trojan-activity; sid:100002953; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.21.168.4"; content:"Host"; http_header; classtype:trojan-activity; sid:100002954; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.21.169.154"; content:"Host"; http_header; classtype:trojan-activity; sid:100002955; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.210.102.6"; content:"Host"; http_header; classtype:trojan-activity; sid:100002956; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.210.164.9"; content:"Host"; http_header; classtype:trojan-activity; sid:100002957; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.210.236.134"; content:"Host"; http_header; classtype:trojan-activity; sid:100002958; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.210.47.190"; content:"Host"; http_header; classtype:trojan-activity; sid:100002959; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.213.101.115"; content:"Host"; http_header; classtype:trojan-activity; sid:100002960; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.213.102.95"; content:"Host"; http_header; classtype:trojan-activity; sid:100002961; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.213.104.201"; content:"Host"; http_header; classtype:trojan-activity; sid:100002962; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.213.113.1"; content:"Host"; http_header; classtype:trojan-activity; sid:100002963; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.213.142.191"; content:"Host"; http_header; classtype:trojan-activity; sid:100002964; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.213.162.183"; content:"Host"; http_header; classtype:trojan-activity; sid:100002965; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.213.170.24"; content:"Host"; http_header; classtype:trojan-activity; sid:100002966; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.213.230.33"; content:"Host"; http_header; classtype:trojan-activity; sid:100002967; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.213.233.90"; content:"Host"; http_header; classtype:trojan-activity; sid:100002968; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.213.237.122"; content:"Host"; http_header; classtype:trojan-activity; sid:100002969; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.213.32.11"; content:"Host"; http_header; classtype:trojan-activity; sid:100002970; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.213.69.68"; content:"Host"; http_header; classtype:trojan-activity; sid:100002971; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.213.83.174"; content:"Host"; http_header; classtype:trojan-activity; sid:100002972; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.213.9.36"; content:"Host"; http_header; classtype:trojan-activity; sid:100002973; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.213.95.149"; content:"Host"; http_header; classtype:trojan-activity; sid:100002974; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.215.108.43"; content:"Host"; http_header; classtype:trojan-activity; sid:100002975; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.215.109.3"; content:"Host"; http_header; classtype:trojan-activity; sid:100002976; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.215.110.221"; content:"Host"; http_header; classtype:trojan-activity; sid:100002977; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.215.111.177"; content:"Host"; http_header; classtype:trojan-activity; sid:100002978; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.215.121.132"; content:"Host"; http_header; classtype:trojan-activity; sid:100002979; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.215.121.164"; content:"Host"; http_header; classtype:trojan-activity; sid:100002980; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.215.122.117"; content:"Host"; http_header; classtype:trojan-activity; sid:100002981; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.215.122.121"; content:"Host"; http_header; classtype:trojan-activity; sid:100002982; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.215.122.25"; content:"Host"; http_header; classtype:trojan-activity; sid:100002983; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.215.123.106"; content:"Host"; http_header; classtype:trojan-activity; sid:100002984; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.215.124.176"; content:"Host"; http_header; classtype:trojan-activity; sid:100002985; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.215.124.245"; content:"Host"; http_header; classtype:trojan-activity; sid:100002986; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.215.125.253"; content:"Host"; http_header; classtype:trojan-activity; sid:100002987; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.215.125.31"; content:"Host"; http_header; classtype:trojan-activity; sid:100002988; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.215.126.30"; content:"Host"; http_header; classtype:trojan-activity; sid:100002989; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.215.126.59"; content:"Host"; http_header; classtype:trojan-activity; sid:100002990; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.215.127.179"; content:"Host"; http_header; classtype:trojan-activity; sid:100002991; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.215.127.228"; content:"Host"; http_header; classtype:trojan-activity; sid:100002992; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.215.128.230"; content:"Host"; http_header; classtype:trojan-activity; sid:100002993; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.215.136.103"; content:"Host"; http_header; classtype:trojan-activity; sid:100002994; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.215.137.199"; content:"Host"; http_header; classtype:trojan-activity; sid:100002995; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.215.137.20"; content:"Host"; http_header; classtype:trojan-activity; sid:100002996; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.215.137.45"; content:"Host"; http_header; classtype:trojan-activity; sid:100002997; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.215.137.91"; content:"Host"; http_header; classtype:trojan-activity; sid:100002998; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.215.141.229"; content:"Host"; http_header; classtype:trojan-activity; sid:100002999; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.215.177.151"; content:"Host"; http_header; classtype:trojan-activity; sid:100003000; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.215.177.220"; content:"Host"; http_header; classtype:trojan-activity; sid:100003001; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.215.178.73"; content:"Host"; http_header; classtype:trojan-activity; sid:100003002; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.215.179.119"; content:"Host"; http_header; classtype:trojan-activity; sid:100003003; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.215.179.23"; content:"Host"; http_header; classtype:trojan-activity; sid:100003004; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.215.179.62"; content:"Host"; http_header; classtype:trojan-activity; sid:100003005; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.215.180.223"; content:"Host"; http_header; classtype:trojan-activity; sid:100003006; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.215.181.247"; content:"Host"; http_header; classtype:trojan-activity; sid:100003007; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.215.183.130"; content:"Host"; http_header; classtype:trojan-activity; sid:100003008; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.215.210.13"; content:"Host"; http_header; classtype:trojan-activity; sid:100003009; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.215.214.131"; content:"Host"; http_header; classtype:trojan-activity; sid:100003010; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.215.214.207"; content:"Host"; http_header; classtype:trojan-activity; sid:100003011; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.215.214.65"; content:"Host"; http_header; classtype:trojan-activity; sid:100003012; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.215.243.45"; content:"Host"; http_header; classtype:trojan-activity; sid:100003013; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.215.48.119"; content:"Host"; http_header; classtype:trojan-activity; sid:100003014; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.215.50.170"; content:"Host"; http_header; classtype:trojan-activity; sid:100003015; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.215.51.30"; content:"Host"; http_header; classtype:trojan-activity; sid:100003016; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.215.53.39"; content:"Host"; http_header; classtype:trojan-activity; sid:100003017; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.215.53.94"; content:"Host"; http_header; classtype:trojan-activity; sid:100003018; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.215.55.154"; content:"Host"; http_header; classtype:trojan-activity; sid:100003019; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.215.55.177"; content:"Host"; http_header; classtype:trojan-activity; sid:100003020; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.215.55.73"; content:"Host"; http_header; classtype:trojan-activity; sid:100003021; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.215.68.84"; content:"Host"; http_header; classtype:trojan-activity; sid:100003022; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.215.80.146"; content:"Host"; http_header; classtype:trojan-activity; sid:100003023; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.215.81.64"; content:"Host"; http_header; classtype:trojan-activity; sid:100003024; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.215.82.156"; content:"Host"; http_header; classtype:trojan-activity; sid:100003025; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.215.82.166"; content:"Host"; http_header; classtype:trojan-activity; sid:100003026; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.215.83.39"; content:"Host"; http_header; classtype:trojan-activity; sid:100003027; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.215.85.122"; content:"Host"; http_header; classtype:trojan-activity; sid:100003028; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.215.85.237"; content:"Host"; http_header; classtype:trojan-activity; sid:100003029; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.215.86.30"; content:"Host"; http_header; classtype:trojan-activity; sid:100003030; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.215.87.45"; content:"Host"; http_header; classtype:trojan-activity; sid:100003031; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.215.93.80"; content:"Host"; http_header; classtype:trojan-activity; sid:100003032; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.216.145.39"; content:"Host"; http_header; classtype:trojan-activity; sid:100003033; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.216.163.179"; content:"Host"; http_header; classtype:trojan-activity; sid:100003034; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.216.201.11"; content:"Host"; http_header; classtype:trojan-activity; sid:100003035; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.216.214.65"; content:"Host"; http_header; classtype:trojan-activity; sid:100003036; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.216.216.236"; content:"Host"; http_header; classtype:trojan-activity; sid:100003037; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.216.30.175"; content:"Host"; http_header; classtype:trojan-activity; sid:100003038; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.216.47.68"; content:"Host"; http_header; classtype:trojan-activity; sid:100003039; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.216.91.9"; content:"Host"; http_header; classtype:trojan-activity; sid:100003040; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.217.122.92"; content:"Host"; http_header; classtype:trojan-activity; sid:100003041; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.217.136.82"; content:"Host"; http_header; classtype:trojan-activity; sid:100003042; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.217.184.255"; content:"Host"; http_header; classtype:trojan-activity; sid:100003043; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.217.215.218"; content:"Host"; http_header; classtype:trojan-activity; sid:100003044; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.218.198.104"; content:"Host"; http_header; classtype:trojan-activity; sid:100003045; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.218.23.131"; content:"Host"; http_header; classtype:trojan-activity; sid:100003046; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.219.10.144"; content:"Host"; http_header; classtype:trojan-activity; sid:100003047; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.219.108.218"; content:"Host"; http_header; classtype:trojan-activity; sid:100003048; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.219.136.92"; content:"Host"; http_header; classtype:trojan-activity; sid:100003049; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.219.176.58"; content:"Host"; http_header; classtype:trojan-activity; sid:100003050; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.219.27.83"; content:"Host"; http_header; classtype:trojan-activity; sid:100003051; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.219.65.170"; content:"Host"; http_header; classtype:trojan-activity; sid:100003052; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.220.118.33"; content:"Host"; http_header; classtype:trojan-activity; sid:100003053; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.220.189.159"; content:"Host"; http_header; classtype:trojan-activity; sid:100003054; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.220.2.95"; content:"Host"; http_header; classtype:trojan-activity; sid:100003055; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.220.39.199"; content:"Host"; http_header; classtype:trojan-activity; sid:100003056; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.220.46.112"; content:"Host"; http_header; classtype:trojan-activity; sid:100003057; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.222.87.166"; content:"Host"; http_header; classtype:trojan-activity; sid:100003058; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.223.167.37"; content:"Host"; http_header; classtype:trojan-activity; sid:100003059; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.223.225.39"; content:"Host"; http_header; classtype:trojan-activity; sid:100003060; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.223.255.2"; content:"Host"; http_header; classtype:trojan-activity; sid:100003061; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.29.34.11"; content:"Host"; http_header; classtype:trojan-activity; sid:100003062; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.3.63.19"; content:"Host"; http_header; classtype:trojan-activity; sid:100003063; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.35.129.198"; content:"Host"; http_header; classtype:trojan-activity; sid:100003064; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.35.40.10"; content:"Host"; http_header; classtype:trojan-activity; sid:100003065; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.35.40.13"; content:"Host"; http_header; classtype:trojan-activity; sid:100003066; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.35.58.5"; content:"Host"; http_header; classtype:trojan-activity; sid:100003067; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.36.81.254"; content:"Host"; http_header; classtype:trojan-activity; sid:100003068; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.36.90.187"; content:"Host"; http_header; classtype:trojan-activity; sid:100003069; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.37.165.159"; content:"Host"; http_header; classtype:trojan-activity; sid:100003070; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.37.211.245"; content:"Host"; http_header; classtype:trojan-activity; sid:100003071; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.37.230.238"; content:"Host"; http_header; classtype:trojan-activity; sid:100003072; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.37.234.224"; content:"Host"; http_header; classtype:trojan-activity; sid:100003073; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.37.47.143"; content:"Host"; http_header; classtype:trojan-activity; sid:100003074; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.38.114.127"; content:"Host"; http_header; classtype:trojan-activity; sid:100003075; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.38.114.37"; content:"Host"; http_header; classtype:trojan-activity; sid:100003076; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.38.114.77"; content:"Host"; http_header; classtype:trojan-activity; sid:100003077; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.38.115.177"; content:"Host"; http_header; classtype:trojan-activity; sid:100003078; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.38.119.44"; content:"Host"; http_header; classtype:trojan-activity; sid:100003079; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.38.121.75"; content:"Host"; http_header; classtype:trojan-activity; sid:100003080; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.38.142.61"; content:"Host"; http_header; classtype:trojan-activity; sid:100003081; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.38.143.11"; content:"Host"; http_header; classtype:trojan-activity; sid:100003082; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.38.173.125"; content:"Host"; http_header; classtype:trojan-activity; sid:100003083; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.38.175.181"; content:"Host"; http_header; classtype:trojan-activity; sid:100003084; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.38.69.68"; content:"Host"; http_header; classtype:trojan-activity; sid:100003085; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.38.82.52"; content:"Host"; http_header; classtype:trojan-activity; sid:100003086; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.40.101.85"; content:"Host"; http_header; classtype:trojan-activity; sid:100003087; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.40.102.124"; content:"Host"; http_header; classtype:trojan-activity; sid:100003088; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.40.103.111"; content:"Host"; http_header; classtype:trojan-activity; sid:100003089; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.40.103.253"; content:"Host"; http_header; classtype:trojan-activity; sid:100003090; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.40.116.47"; content:"Host"; http_header; classtype:trojan-activity; sid:100003091; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.40.117.119"; content:"Host"; http_header; classtype:trojan-activity; sid:100003092; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.40.118.133"; content:"Host"; http_header; classtype:trojan-activity; sid:100003093; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.40.119.67"; content:"Host"; http_header; classtype:trojan-activity; sid:100003094; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.40.121.209"; content:"Host"; http_header; classtype:trojan-activity; sid:100003095; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.40.121.3"; content:"Host"; http_header; classtype:trojan-activity; sid:100003096; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.40.121.86"; content:"Host"; http_header; classtype:trojan-activity; sid:100003097; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.40.122.44"; content:"Host"; http_header; classtype:trojan-activity; sid:100003098; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.40.123.29"; content:"Host"; http_header; classtype:trojan-activity; sid:100003099; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.40.73.125"; content:"Host"; http_header; classtype:trojan-activity; sid:100003100; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.40.73.182"; content:"Host"; http_header; classtype:trojan-activity; sid:100003101; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.40.74.79"; content:"Host"; http_header; classtype:trojan-activity; sid:100003102; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.40.77.20"; content:"Host"; http_header; classtype:trojan-activity; sid:100003103; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.40.78.175"; content:"Host"; http_header; classtype:trojan-activity; sid:100003104; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.40.78.195"; content:"Host"; http_header; classtype:trojan-activity; sid:100003105; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.40.78.249"; content:"Host"; http_header; classtype:trojan-activity; sid:100003106; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.40.78.27"; content:"Host"; http_header; classtype:trojan-activity; sid:100003107; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.40.84.236"; content:"Host"; http_header; classtype:trojan-activity; sid:100003108; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.40.84.4"; content:"Host"; http_header; classtype:trojan-activity; sid:100003109; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.40.85.206"; content:"Host"; http_header; classtype:trojan-activity; sid:100003110; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.40.88.119"; content:"Host"; http_header; classtype:trojan-activity; sid:100003111; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.40.89.5"; content:"Host"; http_header; classtype:trojan-activity; sid:100003112; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.41.11.180"; content:"Host"; http_header; classtype:trojan-activity; sid:100003113; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.41.38.209"; content:"Host"; http_header; classtype:trojan-activity; sid:100003114; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.41.4.162"; content:"Host"; http_header; classtype:trojan-activity; sid:100003115; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.41.6.229"; content:"Host"; http_header; classtype:trojan-activity; sid:100003116; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.41.7.31"; content:"Host"; http_header; classtype:trojan-activity; sid:100003117; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.41.8.34"; content:"Host"; http_header; classtype:trojan-activity; sid:100003118; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.41.9.49"; content:"Host"; http_header; classtype:trojan-activity; sid:100003119; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.43.108.100"; content:"Host"; http_header; classtype:trojan-activity; sid:100003120; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.43.110.222"; content:"Host"; http_header; classtype:trojan-activity; sid:100003121; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.43.110.81"; content:"Host"; http_header; classtype:trojan-activity; sid:100003122; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.43.113.231"; content:"Host"; http_header; classtype:trojan-activity; sid:100003123; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.43.115.245"; content:"Host"; http_header; classtype:trojan-activity; sid:100003124; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.43.118.116"; content:"Host"; http_header; classtype:trojan-activity; sid:100003125; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.43.118.36"; content:"Host"; http_header; classtype:trojan-activity; sid:100003126; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.43.118.4"; content:"Host"; http_header; classtype:trojan-activity; sid:100003127; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.43.118.78"; content:"Host"; http_header; classtype:trojan-activity; sid:100003128; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.43.121.188"; content:"Host"; http_header; classtype:trojan-activity; sid:100003129; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.43.122.91"; content:"Host"; http_header; classtype:trojan-activity; sid:100003130; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.43.127.9"; content:"Host"; http_header; classtype:trojan-activity; sid:100003131; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.44.70.119"; content:"Host"; http_header; classtype:trojan-activity; sid:100003132; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.44.71.67"; content:"Host"; http_header; classtype:trojan-activity; sid:100003133; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.45.12.139"; content:"Host"; http_header; classtype:trojan-activity; sid:100003134; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.45.12.98"; content:"Host"; http_header; classtype:trojan-activity; sid:100003135; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.45.13.29"; content:"Host"; http_header; classtype:trojan-activity; sid:100003136; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.45.15.131"; content:"Host"; http_header; classtype:trojan-activity; sid:100003137; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.45.214.213"; content:"Host"; http_header; classtype:trojan-activity; sid:100003138; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.45.34.25"; content:"Host"; http_header; classtype:trojan-activity; sid:100003139; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.45.36.189"; content:"Host"; http_header; classtype:trojan-activity; sid:100003140; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.45.37.209"; content:"Host"; http_header; classtype:trojan-activity; sid:100003141; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.45.38.108"; content:"Host"; http_header; classtype:trojan-activity; sid:100003142; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.45.38.142"; content:"Host"; http_header; classtype:trojan-activity; sid:100003143; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.45.38.211"; content:"Host"; http_header; classtype:trojan-activity; sid:100003144; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.45.38.248"; content:"Host"; http_header; classtype:trojan-activity; sid:100003145; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.45.38.250"; content:"Host"; http_header; classtype:trojan-activity; sid:100003146; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.45.56.95"; content:"Host"; http_header; classtype:trojan-activity; sid:100003147; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.45.57.247"; content:"Host"; http_header; classtype:trojan-activity; sid:100003148; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.45.57.64"; content:"Host"; http_header; classtype:trojan-activity; sid:100003149; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.45.57.78"; content:"Host"; http_header; classtype:trojan-activity; sid:100003150; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.45.58.217"; content:"Host"; http_header; classtype:trojan-activity; sid:100003151; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.45.58.23"; content:"Host"; http_header; classtype:trojan-activity; sid:100003152; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.45.58.254"; content:"Host"; http_header; classtype:trojan-activity; sid:100003153; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.45.59.189"; content:"Host"; http_header; classtype:trojan-activity; sid:100003154; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.45.59.216"; content:"Host"; http_header; classtype:trojan-activity; sid:100003155; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.45.63.160"; content:"Host"; http_header; classtype:trojan-activity; sid:100003156; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.45.8.11"; content:"Host"; http_header; classtype:trojan-activity; sid:100003157; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.45.89.202"; content:"Host"; http_header; classtype:trojan-activity; sid:100003158; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.45.9.152"; content:"Host"; http_header; classtype:trojan-activity; sid:100003159; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.45.90.202"; content:"Host"; http_header; classtype:trojan-activity; sid:100003160; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.46.44.237"; content:"Host"; http_header; classtype:trojan-activity; sid:100003161; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.46.44.84"; content:"Host"; http_header; classtype:trojan-activity; sid:100003162; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.46.45.65"; content:"Host"; http_header; classtype:trojan-activity; sid:100003163; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.46.46.119"; content:"Host"; http_header; classtype:trojan-activity; sid:100003164; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.46.47.249"; content:"Host"; http_header; classtype:trojan-activity; sid:100003165; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.46.47.254"; content:"Host"; http_header; classtype:trojan-activity; sid:100003166; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.46.47.29"; content:"Host"; http_header; classtype:trojan-activity; sid:100003167; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.46.49.152"; content:"Host"; http_header; classtype:trojan-activity; sid:100003168; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.46.52.103"; content:"Host"; http_header; classtype:trojan-activity; sid:100003169; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.46.52.214"; content:"Host"; http_header; classtype:trojan-activity; sid:100003170; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.46.55.172"; content:"Host"; http_header; classtype:trojan-activity; sid:100003171; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.46.55.85"; content:"Host"; http_header; classtype:trojan-activity; sid:100003172; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.47.143.130"; content:"Host"; http_header; classtype:trojan-activity; sid:100003173; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.47.75.47"; content:"Host"; http_header; classtype:trojan-activity; sid:100003174; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.48.138.13"; content:"Host"; http_header; classtype:trojan-activity; sid:100003175; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.5.40.117"; content:"Host"; http_header; classtype:trojan-activity; sid:100003176; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.5.46.196"; content:"Host"; http_header; classtype:trojan-activity; sid:100003177; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.6.185.254"; content:"Host"; http_header; classtype:trojan-activity; sid:100003178; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.6.200.35"; content:"Host"; http_header; classtype:trojan-activity; sid:100003179; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.6.202.13"; content:"Host"; http_header; classtype:trojan-activity; sid:100003180; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.7.206.105"; content:"Host"; http_header; classtype:trojan-activity; sid:100003181; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.75.239.210"; content:"Host"; http_header; classtype:trojan-activity; sid:100003182; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.8.224.161"; content:"Host"; http_header; classtype:trojan-activity; sid:100003183; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"27.8.251.197"; content:"Host"; http_header; classtype:trojan-activity; sid:100003184; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"31.0.98.131"; content:"Host"; http_header; classtype:trojan-activity; sid:100003185; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"31.11.51.57"; content:"Host"; http_header; classtype:trojan-activity; sid:100003186; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"31.13.23.180"; content:"Host"; http_header; classtype:trojan-activity; sid:100003187; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"31.14.101.132"; content:"Host"; http_header; classtype:trojan-activity; sid:100003188; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"31.146.115.147"; content:"Host"; http_header; classtype:trojan-activity; sid:100003189; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"31.163.188.135"; content:"Host"; http_header; classtype:trojan-activity; sid:100003190; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"31.168.104.102"; content:"Host"; http_header; classtype:trojan-activity; sid:100003191; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"31.168.124.130"; content:"Host"; http_header; classtype:trojan-activity; sid:100003192; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"31.168.146.199"; content:"Host"; http_header; classtype:trojan-activity; sid:100003193; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"31.168.16.68"; content:"Host"; http_header; classtype:trojan-activity; sid:100003194; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"31.168.179.83"; content:"Host"; http_header; classtype:trojan-activity; sid:100003195; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"31.168.184.59"; content:"Host"; http_header; classtype:trojan-activity; sid:100003196; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"31.168.194.67"; content:"Host"; http_header; classtype:trojan-activity; sid:100003197; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"31.168.216.132"; content:"Host"; http_header; classtype:trojan-activity; sid:100003198; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"31.168.219.28"; content:"Host"; http_header; classtype:trojan-activity; sid:100003199; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"31.168.30.65"; content:"Host"; http_header; classtype:trojan-activity; sid:100003200; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"31.168.60.234"; content:"Host"; http_header; classtype:trojan-activity; sid:100003201; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"31.168.63.146"; content:"Host"; http_header; classtype:trojan-activity; sid:100003202; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"31.168.65.233"; content:"Host"; http_header; classtype:trojan-activity; sid:100003203; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"31.173.16.94"; content:"Host"; http_header; classtype:trojan-activity; sid:100003204; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"31.202.42.85"; content:"Host"; http_header; classtype:trojan-activity; sid:100003205; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"31.208.67.136"; content:"Host"; http_header; classtype:trojan-activity; sid:100003206; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"31.210.182.56"; content:"Host"; http_header; classtype:trojan-activity; sid:100003207; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"31.210.20.138"; content:"Host"; http_header; classtype:trojan-activity; sid:100003208; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"31.210.20.142"; content:"Host"; http_header; classtype:trojan-activity; sid:100003209; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"31.28.7.159"; content:"Host"; http_header; classtype:trojan-activity; sid:100003210; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"31.30.119.23"; content:"Host"; http_header; classtype:trojan-activity; sid:100003211; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"31.44.78.95"; content:"Host"; http_header; classtype:trojan-activity; sid:100003212; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"31.63.6.220"; content:"Host"; http_header; classtype:trojan-activity; sid:100003213; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"32792.prolocksmithwinterpark.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100003214; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"35.131.161.166"; content:"Host"; http_header; classtype:trojan-activity; sid:100003215; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"36.248.158.194"; content:"Host"; http_header; classtype:trojan-activity; sid:100003216; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"36.249.4.156"; content:"Host"; http_header; classtype:trojan-activity; sid:100003217; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"36.249.52.133"; content:"Host"; http_header; classtype:trojan-activity; sid:100003218; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"36.251.18.206"; content:"Host"; http_header; classtype:trojan-activity; sid:100003219; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"36.251.18.208"; content:"Host"; http_header; classtype:trojan-activity; sid:100003220; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"36.251.19.165"; content:"Host"; http_header; classtype:trojan-activity; sid:100003221; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"36.251.19.32"; content:"Host"; http_header; classtype:trojan-activity; sid:100003222; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"36.251.60.72"; content:"Host"; http_header; classtype:trojan-activity; sid:100003223; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"36.251.67.120"; content:"Host"; http_header; classtype:trojan-activity; sid:100003224; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"36.26.141.110"; content:"Host"; http_header; classtype:trojan-activity; sid:100003225; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"36.32.69.173"; content:"Host"; http_header; classtype:trojan-activity; sid:100003226; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"36.33.14.148"; content:"Host"; http_header; classtype:trojan-activity; sid:100003227; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"36.33.16.234"; content:"Host"; http_header; classtype:trojan-activity; sid:100003228; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"36.34.61.196"; content:"Host"; http_header; classtype:trojan-activity; sid:100003229; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"36.35.160.23"; content:"Host"; http_header; classtype:trojan-activity; sid:100003230; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"36.36.243.80"; content:"Host"; http_header; classtype:trojan-activity; sid:100003231; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"36.36.67.185"; content:"Host"; http_header; classtype:trojan-activity; sid:100003232; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"36.66.105.159"; content:"Host"; http_header; classtype:trojan-activity; sid:100003233; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"36.66.133.125"; content:"Host"; http_header; classtype:trojan-activity; sid:100003234; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"36.66.139.36"; content:"Host"; http_header; classtype:trojan-activity; sid:100003235; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"36.67.7.186"; content:"Host"; http_header; classtype:trojan-activity; sid:100003236; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"36.89.18.195"; content:"Host"; http_header; classtype:trojan-activity; sid:100003237; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"36.91.90.171"; content:"Host"; http_header; classtype:trojan-activity; sid:100003238; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"36.94.25.246"; content:"Host"; http_header; classtype:trojan-activity; sid:100003239; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"36.97.95.197"; content:"Host"; http_header; classtype:trojan-activity; sid:100003240; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"36.97.95.254"; content:"Host"; http_header; classtype:trojan-activity; sid:100003241; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"360.lcy2zzx.pw"; content:"Host"; http_header; classtype:trojan-activity; sid:100003242; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"360down7.miiyun.cn"; content:"Host"; http_header; classtype:trojan-activity; sid:100003243; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"37.0.11.220"; content:"Host"; http_header; classtype:trojan-activity; sid:100003244; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"37.0.11.231"; content:"Host"; http_header; classtype:trojan-activity; sid:100003245; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"37.0.11.50"; content:"Host"; http_header; classtype:trojan-activity; sid:100003246; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"37.0.11.8"; content:"Host"; http_header; classtype:trojan-activity; sid:100003247; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"37.0.8.147"; content:"Host"; http_header; classtype:trojan-activity; sid:100003248; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"37.0.8.192"; content:"Host"; http_header; classtype:trojan-activity; sid:100003249; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"37.0.8.217"; content:"Host"; http_header; classtype:trojan-activity; sid:100003250; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"37.11.68.199"; content:"Host"; http_header; classtype:trojan-activity; sid:100003251; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"37.140.39.93"; content:"Host"; http_header; classtype:trojan-activity; sid:100003252; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"37.233.60.68"; content:"Host"; http_header; classtype:trojan-activity; sid:100003253; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"37.34.179.221"; content:"Host"; http_header; classtype:trojan-activity; sid:100003254; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"37.34.180.172"; content:"Host"; http_header; classtype:trojan-activity; sid:100003255; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"37.44.238.35"; content:"Host"; http_header; classtype:trojan-activity; sid:100003256; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"37.54.14.36"; content:"Host"; http_header; classtype:trojan-activity; sid:100003257; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"37.55.242.159"; content:"Host"; http_header; classtype:trojan-activity; sid:100003258; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"37.6.77.255"; content:"Host"; http_header; classtype:trojan-activity; sid:100003259; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"37.76.177.55"; content:"Host"; http_header; classtype:trojan-activity; sid:100003260; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.109.117.11"; content:"Host"; http_header; classtype:trojan-activity; sid:100003261; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.113.245.254"; content:"Host"; http_header; classtype:trojan-activity; sid:100003262; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.114.137.102"; content:"Host"; http_header; classtype:trojan-activity; sid:100003263; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.162.100.214"; content:"Host"; http_header; classtype:trojan-activity; sid:100003264; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.162.75.156"; content:"Host"; http_header; classtype:trojan-activity; sid:100003265; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.64.221.165"; content:"Host"; http_header; classtype:trojan-activity; sid:100003266; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.64.80.161"; content:"Host"; http_header; classtype:trojan-activity; sid:100003267; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.65.102.227"; content:"Host"; http_header; classtype:trojan-activity; sid:100003268; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.65.16.214"; content:"Host"; http_header; classtype:trojan-activity; sid:100003269; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.65.166.253"; content:"Host"; http_header; classtype:trojan-activity; sid:100003270; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.65.2.121"; content:"Host"; http_header; classtype:trojan-activity; sid:100003271; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.65.241.243"; content:"Host"; http_header; classtype:trojan-activity; sid:100003272; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.65.248.134"; content:"Host"; http_header; classtype:trojan-activity; sid:100003273; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.65.254.128"; content:"Host"; http_header; classtype:trojan-activity; sid:100003274; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.65.28.213"; content:"Host"; http_header; classtype:trojan-activity; sid:100003275; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.65.70.128"; content:"Host"; http_header; classtype:trojan-activity; sid:100003276; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.66.148.68"; content:"Host"; http_header; classtype:trojan-activity; sid:100003277; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.66.219.15"; content:"Host"; http_header; classtype:trojan-activity; sid:100003278; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.66.85.94"; content:"Host"; http_header; classtype:trojan-activity; sid:100003279; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.66.97.251"; content:"Host"; http_header; classtype:trojan-activity; sid:100003280; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.67.206.217"; content:"Host"; http_header; classtype:trojan-activity; sid:100003281; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.67.75.68"; content:"Host"; http_header; classtype:trojan-activity; sid:100003282; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.68.146.8"; content:"Host"; http_header; classtype:trojan-activity; sid:100003283; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.68.207.247"; content:"Host"; http_header; classtype:trojan-activity; sid:100003284; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.68.66.247"; content:"Host"; http_header; classtype:trojan-activity; sid:100003285; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.69.103.9"; content:"Host"; http_header; classtype:trojan-activity; sid:100003286; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.71.21.226"; content:"Host"; http_header; classtype:trojan-activity; sid:100003287; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.72.111.190"; content:"Host"; http_header; classtype:trojan-activity; sid:100003288; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.72.121.179"; content:"Host"; http_header; classtype:trojan-activity; sid:100003289; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.72.14.239"; content:"Host"; http_header; classtype:trojan-activity; sid:100003290; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.72.188.253"; content:"Host"; http_header; classtype:trojan-activity; sid:100003291; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.72.49.87"; content:"Host"; http_header; classtype:trojan-activity; sid:100003292; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.72.6.196"; content:"Host"; http_header; classtype:trojan-activity; sid:100003293; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.72.61.69"; content:"Host"; http_header; classtype:trojan-activity; sid:100003294; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.72.75.59"; content:"Host"; http_header; classtype:trojan-activity; sid:100003295; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.72.98.84"; content:"Host"; http_header; classtype:trojan-activity; sid:100003296; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.73.10.46"; content:"Host"; http_header; classtype:trojan-activity; sid:100003297; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.73.108.243"; content:"Host"; http_header; classtype:trojan-activity; sid:100003298; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.73.143.90"; content:"Host"; http_header; classtype:trojan-activity; sid:100003299; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.73.170.55"; content:"Host"; http_header; classtype:trojan-activity; sid:100003300; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.73.236.15"; content:"Host"; http_header; classtype:trojan-activity; sid:100003301; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.73.84.141"; content:"Host"; http_header; classtype:trojan-activity; sid:100003302; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.74.10.34"; content:"Host"; http_header; classtype:trojan-activity; sid:100003303; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.74.103.163"; content:"Host"; http_header; classtype:trojan-activity; sid:100003304; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.74.200.34"; content:"Host"; http_header; classtype:trojan-activity; sid:100003305; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.74.227.237"; content:"Host"; http_header; classtype:trojan-activity; sid:100003306; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.74.250.223"; content:"Host"; http_header; classtype:trojan-activity; sid:100003307; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.74.30.53"; content:"Host"; http_header; classtype:trojan-activity; sid:100003308; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.76.182.10"; content:"Host"; http_header; classtype:trojan-activity; sid:100003309; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.76.71.169"; content:"Host"; http_header; classtype:trojan-activity; sid:100003310; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.76.77.174"; content:"Host"; http_header; classtype:trojan-activity; sid:100003311; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.76.79.41"; content:"Host"; http_header; classtype:trojan-activity; sid:100003312; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.77.115.38"; content:"Host"; http_header; classtype:trojan-activity; sid:100003313; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.77.208.78"; content:"Host"; http_header; classtype:trojan-activity; sid:100003314; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.77.8.220"; content:"Host"; http_header; classtype:trojan-activity; sid:100003315; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.77.92.102"; content:"Host"; http_header; classtype:trojan-activity; sid:100003316; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.77.98.225"; content:"Host"; http_header; classtype:trojan-activity; sid:100003317; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.79.144.129"; content:"Host"; http_header; classtype:trojan-activity; sid:100003318; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.80.164.33"; content:"Host"; http_header; classtype:trojan-activity; sid:100003319; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.80.171.86"; content:"Host"; http_header; classtype:trojan-activity; sid:100003320; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.80.191.137"; content:"Host"; http_header; classtype:trojan-activity; sid:100003321; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.80.207.220"; content:"Host"; http_header; classtype:trojan-activity; sid:100003322; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.80.36.48"; content:"Host"; http_header; classtype:trojan-activity; sid:100003323; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.80.53.52"; content:"Host"; http_header; classtype:trojan-activity; sid:100003324; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.81.182.69"; content:"Host"; http_header; classtype:trojan-activity; sid:100003325; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.81.237.224"; content:"Host"; http_header; classtype:trojan-activity; sid:100003326; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.81.35.124"; content:"Host"; http_header; classtype:trojan-activity; sid:100003327; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.81.67.91"; content:"Host"; http_header; classtype:trojan-activity; sid:100003328; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.82.4.27"; content:"Host"; http_header; classtype:trojan-activity; sid:100003329; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.83.229.132"; content:"Host"; http_header; classtype:trojan-activity; sid:100003330; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.83.241.88"; content:"Host"; http_header; classtype:trojan-activity; sid:100003331; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.83.49.208"; content:"Host"; http_header; classtype:trojan-activity; sid:100003332; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.83.58.155"; content:"Host"; http_header; classtype:trojan-activity; sid:100003333; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.83.84.186"; content:"Host"; http_header; classtype:trojan-activity; sid:100003334; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.84.130.94"; content:"Host"; http_header; classtype:trojan-activity; sid:100003335; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.85.101.76"; content:"Host"; http_header; classtype:trojan-activity; sid:100003336; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.85.213.83"; content:"Host"; http_header; classtype:trojan-activity; sid:100003337; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.85.214.35"; content:"Host"; http_header; classtype:trojan-activity; sid:100003338; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.85.65.60"; content:"Host"; http_header; classtype:trojan-activity; sid:100003339; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.85.66.182"; content:"Host"; http_header; classtype:trojan-activity; sid:100003340; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.85.81.17"; content:"Host"; http_header; classtype:trojan-activity; sid:100003341; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.86.116.244"; content:"Host"; http_header; classtype:trojan-activity; sid:100003342; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.86.159.90"; content:"Host"; http_header; classtype:trojan-activity; sid:100003343; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.86.162.44"; content:"Host"; http_header; classtype:trojan-activity; sid:100003344; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.86.198.116"; content:"Host"; http_header; classtype:trojan-activity; sid:100003345; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.86.232.116"; content:"Host"; http_header; classtype:trojan-activity; sid:100003346; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.86.237.156"; content:"Host"; http_header; classtype:trojan-activity; sid:100003347; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.86.243.182"; content:"Host"; http_header; classtype:trojan-activity; sid:100003348; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.86.245.149"; content:"Host"; http_header; classtype:trojan-activity; sid:100003349; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.86.63.239"; content:"Host"; http_header; classtype:trojan-activity; sid:100003350; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.86.79.198"; content:"Host"; http_header; classtype:trojan-activity; sid:100003351; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.86.90.80"; content:"Host"; http_header; classtype:trojan-activity; sid:100003352; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.87.199.65"; content:"Host"; http_header; classtype:trojan-activity; sid:100003353; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.87.98.199"; content:"Host"; http_header; classtype:trojan-activity; sid:100003354; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.88.118.142"; content:"Host"; http_header; classtype:trojan-activity; sid:100003355; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.88.127.224"; content:"Host"; http_header; classtype:trojan-activity; sid:100003356; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.88.157.76"; content:"Host"; http_header; classtype:trojan-activity; sid:100003357; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.88.169.0"; content:"Host"; http_header; classtype:trojan-activity; sid:100003358; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.88.217.155"; content:"Host"; http_header; classtype:trojan-activity; sid:100003359; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.88.238.141"; content:"Host"; http_header; classtype:trojan-activity; sid:100003360; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.88.4.81"; content:"Host"; http_header; classtype:trojan-activity; sid:100003361; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.88.83.224"; content:"Host"; http_header; classtype:trojan-activity; sid:100003362; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.88.90.67"; content:"Host"; http_header; classtype:trojan-activity; sid:100003363; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.89.114.101"; content:"Host"; http_header; classtype:trojan-activity; sid:100003364; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.89.132.9"; content:"Host"; http_header; classtype:trojan-activity; sid:100003365; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.89.165.57"; content:"Host"; http_header; classtype:trojan-activity; sid:100003366; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.89.61.6"; content:"Host"; http_header; classtype:trojan-activity; sid:100003367; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.90.146.137"; content:"Host"; http_header; classtype:trojan-activity; sid:100003368; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.90.147.179"; content:"Host"; http_header; classtype:trojan-activity; sid:100003369; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.90.147.82"; content:"Host"; http_header; classtype:trojan-activity; sid:100003370; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.90.149.15"; content:"Host"; http_header; classtype:trojan-activity; sid:100003371; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.90.151.172"; content:"Host"; http_header; classtype:trojan-activity; sid:100003372; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.90.161.111"; content:"Host"; http_header; classtype:trojan-activity; sid:100003373; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.90.178.211"; content:"Host"; http_header; classtype:trojan-activity; sid:100003374; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"39.90.187.162"; content:"Host"; http_header; classtype:trojan-activity; sid:100003375; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"40.141.46.210"; content:"Host"; http_header; classtype:trojan-activity; sid:100003376; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"40.74.82.240"; content:"Host"; http_header; classtype:trojan-activity; sid:100003377; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"41.139.209.46"; content:"Host"; http_header; classtype:trojan-activity; sid:100003378; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"41.215.244.66"; content:"Host"; http_header; classtype:trojan-activity; sid:100003379; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"41.222.195.232"; content:"Host"; http_header; classtype:trojan-activity; sid:100003380; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"41.230.17.135"; content:"Host"; http_header; classtype:trojan-activity; sid:100003381; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"41.251.248.90"; content:"Host"; http_header; classtype:trojan-activity; sid:100003382; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"41.39.34.104"; content:"Host"; http_header; classtype:trojan-activity; sid:100003383; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"41.39.34.105"; content:"Host"; http_header; classtype:trojan-activity; sid:100003384; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"41.39.34.106"; content:"Host"; http_header; classtype:trojan-activity; sid:100003385; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"41.39.34.107"; content:"Host"; http_header; classtype:trojan-activity; sid:100003386; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"41.39.34.108"; content:"Host"; http_header; classtype:trojan-activity; sid:100003387; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"41.39.34.109"; content:"Host"; http_header; classtype:trojan-activity; sid:100003388; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"41.39.34.110"; content:"Host"; http_header; classtype:trojan-activity; sid:100003389; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"41.39.34.111"; content:"Host"; http_header; classtype:trojan-activity; sid:100003390; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"41.41.174.27"; content:"Host"; http_header; classtype:trojan-activity; sid:100003391; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"41.72.203.82"; content:"Host"; http_header; classtype:trojan-activity; sid:100003392; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"41.79.234.90"; content:"Host"; http_header; classtype:trojan-activity; sid:100003393; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"41.86.18.11"; content:"Host"; http_header; classtype:trojan-activity; sid:100003394; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"41.86.18.133"; content:"Host"; http_header; classtype:trojan-activity; sid:100003395; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"41.86.18.164"; content:"Host"; http_header; classtype:trojan-activity; sid:100003396; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"41.86.18.200"; content:"Host"; http_header; classtype:trojan-activity; sid:100003397; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"41.86.18.35"; content:"Host"; http_header; classtype:trojan-activity; sid:100003398; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"41.86.19.140"; content:"Host"; http_header; classtype:trojan-activity; sid:100003399; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"41.86.19.151"; content:"Host"; http_header; classtype:trojan-activity; sid:100003400; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"41.86.19.206"; content:"Host"; http_header; classtype:trojan-activity; sid:100003401; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"41.86.19.85"; content:"Host"; http_header; classtype:trojan-activity; sid:100003402; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"41.86.21.52"; content:"Host"; http_header; classtype:trojan-activity; sid:100003403; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"41.86.5.111"; content:"Host"; http_header; classtype:trojan-activity; sid:100003404; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"41.86.5.139"; content:"Host"; http_header; classtype:trojan-activity; sid:100003405; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"41.86.5.142"; content:"Host"; http_header; classtype:trojan-activity; sid:100003406; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"41.86.5.164"; content:"Host"; http_header; classtype:trojan-activity; sid:100003407; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"41.86.5.181"; content:"Host"; http_header; classtype:trojan-activity; sid:100003408; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"41.86.5.183"; content:"Host"; http_header; classtype:trojan-activity; sid:100003409; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"41.86.5.197"; content:"Host"; http_header; classtype:trojan-activity; sid:100003410; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"41.86.5.233"; content:"Host"; http_header; classtype:trojan-activity; sid:100003411; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"41.86.5.239"; content:"Host"; http_header; classtype:trojan-activity; sid:100003412; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.176.118.201"; content:"Host"; http_header; classtype:trojan-activity; sid:100003413; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.180.253.105"; content:"Host"; http_header; classtype:trojan-activity; sid:100003414; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.202.100.198"; content:"Host"; http_header; classtype:trojan-activity; sid:100003415; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.202.101.202"; content:"Host"; http_header; classtype:trojan-activity; sid:100003416; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.224.101.95"; content:"Host"; http_header; classtype:trojan-activity; sid:100003417; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.224.119.93"; content:"Host"; http_header; classtype:trojan-activity; sid:100003418; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.224.121.134"; content:"Host"; http_header; classtype:trojan-activity; sid:100003419; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.224.125.27"; content:"Host"; http_header; classtype:trojan-activity; sid:100003420; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.224.125.56"; content:"Host"; http_header; classtype:trojan-activity; sid:100003421; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.224.126.99"; content:"Host"; http_header; classtype:trojan-activity; sid:100003422; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.224.13.117"; content:"Host"; http_header; classtype:trojan-activity; sid:100003423; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.224.147.88"; content:"Host"; http_header; classtype:trojan-activity; sid:100003424; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.224.151.211"; content:"Host"; http_header; classtype:trojan-activity; sid:100003425; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.224.168.23"; content:"Host"; http_header; classtype:trojan-activity; sid:100003426; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.224.180.204"; content:"Host"; http_header; classtype:trojan-activity; sid:100003427; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.224.236.190"; content:"Host"; http_header; classtype:trojan-activity; sid:100003428; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.224.242.37"; content:"Host"; http_header; classtype:trojan-activity; sid:100003429; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.224.45.79"; content:"Host"; http_header; classtype:trojan-activity; sid:100003430; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.224.69.245"; content:"Host"; http_header; classtype:trojan-activity; sid:100003431; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.224.71.211"; content:"Host"; http_header; classtype:trojan-activity; sid:100003432; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.224.76.252"; content:"Host"; http_header; classtype:trojan-activity; sid:100003433; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.224.78.20"; content:"Host"; http_header; classtype:trojan-activity; sid:100003434; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.224.80.75"; content:"Host"; http_header; classtype:trojan-activity; sid:100003435; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.224.91.104"; content:"Host"; http_header; classtype:trojan-activity; sid:100003436; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.224.97.112"; content:"Host"; http_header; classtype:trojan-activity; sid:100003437; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.224.97.219"; content:"Host"; http_header; classtype:trojan-activity; sid:100003438; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.224.99.134"; content:"Host"; http_header; classtype:trojan-activity; sid:100003439; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.225.204.61"; content:"Host"; http_header; classtype:trojan-activity; sid:100003440; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.225.27.132"; content:"Host"; http_header; classtype:trojan-activity; sid:100003441; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.225.28.135"; content:"Host"; http_header; classtype:trojan-activity; sid:100003442; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.225.36.85"; content:"Host"; http_header; classtype:trojan-activity; sid:100003443; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.226.78.23"; content:"Host"; http_header; classtype:trojan-activity; sid:100003444; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.226.80.176"; content:"Host"; http_header; classtype:trojan-activity; sid:100003445; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.226.93.230"; content:"Host"; http_header; classtype:trojan-activity; sid:100003446; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.227.153.116"; content:"Host"; http_header; classtype:trojan-activity; sid:100003447; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.227.153.39"; content:"Host"; http_header; classtype:trojan-activity; sid:100003448; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.227.164.41"; content:"Host"; http_header; classtype:trojan-activity; sid:100003449; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.227.179.169"; content:"Host"; http_header; classtype:trojan-activity; sid:100003450; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.227.187.58"; content:"Host"; http_header; classtype:trojan-activity; sid:100003451; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.227.192.198"; content:"Host"; http_header; classtype:trojan-activity; sid:100003452; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.227.237.127"; content:"Host"; http_header; classtype:trojan-activity; sid:100003453; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.227.247.94"; content:"Host"; http_header; classtype:trojan-activity; sid:100003454; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.228.126.118"; content:"Host"; http_header; classtype:trojan-activity; sid:100003455; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.228.239.179"; content:"Host"; http_header; classtype:trojan-activity; sid:100003456; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.228.33.66"; content:"Host"; http_header; classtype:trojan-activity; sid:100003457; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.228.35.45"; content:"Host"; http_header; classtype:trojan-activity; sid:100003458; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.228.37.42"; content:"Host"; http_header; classtype:trojan-activity; sid:100003459; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.228.42.247"; content:"Host"; http_header; classtype:trojan-activity; sid:100003460; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.228.42.61"; content:"Host"; http_header; classtype:trojan-activity; sid:100003461; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.228.45.128"; content:"Host"; http_header; classtype:trojan-activity; sid:100003462; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.229.148.188"; content:"Host"; http_header; classtype:trojan-activity; sid:100003463; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.229.174.107"; content:"Host"; http_header; classtype:trojan-activity; sid:100003464; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.229.187.247"; content:"Host"; http_header; classtype:trojan-activity; sid:100003465; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.229.200.225"; content:"Host"; http_header; classtype:trojan-activity; sid:100003466; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.230.100.107"; content:"Host"; http_header; classtype:trojan-activity; sid:100003467; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.230.121.73"; content:"Host"; http_header; classtype:trojan-activity; sid:100003468; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.230.122.232"; content:"Host"; http_header; classtype:trojan-activity; sid:100003469; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.230.128.50"; content:"Host"; http_header; classtype:trojan-activity; sid:100003470; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.230.133.128"; content:"Host"; http_header; classtype:trojan-activity; sid:100003471; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.230.179.163"; content:"Host"; http_header; classtype:trojan-activity; sid:100003472; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.230.189.246"; content:"Host"; http_header; classtype:trojan-activity; sid:100003473; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.230.216.143"; content:"Host"; http_header; classtype:trojan-activity; sid:100003474; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.230.217.195"; content:"Host"; http_header; classtype:trojan-activity; sid:100003475; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.230.30.23"; content:"Host"; http_header; classtype:trojan-activity; sid:100003476; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.230.32.111"; content:"Host"; http_header; classtype:trojan-activity; sid:100003477; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.230.40.65"; content:"Host"; http_header; classtype:trojan-activity; sid:100003478; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.230.43.250"; content:"Host"; http_header; classtype:trojan-activity; sid:100003479; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.230.51.102"; content:"Host"; http_header; classtype:trojan-activity; sid:100003480; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.230.56.12"; content:"Host"; http_header; classtype:trojan-activity; sid:100003481; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.230.65.2"; content:"Host"; http_header; classtype:trojan-activity; sid:100003482; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.230.85.230"; content:"Host"; http_header; classtype:trojan-activity; sid:100003483; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.230.90.44"; content:"Host"; http_header; classtype:trojan-activity; sid:100003484; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.230.92.211"; content:"Host"; http_header; classtype:trojan-activity; sid:100003485; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.230.93.216"; content:"Host"; http_header; classtype:trojan-activity; sid:100003486; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.230.98.26"; content:"Host"; http_header; classtype:trojan-activity; sid:100003487; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.230.99.194"; content:"Host"; http_header; classtype:trojan-activity; sid:100003488; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.231.247.122"; content:"Host"; http_header; classtype:trojan-activity; sid:100003489; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.231.67.35"; content:"Host"; http_header; classtype:trojan-activity; sid:100003490; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.231.88.122"; content:"Host"; http_header; classtype:trojan-activity; sid:100003491; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.231.89.119"; content:"Host"; http_header; classtype:trojan-activity; sid:100003492; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.232.169.90"; content:"Host"; http_header; classtype:trojan-activity; sid:100003493; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.233.105.186"; content:"Host"; http_header; classtype:trojan-activity; sid:100003494; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.233.116.116"; content:"Host"; http_header; classtype:trojan-activity; sid:100003495; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.233.117.212"; content:"Host"; http_header; classtype:trojan-activity; sid:100003496; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.234.159.133"; content:"Host"; http_header; classtype:trojan-activity; sid:100003497; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.234.219.212"; content:"Host"; http_header; classtype:trojan-activity; sid:100003498; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.234.235.151"; content:"Host"; http_header; classtype:trojan-activity; sid:100003499; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.234.236.19"; content:"Host"; http_header; classtype:trojan-activity; sid:100003500; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.234.246.34"; content:"Host"; http_header; classtype:trojan-activity; sid:100003501; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.234.248.33"; content:"Host"; http_header; classtype:trojan-activity; sid:100003502; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.234.251.27"; content:"Host"; http_header; classtype:trojan-activity; sid:100003503; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.234.253.117"; content:"Host"; http_header; classtype:trojan-activity; sid:100003504; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.235.103.231"; content:"Host"; http_header; classtype:trojan-activity; sid:100003505; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.235.112.210"; content:"Host"; http_header; classtype:trojan-activity; sid:100003506; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.235.124.163"; content:"Host"; http_header; classtype:trojan-activity; sid:100003507; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.235.127.136"; content:"Host"; http_header; classtype:trojan-activity; sid:100003508; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.235.165.221"; content:"Host"; http_header; classtype:trojan-activity; sid:100003509; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.235.180.155"; content:"Host"; http_header; classtype:trojan-activity; sid:100003510; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.235.188.113"; content:"Host"; http_header; classtype:trojan-activity; sid:100003511; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.235.2.135"; content:"Host"; http_header; classtype:trojan-activity; sid:100003512; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.235.65.151"; content:"Host"; http_header; classtype:trojan-activity; sid:100003513; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.235.67.209"; content:"Host"; http_header; classtype:trojan-activity; sid:100003514; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.235.67.228"; content:"Host"; http_header; classtype:trojan-activity; sid:100003515; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.235.68.255"; content:"Host"; http_header; classtype:trojan-activity; sid:100003516; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.235.89.140"; content:"Host"; http_header; classtype:trojan-activity; sid:100003517; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.235.91.79"; content:"Host"; http_header; classtype:trojan-activity; sid:100003518; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.236.160.192"; content:"Host"; http_header; classtype:trojan-activity; sid:100003519; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.236.212.91"; content:"Host"; http_header; classtype:trojan-activity; sid:100003520; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.236.213.96"; content:"Host"; http_header; classtype:trojan-activity; sid:100003521; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.236.238.241"; content:"Host"; http_header; classtype:trojan-activity; sid:100003522; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.237.216.245"; content:"Host"; http_header; classtype:trojan-activity; sid:100003523; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.237.56.236"; content:"Host"; http_header; classtype:trojan-activity; sid:100003524; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.237.91.14"; content:"Host"; http_header; classtype:trojan-activity; sid:100003525; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.238.145.145"; content:"Host"; http_header; classtype:trojan-activity; sid:100003526; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.238.170.132"; content:"Host"; http_header; classtype:trojan-activity; sid:100003527; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.238.225.196"; content:"Host"; http_header; classtype:trojan-activity; sid:100003528; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.238.231.177"; content:"Host"; http_header; classtype:trojan-activity; sid:100003529; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.238.51.178"; content:"Host"; http_header; classtype:trojan-activity; sid:100003530; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.239.108.117"; content:"Host"; http_header; classtype:trojan-activity; sid:100003531; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.239.154.172"; content:"Host"; http_header; classtype:trojan-activity; sid:100003532; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.239.184.79"; content:"Host"; http_header; classtype:trojan-activity; sid:100003533; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.239.197.133"; content:"Host"; http_header; classtype:trojan-activity; sid:100003534; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.239.203.208"; content:"Host"; http_header; classtype:trojan-activity; sid:100003535; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.239.236.128"; content:"Host"; http_header; classtype:trojan-activity; sid:100003536; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.239.253.47"; content:"Host"; http_header; classtype:trojan-activity; sid:100003537; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.239.42.115"; content:"Host"; http_header; classtype:trojan-activity; sid:100003538; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.239.98.191"; content:"Host"; http_header; classtype:trojan-activity; sid:100003539; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.5.127.78"; content:"Host"; http_header; classtype:trojan-activity; sid:100003540; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.54.140.40"; content:"Host"; http_header; classtype:trojan-activity; sid:100003541; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.58.218.43"; content:"Host"; http_header; classtype:trojan-activity; sid:100003542; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.7.194.139"; content:"Host"; http_header; classtype:trojan-activity; sid:100003543; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.82.206.180"; content:"Host"; http_header; classtype:trojan-activity; sid:100003544; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.82.225.84"; content:"Host"; http_header; classtype:trojan-activity; sid:100003545; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"42.85.215.118"; content:"Host"; http_header; classtype:trojan-activity; sid:100003546; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"43.224.128.117"; content:"Host"; http_header; classtype:trojan-activity; sid:100003547; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"43.231.52.137"; content:"Host"; http_header; classtype:trojan-activity; sid:100003548; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"43.241.106.183"; content:"Host"; http_header; classtype:trojan-activity; sid:100003549; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"43.248.191.71"; content:"Host"; http_header; classtype:trojan-activity; sid:100003550; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"43.251.74.104"; content:"Host"; http_header; classtype:trojan-activity; sid:100003551; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"43.255.143.182"; content:"Host"; http_header; classtype:trojan-activity; sid:100003552; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"43.255.241.176"; content:"Host"; http_header; classtype:trojan-activity; sid:100003553; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"45.115.255.235"; content:"Host"; http_header; classtype:trojan-activity; sid:100003554; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"45.115.255.236"; content:"Host"; http_header; classtype:trojan-activity; sid:100003555; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"45.126.47.80"; content:"Host"; http_header; classtype:trojan-activity; sid:100003556; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"45.133.203.192"; content:"Host"; http_header; classtype:trojan-activity; sid:100003557; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"45.133.9.32"; content:"Host"; http_header; classtype:trojan-activity; sid:100003558; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"45.137.22.103"; content:"Host"; http_header; classtype:trojan-activity; sid:100003559; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"45.141.84.184"; content:"Host"; http_header; classtype:trojan-activity; sid:100003560; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"45.152.122.100"; content:"Host"; http_header; classtype:trojan-activity; sid:100003561; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"45.173.36.5"; content:"Host"; http_header; classtype:trojan-activity; sid:100003562; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"45.176.109.241"; content:"Host"; http_header; classtype:trojan-activity; sid:100003563; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"45.176.111.166"; content:"Host"; http_header; classtype:trojan-activity; sid:100003564; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"45.189.204.26"; content:"Host"; http_header; classtype:trojan-activity; sid:100003565; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"45.201.204.240"; content:"Host"; http_header; classtype:trojan-activity; sid:100003566; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"45.22.209.58"; content:"Host"; http_header; classtype:trojan-activity; sid:100003567; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"45.224.168.22"; content:"Host"; http_header; classtype:trojan-activity; sid:100003568; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"45.224.169.38"; content:"Host"; http_header; classtype:trojan-activity; sid:100003569; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"45.224.170.192"; content:"Host"; http_header; classtype:trojan-activity; sid:100003570; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"45.224.170.83"; content:"Host"; http_header; classtype:trojan-activity; sid:100003571; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"45.224.171.120"; content:"Host"; http_header; classtype:trojan-activity; sid:100003572; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"45.23.22.186"; content:"Host"; http_header; classtype:trojan-activity; sid:100003573; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"45.231.210.114"; content:"Host"; http_header; classtype:trojan-activity; sid:100003574; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"45.233.106.221"; content:"Host"; http_header; classtype:trojan-activity; sid:100003575; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"45.248.194.48"; content:"Host"; http_header; classtype:trojan-activity; sid:100003576; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"45.27.253.137"; content:"Host"; http_header; classtype:trojan-activity; sid:100003577; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"45.51.104.59"; content:"Host"; http_header; classtype:trojan-activity; sid:100003578; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"45.6.24.194"; content:"Host"; http_header; classtype:trojan-activity; sid:100003579; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"45.6.25.52"; content:"Host"; http_header; classtype:trojan-activity; sid:100003580; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"45.6.27.232"; content:"Host"; http_header; classtype:trojan-activity; sid:100003581; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"45.6.27.35"; content:"Host"; http_header; classtype:trojan-activity; sid:100003582; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"45.9.148.37"; content:"Host"; http_header; classtype:trojan-activity; sid:100003583; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"45.90.162.3"; content:"Host"; http_header; classtype:trojan-activity; sid:100003584; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"45.95.169.110"; content:"Host"; http_header; classtype:trojan-activity; sid:100003585; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"45.95.169.127"; content:"Host"; http_header; classtype:trojan-activity; sid:100003586; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"46.107.206.141"; content:"Host"; http_header; classtype:trojan-activity; sid:100003587; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"46.121.243.151"; content:"Host"; http_header; classtype:trojan-activity; sid:100003588; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"46.161.185.15"; content:"Host"; http_header; classtype:trojan-activity; sid:100003589; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"46.161.27.19"; content:"Host"; http_header; classtype:trojan-activity; sid:100003590; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"46.20.63.218"; content:"Host"; http_header; classtype:trojan-activity; sid:100003591; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"46.201.0.199"; content:"Host"; http_header; classtype:trojan-activity; sid:100003592; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"46.214.27.4"; content:"Host"; http_header; classtype:trojan-activity; sid:100003593; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"46.214.37.242"; content:"Host"; http_header; classtype:trojan-activity; sid:100003594; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"46.236.65.108"; content:"Host"; http_header; classtype:trojan-activity; sid:100003595; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"46.236.65.83"; content:"Host"; http_header; classtype:trojan-activity; sid:100003596; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"46.237.50.234"; content:"Host"; http_header; classtype:trojan-activity; sid:100003597; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"46.24.130.254"; content:"Host"; http_header; classtype:trojan-activity; sid:100003598; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"46.248.74.133"; content:"Host"; http_header; classtype:trojan-activity; sid:100003599; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"46.253.173.95"; content:"Host"; http_header; classtype:trojan-activity; sid:100003600; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"46.42.118.86"; content:"Host"; http_header; classtype:trojan-activity; sid:100003601; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"46.42.86.128"; content:"Host"; http_header; classtype:trojan-activity; sid:100003602; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"46.47.80.41"; content:"Host"; http_header; classtype:trojan-activity; sid:100003603; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"46.47.81.71"; content:"Host"; http_header; classtype:trojan-activity; sid:100003604; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"46.6.10.83"; content:"Host"; http_header; classtype:trojan-activity; sid:100003605; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"46.6.13.135"; content:"Host"; http_header; classtype:trojan-activity; sid:100003606; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"46.97.21.162"; content:"Host"; http_header; classtype:trojan-activity; sid:100003607; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"47.136.103.190"; content:"Host"; http_header; classtype:trojan-activity; sid:100003608; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"47.145.152.26"; content:"Host"; http_header; classtype:trojan-activity; sid:100003609; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"47.151.7.143"; content:"Host"; http_header; classtype:trojan-activity; sid:100003610; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"47.154.44.62"; content:"Host"; http_header; classtype:trojan-activity; sid:100003611; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"47.180.188.158"; content:"Host"; http_header; classtype:trojan-activity; sid:100003612; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"47.197.39.42"; content:"Host"; http_header; classtype:trojan-activity; sid:100003613; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"47.199.197.195"; content:"Host"; http_header; classtype:trojan-activity; sid:100003614; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"47.20.142.234"; content:"Host"; http_header; classtype:trojan-activity; sid:100003615; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"47.200.1.26"; content:"Host"; http_header; classtype:trojan-activity; sid:100003616; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"47.21.19.222"; content:"Host"; http_header; classtype:trojan-activity; sid:100003617; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"47.22.159.114"; content:"Host"; http_header; classtype:trojan-activity; sid:100003618; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"47.46.231.38"; content:"Host"; http_header; classtype:trojan-activity; sid:100003619; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"47.6.49.123"; content:"Host"; http_header; classtype:trojan-activity; sid:100003620; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.116.198.112"; content:"Host"; http_header; classtype:trojan-activity; sid:100003621; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.142.87.36"; content:"Host"; http_header; classtype:trojan-activity; sid:100003622; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.143.32.36"; content:"Host"; http_header; classtype:trojan-activity; sid:100003623; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.143.32.41"; content:"Host"; http_header; classtype:trojan-activity; sid:100003624; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.143.36.110"; content:"Host"; http_header; classtype:trojan-activity; sid:100003625; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.143.43.93"; content:"Host"; http_header; classtype:trojan-activity; sid:100003626; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.156.35.166"; content:"Host"; http_header; classtype:trojan-activity; sid:100003627; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.158.201.200"; content:"Host"; http_header; classtype:trojan-activity; sid:100003628; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.158.201.218"; content:"Host"; http_header; classtype:trojan-activity; sid:100003629; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.159.185.52"; content:"Host"; http_header; classtype:trojan-activity; sid:100003630; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.159.20.121"; content:"Host"; http_header; classtype:trojan-activity; sid:100003631; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.159.21.171"; content:"Host"; http_header; classtype:trojan-activity; sid:100003632; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.159.21.3"; content:"Host"; http_header; classtype:trojan-activity; sid:100003633; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.159.92.189"; content:"Host"; http_header; classtype:trojan-activity; sid:100003634; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.213.164.114"; content:"Host"; http_header; classtype:trojan-activity; sid:100003635; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.213.170.49"; content:"Host"; http_header; classtype:trojan-activity; sid:100003636; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.213.178.183"; content:"Host"; http_header; classtype:trojan-activity; sid:100003637; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.213.179.129"; content:"Host"; http_header; classtype:trojan-activity; sid:100003638; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.0.81"; content:"Host"; http_header; classtype:trojan-activity; sid:100003639; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.1.134"; content:"Host"; http_header; classtype:trojan-activity; sid:100003640; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.1.167"; content:"Host"; http_header; classtype:trojan-activity; sid:100003641; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.2.1"; content:"Host"; http_header; classtype:trojan-activity; sid:100003642; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.2.227"; content:"Host"; http_header; classtype:trojan-activity; sid:100003643; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.2.33"; content:"Host"; http_header; classtype:trojan-activity; sid:100003644; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.2.93"; content:"Host"; http_header; classtype:trojan-activity; sid:100003645; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.3.140"; content:"Host"; http_header; classtype:trojan-activity; sid:100003646; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.3.68"; content:"Host"; http_header; classtype:trojan-activity; sid:100003647; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.3.79"; content:"Host"; http_header; classtype:trojan-activity; sid:100003648; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.84.114"; content:"Host"; http_header; classtype:trojan-activity; sid:100003649; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.84.15"; content:"Host"; http_header; classtype:trojan-activity; sid:100003650; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.84.151"; content:"Host"; http_header; classtype:trojan-activity; sid:100003651; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.84.174"; content:"Host"; http_header; classtype:trojan-activity; sid:100003652; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.84.180"; content:"Host"; http_header; classtype:trojan-activity; sid:100003653; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.84.194"; content:"Host"; http_header; classtype:trojan-activity; sid:100003654; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.84.204"; content:"Host"; http_header; classtype:trojan-activity; sid:100003655; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.84.209"; content:"Host"; http_header; classtype:trojan-activity; sid:100003656; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.84.229"; content:"Host"; http_header; classtype:trojan-activity; sid:100003657; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.84.244"; content:"Host"; http_header; classtype:trojan-activity; sid:100003658; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.84.251"; content:"Host"; http_header; classtype:trojan-activity; sid:100003659; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.84.253"; content:"Host"; http_header; classtype:trojan-activity; sid:100003660; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.84.28"; content:"Host"; http_header; classtype:trojan-activity; sid:100003661; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.84.94"; content:"Host"; http_header; classtype:trojan-activity; sid:100003662; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.96.13"; content:"Host"; http_header; classtype:trojan-activity; sid:100003663; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.96.132"; content:"Host"; http_header; classtype:trojan-activity; sid:100003664; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.96.161"; content:"Host"; http_header; classtype:trojan-activity; sid:100003665; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.96.174"; content:"Host"; http_header; classtype:trojan-activity; sid:100003666; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.96.187"; content:"Host"; http_header; classtype:trojan-activity; sid:100003667; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.96.24"; content:"Host"; http_header; classtype:trojan-activity; sid:100003668; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.96.34"; content:"Host"; http_header; classtype:trojan-activity; sid:100003669; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.96.39"; content:"Host"; http_header; classtype:trojan-activity; sid:100003670; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.96.48"; content:"Host"; http_header; classtype:trojan-activity; sid:100003671; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.96.73"; content:"Host"; http_header; classtype:trojan-activity; sid:100003672; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.70.96.87"; content:"Host"; http_header; classtype:trojan-activity; sid:100003673; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.89.116.43"; content:"Host"; http_header; classtype:trojan-activity; sid:100003674; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.89.118.185"; content:"Host"; http_header; classtype:trojan-activity; sid:100003675; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.89.169.139"; content:"Host"; http_header; classtype:trojan-activity; sid:100003676; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.89.196.182"; content:"Host"; http_header; classtype:trojan-activity; sid:100003677; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.89.196.19"; content:"Host"; http_header; classtype:trojan-activity; sid:100003678; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.89.196.36"; content:"Host"; http_header; classtype:trojan-activity; sid:100003679; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.89.196.98"; content:"Host"; http_header; classtype:trojan-activity; sid:100003680; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.89.197.89"; content:"Host"; http_header; classtype:trojan-activity; sid:100003681; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.89.198.168"; content:"Host"; http_header; classtype:trojan-activity; sid:100003682; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.89.198.6"; content:"Host"; http_header; classtype:trojan-activity; sid:100003683; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.89.199.155"; content:"Host"; http_header; classtype:trojan-activity; sid:100003684; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.89.199.19"; content:"Host"; http_header; classtype:trojan-activity; sid:100003685; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.89.199.214"; content:"Host"; http_header; classtype:trojan-activity; sid:100003686; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.89.199.30"; content:"Host"; http_header; classtype:trojan-activity; sid:100003687; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.89.231.162"; content:"Host"; http_header; classtype:trojan-activity; sid:100003688; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.89.231.96"; content:"Host"; http_header; classtype:trojan-activity; sid:100003689; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.89.241.25"; content:"Host"; http_header; classtype:trojan-activity; sid:100003690; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.89.241.44"; content:"Host"; http_header; classtype:trojan-activity; sid:100003691; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.89.242.137"; content:"Host"; http_header; classtype:trojan-activity; sid:100003692; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.89.243.153"; content:"Host"; http_header; classtype:trojan-activity; sid:100003693; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.89.244.2"; content:"Host"; http_header; classtype:trojan-activity; sid:100003694; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.89.244.84"; content:"Host"; http_header; classtype:trojan-activity; sid:100003695; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.89.245.48"; content:"Host"; http_header; classtype:trojan-activity; sid:100003696; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.89.246.143"; content:"Host"; http_header; classtype:trojan-activity; sid:100003697; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"49.89.247.60"; content:"Host"; http_header; classtype:trojan-activity; sid:100003698; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"4cd3420d-ac31-4d3d-96a8-b014e2cd527a.usrfiles.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100003699; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"5.167.236.70"; content:"Host"; http_header; classtype:trojan-activity; sid:100003700; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"5.26.117.142"; content:"Host"; http_header; classtype:trojan-activity; sid:100003701; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"5.39.221.61"; content:"Host"; http_header; classtype:trojan-activity; sid:100003702; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"5.81.124.49"; content:"Host"; http_header; classtype:trojan-activity; sid:100003703; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"50.115.174.106"; content:"Host"; http_header; classtype:trojan-activity; sid:100003704; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"50.192.171.85"; content:"Host"; http_header; classtype:trojan-activity; sid:100003705; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"50.194.110.19"; content:"Host"; http_header; classtype:trojan-activity; sid:100003706; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"50.226.94.6"; content:"Host"; http_header; classtype:trojan-activity; sid:100003707; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"50.241.230.169"; content:"Host"; http_header; classtype:trojan-activity; sid:100003708; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"50.247.83.66"; content:"Host"; http_header; classtype:trojan-activity; sid:100003709; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"51.195.61.169"; content:"Host"; http_header; classtype:trojan-activity; sid:100003710; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"52nv.hiterima.ru"; content:"Host"; http_header; classtype:trojan-activity; sid:100003711; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"54.224.10.186"; content:"Host"; http_header; classtype:trojan-activity; sid:100003712; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"54.36.180.122"; content:"Host"; http_header; classtype:trojan-activity; sid:100003713; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.115.161.155"; content:"Host"; http_header; classtype:trojan-activity; sid:100003714; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.115.162.92"; content:"Host"; http_header; classtype:trojan-activity; sid:100003715; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.115.174.4"; content:"Host"; http_header; classtype:trojan-activity; sid:100003716; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.125.191.4"; content:"Host"; http_header; classtype:trojan-activity; sid:100003717; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.142.166.120"; content:"Host"; http_header; classtype:trojan-activity; sid:100003718; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.142.200.124"; content:"Host"; http_header; classtype:trojan-activity; sid:100003719; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.142.96.245"; content:"Host"; http_header; classtype:trojan-activity; sid:100003720; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.23.213.208"; content:"Host"; http_header; classtype:trojan-activity; sid:100003721; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.23.24.220"; content:"Host"; http_header; classtype:trojan-activity; sid:100003722; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.23.246.80"; content:"Host"; http_header; classtype:trojan-activity; sid:100003723; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.23.58.62"; content:"Host"; http_header; classtype:trojan-activity; sid:100003724; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.230.89.42"; content:"Host"; http_header; classtype:trojan-activity; sid:100003725; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.238.42.192"; content:"Host"; http_header; classtype:trojan-activity; sid:100003726; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.240.126.60"; content:"Host"; http_header; classtype:trojan-activity; sid:100003727; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.240.142.156"; content:"Host"; http_header; classtype:trojan-activity; sid:100003728; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.240.155.7"; content:"Host"; http_header; classtype:trojan-activity; sid:100003729; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.243.38.149"; content:"Host"; http_header; classtype:trojan-activity; sid:100003730; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.248.114.35"; content:"Host"; http_header; classtype:trojan-activity; sid:100003731; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.248.114.42"; content:"Host"; http_header; classtype:trojan-activity; sid:100003732; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.248.116.65"; content:"Host"; http_header; classtype:trojan-activity; sid:100003733; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.248.118.210"; content:"Host"; http_header; classtype:trojan-activity; sid:100003734; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.248.140.141"; content:"Host"; http_header; classtype:trojan-activity; sid:100003735; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.248.140.235"; content:"Host"; http_header; classtype:trojan-activity; sid:100003736; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.248.141.109"; content:"Host"; http_header; classtype:trojan-activity; sid:100003737; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.248.141.11"; content:"Host"; http_header; classtype:trojan-activity; sid:100003738; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.248.142.192"; content:"Host"; http_header; classtype:trojan-activity; sid:100003739; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.248.142.8"; content:"Host"; http_header; classtype:trojan-activity; sid:100003740; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.248.143.203"; content:"Host"; http_header; classtype:trojan-activity; sid:100003741; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.248.143.69"; content:"Host"; http_header; classtype:trojan-activity; sid:100003742; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.248.144.40"; content:"Host"; http_header; classtype:trojan-activity; sid:100003743; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.248.145.167"; content:"Host"; http_header; classtype:trojan-activity; sid:100003744; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.248.145.22"; content:"Host"; http_header; classtype:trojan-activity; sid:100003745; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.248.145.76"; content:"Host"; http_header; classtype:trojan-activity; sid:100003746; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.248.146.117"; content:"Host"; http_header; classtype:trojan-activity; sid:100003747; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.248.146.49"; content:"Host"; http_header; classtype:trojan-activity; sid:100003748; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.248.147.30"; content:"Host"; http_header; classtype:trojan-activity; sid:100003749; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.248.147.31"; content:"Host"; http_header; classtype:trojan-activity; sid:100003750; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.248.147.85"; content:"Host"; http_header; classtype:trojan-activity; sid:100003751; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.248.148.103"; content:"Host"; http_header; classtype:trojan-activity; sid:100003752; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.248.148.222"; content:"Host"; http_header; classtype:trojan-activity; sid:100003753; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.248.148.255"; content:"Host"; http_header; classtype:trojan-activity; sid:100003754; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.248.149.111"; content:"Host"; http_header; classtype:trojan-activity; sid:100003755; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.248.149.97"; content:"Host"; http_header; classtype:trojan-activity; sid:100003756; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.248.150.10"; content:"Host"; http_header; classtype:trojan-activity; sid:100003757; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.248.150.89"; content:"Host"; http_header; classtype:trojan-activity; sid:100003758; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.248.151.113"; content:"Host"; http_header; classtype:trojan-activity; sid:100003759; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.248.151.117"; content:"Host"; http_header; classtype:trojan-activity; sid:100003760; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.248.151.225"; content:"Host"; http_header; classtype:trojan-activity; sid:100003761; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.248.153.156"; content:"Host"; http_header; classtype:trojan-activity; sid:100003762; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.248.153.168"; content:"Host"; http_header; classtype:trojan-activity; sid:100003763; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.248.153.20"; content:"Host"; http_header; classtype:trojan-activity; sid:100003764; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.248.153.249"; content:"Host"; http_header; classtype:trojan-activity; sid:100003765; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.248.154.172"; content:"Host"; http_header; classtype:trojan-activity; sid:100003766; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.248.154.253"; content:"Host"; http_header; classtype:trojan-activity; sid:100003767; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.248.154.43"; content:"Host"; http_header; classtype:trojan-activity; sid:100003768; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.248.155.147"; content:"Host"; http_header; classtype:trojan-activity; sid:100003769; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.248.74.235"; content:"Host"; http_header; classtype:trojan-activity; sid:100003770; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.248.75.72"; content:"Host"; http_header; classtype:trojan-activity; sid:100003771; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.248.79.248"; content:"Host"; http_header; classtype:trojan-activity; sid:100003772; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.248.79.45"; content:"Host"; http_header; classtype:trojan-activity; sid:100003773; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.248.82.118"; content:"Host"; http_header; classtype:trojan-activity; sid:100003774; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.248.82.87"; content:"Host"; http_header; classtype:trojan-activity; sid:100003775; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.248.83.141"; content:"Host"; http_header; classtype:trojan-activity; sid:100003776; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.248.83.169"; content:"Host"; http_header; classtype:trojan-activity; sid:100003777; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.248.84.242"; content:"Host"; http_header; classtype:trojan-activity; sid:100003778; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.249.11.157"; content:"Host"; http_header; classtype:trojan-activity; sid:100003779; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.249.13.130"; content:"Host"; http_header; classtype:trojan-activity; sid:100003780; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.249.13.179"; content:"Host"; http_header; classtype:trojan-activity; sid:100003781; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.249.13.185"; content:"Host"; http_header; classtype:trojan-activity; sid:100003782; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.249.13.206"; content:"Host"; http_header; classtype:trojan-activity; sid:100003783; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.249.14.163"; content:"Host"; http_header; classtype:trojan-activity; sid:100003784; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.249.16.224"; content:"Host"; http_header; classtype:trojan-activity; sid:100003785; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.249.19.14"; content:"Host"; http_header; classtype:trojan-activity; sid:100003786; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.249.19.147"; content:"Host"; http_header; classtype:trojan-activity; sid:100003787; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.249.21.224"; content:"Host"; http_header; classtype:trojan-activity; sid:100003788; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.249.22.113"; content:"Host"; http_header; classtype:trojan-activity; sid:100003789; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.249.72.188"; content:"Host"; http_header; classtype:trojan-activity; sid:100003790; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.249.73.1"; content:"Host"; http_header; classtype:trojan-activity; sid:100003791; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.249.73.106"; content:"Host"; http_header; classtype:trojan-activity; sid:100003792; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.249.73.199"; content:"Host"; http_header; classtype:trojan-activity; sid:100003793; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.249.73.49"; content:"Host"; http_header; classtype:trojan-activity; sid:100003794; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.249.73.94"; content:"Host"; http_header; classtype:trojan-activity; sid:100003795; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.249.74.47"; content:"Host"; http_header; classtype:trojan-activity; sid:100003796; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.249.76.105"; content:"Host"; http_header; classtype:trojan-activity; sid:100003797; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.249.76.23"; content:"Host"; http_header; classtype:trojan-activity; sid:100003798; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.249.77.42"; content:"Host"; http_header; classtype:trojan-activity; sid:100003799; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.249.79.120"; content:"Host"; http_header; classtype:trojan-activity; sid:100003800; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.249.8.28"; content:"Host"; http_header; classtype:trojan-activity; sid:100003801; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.249.80.251"; content:"Host"; http_header; classtype:trojan-activity; sid:100003802; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.249.81.90"; content:"Host"; http_header; classtype:trojan-activity; sid:100003803; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.249.82.15"; content:"Host"; http_header; classtype:trojan-activity; sid:100003804; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.249.83.131"; content:"Host"; http_header; classtype:trojan-activity; sid:100003805; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.249.83.18"; content:"Host"; http_header; classtype:trojan-activity; sid:100003806; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.249.84.199"; content:"Host"; http_header; classtype:trojan-activity; sid:100003807; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.249.84.38"; content:"Host"; http_header; classtype:trojan-activity; sid:100003808; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.249.85.252"; content:"Host"; http_header; classtype:trojan-activity; sid:100003809; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.249.86.55"; content:"Host"; http_header; classtype:trojan-activity; sid:100003810; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.249.86.74"; content:"Host"; http_header; classtype:trojan-activity; sid:100003811; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.249.87.127"; content:"Host"; http_header; classtype:trojan-activity; sid:100003812; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.249.87.160"; content:"Host"; http_header; classtype:trojan-activity; sid:100003813; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.249.87.241"; content:"Host"; http_header; classtype:trojan-activity; sid:100003814; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.249.89.204"; content:"Host"; http_header; classtype:trojan-activity; sid:100003815; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.249.9.182"; content:"Host"; http_header; classtype:trojan-activity; sid:100003816; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.249.90.133"; content:"Host"; http_header; classtype:trojan-activity; sid:100003817; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.249.90.98"; content:"Host"; http_header; classtype:trojan-activity; sid:100003818; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.249.91.166"; content:"Host"; http_header; classtype:trojan-activity; sid:100003819; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.249.91.208"; content:"Host"; http_header; classtype:trojan-activity; sid:100003820; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.249.91.233"; content:"Host"; http_header; classtype:trojan-activity; sid:100003821; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.249.91.92"; content:"Host"; http_header; classtype:trojan-activity; sid:100003822; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.252.178.158"; content:"Host"; http_header; classtype:trojan-activity; sid:100003823; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.252.178.20"; content:"Host"; http_header; classtype:trojan-activity; sid:100003824; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.252.180.103"; content:"Host"; http_header; classtype:trojan-activity; sid:100003825; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.252.183.111"; content:"Host"; http_header; classtype:trojan-activity; sid:100003826; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.252.197.179"; content:"Host"; http_header; classtype:trojan-activity; sid:100003827; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.252.197.223"; content:"Host"; http_header; classtype:trojan-activity; sid:100003828; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.253.14.121"; content:"Host"; http_header; classtype:trojan-activity; sid:100003829; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.253.144.51"; content:"Host"; http_header; classtype:trojan-activity; sid:100003830; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.253.15.227"; content:"Host"; http_header; classtype:trojan-activity; sid:100003831; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.253.4.196"; content:"Host"; http_header; classtype:trojan-activity; sid:100003832; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.253.5.223"; content:"Host"; http_header; classtype:trojan-activity; sid:100003833; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.253.7.188"; content:"Host"; http_header; classtype:trojan-activity; sid:100003834; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.255.121.99"; content:"Host"; http_header; classtype:trojan-activity; sid:100003835; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.255.132.6"; content:"Host"; http_header; classtype:trojan-activity; sid:100003836; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.255.14.110"; content:"Host"; http_header; classtype:trojan-activity; sid:100003837; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.255.14.118"; content:"Host"; http_header; classtype:trojan-activity; sid:100003838; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.255.143.141"; content:"Host"; http_header; classtype:trojan-activity; sid:100003839; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.255.143.37"; content:"Host"; http_header; classtype:trojan-activity; sid:100003840; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.255.143.72"; content:"Host"; http_header; classtype:trojan-activity; sid:100003841; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.255.15.120"; content:"Host"; http_header; classtype:trojan-activity; sid:100003842; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.255.19.130"; content:"Host"; http_header; classtype:trojan-activity; sid:100003843; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.255.19.216"; content:"Host"; http_header; classtype:trojan-activity; sid:100003844; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.255.209.171"; content:"Host"; http_header; classtype:trojan-activity; sid:100003845; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.255.209.219"; content:"Host"; http_header; classtype:trojan-activity; sid:100003846; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.255.209.83"; content:"Host"; http_header; classtype:trojan-activity; sid:100003847; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.255.210.154"; content:"Host"; http_header; classtype:trojan-activity; sid:100003848; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.47.48.84"; content:"Host"; http_header; classtype:trojan-activity; sid:100003849; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.50.220.138"; content:"Host"; http_header; classtype:trojan-activity; sid:100003850; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.50.48.219"; content:"Host"; http_header; classtype:trojan-activity; sid:100003851; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.52.218.33"; content:"Host"; http_header; classtype:trojan-activity; sid:100003852; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.53.57.106"; content:"Host"; http_header; classtype:trojan-activity; sid:100003853; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.55.172.187"; content:"Host"; http_header; classtype:trojan-activity; sid:100003854; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.55.2.238"; content:"Host"; http_header; classtype:trojan-activity; sid:100003855; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.55.32.119"; content:"Host"; http_header; classtype:trojan-activity; sid:100003856; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.60.57.14"; content:"Host"; http_header; classtype:trojan-activity; sid:100003857; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.72.165.153"; content:"Host"; http_header; classtype:trojan-activity; sid:100003858; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.97.201.45"; content:"Host"; http_header; classtype:trojan-activity; sid:100003859; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"58.97.206.33"; content:"Host"; http_header; classtype:trojan-activity; sid:100003860; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"59.0.158.67"; content:"Host"; http_header; classtype:trojan-activity; sid:100003861; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"59.1.115.162"; content:"Host"; http_header; classtype:trojan-activity; sid:100003862; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"59.15.78.225"; content:"Host"; http_header; classtype:trojan-activity; sid:100003863; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"59.173.133.158"; content:"Host"; http_header; classtype:trojan-activity; sid:100003864; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"59.173.194.213"; content:"Host"; http_header; classtype:trojan-activity; sid:100003865; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"59.175.9.226"; content:"Host"; http_header; classtype:trojan-activity; sid:100003866; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"59.23.218.91"; content:"Host"; http_header; classtype:trojan-activity; sid:100003867; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"59.24.221.217"; content:"Host"; http_header; classtype:trojan-activity; sid:100003868; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"59.26.12.115"; content:"Host"; http_header; classtype:trojan-activity; sid:100003869; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"59.27.177.249"; content:"Host"; http_header; classtype:trojan-activity; sid:100003870; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"59.3.30.251"; content:"Host"; http_header; classtype:trojan-activity; sid:100003871; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"59.3.48.207"; content:"Host"; http_header; classtype:trojan-activity; sid:100003872; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"59.30.127.140"; content:"Host"; http_header; classtype:trojan-activity; sid:100003873; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"59.35.57.241"; content:"Host"; http_header; classtype:trojan-activity; sid:100003874; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"59.45.235.41"; content:"Host"; http_header; classtype:trojan-activity; sid:100003875; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"59.45.236.204"; content:"Host"; http_header; classtype:trojan-activity; sid:100003876; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"59.5.225.169"; content:"Host"; http_header; classtype:trojan-activity; sid:100003877; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"59.6.128.87"; content:"Host"; http_header; classtype:trojan-activity; sid:100003878; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"59.88.143.200"; content:"Host"; http_header; classtype:trojan-activity; sid:100003879; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"59.93.17.123"; content:"Host"; http_header; classtype:trojan-activity; sid:100003880; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"59.93.22.197"; content:"Host"; http_header; classtype:trojan-activity; sid:100003881; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"59.93.23.154"; content:"Host"; http_header; classtype:trojan-activity; sid:100003882; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"59.93.24.245"; content:"Host"; http_header; classtype:trojan-activity; sid:100003883; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"59.93.26.44"; content:"Host"; http_header; classtype:trojan-activity; sid:100003884; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"59.93.31.15"; content:"Host"; http_header; classtype:trojan-activity; sid:100003885; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"59.93.31.237"; content:"Host"; http_header; classtype:trojan-activity; sid:100003886; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"59.94.183.224"; content:"Host"; http_header; classtype:trojan-activity; sid:100003887; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"59.94.192.31"; content:"Host"; http_header; classtype:trojan-activity; sid:100003888; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"59.94.196.230"; content:"Host"; http_header; classtype:trojan-activity; sid:100003889; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"59.94.197.71"; content:"Host"; http_header; classtype:trojan-activity; sid:100003890; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"59.94.200.198"; content:"Host"; http_header; classtype:trojan-activity; sid:100003891; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"59.94.207.249"; content:"Host"; http_header; classtype:trojan-activity; sid:100003892; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"59.94.34.2"; content:"Host"; http_header; classtype:trojan-activity; sid:100003893; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"59.95.174.71"; content:"Host"; http_header; classtype:trojan-activity; sid:100003894; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"59.95.68.56"; content:"Host"; http_header; classtype:trojan-activity; sid:100003895; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"59.95.71.196"; content:"Host"; http_header; classtype:trojan-activity; sid:100003896; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"59.95.79.72"; content:"Host"; http_header; classtype:trojan-activity; sid:100003897; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"59.96.24.83"; content:"Host"; http_header; classtype:trojan-activity; sid:100003898; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"59.96.25.3"; content:"Host"; http_header; classtype:trojan-activity; sid:100003899; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"59.96.25.30"; content:"Host"; http_header; classtype:trojan-activity; sid:100003900; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"59.96.28.148"; content:"Host"; http_header; classtype:trojan-activity; sid:100003901; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"59.97.168.84"; content:"Host"; http_header; classtype:trojan-activity; sid:100003902; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"59.97.238.92"; content:"Host"; http_header; classtype:trojan-activity; sid:100003903; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"59.98.101.51"; content:"Host"; http_header; classtype:trojan-activity; sid:100003904; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"59.99.138.112"; content:"Host"; http_header; classtype:trojan-activity; sid:100003905; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"59.99.140.149"; content:"Host"; http_header; classtype:trojan-activity; sid:100003906; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"59.99.142.30"; content:"Host"; http_header; classtype:trojan-activity; sid:100003907; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"59.99.143.193"; content:"Host"; http_header; classtype:trojan-activity; sid:100003908; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"59.99.193.187"; content:"Host"; http_header; classtype:trojan-activity; sid:100003909; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"59.99.198.33"; content:"Host"; http_header; classtype:trojan-activity; sid:100003910; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"59.99.198.34"; content:"Host"; http_header; classtype:trojan-activity; sid:100003911; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"59.99.204.202"; content:"Host"; http_header; classtype:trojan-activity; sid:100003912; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"59.99.207.37"; content:"Host"; http_header; classtype:trojan-activity; sid:100003913; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"59.99.42.65"; content:"Host"; http_header; classtype:trojan-activity; sid:100003914; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"59.99.47.134"; content:"Host"; http_header; classtype:trojan-activity; sid:100003915; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"5a1e.miraimibun.ru"; content:"Host"; http_header; classtype:trojan-activity; sid:100003916; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"5thelement.diamondjewelleryb2b.in"; content:"Host"; http_header; classtype:trojan-activity; sid:100003917; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"60.10.81.186"; content:"Host"; http_header; classtype:trojan-activity; sid:100003918; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"60.13.61.199"; content:"Host"; http_header; classtype:trojan-activity; sid:100003919; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"60.16.239.90"; content:"Host"; http_header; classtype:trojan-activity; sid:100003920; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"60.162.209.118"; content:"Host"; http_header; classtype:trojan-activity; sid:100003921; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"60.163.215.62"; content:"Host"; http_header; classtype:trojan-activity; sid:100003922; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"60.178.38.234"; content:"Host"; http_header; classtype:trojan-activity; sid:100003923; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"60.185.109.157"; content:"Host"; http_header; classtype:trojan-activity; sid:100003924; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"60.185.212.103"; content:"Host"; http_header; classtype:trojan-activity; sid:100003925; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"60.20.13.22"; content:"Host"; http_header; classtype:trojan-activity; sid:100003926; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"60.209.122.57"; content:"Host"; http_header; classtype:trojan-activity; sid:100003927; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"60.209.255.244"; content:"Host"; http_header; classtype:trojan-activity; sid:100003928; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"60.210.193.8"; content:"Host"; http_header; classtype:trojan-activity; sid:100003929; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"60.210.226.133"; content:"Host"; http_header; classtype:trojan-activity; sid:100003930; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"60.211.26.44"; content:"Host"; http_header; classtype:trojan-activity; sid:100003931; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"60.211.4.36"; content:"Host"; http_header; classtype:trojan-activity; sid:100003932; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"60.212.104.46"; content:"Host"; http_header; classtype:trojan-activity; sid:100003933; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"60.212.158.222"; content:"Host"; http_header; classtype:trojan-activity; sid:100003934; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"60.212.162.35"; content:"Host"; http_header; classtype:trojan-activity; sid:100003935; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"60.212.216.36"; content:"Host"; http_header; classtype:trojan-activity; sid:100003936; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"60.212.219.149"; content:"Host"; http_header; classtype:trojan-activity; sid:100003937; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"60.212.237.5"; content:"Host"; http_header; classtype:trojan-activity; sid:100003938; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"60.214.230.186"; content:"Host"; http_header; classtype:trojan-activity; sid:100003939; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"60.214.231.9"; content:"Host"; http_header; classtype:trojan-activity; sid:100003940; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"60.214.95.177"; content:"Host"; http_header; classtype:trojan-activity; sid:100003941; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"60.215.161.176"; content:"Host"; http_header; classtype:trojan-activity; sid:100003942; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"60.215.189.102"; content:"Host"; http_header; classtype:trojan-activity; sid:100003943; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"60.217.108.208"; content:"Host"; http_header; classtype:trojan-activity; sid:100003944; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"60.217.110.225"; content:"Host"; http_header; classtype:trojan-activity; sid:100003945; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"60.217.120.193"; content:"Host"; http_header; classtype:trojan-activity; sid:100003946; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"60.217.149.115"; content:"Host"; http_header; classtype:trojan-activity; sid:100003947; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"60.220.92.198"; content:"Host"; http_header; classtype:trojan-activity; sid:100003948; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"60.223.85.59"; content:"Host"; http_header; classtype:trojan-activity; sid:100003949; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"60.223.92.221"; content:"Host"; http_header; classtype:trojan-activity; sid:100003950; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"60.24.34.213"; content:"Host"; http_header; classtype:trojan-activity; sid:100003951; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"60.241.98.182"; content:"Host"; http_header; classtype:trojan-activity; sid:100003952; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"60.25.158.106"; content:"Host"; http_header; classtype:trojan-activity; sid:100003953; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"60.254.124.230"; content:"Host"; http_header; classtype:trojan-activity; sid:100003954; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"60.27.119.146"; content:"Host"; http_header; classtype:trojan-activity; sid:100003955; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"60.60.193.40"; content:"Host"; http_header; classtype:trojan-activity; sid:100003956; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"60.9.200.94"; content:"Host"; http_header; classtype:trojan-activity; sid:100003957; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.130.228.33"; content:"Host"; http_header; classtype:trojan-activity; sid:100003958; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.134.219.231"; content:"Host"; http_header; classtype:trojan-activity; sid:100003959; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.141.114.180"; content:"Host"; http_header; classtype:trojan-activity; sid:100003960; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.156.100.201"; content:"Host"; http_header; classtype:trojan-activity; sid:100003961; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.162.55.42"; content:"Host"; http_header; classtype:trojan-activity; sid:100003962; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.163.130.7"; content:"Host"; http_header; classtype:trojan-activity; sid:100003963; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.163.131.253"; content:"Host"; http_header; classtype:trojan-activity; sid:100003964; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.163.138.66"; content:"Host"; http_header; classtype:trojan-activity; sid:100003965; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.179.91.244"; content:"Host"; http_header; classtype:trojan-activity; sid:100003966; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.179.95.182"; content:"Host"; http_header; classtype:trojan-activity; sid:100003967; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.241.170.69"; content:"Host"; http_header; classtype:trojan-activity; sid:100003968; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.247.183.18"; content:"Host"; http_header; classtype:trojan-activity; sid:100003969; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.247.224.66"; content:"Host"; http_header; classtype:trojan-activity; sid:100003970; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.3.149.152"; content:"Host"; http_header; classtype:trojan-activity; sid:100003971; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.3.149.4"; content:"Host"; http_header; classtype:trojan-activity; sid:100003972; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.3.152.112"; content:"Host"; http_header; classtype:trojan-activity; sid:100003973; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.3.155.133"; content:"Host"; http_header; classtype:trojan-activity; sid:100003974; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.3.155.168"; content:"Host"; http_header; classtype:trojan-activity; sid:100003975; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.3.190.252"; content:"Host"; http_header; classtype:trojan-activity; sid:100003976; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.32.31.209"; content:"Host"; http_header; classtype:trojan-activity; sid:100003977; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.46.21.153"; content:"Host"; http_header; classtype:trojan-activity; sid:100003978; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.51.143.201"; content:"Host"; http_header; classtype:trojan-activity; sid:100003979; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.52.103.141"; content:"Host"; http_header; classtype:trojan-activity; sid:100003980; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.52.12.111"; content:"Host"; http_header; classtype:trojan-activity; sid:100003981; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.52.172.145"; content:"Host"; http_header; classtype:trojan-activity; sid:100003982; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.52.177.208"; content:"Host"; http_header; classtype:trojan-activity; sid:100003983; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.52.193.45"; content:"Host"; http_header; classtype:trojan-activity; sid:100003984; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.52.197.45"; content:"Host"; http_header; classtype:trojan-activity; sid:100003985; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.52.214.115"; content:"Host"; http_header; classtype:trojan-activity; sid:100003986; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.52.237.37"; content:"Host"; http_header; classtype:trojan-activity; sid:100003987; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.52.30.33"; content:"Host"; http_header; classtype:trojan-activity; sid:100003988; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.52.31.30"; content:"Host"; http_header; classtype:trojan-activity; sid:100003989; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.52.35.210"; content:"Host"; http_header; classtype:trojan-activity; sid:100003990; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.52.35.226"; content:"Host"; http_header; classtype:trojan-activity; sid:100003991; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.52.79.145"; content:"Host"; http_header; classtype:trojan-activity; sid:100003992; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.52.8.158"; content:"Host"; http_header; classtype:trojan-activity; sid:100003993; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.52.83.100"; content:"Host"; http_header; classtype:trojan-activity; sid:100003994; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.52.97.170"; content:"Host"; http_header; classtype:trojan-activity; sid:100003995; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.52.97.77"; content:"Host"; http_header; classtype:trojan-activity; sid:100003996; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.53.111.241"; content:"Host"; http_header; classtype:trojan-activity; sid:100003997; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.53.116.113"; content:"Host"; http_header; classtype:trojan-activity; sid:100003998; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.53.120.86"; content:"Host"; http_header; classtype:trojan-activity; sid:100003999; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.53.125.81"; content:"Host"; http_header; classtype:trojan-activity; sid:100004000; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.53.126.212"; content:"Host"; http_header; classtype:trojan-activity; sid:100004001; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.53.127.163"; content:"Host"; http_header; classtype:trojan-activity; sid:100004002; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.53.14.167"; content:"Host"; http_header; classtype:trojan-activity; sid:100004003; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.53.157.17"; content:"Host"; http_header; classtype:trojan-activity; sid:100004004; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.53.219.59"; content:"Host"; http_header; classtype:trojan-activity; sid:100004005; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.53.27.121"; content:"Host"; http_header; classtype:trojan-activity; sid:100004006; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.53.48.101"; content:"Host"; http_header; classtype:trojan-activity; sid:100004007; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.53.72.223"; content:"Host"; http_header; classtype:trojan-activity; sid:100004008; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.53.75.5"; content:"Host"; http_header; classtype:trojan-activity; sid:100004009; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.53.83.215"; content:"Host"; http_header; classtype:trojan-activity; sid:100004010; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.53.87.167"; content:"Host"; http_header; classtype:trojan-activity; sid:100004011; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.53.91.198"; content:"Host"; http_header; classtype:trojan-activity; sid:100004012; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.54.11.134"; content:"Host"; http_header; classtype:trojan-activity; sid:100004013; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.54.41.229"; content:"Host"; http_header; classtype:trojan-activity; sid:100004014; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.54.42.217"; content:"Host"; http_header; classtype:trojan-activity; sid:100004015; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.54.42.93"; content:"Host"; http_header; classtype:trojan-activity; sid:100004016; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.54.58.185"; content:"Host"; http_header; classtype:trojan-activity; sid:100004017; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.54.59.44"; content:"Host"; http_header; classtype:trojan-activity; sid:100004018; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.54.60.116"; content:"Host"; http_header; classtype:trojan-activity; sid:100004019; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.56.150.9"; content:"Host"; http_header; classtype:trojan-activity; sid:100004020; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.56.180.67"; content:"Host"; http_header; classtype:trojan-activity; sid:100004021; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.58.172.244"; content:"Host"; http_header; classtype:trojan-activity; sid:100004022; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.58.73.220"; content:"Host"; http_header; classtype:trojan-activity; sid:100004023; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.61.218.23"; content:"Host"; http_header; classtype:trojan-activity; sid:100004024; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.70.0.22"; content:"Host"; http_header; classtype:trojan-activity; sid:100004025; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.70.110.59"; content:"Host"; http_header; classtype:trojan-activity; sid:100004026; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.70.132.195"; content:"Host"; http_header; classtype:trojan-activity; sid:100004027; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.70.247.150"; content:"Host"; http_header; classtype:trojan-activity; sid:100004028; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.70.255.230"; content:"Host"; http_header; classtype:trojan-activity; sid:100004029; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.70.45.130"; content:"Host"; http_header; classtype:trojan-activity; sid:100004030; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.75.16.170"; content:"Host"; http_header; classtype:trojan-activity; sid:100004031; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.75.36.225"; content:"Host"; http_header; classtype:trojan-activity; sid:100004032; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"61.97.152.106"; content:"Host"; http_header; classtype:trojan-activity; sid:100004033; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"62.140.224.186"; content:"Host"; http_header; classtype:trojan-activity; sid:100004034; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"62.141.73.58"; content:"Host"; http_header; classtype:trojan-activity; sid:100004035; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"62.219.131.205"; content:"Host"; http_header; classtype:trojan-activity; sid:100004036; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"62.219.143.46"; content:"Host"; http_header; classtype:trojan-activity; sid:100004037; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"62.219.237.224"; content:"Host"; http_header; classtype:trojan-activity; sid:100004038; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"62.31.126.33"; content:"Host"; http_header; classtype:trojan-activity; sid:100004039; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"62.38.115.196"; content:"Host"; http_header; classtype:trojan-activity; sid:100004040; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"62.38.130.177"; content:"Host"; http_header; classtype:trojan-activity; sid:100004041; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"62.38.149.66"; content:"Host"; http_header; classtype:trojan-activity; sid:100004042; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"62.38.222.98"; content:"Host"; http_header; classtype:trojan-activity; sid:100004043; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"62.43.207.148"; content:"Host"; http_header; classtype:trojan-activity; sid:100004044; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"62.90.161.62"; content:"Host"; http_header; classtype:trojan-activity; sid:100004045; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"62.90.165.236"; content:"Host"; http_header; classtype:trojan-activity; sid:100004046; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"63.245.122.93"; content:"Host"; http_header; classtype:trojan-activity; sid:100004047; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"64.126.163.140"; content:"Host"; http_header; classtype:trojan-activity; sid:100004048; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"64.126.163.225"; content:"Host"; http_header; classtype:trojan-activity; sid:100004049; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"65.125.128.196"; content:"Host"; http_header; classtype:trojan-activity; sid:100004050; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"65.172.242.234"; content:"Host"; http_header; classtype:trojan-activity; sid:100004051; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"65.172.242.41"; content:"Host"; http_header; classtype:trojan-activity; sid:100004052; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"65.26.155.131"; content:"Host"; http_header; classtype:trojan-activity; sid:100004053; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"65.35.61.255"; content:"Host"; http_header; classtype:trojan-activity; sid:100004054; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"66.186.243.228"; content:"Host"; http_header; classtype:trojan-activity; sid:100004055; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"66.228.52.111"; content:"Host"; http_header; classtype:trojan-activity; sid:100004056; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"66.229.92.206"; content:"Host"; http_header; classtype:trojan-activity; sid:100004057; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"66.57.55.210"; content:"Host"; http_header; classtype:trojan-activity; sid:100004058; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"66.65.25.88"; content:"Host"; http_header; classtype:trojan-activity; sid:100004059; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"66.74.7.197"; content:"Host"; http_header; classtype:trojan-activity; sid:100004060; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"66.91.200.144"; content:"Host"; http_header; classtype:trojan-activity; sid:100004061; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"67.180.214.165"; content:"Host"; http_header; classtype:trojan-activity; sid:100004062; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"67.247.123.0"; content:"Host"; http_header; classtype:trojan-activity; sid:100004063; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"67.8.138.101"; content:"Host"; http_header; classtype:trojan-activity; sid:100004064; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"67.80.30.18"; content:"Host"; http_header; classtype:trojan-activity; sid:100004065; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"67.84.138.165"; content:"Host"; http_header; classtype:trojan-activity; sid:100004066; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"68.148.103.248"; content:"Host"; http_header; classtype:trojan-activity; sid:100004067; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"68.173.242.111"; content:"Host"; http_header; classtype:trojan-activity; sid:100004068; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"68.174.182.226"; content:"Host"; http_header; classtype:trojan-activity; sid:100004069; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"68.188.144.143"; content:"Host"; http_header; classtype:trojan-activity; sid:100004070; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"68.195.217.253"; content:"Host"; http_header; classtype:trojan-activity; sid:100004071; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"68.198.130.97"; content:"Host"; http_header; classtype:trojan-activity; sid:100004072; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"68.198.171.184"; content:"Host"; http_header; classtype:trojan-activity; sid:100004073; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"68.205.119.241"; content:"Host"; http_header; classtype:trojan-activity; sid:100004074; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"68.84.51.98"; content:"Host"; http_header; classtype:trojan-activity; sid:100004075; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"69.115.37.205"; content:"Host"; http_header; classtype:trojan-activity; sid:100004076; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"69.120.237.255"; content:"Host"; http_header; classtype:trojan-activity; sid:100004077; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"69.121.107.162"; content:"Host"; http_header; classtype:trojan-activity; sid:100004078; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"69.124.231.110"; content:"Host"; http_header; classtype:trojan-activity; sid:100004079; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"69.222.157.166"; content:"Host"; http_header; classtype:trojan-activity; sid:100004080; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"69.59.92.28"; content:"Host"; http_header; classtype:trojan-activity; sid:100004081; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"69.75.115.194"; content:"Host"; http_header; classtype:trojan-activity; sid:100004082; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"69.75.227.186"; content:"Host"; http_header; classtype:trojan-activity; sid:100004083; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"70.115.31.30"; content:"Host"; http_header; classtype:trojan-activity; sid:100004084; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"70.118.240.88"; content:"Host"; http_header; classtype:trojan-activity; sid:100004085; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"70.167.10.180"; content:"Host"; http_header; classtype:trojan-activity; sid:100004086; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"70.169.51.124"; content:"Host"; http_header; classtype:trojan-activity; sid:100004087; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"70.236.190.250"; content:"Host"; http_header; classtype:trojan-activity; sid:100004088; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"70.25.5.105"; content:"Host"; http_header; classtype:trojan-activity; sid:100004089; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"70.44.154.126"; content:"Host"; http_header; classtype:trojan-activity; sid:100004090; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"70.79.173.244"; content:"Host"; http_header; classtype:trojan-activity; sid:100004091; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"71.127.148.69"; content:"Host"; http_header; classtype:trojan-activity; sid:100004092; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"71.163.125.165"; content:"Host"; http_header; classtype:trojan-activity; sid:100004093; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"71.222.19.72"; content:"Host"; http_header; classtype:trojan-activity; sid:100004094; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"71.228.126.91"; content:"Host"; http_header; classtype:trojan-activity; sid:100004095; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"71.43.106.142"; content:"Host"; http_header; classtype:trojan-activity; sid:100004096; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"71.71.60.69"; content:"Host"; http_header; classtype:trojan-activity; sid:100004097; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"71.76.173.75"; content:"Host"; http_header; classtype:trojan-activity; sid:100004098; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"71.85.106.211"; content:"Host"; http_header; classtype:trojan-activity; sid:100004099; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"72.186.139.38"; content:"Host"; http_header; classtype:trojan-activity; sid:100004100; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"72.202.249.109"; content:"Host"; http_header; classtype:trojan-activity; sid:100004101; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"72.214.69.226"; content:"Host"; http_header; classtype:trojan-activity; sid:100004102; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"72.252.201.135"; content:"Host"; http_header; classtype:trojan-activity; sid:100004103; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"73.127.64.11"; content:"Host"; http_header; classtype:trojan-activity; sid:100004104; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"73.163.134.45"; content:"Host"; http_header; classtype:trojan-activity; sid:100004105; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"73.204.216.103"; content:"Host"; http_header; classtype:trojan-activity; sid:100004106; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"73.255.44.83"; content:"Host"; http_header; classtype:trojan-activity; sid:100004107; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"73.70.164.42"; content:"Host"; http_header; classtype:trojan-activity; sid:100004108; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"73.84.49.191"; content:"Host"; http_header; classtype:trojan-activity; sid:100004109; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"74.102.31.55"; content:"Host"; http_header; classtype:trojan-activity; sid:100004110; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"74.108.224.112"; content:"Host"; http_header; classtype:trojan-activity; sid:100004111; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"74.199.84.77"; content:"Host"; http_header; classtype:trojan-activity; sid:100004112; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"74.75.165.81"; content:"Host"; http_header; classtype:trojan-activity; sid:100004113; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"74.88.22.42"; content:"Host"; http_header; classtype:trojan-activity; sid:100004114; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"74.93.60.190"; content:"Host"; http_header; classtype:trojan-activity; sid:100004115; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"75.127.141.52"; content:"Host"; http_header; classtype:trojan-activity; sid:100004116; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"75.129.90.99"; content:"Host"; http_header; classtype:trojan-activity; sid:100004117; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"75.155.123.172"; content:"Host"; http_header; classtype:trojan-activity; sid:100004118; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"75.83.102.27"; content:"Host"; http_header; classtype:trojan-activity; sid:100004119; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"75.99.143.195"; content:"Host"; http_header; classtype:trojan-activity; sid:100004120; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"75.99.213.61"; content:"Host"; http_header; classtype:trojan-activity; sid:100004121; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"76.108.187.210"; content:"Host"; http_header; classtype:trojan-activity; sid:100004122; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"76.108.191.3"; content:"Host"; http_header; classtype:trojan-activity; sid:100004123; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"76.170.11.82"; content:"Host"; http_header; classtype:trojan-activity; sid:100004124; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"76.178.22.145"; content:"Host"; http_header; classtype:trojan-activity; sid:100004125; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"76.217.92.231"; content:"Host"; http_header; classtype:trojan-activity; sid:100004126; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"76.250.199.133"; content:"Host"; http_header; classtype:trojan-activity; sid:100004127; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"76.79.220.181"; content:"Host"; http_header; classtype:trojan-activity; sid:100004128; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"76.84.134.33"; content:"Host"; http_header; classtype:trojan-activity; sid:100004129; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"76.95.12.137"; content:"Host"; http_header; classtype:trojan-activity; sid:100004130; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"77.106.132.247"; content:"Host"; http_header; classtype:trojan-activity; sid:100004131; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"77.237.25.210"; content:"Host"; http_header; classtype:trojan-activity; sid:100004132; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"77.27.69.138"; content:"Host"; http_header; classtype:trojan-activity; sid:100004133; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"77st.net"; content:"Host"; http_header; classtype:trojan-activity; sid:100004134; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"78.184.253.226"; content:"Host"; http_header; classtype:trojan-activity; sid:100004135; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"78.186.40.28"; content:"Host"; http_header; classtype:trojan-activity; sid:100004136; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"78.187.141.144"; content:"Host"; http_header; classtype:trojan-activity; sid:100004137; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"78.187.41.200"; content:"Host"; http_header; classtype:trojan-activity; sid:100004138; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"78.188.134.17"; content:"Host"; http_header; classtype:trojan-activity; sid:100004139; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"78.188.168.64"; content:"Host"; http_header; classtype:trojan-activity; sid:100004140; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"78.188.188.141"; content:"Host"; http_header; classtype:trojan-activity; sid:100004141; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"78.188.87.126"; content:"Host"; http_header; classtype:trojan-activity; sid:100004142; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"78.189.104.157"; content:"Host"; http_header; classtype:trojan-activity; sid:100004143; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"78.189.176.163"; content:"Host"; http_header; classtype:trojan-activity; sid:100004144; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"78.189.237.53"; content:"Host"; http_header; classtype:trojan-activity; sid:100004145; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"78.189.27.157"; content:"Host"; http_header; classtype:trojan-activity; sid:100004146; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"78.189.54.150"; content:"Host"; http_header; classtype:trojan-activity; sid:100004147; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"78.189.84.5"; content:"Host"; http_header; classtype:trojan-activity; sid:100004148; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"78.25.106.185"; content:"Host"; http_header; classtype:trojan-activity; sid:100004149; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"78.38.29.42"; content:"Host"; http_header; classtype:trojan-activity; sid:100004150; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"78.66.209.192"; content:"Host"; http_header; classtype:trojan-activity; sid:100004151; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"78.67.150.189"; content:"Host"; http_header; classtype:trojan-activity; sid:100004152; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"78.97.123.232"; content:"Host"; http_header; classtype:trojan-activity; sid:100004153; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"79.11.195.121"; content:"Host"; http_header; classtype:trojan-activity; sid:100004154; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"79.137.250.41"; content:"Host"; http_header; classtype:trojan-activity; sid:100004155; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"79.197.1.129"; content:"Host"; http_header; classtype:trojan-activity; sid:100004156; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"79.3.72.208"; content:"Host"; http_header; classtype:trojan-activity; sid:100004157; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"79.7.170.58"; content:"Host"; http_header; classtype:trojan-activity; sid:100004158; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"79.79.58.94"; content:"Host"; http_header; classtype:trojan-activity; sid:100004159; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"79.8.70.162"; content:"Host"; http_header; classtype:trojan-activity; sid:100004160; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"79.9.88.185"; content:"Host"; http_header; classtype:trojan-activity; sid:100004161; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"80.107.89.188"; content:"Host"; http_header; classtype:trojan-activity; sid:100004162; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"80.107.89.207"; content:"Host"; http_header; classtype:trojan-activity; sid:100004163; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"80.210.19.248"; content:"Host"; http_header; classtype:trojan-activity; sid:100004164; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"80.210.24.157"; content:"Host"; http_header; classtype:trojan-activity; sid:100004165; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"80.211.181.77"; content:"Host"; http_header; classtype:trojan-activity; sid:100004166; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"80.87.201.45"; content:"Host"; http_header; classtype:trojan-activity; sid:100004167; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"80.99.128.61"; content:"Host"; http_header; classtype:trojan-activity; sid:100004168; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"81.136.146.213"; content:"Host"; http_header; classtype:trojan-activity; sid:100004169; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"81.165.44.109"; content:"Host"; http_header; classtype:trojan-activity; sid:100004170; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"81.198.240.73"; content:"Host"; http_header; classtype:trojan-activity; sid:100004171; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"81.214.188.84"; content:"Host"; http_header; classtype:trojan-activity; sid:100004172; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"81.215.199.29"; content:"Host"; http_header; classtype:trojan-activity; sid:100004173; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"81.215.202.162"; content:"Host"; http_header; classtype:trojan-activity; sid:100004174; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"81.218.139.126"; content:"Host"; http_header; classtype:trojan-activity; sid:100004175; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"81.218.156.164"; content:"Host"; http_header; classtype:trojan-activity; sid:100004176; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"81.218.187.113"; content:"Host"; http_header; classtype:trojan-activity; sid:100004177; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"81.218.196.175"; content:"Host"; http_header; classtype:trojan-activity; sid:100004178; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"81.232.8.210"; content:"Host"; http_header; classtype:trojan-activity; sid:100004179; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"81.246.225.203"; content:"Host"; http_header; classtype:trojan-activity; sid:100004180; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"81.61.234.34"; content:"Host"; http_header; classtype:trojan-activity; sid:100004181; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"81.92.36.96"; content:"Host"; http_header; classtype:trojan-activity; sid:100004182; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"82.102.184.177"; content:"Host"; http_header; classtype:trojan-activity; sid:100004183; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"82.125.145.144"; content:"Host"; http_header; classtype:trojan-activity; sid:100004184; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"82.130.236.240"; content:"Host"; http_header; classtype:trojan-activity; sid:100004185; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"82.166.212.178"; content:"Host"; http_header; classtype:trojan-activity; sid:100004186; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"82.166.85.112"; content:"Host"; http_header; classtype:trojan-activity; sid:100004187; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"82.166.86.104"; content:"Host"; http_header; classtype:trojan-activity; sid:100004188; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"82.207.61.194"; content:"Host"; http_header; classtype:trojan-activity; sid:100004189; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"82.211.156.38"; content:"Host"; http_header; classtype:trojan-activity; sid:100004190; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"82.62.110.252"; content:"Host"; http_header; classtype:trojan-activity; sid:100004191; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"82.62.210.102"; content:"Host"; http_header; classtype:trojan-activity; sid:100004192; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"82.62.53.77"; content:"Host"; http_header; classtype:trojan-activity; sid:100004193; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"82.77.63.207"; content:"Host"; http_header; classtype:trojan-activity; sid:100004194; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"82.80.138.72"; content:"Host"; http_header; classtype:trojan-activity; sid:100004195; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"82.80.142.134"; content:"Host"; http_header; classtype:trojan-activity; sid:100004196; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"82.80.187.109"; content:"Host"; http_header; classtype:trojan-activity; sid:100004197; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"82.81.100.54"; content:"Host"; http_header; classtype:trojan-activity; sid:100004198; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"82.81.101.148"; content:"Host"; http_header; classtype:trojan-activity; sid:100004199; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"82.81.106.65"; content:"Host"; http_header; classtype:trojan-activity; sid:100004200; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"82.81.108.230"; content:"Host"; http_header; classtype:trojan-activity; sid:100004201; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"82.81.131.158"; content:"Host"; http_header; classtype:trojan-activity; sid:100004202; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"82.81.134.66"; content:"Host"; http_header; classtype:trojan-activity; sid:100004203; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"82.81.19.42"; content:"Host"; http_header; classtype:trojan-activity; sid:100004204; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"82.81.197.254"; content:"Host"; http_header; classtype:trojan-activity; sid:100004205; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"82.81.232.68"; content:"Host"; http_header; classtype:trojan-activity; sid:100004206; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"82.81.246.96"; content:"Host"; http_header; classtype:trojan-activity; sid:100004207; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"82.81.4.57"; content:"Host"; http_header; classtype:trojan-activity; sid:100004208; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"82.81.73.245"; content:"Host"; http_header; classtype:trojan-activity; sid:100004209; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"83.0.233.13"; content:"Host"; http_header; classtype:trojan-activity; sid:100004210; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"83.110.150.182"; content:"Host"; http_header; classtype:trojan-activity; sid:100004211; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"83.165.237.163"; content:"Host"; http_header; classtype:trojan-activity; sid:100004212; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"83.234.147.99"; content:"Host"; http_header; classtype:trojan-activity; sid:100004213; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"83.234.218.42"; content:"Host"; http_header; classtype:trojan-activity; sid:100004214; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"83.239.6.202"; content:"Host"; http_header; classtype:trojan-activity; sid:100004215; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"83.248.57.113"; content:"Host"; http_header; classtype:trojan-activity; sid:100004216; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"83.251.143.42"; content:"Host"; http_header; classtype:trojan-activity; sid:100004217; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"83.254.58.178"; content:"Host"; http_header; classtype:trojan-activity; sid:100004218; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"83.33.236.175"; content:"Host"; http_header; classtype:trojan-activity; sid:100004219; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"83.69.90.81"; content:"Host"; http_header; classtype:trojan-activity; sid:100004220; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"84.228.114.91"; content:"Host"; http_header; classtype:trojan-activity; sid:100004221; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"84.228.30.108"; content:"Host"; http_header; classtype:trojan-activity; sid:100004222; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"84.228.50.118"; content:"Host"; http_header; classtype:trojan-activity; sid:100004223; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"84.228.95.204"; content:"Host"; http_header; classtype:trojan-activity; sid:100004224; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"84.238.24.35"; content:"Host"; http_header; classtype:trojan-activity; sid:100004225; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"84.242.139.134"; content:"Host"; http_header; classtype:trojan-activity; sid:100004226; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"84.254.34.127"; content:"Host"; http_header; classtype:trojan-activity; sid:100004227; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"84.254.39.129"; content:"Host"; http_header; classtype:trojan-activity; sid:100004228; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"84.39.248.2"; content:"Host"; http_header; classtype:trojan-activity; sid:100004229; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"84.40.127.242"; content:"Host"; http_header; classtype:trojan-activity; sid:100004230; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"85.105.11.216"; content:"Host"; http_header; classtype:trojan-activity; sid:100004231; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"85.105.135.187"; content:"Host"; http_header; classtype:trojan-activity; sid:100004232; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"85.105.180.228"; content:"Host"; http_header; classtype:trojan-activity; sid:100004233; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"85.105.180.33"; content:"Host"; http_header; classtype:trojan-activity; sid:100004234; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"85.105.192.117"; content:"Host"; http_header; classtype:trojan-activity; sid:100004235; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"85.105.202.53"; content:"Host"; http_header; classtype:trojan-activity; sid:100004236; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"85.105.208.25"; content:"Host"; http_header; classtype:trojan-activity; sid:100004237; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"85.105.241.2"; content:"Host"; http_header; classtype:trojan-activity; sid:100004238; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"85.105.73.54"; content:"Host"; http_header; classtype:trojan-activity; sid:100004239; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"85.105.8.9"; content:"Host"; http_header; classtype:trojan-activity; sid:100004240; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"85.214.149.236"; content:"Host"; http_header; classtype:trojan-activity; sid:100004241; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"85.97.111.84"; content:"Host"; http_header; classtype:trojan-activity; sid:100004242; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"85.97.130.227"; content:"Host"; http_header; classtype:trojan-activity; sid:100004243; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"85.99.128.237"; content:"Host"; http_header; classtype:trojan-activity; sid:100004244; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"86.127.254.237"; content:"Host"; http_header; classtype:trojan-activity; sid:100004245; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"86.164.111.132"; content:"Host"; http_header; classtype:trojan-activity; sid:100004246; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"86.35.43.220"; content:"Host"; http_header; classtype:trojan-activity; sid:100004247; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"86.6.187.44"; content:"Host"; http_header; classtype:trojan-activity; sid:100004248; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"87.0.61.36"; content:"Host"; http_header; classtype:trojan-activity; sid:100004249; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"87.120.215.98"; content:"Host"; http_header; classtype:trojan-activity; sid:100004250; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"87.27.143.210"; content:"Host"; http_header; classtype:trojan-activity; sid:100004251; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"88.119.171.253"; content:"Host"; http_header; classtype:trojan-activity; sid:100004252; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"88.12.54.150"; content:"Host"; http_header; classtype:trojan-activity; sid:100004253; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"88.129.60.77"; content:"Host"; http_header; classtype:trojan-activity; sid:100004254; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"88.2.208.71"; content:"Host"; http_header; classtype:trojan-activity; sid:100004255; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"88.2.219.179"; content:"Host"; http_header; classtype:trojan-activity; sid:100004256; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"88.218.227.141"; content:"Host"; http_header; classtype:trojan-activity; sid:100004257; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"88.247.195.125"; content:"Host"; http_header; classtype:trojan-activity; sid:100004258; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"88.248.136.231"; content:"Host"; http_header; classtype:trojan-activity; sid:100004259; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"88.248.28.244"; content:"Host"; http_header; classtype:trojan-activity; sid:100004260; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"88.248.51.139"; content:"Host"; http_header; classtype:trojan-activity; sid:100004261; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"88.249.91.162"; content:"Host"; http_header; classtype:trojan-activity; sid:100004262; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"88.250.19.224"; content:"Host"; http_header; classtype:trojan-activity; sid:100004263; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"88.250.204.12"; content:"Host"; http_header; classtype:trojan-activity; sid:100004264; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"88.250.226.26"; content:"Host"; http_header; classtype:trojan-activity; sid:100004265; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"88.250.240.245"; content:"Host"; http_header; classtype:trojan-activity; sid:100004266; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"88.250.251.88"; content:"Host"; http_header; classtype:trojan-activity; sid:100004267; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"88.250.254.90"; content:"Host"; http_header; classtype:trojan-activity; sid:100004268; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"88.31.95.195"; content:"Host"; http_header; classtype:trojan-activity; sid:100004269; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"89.122.183.130"; content:"Host"; http_header; classtype:trojan-activity; sid:100004270; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"89.122.198.237"; content:"Host"; http_header; classtype:trojan-activity; sid:100004271; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"89.122.96.52"; content:"Host"; http_header; classtype:trojan-activity; sid:100004272; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"89.189.184.225"; content:"Host"; http_header; classtype:trojan-activity; sid:100004273; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"89.215.188.163"; content:"Host"; http_header; classtype:trojan-activity; sid:100004274; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"89.22.152.244"; content:"Host"; http_header; classtype:trojan-activity; sid:100004275; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"89.237.84.19"; content:"Host"; http_header; classtype:trojan-activity; sid:100004276; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"89.237.85.187"; content:"Host"; http_header; classtype:trojan-activity; sid:100004277; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"89.248.112.202"; content:"Host"; http_header; classtype:trojan-activity; sid:100004278; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"89.97.64.171"; content:"Host"; http_header; classtype:trojan-activity; sid:100004279; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"8poieq.bn.files.1drv.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004280; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"90.159.233.113"; content:"Host"; http_header; classtype:trojan-activity; sid:100004281; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"91.148.182.27"; content:"Host"; http_header; classtype:trojan-activity; sid:100004282; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"91.151.104.212"; content:"Host"; http_header; classtype:trojan-activity; sid:100004283; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"91.187.103.32"; content:"Host"; http_header; classtype:trojan-activity; sid:100004284; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"91.212.150.241"; content:"Host"; http_header; classtype:trojan-activity; sid:100004285; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"91.218.113.78"; content:"Host"; http_header; classtype:trojan-activity; sid:100004286; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"91.235.129.172"; content:"Host"; http_header; classtype:trojan-activity; sid:100004287; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"91.240.209.170"; content:"Host"; http_header; classtype:trojan-activity; sid:100004288; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"91.244.114.198"; content:"Host"; http_header; classtype:trojan-activity; sid:100004289; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"91.244.169.139"; content:"Host"; http_header; classtype:trojan-activity; sid:100004290; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"91.244.78.7"; content:"Host"; http_header; classtype:trojan-activity; sid:100004291; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"91.92.16.244"; content:"Host"; http_header; classtype:trojan-activity; sid:100004292; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"91.98.248.104"; content:"Host"; http_header; classtype:trojan-activity; sid:100004293; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"91.98.251.156"; content:"Host"; http_header; classtype:trojan-activity; sid:100004294; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"92.114.191.82"; content:"Host"; http_header; classtype:trojan-activity; sid:100004295; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"92.190.193.203"; content:"Host"; http_header; classtype:trojan-activity; sid:100004296; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"92.34.57.103"; content:"Host"; http_header; classtype:trojan-activity; sid:100004297; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"92.54.237.237"; content:"Host"; http_header; classtype:trojan-activity; sid:100004298; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"92.54.237.72"; content:"Host"; http_header; classtype:trojan-activity; sid:100004299; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"92.83.62.139"; content:"Host"; http_header; classtype:trojan-activity; sid:100004300; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"93.115.199.80"; content:"Host"; http_header; classtype:trojan-activity; sid:100004301; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"93.145.118.71"; content:"Host"; http_header; classtype:trojan-activity; sid:100004302; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"93.21.224.154"; content:"Host"; http_header; classtype:trojan-activity; sid:100004303; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"93.39.115.176"; content:"Host"; http_header; classtype:trojan-activity; sid:100004304; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"93.41.137.16"; content:"Host"; http_header; classtype:trojan-activity; sid:100004305; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"93.41.182.249"; content:"Host"; http_header; classtype:trojan-activity; sid:100004306; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"93.41.206.56"; content:"Host"; http_header; classtype:trojan-activity; sid:100004307; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"93.57.43.233"; content:"Host"; http_header; classtype:trojan-activity; sid:100004308; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"94.137.31.250"; content:"Host"; http_header; classtype:trojan-activity; sid:100004309; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"94.154.152.248"; content:"Host"; http_header; classtype:trojan-activity; sid:100004310; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"94.154.17.170"; content:"Host"; http_header; classtype:trojan-activity; sid:100004311; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"94.154.83.4"; content:"Host"; http_header; classtype:trojan-activity; sid:100004312; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"94.154.86.98"; content:"Host"; http_header; classtype:trojan-activity; sid:100004313; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"94.200.16.22"; content:"Host"; http_header; classtype:trojan-activity; sid:100004314; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"94.200.86.70"; content:"Host"; http_header; classtype:trojan-activity; sid:100004315; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"94.224.83.208"; content:"Host"; http_header; classtype:trojan-activity; sid:100004316; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"94.231.164.10"; content:"Host"; http_header; classtype:trojan-activity; sid:100004317; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"94.232.65.89"; content:"Host"; http_header; classtype:trojan-activity; sid:100004318; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"94.255.244.195"; content:"Host"; http_header; classtype:trojan-activity; sid:100004319; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"94.43.10.249"; content:"Host"; http_header; classtype:trojan-activity; sid:100004320; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"94.43.139.153"; content:"Host"; http_header; classtype:trojan-activity; sid:100004321; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"94.53.120.109"; content:"Host"; http_header; classtype:trojan-activity; sid:100004322; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"94.85.0.3"; content:"Host"; http_header; classtype:trojan-activity; sid:100004323; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"95.132.129.250"; content:"Host"; http_header; classtype:trojan-activity; sid:100004324; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"95.158.19.130"; content:"Host"; http_header; classtype:trojan-activity; sid:100004325; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"95.170.113.227"; content:"Host"; http_header; classtype:trojan-activity; sid:100004326; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"95.170.113.52"; content:"Host"; http_header; classtype:trojan-activity; sid:100004327; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"95.170.201.34"; content:"Host"; http_header; classtype:trojan-activity; sid:100004328; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"95.180.176.250"; content:"Host"; http_header; classtype:trojan-activity; sid:100004329; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"95.181.155.150"; content:"Host"; http_header; classtype:trojan-activity; sid:100004330; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"95.245.53.118"; content:"Host"; http_header; classtype:trojan-activity; sid:100004331; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"95.255.11.243"; content:"Host"; http_header; classtype:trojan-activity; sid:100004332; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"95.60.146.134"; content:"Host"; http_header; classtype:trojan-activity; sid:100004333; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"95.85.109.10"; content:"Host"; http_header; classtype:trojan-activity; sid:100004334; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"95.9.120.40"; content:"Host"; http_header; classtype:trojan-activity; sid:100004335; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"96.47.147.169"; content:"Host"; http_header; classtype:trojan-activity; sid:100004336; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"96.49.232.42"; content:"Host"; http_header; classtype:trojan-activity; sid:100004337; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"96.56.55.147"; content:"Host"; http_header; classtype:trojan-activity; sid:100004338; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"96.8.121.112"; content:"Host"; http_header; classtype:trojan-activity; sid:100004339; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"96.91.36.154"; content:"Host"; http_header; classtype:trojan-activity; sid:100004340; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"97.68.140.254"; content:"Host"; http_header; classtype:trojan-activity; sid:100004341; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"97.96.199.75"; content:"Host"; http_header; classtype:trojan-activity; sid:100004342; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"98.0.239.142"; content:"Host"; http_header; classtype:trojan-activity; sid:100004343; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"98.113.239.207"; content:"Host"; http_header; classtype:trojan-activity; sid:100004344; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"98.14.30.176"; content:"Host"; http_header; classtype:trojan-activity; sid:100004345; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"98.15.31.1"; content:"Host"; http_header; classtype:trojan-activity; sid:100004346; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"98.191.111.116"; content:"Host"; http_header; classtype:trojan-activity; sid:100004347; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"98.231.124.39"; content:"Host"; http_header; classtype:trojan-activity; sid:100004348; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"98.247.95.152"; content:"Host"; http_header; classtype:trojan-activity; sid:100004349; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"98.254.232.122"; content:"Host"; http_header; classtype:trojan-activity; sid:100004350; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"98.30.24.54"; content:"Host"; http_header; classtype:trojan-activity; sid:100004351; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"99.150.245.203"; content:"Host"; http_header; classtype:trojan-activity; sid:100004352; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"99.225.109.225"; content:"Host"; http_header; classtype:trojan-activity; sid:100004353; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"99.26.72.169"; content:"Host"; http_header; classtype:trojan-activity; sid:100004354; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"99.33.195.164"; content:"Host"; http_header; classtype:trojan-activity; sid:100004355; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"99.52.255.58"; content:"Host"; http_header; classtype:trojan-activity; sid:100004356; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"99.74.63.103"; content:"Host"; http_header; classtype:trojan-activity; sid:100004357; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"99.8.30.116"; content:"Host"; http_header; classtype:trojan-activity; sid:100004358; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"a.goatgame.co"; content:"Host"; http_header; classtype:trojan-activity; sid:100004359; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"a3ium.davaohorizon.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004360; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"aaiiga.db.files.1drv.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004361; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"aarsaindustries.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004362; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"aasaish.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004363; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"aayushivfraipur.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004364; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"aayushsurrogacyindia.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004365; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"abbmedikal.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004366; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"abissnet.net"; content:"Host"; http_header; classtype:trojan-activity; sid:100004367; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"abmaxdigital.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004368; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"aboveandbelow.com.au"; content:"Host"; http_header; classtype:trojan-activity; sid:100004369; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"abyssos.eu"; content:"Host"; http_header; classtype:trojan-activity; sid:100004370; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"accounting.marayo.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004371; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"acellr.co.uk"; content:"Host"; http_header; classtype:trojan-activity; sid:100004372; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"acetravels.ae"; content:"Host"; http_header; classtype:trojan-activity; sid:100004373; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"acm-icces.net"; content:"Host"; http_header; classtype:trojan-activity; sid:100004374; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"acteon.com.ar"; content:"Host"; http_header; classtype:trojan-activity; sid:100004375; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"adamorinmusic.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004376; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"adanaberkoto.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004377; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"addahealingmusic.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004378; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"adithimedia.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004379; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"adithimedia.memengers.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004380; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"admin.amspec.ph"; content:"Host"; http_header; classtype:trojan-activity; sid:100004381; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"admin.erapor.smk-alasror.net"; content:"Host"; http_header; classtype:trojan-activity; sid:100004382; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"admin.gentbcn.org"; content:"Host"; http_header; classtype:trojan-activity; sid:100004383; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"aerociel.net"; content:"Host"; http_header; classtype:trojan-activity; sid:100004384; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"afnan-amc.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004385; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"afrimedspecialist.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004386; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"afriqanlimited.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004387; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"ag-grupfinanza.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004388; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"agemn.co.za"; content:"Host"; http_header; classtype:trojan-activity; sid:100004389; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"agewsage.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004390; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"aiecons.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004391; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"ajpharmaholding.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004392; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"akdvidyalaya.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004393; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"al-wahd.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004394; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"aladainexpress.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004395; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"alberts.diamondrelationscrm.us"; content:"Host"; http_header; classtype:trojan-activity; sid:100004396; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"aldahwiprivatehospital.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004397; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"alemelektronik.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004398; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"alena1971.es"; content:"Host"; http_header; classtype:trojan-activity; sid:100004399; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"alexdubai.com.aldiabsteel.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004400; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"allforcreative.com.au"; content:"Host"; http_header; classtype:trojan-activity; sid:100004401; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"allhomesrealestate.com.au"; content:"Host"; http_header; classtype:trojan-activity; sid:100004402; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"alltheway.travel"; content:"Host"; http_header; classtype:trojan-activity; sid:100004403; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"alpharettaagency.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004404; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"amarteargentina.com.ar"; content:"Host"; http_header; classtype:trojan-activity; sid:100004405; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"amcpublications.net"; content:"Host"; http_header; classtype:trojan-activity; sid:100004406; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"amit.quadzero.in"; content:"Host"; http_header; classtype:trojan-activity; sid:100004407; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"amordeparede.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004408; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"andremaraisbeleggings.co.za"; content:"Host"; http_header; classtype:trojan-activity; sid:100004409; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"andres.ug"; content:"Host"; http_header; classtype:trojan-activity; sid:100004410; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"anysbergbiltong.co.za"; content:"Host"; http_header; classtype:trojan-activity; sid:100004411; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"apartamentoscitta.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004412; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"api-ms.cobainaja.id"; content:"Host"; http_header; classtype:trojan-activity; sid:100004413; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"api.cstdevs.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004414; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"api.hindikhabar.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004415; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"api.siayu.indramayukab.go.id"; content:"Host"; http_header; classtype:trojan-activity; sid:100004416; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"apoolcondo.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004417; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"app.microgent.ru"; content:"Host"; http_header; classtype:trojan-activity; sid:100004418; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"apployal.fmf.com.fj"; content:"Host"; http_header; classtype:trojan-activity; sid:100004419; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"apps.saintsoporte.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004420; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"aravindanavada.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004421; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"arkemagrup.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004422; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"artmid.net"; content:"Host"; http_header; classtype:trojan-activity; sid:100004423; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"ask-regard.call-save.biz"; content:"Host"; http_header; classtype:trojan-activity; sid:100004424; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"astrapisecurity.gr"; content:"Host"; http_header; classtype:trojan-activity; sid:100004425; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"atlantareads.org"; content:"Host"; http_header; classtype:trojan-activity; sid:100004426; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"attach.66rpg.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004427; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"atteuqpotentialunlimited.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004428; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"aulist.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004429; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"autofficinaguerreri.it"; content:"Host"; http_header; classtype:trojan-activity; sid:100004430; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"avadhanagames.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004431; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"ayahuascasp.com.br"; content:"Host"; http_header; classtype:trojan-activity; sid:100004432; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"aydgroup.github.io"; content:"Host"; http_header; classtype:trojan-activity; sid:100004433; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"azmeasurement.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004434; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"azraktours.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004435; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"aztek2.github.io"; content:"Host"; http_header; classtype:trojan-activity; sid:100004436; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"b.xyzgame.cc"; content:"Host"; http_header; classtype:trojan-activity; sid:100004437; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"b2b.toptanakaryakit.com.tr"; content:"Host"; http_header; classtype:trojan-activity; sid:100004438; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"b2rhospitality.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004439; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"b4u.com.pk"; content:"Host"; http_header; classtype:trojan-activity; sid:100004440; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"backgrounds.pk"; content:"Host"; http_header; classtype:trojan-activity; sid:100004441; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"backproxyzz.ug"; content:"Host"; http_header; classtype:trojan-activity; sid:100004442; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"backstage.sg"; content:"Host"; http_header; classtype:trojan-activity; sid:100004443; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"badeggdesign.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004444; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"bahadur.com.pk"; content:"Host"; http_header; classtype:trojan-activity; sid:100004445; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"balbinop.github.io"; content:"Host"; http_header; classtype:trojan-activity; sid:100004446; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"ball191.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004447; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"ballatstone.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004448; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"bash.givemexyz.in"; content:"Host"; http_header; classtype:trojan-activity; sid:100004449; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"basquetbol.negotech.com.mx"; content:"Host"; http_header; classtype:trojan-activity; sid:100004450; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"bbia.co.uk"; content:"Host"; http_header; classtype:trojan-activity; sid:100004451; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"bcrg.co.za"; content:"Host"; http_header; classtype:trojan-activity; sid:100004452; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"bearcatpumps.com.cn"; content:"Host"; http_header; classtype:trojan-activity; sid:100004453; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"beautiful-gatherings.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004454; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"belgross.github.io"; content:"Host"; http_header; classtype:trojan-activity; sid:100004455; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"benvenuti.rs"; content:"Host"; http_header; classtype:trojan-activity; sid:100004456; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"bespokeweddings.ie"; content:"Host"; http_header; classtype:trojan-activity; sid:100004457; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"bestarticleblog.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004458; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"betaalverzoek.ir"; content:"Host"; http_header; classtype:trojan-activity; sid:100004459; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"betone.co.kr"; content:"Host"; http_header; classtype:trojan-activity; sid:100004460; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"bharattimeslive.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004461; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"biankadesmarais.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004462; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"bigmikesupplies.co.za"; content:"Host"; http_header; classtype:trojan-activity; sid:100004463; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"bigpms.in"; content:"Host"; http_header; classtype:trojan-activity; sid:100004464; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"billing.rahitechnosoft.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004465; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"biokeraline.com.br"; content:"Host"; http_header; classtype:trojan-activity; sid:100004466; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"biometrico.gpotecnosystems.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004467; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"biopaten.no"; content:"Host"; http_header; classtype:trojan-activity; sid:100004468; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"biplabbiprodas.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004469; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"bkkdowntown.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004470; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"blackcirclesfuelpromotion.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004471; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"blanche.gr"; content:"Host"; http_header; classtype:trojan-activity; sid:100004472; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"blog.callensaxen.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004473; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"blog.difusodesign.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004474; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"blog.grnstore.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004475; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"blog.lonolife.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004476; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"blog.takbelit.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004477; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"boatpecas.com.br"; content:"Host"; http_header; classtype:trojan-activity; sid:100004478; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"bomborecords.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004479; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"booksearch.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004480; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"bounces.mi-fs.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004481; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"bowmancollection.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004482; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"braco.com.co"; content:"Host"; http_header; classtype:trojan-activity; sid:100004483; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"brandtrust.com.pk"; content:"Host"; http_header; classtype:trojan-activity; sid:100004484; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"breakingbread.modelacademy.co.in"; content:"Host"; http_header; classtype:trojan-activity; sid:100004485; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"brickwholesaler.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004486; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"brideofmessiah.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004487; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"brightaffiliatesales.org"; content:"Host"; http_header; classtype:trojan-activity; sid:100004488; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"brightmega.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004489; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"brightstarshop.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004490; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"bs2.joomlagears.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004491; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"btfl.co.za"; content:"Host"; http_header; classtype:trojan-activity; sid:100004492; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"buigiaphat.com.vn"; content:"Host"; http_header; classtype:trojan-activity; sid:100004493; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"build87471.github.io"; content:"Host"; http_header; classtype:trojan-activity; sid:100004494; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"bullseyemedia.in"; content:"Host"; http_header; classtype:trojan-activity; sid:100004495; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"busandvanrentalmalaysia.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004496; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"buscascolegios.diit.cl"; content:"Host"; http_header; classtype:trojan-activity; sid:100004497; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"c.oooooooooo.ga"; content:"Host"; http_header; classtype:trojan-activity; sid:100004498; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"caballo.com.au"; content:"Host"; http_header; classtype:trojan-activity; sid:100004499; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"cabinetrouvin.ma"; content:"Host"; http_header; classtype:trojan-activity; sid:100004500; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"cacearchery.com.ar"; content:"Host"; http_header; classtype:trojan-activity; sid:100004501; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"cacharelcleaningservices.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004502; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"cadastro.idelo.com.br"; content:"Host"; http_header; classtype:trojan-activity; sid:100004503; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"camminachetipassa.it"; content:"Host"; http_header; classtype:trojan-activity; sid:100004504; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"camp.learnwithsf.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004505; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"cancer.educandome.co"; content:"Host"; http_header; classtype:trojan-activity; sid:100004506; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"capinha.com.br"; content:"Host"; http_header; classtype:trojan-activity; sid:100004507; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"cariustadz.org"; content:"Host"; http_header; classtype:trojan-activity; sid:100004508; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"carpenteriacassani.it"; content:"Host"; http_header; classtype:trojan-activity; sid:100004509; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"carvalhoefreitas.co.ao"; content:"Host"; http_header; classtype:trojan-activity; sid:100004510; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"cbn.hypervoizd.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004511; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"ccor.com.br"; content:"Host"; http_header; classtype:trojan-activity; sid:100004512; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"cdaonline.com.ar"; content:"Host"; http_header; classtype:trojan-activity; sid:100004513; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"cdn-10049480.file.myqcloud.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004514; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"cdn.doxbin.org"; content:"Host"; http_header; classtype:trojan-activity; sid:100004515; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"cellas.sk"; content:"Host"; http_header; classtype:trojan-activity; sid:100004516; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"cendekiabinaaksara.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004517; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"centrodeesteticapopular.com.br"; content:"Host"; http_header; classtype:trojan-activity; sid:100004518; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"certificamayor.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004519; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"cfs10.blog.daum.net"; content:"Host"; http_header; classtype:trojan-activity; sid:100004520; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"cfs13.tistory.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004521; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"cfs5.tistory.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004522; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"cfs7.blog.daum.net"; content:"Host"; http_header; classtype:trojan-activity; sid:100004523; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"cfs9.blog.daum.net"; content:"Host"; http_header; classtype:trojan-activity; sid:100004524; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"changematterscounselling.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004525; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"chat-server.maverickpreviews.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004526; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"chezalice.co.za"; content:"Host"; http_header; classtype:trojan-activity; sid:100004527; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"childselect.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004528; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"cifeer.net"; content:"Host"; http_header; classtype:trojan-activity; sid:100004529; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"ciidental.com.ec"; content:"Host"; http_header; classtype:trojan-activity; sid:100004530; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"cimcpatna.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004531; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"cisco-ccna-ccnp-ccie.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004532; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"citihits.lk"; content:"Host"; http_header; classtype:trojan-activity; sid:100004533; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"civi.istmejia.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004534; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"ck-t-hr.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004535; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"classic4545.github.io"; content:"Host"; http_header; classtype:trojan-activity; sid:100004536; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"cleanevolution.com.br"; content:"Host"; http_header; classtype:trojan-activity; sid:100004537; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"cloud.fc.co.mz"; content:"Host"; http_header; classtype:trojan-activity; sid:100004538; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"cm-arquitetos.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004539; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"codehotelandsuites.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004540; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"codingmonster.me"; content:"Host"; http_header; classtype:trojan-activity; sid:100004541; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"colinde.pricesne.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004542; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"community.gen.in"; content:"Host"; http_header; classtype:trojan-activity; sid:100004543; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"community.reimclub.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004544; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"comunicare-relatiipublice.ro"; content:"Host"; http_header; classtype:trojan-activity; sid:100004545; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"config.cqhbkjzx.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004546; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"connect.rio.br"; content:"Host"; http_header; classtype:trojan-activity; sid:100004547; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"connectcapital.com.br"; content:"Host"; http_header; classtype:trojan-activity; sid:100004548; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"consciouslycreative.ca"; content:"Host"; http_header; classtype:trojan-activity; sid:100004549; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"coopearrieros.com.co"; content:"Host"; http_header; classtype:trojan-activity; sid:100004550; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"copelandscapes.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004551; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"coulsongraphics.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004552; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"count.mail.163.com.impactmedfoundation.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004553; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"courtneyjones.ac.ug"; content:"Host"; http_header; classtype:trojan-activity; sid:100004554; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"covid19.cyberschool.or.id"; content:"Host"; http_header; classtype:trojan-activity; sid:100004555; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"cp-saofacundo.pt"; content:"Host"; http_header; classtype:trojan-activity; sid:100004556; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"cpanel.shivay.net"; content:"Host"; http_header; classtype:trojan-activity; sid:100004557; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"craiglindstrom.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004558; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"creationskateboards.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004559; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"crecerco.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004560; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"crittersbythebay.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004561; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"crm.notariavieitoyvelamazan.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004562; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"crm.powereng.in"; content:"Host"; http_header; classtype:trojan-activity; sid:100004563; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"crmfarko.manivelasst.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004564; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"crmroche.manivelasst.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004565; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"cryptoforextrading56.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004566; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"csnserver.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004567; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"currantmedia.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004568; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"cutting-edge.in"; content:"Host"; http_header; classtype:trojan-activity; sid:100004569; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"cynkon.kairoscs.net"; content:"Host"; http_header; classtype:trojan-activity; sid:100004570; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"czsl.91756.cn"; content:"Host"; http_header; classtype:trojan-activity; sid:100004571; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"d.powerofwish.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004572; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"d1.udashi.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004573; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"d4mp.undhirabali.ac.id"; content:"Host"; http_header; classtype:trojan-activity; sid:100004574; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"d9.99ddd.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004575; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"dahgarq.top"; content:"Host"; http_header; classtype:trojan-activity; sid:100004576; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"danaevara.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004577; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"danielmi.ac.ug"; content:"Host"; http_header; classtype:trojan-activity; sid:100004578; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"dannysimport.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004579; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"daohang1.oss-cn-beijing.aliyuncs.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004580; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"dartoonpictures.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004581; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"dashboard.khholdings.co.za"; content:"Host"; http_header; classtype:trojan-activity; sid:100004582; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"data.cdevelop.org"; content:"Host"; http_header; classtype:trojan-activity; sid:100004583; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"data.over-blog-kiwi.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004584; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"datapolish.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004585; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"date-flash.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004586; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"davethompson.me.uk"; content:"Host"; http_header; classtype:trojan-activity; sid:100004587; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"davidmcguinness.info"; content:"Host"; http_header; classtype:trojan-activity; sid:100004588; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"ddl8.data.hu"; content:"Host"; http_header; classtype:trojan-activity; sid:100004589; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"de.gsearch.com.de"; content:"Host"; http_header; classtype:trojan-activity; sid:100004590; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"dedeorman.github.io"; content:"Host"; http_header; classtype:trojan-activity; sid:100004591; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"deefter.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004592; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"dekovizyon.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004593; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"demirhotel.github.io"; content:"Host"; http_header; classtype:trojan-activity; sid:100004594; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"demo.energianmittaus.fi"; content:"Host"; http_header; classtype:trojan-activity; sid:100004595; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"demo.exclusivev2.uproducts.in"; content:"Host"; http_header; classtype:trojan-activity; sid:100004596; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"demo.g-mart.in"; content:"Host"; http_header; classtype:trojan-activity; sid:100004597; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"demo.glassforcars.com.au"; content:"Host"; http_header; classtype:trojan-activity; sid:100004598; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"dental.xiaoxiao.media"; content:"Host"; http_header; classtype:trojan-activity; sid:100004599; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"designerliving.co.za"; content:"Host"; http_header; classtype:trojan-activity; sid:100004600; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"desk.hasu.com.ar"; content:"Host"; http_header; classtype:trojan-activity; sid:100004601; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"despertaresi.com.br"; content:"Host"; http_header; classtype:trojan-activity; sid:100004602; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"destinymc.co.za"; content:"Host"; http_header; classtype:trojan-activity; sid:100004603; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"detorre.es"; content:"Host"; http_header; classtype:trojan-activity; sid:100004604; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"dev.favterest.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004605; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"dev.sebpo.net"; content:"Host"; http_header; classtype:trojan-activity; sid:100004606; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"dev.watch-store.eu"; content:"Host"; http_header; classtype:trojan-activity; sid:100004607; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"dezcom.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004608; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"dfcf.91756.cn"; content:"Host"; http_header; classtype:trojan-activity; sid:100004609; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"diamantenegro.mi-fs.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004610; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"dienmayminhhung.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004611; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"disinfection-cleaning.co.za"; content:"Host"; http_header; classtype:trojan-activity; sid:100004612; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"djking.f3322.net"; content:"Host"; http_header; classtype:trojan-activity; sid:100004613; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"dl.1003b.56a.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004614; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"dl.198424.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004615; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"dl.packetstormsecurity.net"; content:"Host"; http_header; classtype:trojan-activity; sid:100004616; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"dl.rina-roleplay.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004617; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"dmequest.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004618; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"dockerupdate.anondns.net"; content:"Host"; http_header; classtype:trojan-activity; sid:100004619; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"docs.indianexpress.org"; content:"Host"; http_header; classtype:trojan-activity; sid:100004620; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"docs.twincitytraveltourism.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004621; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"docs.zohopublic.eu"; content:"Host"; http_header; classtype:trojan-activity; sid:100004622; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"dodsonimaging.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004623; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"dom.daf.free.fr"; content:"Host"; http_header; classtype:trojan-activity; sid:100004624; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"doncedyhall.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004625; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"donghobinhminh.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004626; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"dongnaitw.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004627; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"donswoodwork.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004628; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"dosman.pl"; content:"Host"; http_header; classtype:trojan-activity; sid:100004629; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"down.pcclear.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004630; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"down.webbora.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004631; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"down1.arpun.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004632; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"download.caihong.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004633; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"download.doumaibiji.cn"; content:"Host"; http_header; classtype:trojan-activity; sid:100004634; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"download.pdf00.cn"; content:"Host"; http_header; classtype:trojan-activity; sid:100004635; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"download.skycn.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004636; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"dragonsknot.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004637; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"drbaby.com.sa"; content:"Host"; http_header; classtype:trojan-activity; sid:100004638; rev:1;)
|
2021-07-30 00:11:06 +00:00
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"dropimagestudio.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004639; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"drsha.innovativesolutions.mobi"; content:"Host"; http_header; classtype:trojan-activity; sid:100004640; rev:1;)
|
2021-07-30 12:11:07 +00:00
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"dsmsystem.com.py"; content:"Host"; http_header; classtype:trojan-activity; sid:100004641; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"dsspainting.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004642; rev:1;)
|
2021-07-30 00:11:06 +00:00
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"du-wizards.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004643; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"dutapp.wisolve.co.za"; content:"Host"; http_header; classtype:trojan-activity; sid:100004644; rev:1;)
|
2021-07-30 12:11:07 +00:00
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"duzcemontessori.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004645; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"dx.qqyewu.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004646; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"e-commerce.saleensuporte.com.br"; content:"Host"; http_header; classtype:trojan-activity; sid:100004647; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"e8rj.oss-cn-beijing.aliyuncs.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004648; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"easyviettravel.vn"; content:"Host"; http_header; classtype:trojan-activity; sid:100004649; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"eddiesajjad.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004650; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"edesign-agency.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004651; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"edgeupstudio.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004652; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"edu.pmvanini.rs.gov.br"; content:"Host"; http_header; classtype:trojan-activity; sid:100004653; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"efeatasoy.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004654; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"efficientegroup.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004655; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"elbauldenora.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004656; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"emaids.co.za"; content:"Host"; http_header; classtype:trojan-activity; sid:100004657; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"emaz.pk"; content:"Host"; http_header; classtype:trojan-activity; sid:100004658; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"emegablog.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004659; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"enc-tech.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004660; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"endurotanzania.co.tz"; content:"Host"; http_header; classtype:trojan-activity; sid:100004661; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"enrollclouds.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004662; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"enweddingdress.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004663; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"ergotherapeia-kalamata.gr"; content:"Host"; http_header; classtype:trojan-activity; sid:100004664; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"erikaeggleston.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004665; rev:1;)
|
2021-07-30 00:11:06 +00:00
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"erp.spectrummhss.ac.in"; content:"Host"; http_header; classtype:trojan-activity; sid:100004666; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"erp.stannsschoolpanagudi.edu.in"; content:"Host"; http_header; classtype:trojan-activity; sid:100004667; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"esnconsultants.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004668; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"esportesht.com.br"; content:"Host"; http_header; classtype:trojan-activity; sid:100004669; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"estiloymadera.com.py"; content:"Host"; http_header; classtype:trojan-activity; sid:100004670; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"ethereality.info"; content:"Host"; http_header; classtype:trojan-activity; sid:100004671; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"eubanks7.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004672; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"europeanzonexxi.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004673; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"eventmarketing.com.sg"; content:"Host"; http_header; classtype:trojan-activity; sid:100004674; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"events.blissona.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004675; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"exam.jsamovies.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004676; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"exilum.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004677; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"expatbh.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004678; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"expresolv.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004679; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"f1sol.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004680; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"fabienpique.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004681; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"facebook.commit.capitaluniversity.net"; content:"Host"; http_header; classtype:trojan-activity; sid:100004682; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"fam144.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004683; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"familydentist.site"; content:"Host"; http_header; classtype:trojan-activity; sid:100004684; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"fanosethiopiatours.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004685; rev:1;)
|
2021-07-30 12:11:07 +00:00
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"faveraprojects.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004686; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"fbvn.work"; content:"Host"; http_header; classtype:trojan-activity; sid:100004687; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"fc.co.mz"; content:"Host"; http_header; classtype:trojan-activity; sid:100004688; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"fedhaminerals.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004689; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"felicienne.nl"; content:"Host"; http_header; classtype:trojan-activity; sid:100004690; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"ferstappen.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004691; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"fianto.com.br"; content:"Host"; http_header; classtype:trojan-activity; sid:100004692; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"files.drivers-logitech.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004693; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"files6.uludagbilisim.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004694; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"fineartgallerym.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004695; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"fixauto.illumetechnology.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004696; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"fkd.derpcity.ru"; content:"Host"; http_header; classtype:trojan-activity; sid:100004697; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"flashdowns.net"; content:"Host"; http_header; classtype:trojan-activity; sid:100004698; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"flexypay.dsquaregroup.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004699; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"flyingbuddhadesign.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004700; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"fordlongbien5s.vn"; content:"Host"; http_header; classtype:trojan-activity; sid:100004701; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"forum.mdb.nu"; content:"Host"; http_header; classtype:trojan-activity; sid:100004702; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"fotoobjetivo.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004703; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"foundationrepairhoustontx.net"; content:"Host"; http_header; classtype:trojan-activity; sid:100004704; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"foxeps.com.br"; content:"Host"; http_header; classtype:trojan-activity; sid:100004705; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"free.mynowministries.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004706; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"freecnetdownload.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004707; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"freegcard.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004708; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"freisites.com.br"; content:"Host"; http_header; classtype:trojan-activity; sid:100004709; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"ftp.n3twork30cm.ml"; content:"Host"; http_header; classtype:trojan-activity; sid:100004710; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"fullelectronica.com.ar"; content:"Host"; http_header; classtype:trojan-activity; sid:100004711; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"fundacioncasauruguay.org"; content:"Host"; http_header; classtype:trojan-activity; sid:100004712; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"funletters.net"; content:"Host"; http_header; classtype:trojan-activity; sid:100004713; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"futbolpr.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004714; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"g.kowashitekata.ru"; content:"Host"; http_header; classtype:trojan-activity; sid:100004715; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"gad-lx.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004716; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"gelleta.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004717; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"generaldeviales.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004718; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"geocomerce.com.pk"; content:"Host"; http_header; classtype:trojan-activity; sid:100004719; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"gfmodd1.webselffiles01.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004720; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"gfold1.webselffiles01.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004721; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"ggltravel.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004722; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"giasutuoitre.net"; content:"Host"; http_header; classtype:trojan-activity; sid:100004723; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"glinkelectronics.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004724; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"glowinmedia.co.ke"; content:"Host"; http_header; classtype:trojan-activity; sid:100004725; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"gmvadmission.org"; content:"Host"; http_header; classtype:trojan-activity; sid:100004726; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"gobec.pro"; content:"Host"; http_header; classtype:trojan-activity; sid:100004727; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"goldcake.co.id"; content:"Host"; http_header; classtype:trojan-activity; sid:100004728; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"goldenasiacapital.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004729; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"goldenmilesbd.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004730; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"goodsproutarchitects.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004731; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"gpotecnosystems.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004732; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"growupmedia.pk"; content:"Host"; http_header; classtype:trojan-activity; sid:100004733; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"grupoinmare.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004734; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"gruposelt.000webhostapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004735; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"guillermomanrique.com.mx"; content:"Host"; http_header; classtype:trojan-activity; sid:100004736; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"guongnoithat.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004737; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"h.epelcdn.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004738; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"habbotips.free.fr"; content:"Host"; http_header; classtype:trojan-activity; sid:100004739; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"hagebakken.no"; content:"Host"; http_header; classtype:trojan-activity; sid:100004740; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"hamarakarobar.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004741; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"hardbotz.cc"; content:"Host"; http_header; classtype:trojan-activity; sid:100004742; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"harpospizzacolombo.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004743; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"haseebkishadi.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004744; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"hdkamera2003.hu"; content:"Host"; http_header; classtype:trojan-activity; sid:100004745; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"hds.sz4h.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004746; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"hellogorgeous.com.au"; content:"Host"; http_header; classtype:trojan-activity; sid:100004747; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"help.hizuko.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004748; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"helpdeskserver.epelcdn.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004749; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"helpersgroup.co.ug"; content:"Host"; http_header; classtype:trojan-activity; sid:100004750; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"herchinfitout.com.sg"; content:"Host"; http_header; classtype:trojan-activity; sid:100004751; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"hethongbaohiem.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004752; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"hhaward.org"; content:"Host"; http_header; classtype:trojan-activity; sid:100004753; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"highlandroadcoc.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004754; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"highlandslasvegas.atakdev.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004755; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"himalayanapartment.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004756; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"histojam.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004757; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"historybanks.net"; content:"Host"; http_header; classtype:trojan-activity; sid:100004758; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"hitpe.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004759; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"hitstation.nl"; content:"Host"; http_header; classtype:trojan-activity; sid:100004760; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"hmpmall.co.kr"; content:"Host"; http_header; classtype:trojan-activity; sid:100004761; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"hoayeuthuong-my.sharepoint.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004762; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"holyquraneducation.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004763; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"hombressinviolencia.org"; content:"Host"; http_header; classtype:trojan-activity; sid:100004764; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"hongluosi.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004765; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"hookedupboatclub.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004766; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"hospital.fecom.in"; content:"Host"; http_header; classtype:trojan-activity; sid:100004767; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"hostingparacolombia.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004768; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"hostzaa.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004769; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"hotelhadieh.ir"; content:"Host"; http_header; classtype:trojan-activity; sid:100004770; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"houstonshutters.site"; content:"Host"; http_header; classtype:trojan-activity; sid:100004771; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"hr2019.vrcom7.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004772; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"hseda.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004773; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"htownbars.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004774; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"hunggiang.vn"; content:"Host"; http_header; classtype:trojan-activity; sid:100004775; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"hutyrtit.ydns.eu"; content:"Host"; http_header; classtype:trojan-activity; sid:100004776; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"hw2sss.xyz"; content:"Host"; http_header; classtype:trojan-activity; sid:100004777; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"hyprothermcoalfurnace.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004778; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"i.spesgrt.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004779; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"i55fundraising.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004780; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"ibooking.campaignhub.net"; content:"Host"; http_header; classtype:trojan-activity; sid:100004781; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"ideamaster.com.my"; content:"Host"; http_header; classtype:trojan-activity; sid:100004782; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"idilsoft.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004783; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"idj.no"; content:"Host"; http_header; classtype:trojan-activity; sid:100004784; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"idvindia.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004785; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"igrejanovavida.net.br"; content:"Host"; http_header; classtype:trojan-activity; sid:100004786; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"ikizhavuz.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004787; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"ilrafrica.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004788; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"images.jermiau.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004789; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"imbueautoworx.co.za"; content:"Host"; http_header; classtype:trojan-activity; sid:100004790; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"ims.huile-indonesia.co.id"; content:"Host"; http_header; classtype:trojan-activity; sid:100004791; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"incrediblepixels.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004792; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"incredicole.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004793; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"indiasonlineservices.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004794; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"indonesias.me"; content:"Host"; http_header; classtype:trojan-activity; sid:100004795; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"indrasbikaner.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004796; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"infopoint20.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004797; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"informatika.undhirabali.ac.id"; content:"Host"; http_header; classtype:trojan-activity; sid:100004798; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"infovator.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004799; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"inkedmicrobladingparlor.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004800; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"innagro.com.br"; content:"Host"; http_header; classtype:trojan-activity; sid:100004801; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"inodesthetotaldesigners.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004802; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"inoglink.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004803; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"integritywind.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004804; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"intersel-idf.org"; content:"Host"; http_header; classtype:trojan-activity; sid:100004805; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"intowncontracting.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004806; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"intranet.injasclaro.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004807; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"intuitiveideas.com.my"; content:"Host"; http_header; classtype:trojan-activity; sid:100004808; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"invest.xpcorporative.com.br"; content:"Host"; http_header; classtype:trojan-activity; sid:100004809; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"iocservices.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004810; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"ipmes.ma"; content:"Host"; http_header; classtype:trojan-activity; sid:100004811; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"iremart.es"; content:"Host"; http_header; classtype:trojan-activity; sid:100004812; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"isatechnology.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004813; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"islamicinterior.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004814; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"it123.ru"; content:"Host"; http_header; classtype:trojan-activity; sid:100004815; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"itc-demo.softgig.co.ke"; content:"Host"; http_header; classtype:trojan-activity; sid:100004816; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"jamshed.pk"; content:"Host"; http_header; classtype:trojan-activity; sid:100004817; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"java.waterflowergarden.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004818; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"jay.diamondrelationscrm.us"; content:"Host"; http_header; classtype:trojan-activity; sid:100004819; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"jcedu.org"; content:"Host"; http_header; classtype:trojan-activity; sid:100004820; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"jdkems.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004821; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"jebs.net.au"; content:"Host"; http_header; classtype:trojan-activity; sid:100004822; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"jeffdahlke.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004823; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"jennwolfemtb.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004824; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"jhayesconsulting.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004825; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"jiaoyuzixun.cn"; content:"Host"; http_header; classtype:trojan-activity; sid:100004826; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"jjcart.net"; content:"Host"; http_header; classtype:trojan-activity; sid:100004827; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"jnanbharati.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004828; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"joelbonissilver.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004829; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"jomtenet.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004830; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"jpcleaningservices2.davaohorizon.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004831; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"jpwoodfordco.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004832; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"jupiter.toxsl.in"; content:"Host"; http_header; classtype:trojan-activity; sid:100004833; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"justinscott.com.au"; content:"Host"; http_header; classtype:trojan-activity; sid:100004834; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"jyk85mxc.z1001.net"; content:"Host"; http_header; classtype:trojan-activity; sid:100004835; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"kadigital.co.uk"; content:"Host"; http_header; classtype:trojan-activity; sid:100004836; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"kalogirosfinance.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004837; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"karer.by"; content:"Host"; http_header; classtype:trojan-activity; sid:100004838; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"karunaelnido.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004839; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"katanvetov.co.il"; content:"Host"; http_header; classtype:trojan-activity; sid:100004840; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"keeshu.co"; content:"Host"; http_header; classtype:trojan-activity; sid:100004841; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"kensingtondriving.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004842; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"ketofitnessexpert.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004843; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"kf.carthage2s.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004844; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"kgswitchgear.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004845; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"kidsangelcards.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004846; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"kieuphong.vn"; content:"Host"; http_header; classtype:trojan-activity; sid:100004847; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"kitamen.my"; content:"Host"; http_header; classtype:trojan-activity; sid:100004848; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"kjcpromo.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004849; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"kleinendeli.co.za"; content:"Host"; http_header; classtype:trojan-activity; sid:100004850; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"kmeventsuae.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004851; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"kooldstudio.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004852; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"koreabam29.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004853; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"kowashitekata.ru"; content:"Host"; http_header; classtype:trojan-activity; sid:100004854; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"kpicon.co.id"; content:"Host"; http_header; classtype:trojan-activity; sid:100004855; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"krisbadminton.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004856; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"krishnapowers.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004857; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"ks.cn"; content:"Host"; http_header; classtype:trojan-activity; sid:100004858; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"ktkbeauty.com.sg"; content:"Host"; http_header; classtype:trojan-activity; sid:100004859; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"kumaralok.in"; content:"Host"; http_header; classtype:trojan-activity; sid:100004860; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"kurumsal.avantajbulvari.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004861; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"lameguard.ru"; content:"Host"; http_header; classtype:trojan-activity; sid:100004862; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"landing.yetiapp.ec"; content:"Host"; http_header; classtype:trojan-activity; sid:100004863; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"laravel.pointersoftwares.com.br"; content:"Host"; http_header; classtype:trojan-activity; sid:100004864; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"lasermobilesounds.co.uk"; content:"Host"; http_header; classtype:trojan-activity; sid:100004865; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"lauratomismith.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004866; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"lceventos.net"; content:"Host"; http_header; classtype:trojan-activity; sid:100004867; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"ldgcorp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004868; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"learnfastearn.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004869; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"leasiacherise.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004870; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"leceramistedusud.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004871; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"ledsupplies.net.au"; content:"Host"; http_header; classtype:trojan-activity; sid:100004872; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"legend.nu"; content:"Host"; http_header; classtype:trojan-activity; sid:100004873; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"lestesteux.ca"; content:"Host"; http_header; classtype:trojan-activity; sid:100004874; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"library.arihantmbainstitute.ac.in"; content:"Host"; http_header; classtype:trojan-activity; sid:100004875; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"library.uib.ac.id"; content:"Host"; http_header; classtype:trojan-activity; sid:100004876; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"lidaxianren.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004877; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"lidoraggiodisole.it"; content:"Host"; http_header; classtype:trojan-activity; sid:100004878; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"life-is-a-dream.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004879; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"lifestyledrinks.pl"; content:"Host"; http_header; classtype:trojan-activity; sid:100004880; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"lindnerelektroanlagen.de"; content:"Host"; http_header; classtype:trojan-activity; sid:100004881; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"linkintec.cn"; content:"Host"; http_header; classtype:trojan-activity; sid:100004882; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"linmanutencoes.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004883; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"liuresidences.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004884; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"livetrack.in"; content:"Host"; http_header; classtype:trojan-activity; sid:100004885; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"lm.stagingarea.co.za"; content:"Host"; http_header; classtype:trojan-activity; sid:100004886; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"lms.cstdevs.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004887; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"lms.login2.in"; content:"Host"; http_header; classtype:trojan-activity; sid:100004888; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"location-voitures.ma"; content:"Host"; http_header; classtype:trojan-activity; sid:100004889; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"login.trezor.com.stockfootagesindia.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004890; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"logotypfabriken.se"; content:"Host"; http_header; classtype:trojan-activity; sid:100004891; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"longcheckdo.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004892; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"lotix.de"; content:"Host"; http_header; classtype:trojan-activity; sid:100004893; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"lp.definerisco.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004894; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"lp.difusodesign.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004895; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"ls-droid.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004896; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"ltc.typoten.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004897; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"luminouspneuma.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004898; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"lupasgroup.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004899; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"m-technics.kz"; content:"Host"; http_header; classtype:trojan-activity; sid:100004900; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"m.hindikhabar.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004901; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"m.softsharks.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004902; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"mail.aladhwa-sch.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004903; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"mail.bs-eiendomme.co.za"; content:"Host"; http_header; classtype:trojan-activity; sid:100004904; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"mail1.hacachurch.org"; content:"Host"; http_header; classtype:trojan-activity; sid:100004905; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"mailer.srkcommunication.biz"; content:"Host"; http_header; classtype:trojan-activity; sid:100004906; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"maioakinspires.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004907; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"maksi.feb.unib.ac.id"; content:"Host"; http_header; classtype:trojan-activity; sid:100004908; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"malwarecoding.github.io"; content:"Host"; http_header; classtype:trojan-activity; sid:100004909; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"managemysalon.in"; content:"Host"; http_header; classtype:trojan-activity; sid:100004910; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"manantialesdelnorte.uy"; content:"Host"; http_header; classtype:trojan-activity; sid:100004911; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"maquinadosgutierrez.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004912; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"marinecollagenelixir.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004913; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"mario-sunjic.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004914; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"mariobrown.net"; content:"Host"; http_header; classtype:trojan-activity; sid:100004915; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"marketingbox.vn"; content:"Host"; http_header; classtype:trojan-activity; sid:100004916; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"marketingintelligence.tech"; content:"Host"; http_header; classtype:trojan-activity; sid:100004917; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"marquesvogt.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004918; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"matchaslim.razinoxall.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004919; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"materialescantu.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004920; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"matong47.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004921; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"mauxiliadoralugo.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004922; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"maxiquim.cl"; content:"Host"; http_header; classtype:trojan-activity; sid:100004923; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"mbgrm.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004924; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"mbsolutions.ge"; content:"Host"; http_header; classtype:trojan-activity; sid:100004925; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"mcnoored.tyrikogudus.ee"; content:"Host"; http_header; classtype:trojan-activity; sid:100004926; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"media-server.skyinternet.com.pk"; content:"Host"; http_header; classtype:trojan-activity; sid:100004927; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"medianews.ge"; content:"Host"; http_header; classtype:trojan-activity; sid:100004928; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"meeweb.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004929; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"megagynreformas.com.br"; content:"Host"; http_header; classtype:trojan-activity; sid:100004930; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"megahijauasri.co.id"; content:"Host"; http_header; classtype:trojan-activity; sid:100004931; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"megamart.afnan-amc.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004932; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"mehainteriors.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004933; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"metalin-cr.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004934; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"meuoculosnanet.com.br"; content:"Host"; http_header; classtype:trojan-activity; sid:100004935; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"mfevr.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004936; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"mfgame65.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004937; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"micalle.com.au"; content:"Host"; http_header; classtype:trojan-activity; sid:100004938; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"michimal2.000webhostapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004939; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"microblading.mirliandias.com.br"; content:"Host"; http_header; classtype:trojan-activity; sid:100004940; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"migandhi5253.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004941; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"milanautomotores.com.ar"; content:"Host"; http_header; classtype:trojan-activity; sid:100004942; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"minuevavida.org"; content:"Host"; http_header; classtype:trojan-activity; sid:100004943; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"mirror.mypage.sk"; content:"Host"; http_header; classtype:trojan-activity; sid:100004944; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"mis.nbcc.ac.th"; content:"Host"; http_header; classtype:trojan-activity; sid:100004945; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"misterson.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004946; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"mistydeblasiophotography.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004947; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"mitarmilan.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004948; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"mkontakt.az"; content:"Host"; http_header; classtype:trojan-activity; sid:100004949; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"mktf.mx"; content:"Host"; http_header; classtype:trojan-activity; sid:100004950; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"mmd.cityhelpcall.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004951; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"mmdx.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004952; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"mncarteam.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004953; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"mobile.illumetechnology.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004954; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"mobilesmsmarketing.online"; content:"Host"; http_header; classtype:trojan-activity; sid:100004955; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"model.boy.jp"; content:"Host"; http_header; classtype:trojan-activity; sid:100004956; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"modernmanna.org"; content:"Host"; http_header; classtype:trojan-activity; sid:100004957; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"moe.xiaomitq.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004958; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"monetization.business"; content:"Host"; http_header; classtype:trojan-activity; sid:100004959; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"moneyheistseason4.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004960; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"moninediy.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004961; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"morrobaydrugandgift.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004962; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"mosalami.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004963; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"motorcomunicacion.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004964; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"mrcreativedemo.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004965; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"mscdn.nuonuo.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004966; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"muradvietnam.vn"; content:"Host"; http_header; classtype:trojan-activity; sid:100004967; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"muzimbiti.xigubo.co.mz"; content:"Host"; http_header; classtype:trojan-activity; sid:100004968; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"mvb.kz"; content:"Host"; http_header; classtype:trojan-activity; sid:100004969; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"mxpiqw.am.files.1drv.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004970; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"mydownloads.myftp.org"; content:"Host"; http_header; classtype:trojan-activity; sid:100004971; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"mymlql.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004972; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"myreferrals.net"; content:"Host"; http_header; classtype:trojan-activity; sid:100004973; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"myritz.vettickal.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004974; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"mysalons.in"; content:"Host"; http_header; classtype:trojan-activity; sid:100004975; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"mysura.it"; content:"Host"; http_header; classtype:trojan-activity; sid:100004976; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"naeemacademy.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004977; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"namnyak.co.ke"; content:"Host"; http_header; classtype:trojan-activity; sid:100004978; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"nap.mgsservers.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004979; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"ndlala.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004980; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"nelitrianggraeni.000webhostapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004981; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"nellaimasthanbiryani.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004982; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"nerve.untergrund.net"; content:"Host"; http_header; classtype:trojan-activity; sid:100004983; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"nettube.com.br"; content:"Host"; http_header; classtype:trojan-activity; sid:100004984; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"networkwheels.co.za"; content:"Host"; http_header; classtype:trojan-activity; sid:100004985; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"newtreedesign.co.uk"; content:"Host"; http_header; classtype:trojan-activity; sid:100004986; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"nextdigitalday.ru"; content:"Host"; http_header; classtype:trojan-activity; sid:100004987; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"ngdaycare.co.za"; content:"Host"; http_header; classtype:trojan-activity; sid:100004988; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"ngkawai.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004989; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"nhorangtreem.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004990; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"nicelyeg.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004991; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"nilinkeji.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004992; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"nimboohomes.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004993; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"njtiledesigncenter.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004994; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"nlsccg.am.files.1drv.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004995; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"nobius.org"; content:"Host"; http_header; classtype:trojan-activity; sid:100004996; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"nolabelsnowalls.net"; content:"Host"; http_header; classtype:trojan-activity; sid:100004997; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"nomadicbees.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004998; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"notamuzikaletleri.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100004999; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"novosite.autonor.com.br"; content:"Host"; http_header; classtype:trojan-activity; sid:100005000; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"nowastronainternetu.pl"; content:"Host"; http_header; classtype:trojan-activity; sid:100005001; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"ns1.the-widyantos.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005002; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"nsb.org.uk"; content:"Host"; http_header; classtype:trojan-activity; sid:100005003; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"nuras.ayz.pl"; content:"Host"; http_header; classtype:trojan-activity; sid:100005004; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"nyasabigbullets.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005005; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"objetivosaludable.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005006; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"obseques-conseils.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005007; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"odeshop.be"; content:"Host"; http_header; classtype:trojan-activity; sid:100005008; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"odiafilms.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005009; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"offlineclubz.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005010; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"ohe.ie"; content:"Host"; http_header; classtype:trojan-activity; sid:100005011; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"ohsewgorgeous.co.uk"; content:"Host"; http_header; classtype:trojan-activity; sid:100005012; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"oknoplastik.sk"; content:"Host"; http_header; classtype:trojan-activity; sid:100005013; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"old.cybers.com.ua"; content:"Host"; http_header; classtype:trojan-activity; sid:100005014; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"oleholeh.memangbeda.website"; content:"Host"; http_header; classtype:trojan-activity; sid:100005015; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"omega.az"; content:"Host"; http_header; classtype:trojan-activity; sid:100005016; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"oms.pappai.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005017; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"omscoc.pappai.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005018; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"onedigitalcard.granvizionnecorp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005019; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"onedrive.listifyapp.co"; content:"Host"; http_header; classtype:trojan-activity; sid:100005020; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"online.creedglobal.in"; content:"Host"; http_header; classtype:trojan-activity; sid:100005021; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"onyx-food.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005022; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"open.warehousesaas.co.uk"; content:"Host"; http_header; classtype:trojan-activity; sid:100005023; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"opolis.io"; content:"Host"; http_header; classtype:trojan-activity; sid:100005024; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"opticaoptigral.cl"; content:"Host"; http_header; classtype:trojan-activity; sid:100005025; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"oracle.zzhreceive.top"; content:"Host"; http_header; classtype:trojan-activity; sid:100005026; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"order.bizpeed.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005027; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"orientgatewayltd.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005028; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"orion445.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005029; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"orsan.gruporhynous.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005030; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"overtaste.usemono.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005031; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"ozemag.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005032; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"p2.d9media.cn"; content:"Host"; http_header; classtype:trojan-activity; sid:100005033; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"p3.zbjimg.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005034; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"p6.zbjimg.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005035; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"pablobrothel.com.ar"; content:"Host"; http_header; classtype:trojan-activity; sid:100005036; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"package-dispatching-centre.bazaarsewa.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005037; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"pacwebdesigns.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005038; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"pallascapital.katchpurcity.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005039; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"panel.ppsa.in"; content:"Host"; http_header; classtype:trojan-activity; sid:100005040; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"parallel.rockvideos.at"; content:"Host"; http_header; classtype:trojan-activity; sid:100005041; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"parejasfelices.mi-fs.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005042; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"pastorpaulocosta.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005043; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"pataphysics.net.au"; content:"Host"; http_header; classtype:trojan-activity; sid:100005044; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"patch2.51lg.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005045; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"patch2.99ddd.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005046; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"patch3.99ddd.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005047; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"patriotpath.am"; content:"Host"; http_header; classtype:trojan-activity; sid:100005048; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"paud.undhirabali.ac.id"; content:"Host"; http_header; classtype:trojan-activity; sid:100005049; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"paulmercier.biz"; content:"Host"; http_header; classtype:trojan-activity; sid:100005050; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"payerrealty.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005051; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"payment.pumpkinu.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005052; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"pcsoori.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005053; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"pelicanfl.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005054; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"pencubanoexilio.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005055; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"penthousebatam.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005056; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"perpustekim.untirta.ac.id"; content:"Host"; http_header; classtype:trojan-activity; sid:100005057; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"pestoclean.co.uk"; content:"Host"; http_header; classtype:trojan-activity; sid:100005058; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"ph4s.ru"; content:"Host"; http_header; classtype:trojan-activity; sid:100005059; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"phacdochuabenh.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005060; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"phasdesign.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005061; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"picniclifeinternational.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005062; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"piemontesasaffitti.e-bill.it"; content:"Host"; http_header; classtype:trojan-activity; sid:100005063; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"pink99.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005064; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"plasfan.ind.br"; content:"Host"; http_header; classtype:trojan-activity; sid:100005065; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"player.ebmstreaming.eu"; content:"Host"; http_header; classtype:trojan-activity; sid:100005066; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"pmglance.startwriteup.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005067; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"pole.com.vc"; content:"Host"; http_header; classtype:trojan-activity; sid:100005068; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"posmicrosystems.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005069; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"ppdb.smk-ciptaskill.sch.id"; content:"Host"; http_header; classtype:trojan-activity; sid:100005070; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"prestasicash.com.ar"; content:"Host"; http_header; classtype:trojan-activity; sid:100005071; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"prestigehomeautomation.net"; content:"Host"; http_header; classtype:trojan-activity; sid:100005072; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"printee.shop"; content:"Host"; http_header; classtype:trojan-activity; sid:100005073; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"productoslaesperanza.co"; content:"Host"; http_header; classtype:trojan-activity; sid:100005074; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"promoversdubai.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005075; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"prosoc.nl"; content:"Host"; http_header; classtype:trojan-activity; sid:100005076; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"prosupport.cl"; content:"Host"; http_header; classtype:trojan-activity; sid:100005077; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"protechasia.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005078; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"psikologi.undhirabali.ac.id"; content:"Host"; http_header; classtype:trojan-activity; sid:100005079; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"punchdialogues.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005080; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"punjabdevelopersassociation.com.pk"; content:"Host"; http_header; classtype:trojan-activity; sid:100005081; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"qa5whq.db.files.1drv.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005082; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"qatarglobalconsulting.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005083; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"qmsled.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005084; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"quartier-midi.be"; content:"Host"; http_header; classtype:trojan-activity; sid:100005085; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"querocar.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005086; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"quickbooks.aeymotors.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005087; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"quickbooks.thormobilemanagement.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005088; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"quran.abqarie.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005089; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"rainbowisp.info"; content:"Host"; http_header; classtype:trojan-activity; sid:100005090; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"rairupinder.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005091; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"rakeshkhatri.in"; content:"Host"; http_header; classtype:trojan-activity; sid:100005092; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"raquelhelena.com.br"; content:"Host"; http_header; classtype:trojan-activity; sid:100005093; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"rashika.ascarvalho.co.za"; content:"Host"; http_header; classtype:trojan-activity; sid:100005094; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"ratemyfenancialadvisor.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005095; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"rayscreations.pk"; content:"Host"; http_header; classtype:trojan-activity; sid:100005096; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"rb-blinds.co.uk"; content:"Host"; http_header; classtype:trojan-activity; sid:100005097; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"rcmesilva.charbelsales.com.br"; content:"Host"; http_header; classtype:trojan-activity; sid:100005098; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"reacredit.com.br"; content:"Host"; http_header; classtype:trojan-activity; sid:100005099; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"readinglistforjuly10.xyz"; content:"Host"; http_header; classtype:trojan-activity; sid:100005100; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"readymmade.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005101; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"realtymarketgh.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005102; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"redbats.co.in"; content:"Host"; http_header; classtype:trojan-activity; sid:100005103; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"registeredwind.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005104; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"reifenquick.de"; content:"Host"; http_header; classtype:trojan-activity; sid:100005105; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"relaxindulge.co.nz"; content:"Host"; http_header; classtype:trojan-activity; sid:100005106; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"renegocia.pe"; content:"Host"; http_header; classtype:trojan-activity; sid:100005107; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"renehavis.com.ua"; content:"Host"; http_header; classtype:trojan-activity; sid:100005108; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"renximy.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005109; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"reseller.digimitra.in"; content:"Host"; http_header; classtype:trojan-activity; sid:100005110; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"reseller.itechbrasil.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005111; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"restaurantechezdaniel.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005112; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"rezkabum.ru"; content:"Host"; http_header; classtype:trojan-activity; sid:100005113; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"ricambi.fixtofix.it"; content:"Host"; http_header; classtype:trojan-activity; sid:100005114; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"rinaefoundation.org.za"; content:"Host"; http_header; classtype:trojan-activity; sid:100005115; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"rinkaisystem-ht.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005116; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"rkverify.securestudies.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005117; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"robertmcardle.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005118; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"robertsinclair.net"; content:"Host"; http_header; classtype:trojan-activity; sid:100005119; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"romanianpoints.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005120; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"roomsvc.servegate.kr"; content:"Host"; http_header; classtype:trojan-activity; sid:100005121; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"roshnijewellery.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005122; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"royalppa.org"; content:"Host"; http_header; classtype:trojan-activity; sid:100005123; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"rs-toolkit.mikestclair.org"; content:"Host"; http_header; classtype:trojan-activity; sid:100005124; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"rubazar.pro"; content:"Host"; http_header; classtype:trojan-activity; sid:100005125; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"rubycityvietnam.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005126; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"ruisgood.ru"; content:"Host"; http_header; classtype:trojan-activity; sid:100005127; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"ruwadalkuwait.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005128; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"s.51shijuan.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005129; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"sabaint.me"; content:"Host"; http_header; classtype:trojan-activity; sid:100005130; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"sacredscentsonline.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005131; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"safcol-colors.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005132; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"safehubsecurity.ca"; content:"Host"; http_header; classtype:trojan-activity; sid:100005133; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"sahathaikasetpan.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005134; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"sainzim.co.za"; content:"Host"; http_header; classtype:trojan-activity; sid:100005135; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"sangariri.github.io"; content:"Host"; http_header; classtype:trojan-activity; sid:100005136; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"santyago.org"; content:"Host"; http_header; classtype:trojan-activity; sid:100005137; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"sarl-entrain.fr"; content:"Host"; http_header; classtype:trojan-activity; sid:100005138; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"sastra.undhirabali.ac.id"; content:"Host"; http_header; classtype:trojan-activity; sid:100005139; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"sasystemsuk.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005140; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"sataware.net"; content:"Host"; http_header; classtype:trojan-activity; sid:100005141; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"scaladevelopments.scaladevco.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005142; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"scarfaceindustries.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005143; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"scglobal.co.th"; content:"Host"; http_header; classtype:trojan-activity; sid:100005144; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"schalke04rss.de"; content:"Host"; http_header; classtype:trojan-activity; sid:100005145; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"sculetus.nl"; content:"Host"; http_header; classtype:trojan-activity; sid:100005146; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"secure-doc-reader.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005147; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"securemail.axiomworld.net"; content:"Host"; http_header; classtype:trojan-activity; sid:100005148; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"senbiaojita.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005149; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"sendizarlogistics.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005150; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"sericaasia.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005151; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"serviciovirtual.com.ar"; content:"Host"; http_header; classtype:trojan-activity; sid:100005152; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"servis.altankarakaya.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005153; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"seryzpiekielnika.pl"; content:"Host"; http_header; classtype:trojan-activity; sid:100005154; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"sexologistpakistan.net"; content:"Host"; http_header; classtype:trojan-activity; sid:100005155; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"sgessy.com.br"; content:"Host"; http_header; classtype:trojan-activity; sid:100005156; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"shaheentbfoundation.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005157; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"shahikhana.cstdevs.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005158; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"shahu66.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005159; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"shalombaptistchapel.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005160; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"shareunlimited.net"; content:"Host"; http_header; classtype:trojan-activity; sid:100005161; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"sharkrigs.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005162; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"shembefoundation.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005163; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"shiksharatna.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005164; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"shivsoftwaresolutions.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005165; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"shopellium.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005166; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"shribharatvatika.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005167; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"shrushtiinfotech.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005168; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"sibernetix.fr"; content:"Host"; http_header; classtype:trojan-activity; sid:100005169; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"sibisa.indramayukab.go.id"; content:"Host"; http_header; classtype:trojan-activity; sid:100005170; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"sige.brisainformatica.com.br"; content:"Host"; http_header; classtype:trojan-activity; sid:100005171; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"signatureads.co.in"; content:"Host"; http_header; classtype:trojan-activity; sid:100005172; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"siili.net"; content:"Host"; http_header; classtype:trojan-activity; sid:100005173; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"silatama.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005174; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"simoneporzi.it"; content:"Host"; http_header; classtype:trojan-activity; sid:100005175; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"sindpol.tiejuris.com.br"; content:"Host"; http_header; classtype:trojan-activity; sid:100005176; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"singlebridal.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005177; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"sistelligent.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005178; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"skyscan.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005179; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"sman1paguyaman.sch.id"; content:"Host"; http_header; classtype:trojan-activity; sid:100005180; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"smarthouseforum.ru"; content:"Host"; http_header; classtype:trojan-activity; sid:100005181; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"smokeandgrowrichtour.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005182; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"smritiphotography.in"; content:"Host"; http_header; classtype:trojan-activity; sid:100005183; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"soft.110route.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005184; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"solar.amazingtribe.lk"; content:"Host"; http_header; classtype:trojan-activity; sid:100005185; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"solucoesead.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005186; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"somcorbera.cat"; content:"Host"; http_header; classtype:trojan-activity; sid:100005187; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"sota-france.fr"; content:"Host"; http_header; classtype:trojan-activity; sid:100005188; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"spaceframe.mobi.space-frame.co.za"; content:"Host"; http_header; classtype:trojan-activity; sid:100005189; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"spent.com.pl"; content:"Host"; http_header; classtype:trojan-activity; sid:100005190; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"spetsesyachtcharter.gr"; content:"Host"; http_header; classtype:trojan-activity; sid:100005191; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"spices.com.sg"; content:"Host"; http_header; classtype:trojan-activity; sid:100005192; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"src1.minibai.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005193; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"sriglobalit.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005194; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"srvmanos.no-ip.info"; content:"Host"; http_header; classtype:trojan-activity; sid:100005195; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"ss.monita.co.id"; content:"Host"; http_header; classtype:trojan-activity; sid:100005196; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"ssmdevelopers.in"; content:"Host"; http_header; classtype:trojan-activity; sid:100005197; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"sspbluebox.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005198; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"st.devcodin.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005199; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"staging.advails.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005200; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"staging.apparelpunch.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005201; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"starcountry.net"; content:"Host"; http_header; classtype:trojan-activity; sid:100005202; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"static.3001.net"; content:"Host"; http_header; classtype:trojan-activity; sid:100005203; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"static.cz01.cn"; content:"Host"; http_header; classtype:trojan-activity; sid:100005204; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"stiau.iuc.ac"; content:"Host"; http_header; classtype:trojan-activity; sid:100005205; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"sticker.jewsjuice.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005206; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"store.selectandwin.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005207; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"story-life.net"; content:"Host"; http_header; classtype:trojan-activity; sid:100005208; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"str8look.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005209; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"strashield.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005210; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"students.acst.edu.sd"; content:"Host"; http_header; classtype:trojan-activity; sid:100005211; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"submissions.tentcityrecords.net"; content:"Host"; http_header; classtype:trojan-activity; sid:100005212; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"support-4-free.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005213; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"support.clz.kr"; content:"Host"; http_header; classtype:trojan-activity; sid:100005214; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"supportit.online"; content:"Host"; http_header; classtype:trojan-activity; sid:100005215; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"suryatp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005216; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"suyashhospitalraipur.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005217; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"sweaty.dk"; content:"Host"; http_header; classtype:trojan-activity; sid:100005218; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"sweet-diet.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005219; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"swsaseguranca.com.br"; content:"Host"; http_header; classtype:trojan-activity; sid:100005220; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"swwbia.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005221; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"szwbjs.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005222; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"t.honker.info"; content:"Host"; http_header; classtype:trojan-activity; sid:100005223; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"tafsantoursandtravels.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005224; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"targetagro.com.pk"; content:"Host"; http_header; classtype:trojan-activity; sid:100005225; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"tarravalleyfoods.com.au"; content:"Host"; http_header; classtype:trojan-activity; sid:100005226; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"taxclubpk.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005227; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"tc.snpsresidential.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005228; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"tdsp.yngw518.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005229; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"tebogodigital.co.za"; content:"Host"; http_header; classtype:trojan-activity; sid:100005230; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"techgms.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005231; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"technikatronix.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005232; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"tejanomusicawards.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005233; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"teleargentina.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005234; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"telecomservices.com.ec"; content:"Host"; http_header; classtype:trojan-activity; sid:100005235; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"temptmag.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005236; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"tencoconsulting.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005237; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"tentandoserfitness.000webhostapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005238; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"tesorak.ru"; content:"Host"; http_header; classtype:trojan-activity; sid:100005239; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"test.adventser.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005240; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"test.cliniconnect.com.au"; content:"Host"; http_header; classtype:trojan-activity; sid:100005241; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"test.letraele.es"; content:"Host"; http_header; classtype:trojan-activity; sid:100005242; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"test.protocsconnectes.eu"; content:"Host"; http_header; classtype:trojan-activity; sid:100005243; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"test.typoten.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005244; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"test1.milenial.id"; content:"Host"; http_header; classtype:trojan-activity; sid:100005245; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"test2.marrenconstruction.ie"; content:"Host"; http_header; classtype:trojan-activity; sid:100005246; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"testing-istudiophoto.davaohorizon.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005247; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"testing.thinkingcorp.in"; content:"Host"; http_header; classtype:trojan-activity; sid:100005248; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"teteaffiche.stephanebillon.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005249; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"tewoerd.eu"; content:"Host"; http_header; classtype:trojan-activity; sid:100005250; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"tharringtonsponsorship.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005251; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"the6hats.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005252; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"thecreativecafe.co.uk"; content:"Host"; http_header; classtype:trojan-activity; sid:100005253; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"thedentalhq.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005254; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"thefuturelife.in"; content:"Host"; http_header; classtype:trojan-activity; sid:100005255; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"thehaider.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005256; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"thekassia.co.uk"; content:"Host"; http_header; classtype:trojan-activity; sid:100005257; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"thekissilent.net"; content:"Host"; http_header; classtype:trojan-activity; sid:100005258; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"thekrishnagroup.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005259; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"themansionkasauli.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005260; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"theoddbudstore.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005261; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"theottomandoner.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005262; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"thewwpc.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005263; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"thiagoribeirokungfu.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005264; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"thosewebbs.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005265; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"thoughtplus.in"; content:"Host"; http_header; classtype:trojan-activity; sid:100005266; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"thriveink.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005267; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"tianangdep.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005268; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"tifometrobianconero.net"; content:"Host"; http_header; classtype:trojan-activity; sid:100005269; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"timegonebuy.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005270; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"todoapp.cstdevs.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005271; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"tonmatdoanminh.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005272; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"tonydong.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005273; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"tonyzone.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005274; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"tools.liankenet.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005275; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"tools.reimclub.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005276; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"toplevel.com.br"; content:"Host"; http_header; classtype:trojan-activity; sid:100005277; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"topv.xyz"; content:"Host"; http_header; classtype:trojan-activity; sid:100005278; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"torresquinterocorp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005279; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"toyotacollege.ac.th"; content:"Host"; http_header; classtype:trojan-activity; sid:100005280; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"trade-credit.co.za"; content:"Host"; http_header; classtype:trojan-activity; sid:100005281; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"transline.hu"; content:"Host"; http_header; classtype:trojan-activity; sid:100005282; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"travelwithmanta.co.za"; content:"Host"; http_header; classtype:trojan-activity; sid:100005283; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"trippypassports.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005284; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"tsd.jxwan.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005285; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"tulli.info"; content:"Host"; http_header; classtype:trojan-activity; sid:100005286; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"tupersonalizas.es"; content:"Host"; http_header; classtype:trojan-activity; sid:100005287; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"tuppatile.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005288; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"tupperware.michaelroberge.ca"; content:"Host"; http_header; classtype:trojan-activity; sid:100005289; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"txtheatreproductions.co.za"; content:"Host"; http_header; classtype:trojan-activity; sid:100005290; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"uat.indianfilmzone.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005291; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"ublretailerdemo.cstdevs.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005292; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"uisusa.uisusa.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005293; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"ujianpensisba.undhirabali.ac.id"; content:"Host"; http_header; classtype:trojan-activity; sid:100005294; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"ultimate-24.de"; content:"Host"; http_header; classtype:trojan-activity; sid:100005295; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"unicorpbrunei.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005296; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"uniengrisb.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005297; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"up.llw0.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005298; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"upcbpta.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005299; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"urologiaportugues.com.br"; content:"Host"; http_header; classtype:trojan-activity; sid:100005300; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"urshell.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005301; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"useformoney.000webhostapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005302; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"useracici.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005303; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"uzzepay.com.br"; content:"Host"; http_header; classtype:trojan-activity; sid:100005304; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"valcomedia.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005305; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"varicogel.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005306; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"vbcargo.hu"; content:"Host"; http_header; classtype:trojan-activity; sid:100005307; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"vcah.co.uk"; content:"Host"; http_header; classtype:trojan-activity; sid:100005308; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"vectarts.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005309; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"vecvietnam.com.vn"; content:"Host"; http_header; classtype:trojan-activity; sid:100005310; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"vegclub.in"; content:"Host"; http_header; classtype:trojan-activity; sid:100005311; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"vente.net-transact.fr"; content:"Host"; http_header; classtype:trojan-activity; sid:100005312; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"version8.newlinestudios.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005313; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"vfocus.net"; content:"Host"; http_header; classtype:trojan-activity; sid:100005314; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"vienen.gblix.srv.br"; content:"Host"; http_header; classtype:trojan-activity; sid:100005315; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"villamarand.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005316; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"villatera.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005317; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"violinstop.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005318; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"virtuleverage.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005319; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"visam.info"; content:"Host"; http_header; classtype:trojan-activity; sid:100005320; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"visualhome.cl"; content:"Host"; http_header; classtype:trojan-activity; sid:100005321; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"vivationdesign.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005322; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"viveirodoiscorregos.com.br"; content:"Host"; http_header; classtype:trojan-activity; sid:100005323; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"vologroup.com.br"; content:"Host"; http_header; classtype:trojan-activity; sid:100005324; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"volunteers.dbf.daystarng.org"; content:"Host"; http_header; classtype:trojan-activity; sid:100005325; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"vote-care.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005326; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"vote.yixuecup.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005327; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"votobicentenario.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005328; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"vpinversiones.cl"; content:"Host"; http_header; classtype:trojan-activity; sid:100005329; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"vulkanvegas-de.katchpurcity.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005330; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"vulkanvegasonline.katchpurcity.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005331; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"vvsskmodinationalschool.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005332; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"w.xnlyr.cn"; content:"Host"; http_header; classtype:trojan-activity; sid:100005333; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"walletwasabi.io"; content:"Host"; http_header; classtype:trojan-activity; sid:100005334; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"watertankcleaner.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005335; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"wdfacustomtees.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005336; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"weareactum.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005337; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"web.geomegasoft.net"; content:"Host"; http_header; classtype:trojan-activity; sid:100005338; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"web.smarts-works.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005339; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"weinsteincounseling.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005340; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"wfinance.com.br"; content:"Host"; http_header; classtype:trojan-activity; sid:100005341; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"whiteresponse.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005342; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"wi522012.ferozo.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005343; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"wildnights.co.uk"; content:"Host"; http_header; classtype:trojan-activity; sid:100005344; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"wildtrust.mediadevstaging.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005345; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"winhaf05.top"; content:"Host"; http_header; classtype:trojan-activity; sid:100005346; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"winolb06.top"; content:"Host"; http_header; classtype:trojan-activity; sid:100005347; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"winorm07.top"; content:"Host"; http_header; classtype:trojan-activity; sid:100005348; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"winxob04.top"; content:"Host"; http_header; classtype:trojan-activity; sid:100005349; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"wishesconcierge.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005350; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"wizesales.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005351; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"wj8pgg.am.files.1drv.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005352; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"wjq63w.am.files.1drv.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005353; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"woezon.agency"; content:"Host"; http_header; classtype:trojan-activity; sid:100005354; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"wolfgang-brodte.de"; content:"Host"; http_header; classtype:trojan-activity; sid:100005355; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"wordpress.saleensuporte.com.br"; content:"Host"; http_header; classtype:trojan-activity; sid:100005356; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"wozata.000webhostapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005357; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"wp.readhere.in"; content:"Host"; http_header; classtype:trojan-activity; sid:100005358; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"wrpcbg.am.files.1drv.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005359; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"ws5588.f3322.net"; content:"Host"; http_header; classtype:trojan-activity; sid:100005360; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"wyklej.pl"; content:"Host"; http_header; classtype:trojan-activity; sid:100005361; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"x2vn.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005362; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"xarm.top"; content:"Host"; http_header; classtype:trojan-activity; sid:100005363; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"xispoli.eu"; content:"Host"; http_header; classtype:trojan-activity; sid:100005364; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"xk.996is.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005365; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"xk1.996is.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005366; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"xmajd.cn"; content:"Host"; http_header; classtype:trojan-activity; sid:100005367; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"xn--polimerbizmimarlk-rvc.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005368; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"xpawel.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005369; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"xz.8dashi.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005370; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"xz.juzirl.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005371; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"y-hb.co.il"; content:"Host"; http_header; classtype:trojan-activity; sid:100005372; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"yafa-coach.co.il"; content:"Host"; http_header; classtype:trojan-activity; sid:100005373; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"yeichner.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005374; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"yp.hnggzyjy.cn"; content:"Host"; http_header; classtype:trojan-activity; sid:100005375; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"ysbaojia.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005376; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"ytvnews.info"; content:"Host"; http_header; classtype:trojan-activity; sid:100005377; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"yz.4399fz.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005378; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"yzkzixun.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005379; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"zakat.abqarie.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005380; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"zensoft.vn"; content:"Host"; http_header; classtype:trojan-activity; sid:100005381; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"zhengtiankai.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005382; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"zina-boutique.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005383; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"zmidsg.am.files.1drv.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005384; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"zvetmet.ru"; content:"Host"; http_header; classtype:trojan-activity; sid:100005385; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"zz.690tx.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005386; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/softdl.360tpcdn.com/moloengkids/moloengkids_1.5.0.0.exe"; http_uri; nocase; content:"124.165.123.7"; content:"Host"; http_header; classtype:trojan-activity; sid:100005387; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/wp-admin/kkht1/"; http_uri; nocase; content:"91yudao.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005388; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/app.exe"; http_uri; nocase; content:"ahcteam.site"; content:"Host"; http_header; classtype:trojan-activity; sid:100005389; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/uploads/8/1/2/9/81294208/growtopiastaff_setup1.61.exe"; http_uri; nocase; content:"amumufree.weebly.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005390; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/assets/images/bakamla0001.png"; http_uri; nocase; content:"bakamla.go.id"; content:"Host"; http_header; classtype:trojan-activity; sid:100005391; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/abernathyjorge711/y6788/downloads/bubblebrowserext1.0.exe"; http_uri; nocase; content:"bitbucket.org"; content:"Host"; http_header; classtype:trojan-activity; sid:100005392; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/dvdfv/anjj/downloads/jami.exe"; http_uri; nocase; content:"bitbucket.org"; content:"Host"; http_header; classtype:trojan-activity; sid:100005393; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/heyhoeee/heyhoename1/downloads/1234.exe"; http_uri; nocase; content:"bitbucket.org"; content:"Host"; http_header; classtype:trojan-activity; sid:100005394; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/jpavelski/chpock/downloads/4.exe"; http_uri; nocase; content:"bitbucket.org"; content:"Host"; http_header; classtype:trojan-activity; sid:100005395; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/jpavelski/chpock/downloads/6.exe"; http_uri; nocase; content:"bitbucket.org"; content:"Host"; http_header; classtype:trojan-activity; sid:100005396; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/labesoftware/update/downloads/boost-fps.exe"; http_uri; nocase; content:"bitbucket.org"; content:"Host"; http_header; classtype:trojan-activity; sid:100005397; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/labesoftware/update/downloads/install_plugin_x64_x86.exe"; http_uri; nocase; content:"bitbucket.org"; content:"Host"; http_header; classtype:trojan-activity; sid:100005398; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/labesoftware/update/downloads/vpn_free.exe"; http_uri; nocase; content:"bitbucket.org"; content:"Host"; http_header; classtype:trojan-activity; sid:100005399; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/player2012/rumpa1/downloads/component.exe"; http_uri; nocase; content:"bitbucket.org"; content:"Host"; http_header; classtype:trojan-activity; sid:100005400; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/player2012/rumpa1/downloads/nordvpnsetup.exe"; http_uri; nocase; content:"bitbucket.org"; content:"Host"; http_header; classtype:trojan-activity; sid:100005401; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/player2012/rumpa1/downloads/regsvc.exe"; http_uri; nocase; content:"bitbucket.org"; content:"Host"; http_header; classtype:trojan-activity; sid:100005402; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/riyek37128/riyek37128-bbsaili.com/downloads/setup.txt"; http_uri; nocase; content:"bitbucket.org"; content:"Host"; http_header; classtype:trojan-activity; sid:100005403; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/ms--viola-williamson/ava.smith-51.zip"; http_uri; nocase; content:"bofonit.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005404; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/hmatrix/data/hack1226.exe"; http_uri; nocase; content:"cd.textfiles.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005405; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/808540577594736675/848370661323702282/firefox.lnk"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005406; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/808540577594736675/848370961941921832/yx3pby9rc15i0slk.jpg"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005407; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/816070119281131570/816070273254162442/all.txt"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005408; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/826198252025675816/826537386485612574/china.png"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005409; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/826376903400751108/826431600383361065/remcmcmcm_mjvbsmlrc45.bin"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005410; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/837806650710687784/845046674795790346/s-1.exe"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005411; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/847474280065138701/847474368619872297/book.jpg"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005412; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/851559129507299352/851559987792707604/semb2.jpg"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005413; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/851572857258377256/851591110644072488/svchost.exe"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005414; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/851572857258377256/864723731502465085/securityhealthsystray.exe"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005415; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/853748335077097494/853748441041338398/pro.jpg"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005416; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/853748943082487832/853749072539680799/azp.jpg"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005417; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/853750252870696962/853750569209561108/sel.jpg"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005418; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/862051529418342463/862051665875566622/se.jpg"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005419; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/862988396460769294/864089588845641738/fixupdate.exe"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005420; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/863917896744697868/863918734271971338/sel.jpg"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005421; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/attachments/863917896744697868/863919114955390976/pro.jpg"; http_uri; nocase; content:"cdn.discordapp.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005422; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/razor/rzr-winner_intro.zip"; http_uri; nocase; content:"chiptune.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005423; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/girafficinstall1.0.0.14nosign.exe"; http_uri; nocase; content:"chromodoris.s3.amazonaws.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005424; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/girafficinstall1.0.0.20nosign.exe"; http_uri; nocase; content:"chromodoris.s3.amazonaws.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005425; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/girafficinstall1.0.0.21nosign.exe"; http_uri; nocase; content:"chromodoris.s3.amazonaws.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005426; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/meteoradminz/hidden-tear/zip/master"; http_uri; nocase; content:"codeload.github.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005427; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/tmp/protected-cek9qz4zvk2n65e-c5d84gi5/security-cloud/kypqw-52kkq0n9ywj9oa/"; http_uri; nocase; content:"colfincas.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005428; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/uc?export=download&id=0bwvrysmmqnmvek1ubu9tqnrjs28&revid=0bwvrysmmqnmvnthvr2fvtlrjttu1ylzjagjsrkfzd2ywrzhrpq"; http_uri; nocase; content:"docs.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005429; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/uc?export=download&id=11wrd1k3cum3xwrrk7ry9emoxvjihpxt5&revid=0bwr0ytfwg4ymmfnormy4ret5uulxym9uri9na2p4oe1xzxlnpq"; http_uri; nocase; content:"docs.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005430; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/uc?export=download&id=140vkyfrfhbqkukc2hnw-gsvi5wjw6iyi"; http_uri; nocase; content:"docs.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005431; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/uc?export=download&id=1ctmywlj5wouiug1wgizy3ke7yj1u0yor&revid=0b_t0-zked1mgagxwmxcwywq5q0q1uk1uoxcwaup6l2ovmtdjpq"; http_uri; nocase; content:"docs.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005432; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/uc?export=download&id=1dcskexskninafqjsvcdvurd8sn0y3z2m&revid=0b32-vhr9_ogcmnjutlfrrke4l213smg0ajdrr0yvavfsnnrvpq"; http_uri; nocase; content:"docs.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005433; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/uc?export=download&id=1gpjdoys0jisgixkzzi79qrvuun0m2ufd&revid=0bwzj95xpgx6-shdtthq5ztfkajlnv3ntvvzqy0u5k0vvqtrvpq"; http_uri; nocase; content:"docs.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005434; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/uc?export=download&id=1gv_nk9llqw4fxudo-khja7nuuj1kevvw&revid=0b7zefp-g6n7vm0zhowo4be9pvus4mmh0ymxvd3r6zlu3ylznpq"; http_uri; nocase; content:"docs.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005435; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/uc?export=download&id=1h_dyp_d5lst4akyf2qezxl7j1scvbtvs&revid=0b5thckui5i0mdk5moelbnm9vuhnydvjnvwpyq01vrg5xvwhrpq"; http_uri; nocase; content:"docs.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005436; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/uc?export=download&id=1hdvmpsulsdwmfbduwezpkhyqscvaujpz&revid=0bxuz33-vsvvttjk1tutwb25oynbmuwjqsytdmtqybxvayvrzpq"; http_uri; nocase; content:"docs.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005437; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/uc?export=download&id=1jpl-uouydm5hypqm67uokyddrblbpxvw&revid=0b7zpiprmoc5ubhpwclq0cxdyte5vwtrbymnidznhtgm3bzvrpq"; http_uri; nocase; content:"docs.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005438; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/uc?export=download&id=1lrsmsenpabz1ihnqwve1zahmbbrjvy0k&revid=0bwxkravv4isdrzmrqulpqwfbnk44s3louvlqtm85tzbdvjzzpq"; http_uri; nocase; content:"docs.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005439; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/uc?export=download&id=1m8jszvq-ztfrul7vgsb6q-n3ftgnkbdj&revid=0bxrhybf9__wnmgjlnmxmunzznlu0v204azc4edmzcep6a0hzpq"; http_uri; nocase; content:"docs.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005440; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/uc?export=download&id=1sbd1rnw8luztjmsh6gdlzupvyupbopa0&revid=0b3yyjts_woklr2vnyxvqohlidxbxn1l2wwjntxfnwvi5v0h3pq"; http_uri; nocase; content:"docs.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005441; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/uc?export=download&id=1tilqozot07vylvdmmsfs7ia452jwhktj&revid=0b7gsmqzks4xkcdjcwhuvatj2qvlvchnmnnovu2ldzstek2jzpq"; http_uri; nocase; content:"docs.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005442; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/uc?export=download&id=1ygn4gkmy9musdp_lgnpyjjh6rskt39vp&revid=0b8rbgp2bpeofmk5ta3n3mgjtefbzdevwtk5wwhpjd3yruejjpq"; http_uri; nocase; content:"docs.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005443; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/uc?export=download&id=1zxejnkdwqezrbgani5vjk2y2nhmpkg0z&revid=0b-bo0wgwxcblsui1mehkbhrlu01rwxnyrxzxanbdendmbndnpq"; http_uri; nocase; content:"docs.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005444; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/frm0reseen/prntscrnofamzorderid.jpg.exe"; http_uri; nocase; content:"drive.google.com.it-barcelona.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005445; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/uc?export=download&id=12cowc-pkiukag2p2df3q9tuzbh68wwff"; http_uri; nocase; content:"drive.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005446; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/uc?export=download&id=13xandakovej7ugc85fwz7yjc_1ot-aih"; http_uri; nocase; content:"drive.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005447; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/uc?export=download&id=142ohwkdklfvca-f2ut-ivywcak4sng7a"; http_uri; nocase; content:"drive.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005448; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/uc?export=download&id=17lu0x2pcmylrv57bdshmfju3xrtbkafj"; http_uri; nocase; content:"drive.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005449; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/uc?export=download&id=18vwq02tu4don_aqm8cjneg-ched0octc"; http_uri; nocase; content:"drive.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005450; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/uc?export=download&id=18zfspcrlbavz_ooolsobhnpa264xyytm"; http_uri; nocase; content:"drive.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005451; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/uc?export=download&id=1_kme2jlo4rwuoi0skp0ejlnqrjpi0zha"; http_uri; nocase; content:"drive.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005452; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/uc?export=download&id=1_qspsdj7tv5l8wtolzc6oojww8fkugn4"; http_uri; nocase; content:"drive.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005453; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/uc?export=download&id=1a-herfdxr6xamxeabcdao0mqw9bimrig"; http_uri; nocase; content:"drive.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005454; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/uc?export=download&id=1alq8r5tnr6wwiftqa3l6d9fymv7y0g9m"; http_uri; nocase; content:"drive.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005455; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/uc?export=download&id=1b4g1w2mjauwbfd-wpehef2i7txy2-jxf"; http_uri; nocase; content:"drive.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005456; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/uc?export=download&id=1etpmpb2shvuny5dxj5awfpxklxqpbzgx"; http_uri; nocase; content:"drive.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005457; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/uc?export=download&id=1fszqfhki6fpt0-4se0fdu8oinmveawj4"; http_uri; nocase; content:"drive.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005458; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/uc?export=download&id=1gfmapqayzoe9bgdhe6bjgtfw3t3m6noe"; http_uri; nocase; content:"drive.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005459; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/uc?export=download&id=1hcmsv7gki94m1ilqz_cty1vem9i3b_kd"; http_uri; nocase; content:"drive.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005460; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/uc?export=download&id=1igs5o27dptipoo8iqgpvjqpzytr0bekk"; http_uri; nocase; content:"drive.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005461; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/uc?export=download&id=1lfmrji-xfbuakcnrkvcvikp-knnyjbc6"; http_uri; nocase; content:"drive.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005462; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/uc?export=download&id=1lt8fcdabxdlxcnnzemjyfej_sf88um8b"; http_uri; nocase; content:"drive.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005463; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/uc?export=download&id=1lzfaij2lfliw3xobyx3tbubphrib55-4"; http_uri; nocase; content:"drive.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005464; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/uc?export=download&id=1ma38y_tmkwp6spyu_omub2ntyzolb0qj"; http_uri; nocase; content:"drive.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005465; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/uc?export=download&id=1n8_s6gijerearczwh74blkygodig64eo"; http_uri; nocase; content:"drive.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005466; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/uc?export=download&id=1nv4lwduur2paanupivgty8wfi-qhhm4d"; http_uri; nocase; content:"drive.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005467; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/uc?export=download&id=1p4r-pnz-bgky8t9jflqyipyf5hvpkdye"; http_uri; nocase; content:"drive.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005468; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/uc?export=download&id=1pr2l1wfpwhfzln-sq93bb9xwfqtrwezu"; http_uri; nocase; content:"drive.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005469; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/uc?export=download&id=1quzouzjuncjhkgnferfx06dg7icwxy2d"; http_uri; nocase; content:"drive.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005470; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/uc?export=download&id=1tnnhctucoeyrnqdkpizy9gm6w5ha0_tb"; http_uri; nocase; content:"drive.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005471; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/uc?export=download&id=1uygnpwzzyzn2rodsrimg0-sloxy_letg"; http_uri; nocase; content:"drive.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005472; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/uc?export=download&id=1v_xk72tsyvr7ddo4vkupjlcpdypgg3jk"; http_uri; nocase; content:"drive.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005473; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/uc?export=download&id=1yfqtugahqhqrulwugdekeavffktsl8ci"; http_uri; nocase; content:"drive.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005474; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/uc?export=download&id=1z7qhwcozjwehksdhw-yuivac2jzwjqia"; http_uri; nocase; content:"drive.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005475; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/uc?id=1a7jwdzayvxw_d3cgv_n7tjf4sty3ufor&export=download"; http_uri; nocase; content:"drive.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005476; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/uc?id=1y59mvv5dlrjfcdnlz3gmfskjj2vqerz1&export=download"; http_uri; nocase; content:"drive.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005477; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/downloads/emclick.zip"; http_uri; nocase; content:"e-mudhra.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005478; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/informatica/informatica-actief/hoofdstuk1/extrasoftware/getallen.exe"; http_uri; nocase; content:"evertkok.nl"; content:"Host"; http_header; classtype:trojan-activity; sid:100005479; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/register/phpcaptcha/images/19dnqhg1p/sbhvtqlysxhxn/"; http_uri; nocase; content:"expeditionquest.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005480; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/register/phpcaptcha/images/35egphpl5uzpvdmz9bncmvon3p/"; http_uri; nocase; content:"expeditionquest.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005481; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/x/"; http_uri; nocase; content:"expeditionquest.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005482; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/afzxnvhccv/~3/cuwjlcqri6c/polluted.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005483; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/alnewvjcnu/~3/ev3ut1csrwg/saucily.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005484; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/aosiz/~3/ld09kk4n0ru/profitably.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005485; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/aqdlsxol/~3/i9cvyqq7zgq/estranging.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005486; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/arkdoln/~3/svmxgrdzf8s/rerecording.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005487; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/bgybcpxen/~3/q4i5h3bo-2s/metabolities.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005488; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/bibytzak/~3/ezm1_dyatty/commercially.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005489; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/bkpdy/~3/dkhvtr21e5m/prevalent.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005490; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/bndmgp/~3/o5r9astiygy/gearless.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005491; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/boidwe/~3/4hpodogjat4/force.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005492; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/bxcnilgel/~3/mx59t_t1u-u/telephony.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005493; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/chjoxmpyqp/~3/jcskdhf_kp8/wideness.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005494; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/cjkysnkwuc/~3/yys34a6bt7a/weft.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005495; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/ckmbsqnvbki/~3/cs5hqtfssmw/arabian.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005496; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/cqdsfulp/~3/d2jsvnda8bg/foreordain.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005497; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/crndqsbsewu/~3/18stph0bcm0/brainwork.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005498; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/cwiwz/~3/j3clknmmyem/transition.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005499; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/cwzxpkbl/~3/lcx_got4d6g/france.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005500; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/dcrudikgs/~3/wlug8lbqcqm/fitter.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005501; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/dhoit/~3/pg1imm9j3m8/sluggish.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005502; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/dhumbvq/~3/yeraydqpc04/quintillionth.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005503; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/djovrr/~3/d8d8hl3sz-c/lavaliere.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005504; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/dmnvpsdsrcm/~3/ip55lftub-c/stipendless.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005505; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/dnbbzxczt/~3/xo2jddv35uw/dissent.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005506; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/doscqdxavt/~3/vnopxkjbmaa/countersign.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005507; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/dpqaqlmpufb/~3/jwfwrujhlzq/witnesser.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005508; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/dtpiyfyhe/~3/yh2h2y9eu24/namely.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005509; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/ebtux/~3/6-ms0zislkk/picked.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005510; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/ecegwqd/~3/lz6qwmmz5um/eucharist.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005511; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/eeyogmmjy/~3/_uskqz8butk/antisepsis.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005512; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/eezyhnhpza/~3/wsouehuhdyc/gunman.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005513; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/efoqvjtq/~3/wnco-tduglq/seismic.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005514; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/eiqliw/~3/f7s1jxdccpg/scroungy.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005515; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/ekwdbglsn/~3/wctttp3oq4k/drum.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005516; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/emqkzwbh/~3/z0ihejeoby0/truncation.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005517; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/eweeqr/~3/did2rhzdvum/captivity.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005518; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/extgsczxld/~3/sp1ryo7qdes/brunet.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005519; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/fixox/~3/nkroqy6nowa/diversified.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005520; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/fpukiszyeg/~3/tspm7j_dw7i/corinth.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005521; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/fqrugqfxhxd/~3/9xt23uxbivs/spectacular.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005522; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/fsvmvoosx/~3/h4tge3csqz4/stifle.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005523; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/ftcbzcoxto/~3/hsxp5iiystu/macaw.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005524; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/gfxwbgoiua/~3/vnopxkjbmaa/countersign.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005525; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/giaetua/~3/n5x-1hiq2cu/spearman.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005526; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/goonuul/~3/yalsiysod3y/assimilation.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005527; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/goxtflkjbq/~3/d4nrzfpe2ea/fortress.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005528; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/hagdupdkiky/~3/1ssd1fvtak4/acorn.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005529; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/hdbpwfyscxj/~3/h_6p_hpoaoq/broadcast.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005530; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/hfmmxbim/~3/ky21aqqoonk/catch.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005531; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/hgvwyosinbh/~3/0swrfp1ynu0/takeoff.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005532; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/hicvurye/~3/jpngtxfhdyi/compactor.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005533; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/hkrjmdo/~3/fcn3lu9zcu0/lining.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005534; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/hljjh/~3/np_bvpuojmo/rationing.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005535; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/htkewchpcoy/~3/jeldhv3db68/inhibition.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005536; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/iivlvngujd/~3/nygdiom7nzg/thursday.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005537; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/ikqmdyi/~3/hhpgvco6pp4/dole.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005538; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/intqjhexl/~3/5rrxkt8irpa/categorial.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005539; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/itzeweywlk/~3/peholbtfpa4/baleful.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005540; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/iwygbdwnj/~3/cgzdb_-kkks/obstreperous.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005541; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/jeoptnk/~3/ts63hw5gnsu/spathe.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005542; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/jhhcqpcbskw/~3/4dh7wxagjwo/demand.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005543; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/jhzcsknjpnb/~3/hpi8vwmioey/undecisive.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005544; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/jirycwr/~3/b8dkcurqsja/maidenly.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005545; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/kevoxvlshcl/~3/e26hms8iqx0/abstemiousness.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005546; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/kgjclbqy/~3/kxkscgv3ci8/dizzy.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005547; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/knzjkajne/~3/nsub2w8elqw/film.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005548; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/kwwzcyq/~3/7vincvwsb6i/caldron.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005549; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/lffsz/~3/idyhce7j-h8/pix.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005550; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/lfqvz/~3/iylmfpkfzpa/foppery.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005551; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/lhespsw/~3/2fqtvjhre7a/memorialize.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005552; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/lkgnyhqo/~3/_wtekr7_tqi/planetary.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005553; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/lkhxdgsvp/~3/kj5nfbvjtjo/pong.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005554; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/lmwnkdvlod/~3/0vnzjbbxabm/understandingly.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005555; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/lpeps/~3/xzmqjxgwqry/saved.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005556; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/mccquhrwdt/~3/2pfiawrb8m0/tripartite.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005557; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/mivtyhvsz/~3/emzubpyol6e/rivet.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005558; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/mjiqhsuqot/~3/vip8lrdxdl0/pont.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005559; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/mjwajvqvody/~3/fcgbaug1o8k/drivebelt.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005560; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/mnvati/~3/jabb71vucbu/pettily.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005561; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/naeijvbomjh/~3/ema4tjpd2lq/zinger.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005562; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/nalvpv/~3/isp2uueh4y0/smiler.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005563; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/nciasjppt/~3/0toczyfqfze/pinout.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005564; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/nehiw/~3/suo6fm3zr0q/heliport.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005565; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/neumxsp/~3/p0wcljrd6l8/salvaging.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005566; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/ngpjrlpe/~3/xzy9utu28su/salvador.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005567; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/nlueaecob/~3/69i7uqh8yhu/crucifixion.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005568; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/nqmswm/~3/luetg43st04/lyre.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005569; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/nzksuugnqx/~3/ulfioom7ivi/vilification.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005570; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/ocidtiojaoj/~3/i0ix__rkvqa/plod.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005571; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/oiefojc/~3/hbuc-s__wow/overheating.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005572; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/otbhw/~3/eddgs_7yf54/benevolence.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005573; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/panfbtsk/~3/go8iy9cvwii/profanities.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005574; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/pcugumjb/~3/5o0ppjrd78m/arrival.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005575; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/pdagfrdbh/~3/wf4weqs6djq/shapelessness.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005576; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/phgqhyi/~3/wi4wsgnh6vi/tired.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005577; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/pupsxizi/~3/-arrrqoqnza/desirability.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005578; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/puttarp/~3/p2nehhywmza/environs.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005579; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/pvihopiy/~3/fbj29uerz1m/morsel.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005580; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/qgevg/~3/k-ayfpf07so/preliminaries.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005581; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/rekue/~3/wnlibfgeiqs/discovered.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005582; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/rexelmtrbd/~3/aiirurekzgs/smoothness.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005583; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/rhjwqtdid/~3/qx6olfl0gye/multiplecolumn.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005584; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/ridqz/~3/p9nqlh-5m88/panelist.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005585; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/ripmw/~3/wk4zfiild3y/median.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005586; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/rkpyzssqtu/~3/wnco-tduglq/seismic.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005587; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/rpakahawzmn/~3/pvjnjwt-7tw/right.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005588; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/ruplzv/~3/lvxn9qzr8rs/profundity.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005589; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/sfytff/~3/xvb6ybgoatw/aleatory.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005590; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/sgwabkkhkca/~3/83f8vocout8/nuthatch.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005591; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/spqdo/~3/aidrrjho1bk/photometer.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005592; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/swmwx/~3/yso_hobjelq/toronto.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005593; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/synzpqmkloz/~3/jmjyufcyjw0/pauperize.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005594; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/tbzhp/~3/bionbkhfbzi/interrupting.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005595; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/thynzpbgmwt/~3/j2yscyuhgda/adulterant.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005596; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/tsiezjb/~3/uz-jn_5rbl0/inkstand.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005597; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/ttywmkydg/~3/7vincvwsb6i/caldron.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005598; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/ueeaem/~3/2x1wd9nwrtu/ibuprofen.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005599; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/uejhclpmrm/~3/y7_xvh3dyds/outgrowth.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005600; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/uhwrmkl/~3/2fcccncpmvo/antinomic.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005601; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/uikjxxjf/~3/qwzvyeefpoc/mire.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005602; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/upnmtyodhe/~3/nctd7ymyvb8/sideline.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005603; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/uwgffmzw/~3/tadrpbu1das/consolation.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005604; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/uwmjyjb/~3/ar-8xrw6en4/episode.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005605; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/vbhezbyhu/~3/4hpodogjat4/force.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005606; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/vcrvu/~3/hugrtxlkf8s/subcontracted.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005607; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/vmswyfrnr/~3/6geejoxvxeg/vestment.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005608; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/vpvxbfm/~3/j4rqivgxwf4/root.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005609; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/vrwaupgixon/~3/aiirurekzgs/smoothness.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005610; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/vsmltlh/~3/o3mq7yrb2ai/aftereffect.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005611; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/wbowsbchg/~3/e_bqu0h4r2u/silentness.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005612; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/wfpby/~3/kac3w53zw1a/animator.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005613; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/wfvlr/~3/ypssheesdre/jobless.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005614; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/wmklnymjzx/~3/itt__wyzbna/tenacity.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005615; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/wtfftdhkr/~3/zhhashh38za/disfigured.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005616; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/wtmeu/~3/ujsvo8vub_a/engagement.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005617; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/wvyltkbsvki/~3/2dn9uqzowis/overshoot.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005618; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/wzcze/~3/5tvdo6lqfji/nearly.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005619; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/xazdczerd/~3/oae5o2lxrqs/usual.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005620; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/xepzbj/~3/wkxqpkz72fe/stradivari.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005621; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/xewwqxke/~3/tspm7j_dw7i/corinth.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005622; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/xffjeqp/~3/5tvdo6lqfji/nearly.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005623; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/xgtsn/~3/dcufoc1awcm/pictorial.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005624; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/xizcochfoh/~3/2dn9uqzowis/overshoot.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005625; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/xmlkgh/~3/yznkqvey69m/shapelessness.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005626; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/xoxmcwlcma/~3/gqvq9bg24p8/abashed.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005627; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/xzzmcnt/~3/n78kouftiaa/nightclothes.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005628; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/ybdrfthofl/~3/eie4do3f31g/guardian.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005629; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/ycmqq/~3/7jtg_atrnmy/functionary.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005630; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/yfqsn/~3/pvjnjwt-7tw/right.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005631; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/yhyunalg/~3/j-kuibsmu5q/preeminence.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005632; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/yigoyqiy/~3/3av6s_js28q/pachuco.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005633; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/yiyrdtkyzru/~3/wyneumhdyk4/abatements.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005634; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/yknjajffk/~3/k-ayfpf07so/preliminaries.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005635; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/yktkxp/~3/ijkfuolaioq/stub.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005636; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/ymngfk/~3/dkx0hr3zkl4/thorny.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005637; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/yrhisgkqcun/~3/o06l2zfwnvk/imperialist.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005638; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/ysgxgx/~3/tscwnmkx6u4/aggrandizement.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005639; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/ytxgoq/~3/k-ayfpf07so/preliminaries.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005640; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/yyehyxoqcgn/~3/xrld-ukvysm/filter.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005641; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/zibfysgypj/~3/pgerdpduv6c/swampiness.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005642; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/zqdxmk/~3/-rnwullq5na/demonstrator.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005643; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/zuudhaxay/~3/1_vtujdqexq/absurd.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005644; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/zxgrp/~3/twy2hgfeuhq/whispered.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005645; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/~r/zxihnagniy/~3/ujsvo8vub_a/engagement.php"; http_uri; nocase; content:"feedproxy.google.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005646; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/web1/m00/8f/36/o4ybafy-2m2aarfzaahkaiik5pi122.exe"; http_uri; nocase; content:"file.elecfans.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005647; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/wp-admin/suy/"; http_uri; nocase; content:"hsecaravans.co.uk"; content:"Host"; http_header; classtype:trojan-activity; sid:100005648; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/32/items/vceo_20210729/vceo.txt"; http_uri; nocase; content:"ia601403.us.archive.org"; content:"Host"; http_header; classtype:trojan-activity; sid:100005649; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/0/items/codigo_202104/codigo.txt"; http_uri; nocase; content:"ia801802.us.archive.org"; content:"Host"; http_header; classtype:trojan-activity; sid:100005650; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/eng/wp-content/plugins/featurific-for-wordpress/1"; http_uri; nocase; content:"jointings.org"; content:"Host"; http_header; classtype:trojan-activity; sid:100005651; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/eng/wp-content/plugins/featurific-for-wordpress/2"; http_uri; nocase; content:"jointings.org"; content:"Host"; http_header; classtype:trojan-activity; sid:100005652; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/eng/wp-content/plugins/featurific-for-wordpress/3"; http_uri; nocase; content:"jointings.org"; content:"Host"; http_header; classtype:trojan-activity; sid:100005653; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/uploads/3/2/8/8/3288864/karma_koin_codes.exe"; http_uri; nocase; content:"karmakoincodes.weebly.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005654; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/down/affiliate/kuaizip_setup_10029.exe"; http_uri; nocase; content:"kuaizip.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005655; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/linuxforensicscode.zip"; http_uri; nocase; content:"linuxforensicsbook.com.s3.amazonaws.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005656; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/beb/nov_ewdeurc79.bin"; http_uri; nocase; content:"mindforcehypnosis.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005657; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/beb/nov_wklvcl99.bin"; http_uri; nocase; content:"mindforcehypnosis.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005658; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/fv/nov_uosjtyhz4.bin"; http_uri; nocase; content:"mindforcehypnosis.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005659; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/kly/nov_ctqipn222.bin"; http_uri; nocase; content:"mindforcehypnosis.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005660; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/kly/nov_rivaub27.bin"; http_uri; nocase; content:"mindforcehypnosis.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005661; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/kly/nov_tahruz238.bin"; http_uri; nocase; content:"mindforcehypnosis.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005662; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/xcc/decemberomo_irzmkqyh38.bin"; http_uri; nocase; content:"mindforcehypnosis.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005663; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/k/big5/1giof6/"; http_uri; nocase; content:"minpic.de"; content:"Host"; http_header; classtype:trojan-activity; sid:100005664; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/v1/ws2/:gianni1962/:ie6setup/ie6setup.exe"; http_uri; nocase; content:"my.cloudme.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005665; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/components/aacenc.exe"; http_uri; nocase; content:"nch.com.au"; content:"Host"; http_header; classtype:trojan-activity; sid:100005666; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/uploads/4/1/6/6/4166984/keygen.exe"; http_uri; nocase; content:"newyarlfm.weebly.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005667; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/yws/api/personal/file/web3a243b322cf83ca7cae587a92916bac7?method=download&inline=true&sharekey=649ac0bb5d5b13d15cbf50b2609e193a"; http_uri; nocase; content:"note.youdao.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005668; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/spreadsheets/osv_stock_valuation-sample-dummy.exe"; http_uri; nocase; content:"oldschoolvalue.s3.amazonaws.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005669; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?&resid=81445407a9f44d37!197&authkey=apuz15kftzlrysa"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005670; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?&resid=81445407a9f44d37!198&authkey=ags5rgb15_esaqq"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005671; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?&resid=b4c15a27928f663b!229&authkey=aiarm61fwmd_npe"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005672; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?&resid=b4c15a27928f663b!230&authkey=ancu1eabetiubzg"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005673; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?&resid=b4c15a27928f663b!231&authkey=ai9h3sk_luxran0"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005674; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?&resid=c127f9e0fb7cbbea!214&authkey=aat73nvghhjdr9g"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005675; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?authkey=!aase4ma0-vo_cls&cid=4df11eda676a355f&resid=4df11eda676a355f!140"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005676; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?authkey=!akd6uxvljtlvpxu&cid=4df11eda676a355f&resid=4df11eda676a355f!130"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005677; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?authkey=!aomvnemlpgwfuie&cid=4df11eda676a355f&resid=4df11eda676a355f!135"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005678; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?authkey=adf5p_kn8rjf29y&cid=34224e3e49966a27&resid=34224e3e49966a27%211732"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005679; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=013413cfbbbcfae4&resid=13413cfbbbcfae4%211656&authkey=ai9wpcp_k9okgk4"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005680; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=0153c2a7092ee91c&resid=153c2a7092ee91c!111&authkey=aemrwamaaaiyyjc"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005681; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=0153c2a7092ee91c&resid=153c2a7092ee91c%21111&authkey=aemrwamaaaiyyjc"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005682; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=0175cdbe2d2944c5&resid=175cdbe2d2944c5%21107&authkey=al6uptubjmmugo0"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005683; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=01f191d863b4d5a4&resid=1f191d863b4d5a4!157&authkey=aagcsm7chqez6uu"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005684; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=01f191d863b4d5a4&resid=1f191d863b4d5a4!158&authkey=amsoii5nr6pomhc"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005685; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=01f191d863b4d5a4&resid=1f191d863b4d5a4%21157&authkey=aagcsm7chqez6uu"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005686; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=01f191d863b4d5a4&resid=1f191d863b4d5a4%21158&authkey=amsoii5nr6pomhc"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005687; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=02e98840a4c9fd6c&resid=2e98840a4c9fd6c%211177&authkey=am0i98nwgvzgqvq"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005688; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=02e98840a4c9fd6c&resid=2e98840a4c9fd6c%211183&authkey=anv33trmzmi5cko"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005689; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=0319bb40eba80dcc&resid=319bb40eba80dcc%21110&authkey=ag8bs48lq9n-piw"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005690; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=0412fba39d6c52de&resid=412fba39d6c52de%2122035&authkey=aajbxysbkirrox4"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005691; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=045adcdfe91be4f5&resid=45adcdfe91be4f5%21318&authkey=aa6lutarluhyj48"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005692; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=0489c74de4facb30&resid=489c74de4facb30!109&authkey=ajo32arrzl_vwdq"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005693; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=062a585e433edce3&resid=62a585e433edce3%211618&authkey=ahzfppat_uettfg"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005694; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=087f57dcf1bd61bc&resid=87f57dcf1bd61bc!113&authkey=ap0wsc-rsiegllw"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005695; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=08c99a25df0f51c5&resid=8c99a25df0f51c5!198&authkey=amzashahr2ley9q"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005696; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=08c99a25df0f51c5&resid=8c99a25df0f51c5%21198&authkey=amzashahr2ley9q"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005697; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=09629e9967c87661&resid=9629e9967c87661%21148&authkey=aoymksies-dflr4"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005698; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=09eebe7829f6351d&resid=9eebe7829f6351d%21827&authkey=amysfuvfuc5jezq"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005699; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=0b476d68a3403083&resid=b476d68a3403083%21206&authkey=alcn68_ws-fhk4i"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005700; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=0d59c202e35694c2&resid=d59c202e35694c2!273&authkey=ae2m69e5nu3rrea"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005701; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=0d59c202e35694c2&resid=d59c202e35694c2!274&authkey=acqg0akutoxdpgo"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005702; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=0d59c202e35694c2&resid=d59c202e35694c2%21273&authkey=ae2m69e5nu3rrea"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005703; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=0d59c202e35694c2&resid=d59c202e35694c2%21274&authkey=acqg0akutoxdpgo"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005704; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=0f0a5aadc4c3c242&resid=f0a5aadc4c3c242!309&authkey=alfe36drai1zmwc"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005705; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=0f0a5aadc4c3c242&resid=f0a5aadc4c3c242%21309&authkey=alfe36drai1zmwc"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005706; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=0f51d04c9d556964&resid=f51d04c9d556964%21123&authkey=aco5hiwppfq8vrw"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005707; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=0f51d04c9d556964&resid=f51d04c9d556964%21124&authkey=ai6sfa2z-kqf6x0"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005708; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=125290ca4dc682c9&resid=125290ca4dc682c9%21452&authkey=afdp5rurqhdqa2a"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005709; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=13b301f1cb48f8cd&resid=13b301f1cb48f8cd%21106&authkey=aiae3olcs4lulz4"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005710; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=165468846f076ee7&resid=165468846f076ee7!118&authkey=antash3ig98aqte"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005711; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=165468846f076ee7&resid=165468846f076ee7%21118&authkey=antash3ig98aqte"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005712; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=174a158b69387a7e&resid=174a158b69387a7e!348&authkey=ahnjoxa4ufoxa54"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005713; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=174a158b69387a7e&resid=174a158b69387a7e%21348&authkey=ahnjoxa4ufoxa54"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005714; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=174c8f18de0ea9ad&resid=174c8f18de0ea9ad%21195&authkey=accfhr51m17nsmu"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005715; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=174c8f18de0ea9ad&resid=174c8f18de0ea9ad%21197&authkey=acglfn1jo7crduk"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005716; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=17c9dd2c155b28ae&resid=17c9dd2c155b28ae%214990&authkey=abasuweqark8pve"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005717; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=18418adacefed6e2&resid=18418adacefed6e2!126&authkey=ad4yflrisq6d82g"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005718; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=18418adacefed6e2&resid=18418adacefed6e2!129&authkey=apqoonsrce0ari4"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005719; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=18418adacefed6e2&resid=18418adacefed6e2%21126&authkey=ad4yflrisq6d82g"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005720; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=18418adacefed6e2&resid=18418adacefed6e2%21129&authkey=apqoonsrce0ari4"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005721; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=196e83840ef8c152&resid=196e83840ef8c152%21107&authkey=ah2lhjyd0ukjcve"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005722; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=1a162e8fcaaef5fa&resid=1a162e8fcaaef5fa%215495&authkey=aic7rmj1cm3rt2w"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005723; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=1c14977b48a91558&resid=1c14977b48a91558!8182&authkey=aautw8tvzxr5v3a"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005724; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=1c14977b48a91558&resid=1c14977b48a91558%218182&authkey=aautw8tvzxr5v3a"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005725; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=1dbdf62bc3c2b05b&resid=1dbdf62bc3c2b05b!134&authkey=ape6bhxn7c89z60"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005726; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=1f48501ee4e8735a&resid=1f48501ee4e8735a%215268&authkey=advgihzjzelvkdg"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005727; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=208dce306fa91736&resid=208dce306fa91736%21184&authkey=ae6l_lmeqbcwqs4"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005728; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=208dce306fa91736&resid=208dce306fa91736%21185&authkey=abpinbsiqu9kj0c"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005729; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=23423a594eafc2de&resid=23423a594eafc2de%21130&authkey=aeh1dm0c-5hp44a"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005730; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=24ef9e675b079af9&resid=24ef9e675b079af9%21155&authkey=afu-yax_gxxddoe"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005731; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=24ef9e675b079af9&resid=24ef9e675b079af9%21156&authkey=alqvv8nixrvsqrk"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005732; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=25288a421991d52c&resid=25288a421991d52c%211553&authkey=acw1z0sjljf_rwq"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005733; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=265daf943be0d06f&resid=265daf943be0d06f!191&authkey=ajvumpkzpla_nca"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005734; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=265daf943be0d06f&resid=265daf943be0d06f%21191&authkey=ajvumpkzpla_nca"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005735; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=26bbd7d5ad88dd29&resid=26bbd7d5ad88dd29%21115&authkey=acipfa3gbiqqcvu"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005736; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=26f87316a7e32bb5&resid=26f87316a7e32bb5%21106&authkey=aepqo5hlkxn1t1k"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005737; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=2831401bbac0235e&resid=2831401bbac0235e%211037&authkey=aagnkp6l76yhrlo"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005738; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=2968c371f5450503&resid=2968c371f5450503!122&authkey=aaqhhxbnwfwrz28"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005739; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=2968c371f5450503&resid=2968c371f5450503%21122&authkey=aaqhhxbnwfwrz28"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005740; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=2c1abc526306a6e1&resid=2c1abc526306a6e1%21106&authkey=adjthwhvjkbioc0"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005741; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=2c38c37ed8430789&resid=2c38c37ed8430789%21109&authkey=aopcxq3owfiv620"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005742; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=2c38c37ed8430789&resid=2c38c37ed8430789%21114&authkey=ajzoj0ujggsnxlo"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005743; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=2c38c37ed8430789&resid=2c38c37ed8430789%21115&authkey=aglznnsx71tbe9e"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005744; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=2cbd310015bc2d37&resid=2cbd310015bc2d37!183&authkey=akon9i9zzhusiuk"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005745; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=2cbd310015bc2d37&resid=2cbd310015bc2d37%21183&authkey=akon9i9zzhusiuk"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005746; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=2f4d6884e933cb1a&resid=2f4d6884e933cb1a!116&authkey=!abwledjhfsqwap4"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005747; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=2f4d6884e933cb1a&resid=2f4d6884e933cb1a!121&authkey=!aa0qbuuss-wb13w"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005748; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=2f947402293c14c1&resid=2f947402293c14c1!119&authkey=apmakx2cqb9rimu"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005749; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=2f947402293c14c1&resid=2f947402293c14c1%21118&authkey=acrl2iiem-zjer8"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005750; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=2f947402293c14c1&resid=2f947402293c14c1%21119&authkey=apmakx2cqb9rimu"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005751; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=2ffaa48ef4bec51a&resid=2ffaa48ef4bec51a%21107&authkey=aiohrvrc3uuo_cw"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005752; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=30d775d2cfa6e2fc&resid=30d775d2cfa6e2fc%21291&authkey=ah0cpc4rbrlfr-q"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005753; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=3112e77688f09693&resid=3112e77688f09693!320&authkey=aooujzuf408dclw"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005754; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=3112e77688f09693&resid=3112e77688f09693!321&authkey=almpxnbtsbzauna"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005755; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=3112e77688f09693&resid=3112e77688f09693%21320&authkey=aooujzuf408dclw"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005756; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=3112e77688f09693&resid=3112e77688f09693%21321&authkey=almpxnbtsbzauna"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005757; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=3164ddeba70d2263&resid=3164ddeba70d2263%21106&authkey=afkvqrm4zoor8qq"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005758; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=31771958ea3373a1&resid=31771958ea3373a1%21108&authkey=aiofxduo9rdb_-o"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005759; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=34207675f7506d94&resid=34207675f7506d94%21137&authkey=angxnhqpe2x5koc"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005760; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=3447601ab357f8c1&resid=3447601ab357f8c1!114&authkey=aitwerxd-t2cxl0"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005761; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=3541c4a292f61866&resid=3541c4a292f61866!107&authkey=af08d9zk1yestqa"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005762; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=3541c4a292f61866&resid=3541c4a292f61866%21107&authkey=af08d9zk1yestqa"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005763; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=3674d56d2003f59c&resid=3674d56d2003f59c!139&authkey=ap4bbakgkikau-a"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005764; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=3674d56d2003f59c&resid=3674d56d2003f59c%21139&authkey=ap4bbakgkikau-a"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005765; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=36f253758422a984&resid=36f253758422a984%21402&authkey=anpud5xyjui5kio"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005766; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=3892a0364cb5da65&resid=3892a0364cb5da65!152&authkey=am09sv26njxzyn0"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005767; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=3892a0364cb5da65&resid=3892a0364cb5da65!153&authkey=ajs0jkoeqkqjrze"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005768; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=3892a0364cb5da65&resid=3892a0364cb5da65%21152&authkey=am09sv26njxzyn0"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005769; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=3892a0364cb5da65&resid=3892a0364cb5da65%21153&authkey=ajs0jkoeqkqjrze"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005770; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=3a1715e2cb964f25&resid=3a1715e2cb964f25%213713&authkey=aortxmfnibnoqkk"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005771; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=3bcd34d8ac2d7789&resid=3bcd34d8ac2d7789%21432&authkey=aa_npsupyqb2kge"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005772; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=3bcd34d8ac2d7789&resid=3bcd34d8ac2d7789%21435&authkey=admsjhgpkbtcqzs"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005773; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=3f2905efa1c7ac3f&resid=3f2905efa1c7ac3f!154&authkey=aasj15d0g_p2pog"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005774; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=3f2905efa1c7ac3f&resid=3f2905efa1c7ac3f%21154&authkey=aasj15d0g_p2pog"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005775; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=4000200b3fb8c24f&resid=4000200b3fb8c24f!134&authkey=aaipzy8nllirlky"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005776; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=4000200b3fb8c24f&resid=4000200b3fb8c24f%21134&authkey=aaipzy8nllirlky"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005777; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=4126f108980f52bc&resid=4126f108980f52bc%21105&authkey=amsklypwskcidbe"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005778; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=4126f108980f52bc&resid=4126f108980f52bc%21109&authkey=aa2-otufhc5pu-e"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005779; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=44d422e98133708b&resid=44d422e98133708b%21108&authkey=akr9cesktucbqik"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005780; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=44d422e98133708b&resid=44d422e98133708b%21109&authkey=adzxmpjk-etbkjq"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005781; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=45f0213456d899c0&resid=45f0213456d899c0%211133&authkey=alwgkm79xod8hpy"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005782; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=46502a2c71554588&resid=46502a2c71554588!143&authkey=airoopqogitlz2a"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005783; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=46502a2c71554588&resid=46502a2c71554588!145&authkey=ajogqfyetrzpgga"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005784; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=46502a2c71554588&resid=46502a2c71554588%21143&authkey=airoopqogitlz2a"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005785; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=46502a2c71554588&resid=46502a2c71554588%21145&authkey=ajogqfyetrzpgga"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005786; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=470febb155be50fa&resid=470febb155be50fa!450&authkey=ahw0j-cme0jg6pw"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005787; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=470febb155be50fa&resid=470febb155be50fa%21450&authkey=ahw0j-cme0jg6pw"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005788; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=48772b66ecc4f214&resid=48772b66ecc4f214%218972&authkey=acedq6fjveu0njm"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005789; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=48772b66ecc4f214&resid=48772b66ecc4f214%218979&authkey=al8jcxfipyahgko"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005790; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=48ed7695f8804d66&resid=48ed7695f8804d66!13805&authkey=ae-zbfo2uwln_gg"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005791; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=48ed7695f8804d66&resid=48ed7695f8804d66!13806&authkey=aakiq-ymrjjodns"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005792; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=48ed7695f8804d66&resid=48ed7695f8804d66%2113805&authkey=ae-zbfo2uwln_gg"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005793; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=48ed7695f8804d66&resid=48ed7695f8804d66%2113806&authkey=aakiq-ymrjjodns"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005794; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=4b676ea3ff139b93&resid=4b676ea3ff139b93!133&authkey=amfix63glytflgo"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005795; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=4d4d07581d39b63d&resid=4d4d07581d39b63d%21127&authkey=ablg20r-aat_ob4"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005796; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=4d4d07581d39b63d&resid=4d4d07581d39b63d%21131&authkey=akbwlkrrtso_bqm"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005797; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=4df11eda676a355f&resid=4df11eda676a355f!130&authkey=!akd6uxvljtlvpxu"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005798; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=4e45a2988ed9335b&resid=4e45a2988ed9335b!108&authkey=anbjpqxg-iwr4g8"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005799; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=4e45a2988ed9335b&resid=4e45a2988ed9335b%21108&authkey=anbjpqxg-iwr4g8"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005800; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=4e57dde6c5c6b372&resid=4e57dde6c5c6b372%21337&authkey=ahhqrhiv2ei4xjc"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005801; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=4e57dde6c5c6b372&resid=4e57dde6c5c6b372%21344&authkey=aatlbjfo3tjnx2y"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005802; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=4f6d62d925bbffc6&resid=4f6d62d925bbffc6%21193&authkey=adkhkj_xe3my3s4"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005803; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=5012a067b5dec1df&resid=5012a067b5dec1df%21105&authkey=ajkwu0e9dzantl8"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005804; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=5012a067b5dec1df&resid=5012a067b5dec1df%21107&authkey=apd9um4_12-kpe0"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005805; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=5012a067b5dec1df&resid=5012a067b5dec1df%21116&authkey=anbj_rrcgyturjc"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005806; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=5012a067b5dec1df&resid=5012a067b5dec1df%21119&authkey=amrs3-3hsvcmtfs"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005807; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=5012a067b5dec1df&resid=5012a067b5dec1df%21158&authkey=aodderdrnvhruts"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005808; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=5012a067b5dec1df&resid=5012a067b5dec1df%21161&authkey=agdsfxdnre82jjc"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005809; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=5012a067b5dec1df&resid=5012a067b5dec1df%21192&authkey=agn2xvrvup-xvtg"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005810; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=5012a067b5dec1df&resid=5012a067b5dec1df%21206&authkey=ai1r52mhtbdnm2y"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005811; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=5012a067b5dec1df&resid=5012a067b5dec1df%21247&authkey=ae6weny1fa4pday"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005812; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=5012a067b5dec1df&resid=5012a067b5dec1df%21252&authkey=aphl0oi4r6lrty0"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005813; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=5012a067b5dec1df&resid=5012a067b5dec1df%21257&authkey=afnyvqwcghnyoas"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005814; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=5012a067b5dec1df&resid=5012a067b5dec1df%21265&authkey=abxqdhlwiurjvve"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005815; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=5012a067b5dec1df&resid=5012a067b5dec1df%21271&authkey=ae5qwlr5ceeptmy"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005816; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=5012a067b5dec1df&resid=5012a067b5dec1df%21272&authkey=ahrqeoaynibwt14"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005817; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=5012a067b5dec1df&resid=5012a067b5dec1df%21275&authkey=af_sgsaxsmaxg7i"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005818; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=5012a067b5dec1df&resid=5012a067b5dec1df%21289&authkey=angyngbqixtrjaa"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005819; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=5012a067b5dec1df&resid=5012a067b5dec1df%21293&authkey=acvh08asxosbwfu"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005820; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=5012a067b5dec1df&resid=5012a067b5dec1df%21299&authkey=amicxuotubpok2c"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005821; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=5012a067b5dec1df&resid=5012a067b5dec1df%21306&authkey=ahpivoukyerzcjy"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005822; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=5012a067b5dec1df&resid=5012a067b5dec1df%21314&authkey=aex2uv2-eiofr8q"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005823; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=5012a067b5dec1df&resid=5012a067b5dec1df%21332&authkey=ad0jmjxgbaebvbm"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005824; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=5012a067b5dec1df&resid=5012a067b5dec1df%21335&authkey=ah0vupcfbdfa6g4"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005825; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=5012a067b5dec1df&resid=5012a067b5dec1df%21357&authkey=ap8sswuqjjjexho"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005826; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=5012a067b5dec1df&resid=5012a067b5dec1df%21366&authkey=aoblpmbmx7o_v18"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005827; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=5012a067b5dec1df&resid=5012a067b5dec1df%21379&authkey=air-bsjj46et47q"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005828; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=5012a067b5dec1df&resid=5012a067b5dec1df%21389&authkey=aduenohuq_rbyhm"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005829; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=5012a067b5dec1df&resid=5012a067b5dec1df%21391&authkey=aa15sw51njbn_na"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005830; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=5012a067b5dec1df&resid=5012a067b5dec1df%21392&authkey=abp0heeg6ybn0lk"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005831; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=5012a067b5dec1df&resid=5012a067b5dec1df%21393&authkey=aa1pmur8sy8xtwe"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005832; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=501b63131ab62dd6&resid=501b63131ab62dd6%212718&authkey=aie0v1d-cusuabi"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005833; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=501b63131ab62dd6&resid=501b63131ab62dd6%212725&authkey=aanrz9et3bym3lc"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005834; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=501b63131ab62dd6&resid=501b63131ab62dd6%212728&authkey=ahsmbkltfrwgqjc"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005835; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=505be76830f4dc4c&resid=505be76830f4dc4c!395&authkey=alwvub_yhtogjxw"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005836; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=505be76830f4dc4c&resid=505be76830f4dc4c!398&authkey=abaa_tjd7ohh4so"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005837; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=505be76830f4dc4c&resid=505be76830f4dc4c!406&authkey=aarnp48wumgu6tq"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005838; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=505be76830f4dc4c&resid=505be76830f4dc4c!415&authkey=aglzsd6-g0nzj7s"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005839; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=505be76830f4dc4c&resid=505be76830f4dc4c!420&authkey=akk5droung_ecww"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005840; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=505be76830f4dc4c&resid=505be76830f4dc4c!440&authkey=ai7-dpr11wnzyq8"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005841; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=505be76830f4dc4c&resid=505be76830f4dc4c%21395&authkey=alwvub_yhtogjxw"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005842; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=505be76830f4dc4c&resid=505be76830f4dc4c%21398&authkey=abaa_tjd7ohh4so"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005843; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=505be76830f4dc4c&resid=505be76830f4dc4c%21406&authkey=aarnp48wumgu6tq"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005844; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=505be76830f4dc4c&resid=505be76830f4dc4c%21415&authkey=aglzsd6-g0nzj7s"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005845; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=505be76830f4dc4c&resid=505be76830f4dc4c%21420&authkey=akk5droung_ecww"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005846; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=505be76830f4dc4c&resid=505be76830f4dc4c%21440&authkey=ai7-dpr11wnzyq8"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005847; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=513190d240e51e0e&resid=513190d240e51e0e%211121&authkey=al_fmezwfay4za4"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005848; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=513190d240e51e0e&resid=513190d240e51e0e%211122&authkey=anz_q5njlanv2mu"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005849; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=52ca67cbc48c0212&resid=52ca67cbc48c0212%21110&authkey=akars6koxqzdwgi"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005850; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=52ca67cbc48c0212&resid=52ca67cbc48c0212%21112&authkey=aadare1gec7nzy8"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005851; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=53965c96e65f4f6d&resid=53965c96e65f4f6d!109&authkey=adriswrtwdpbuc8"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005852; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=53965c96e65f4f6d&resid=53965c96e65f4f6d!109&authkey=adriswrtwdpbuc8&em=2"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005853; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=53965c96e65f4f6d&resid=53965c96e65f4f6d%21109&authkey=adriswrtwdpbuc8&em=2"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005854; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=53c5e6b8f6893887&resid=53c5e6b8f6893887!802&authkey=aapuufivkn2zwu8"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005855; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=547b1e4a6b15bf97&resid=547b1e4a6b15bf97%21106&authkey=akgsmzqhemioz8g"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005856; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=54f92c3a2f5d8033&resid=54f92c3a2f5d8033%21200&authkey=aofadhhfwlm2gum"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005857; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=55381ffd75ef8cda&resid=55381ffd75ef8cda!270&authkey=aev4isgyubiofdi"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005858; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=554bbd19bdd72613&resid=554bbd19bdd72613!157&authkey=an55tjzt-9vbjfy"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005859; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=554bbd19bdd72613&resid=554bbd19bdd72613%21156&authkey=agiuawekkbxb_4o"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005860; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=55c9feaf3907aae5&resid=55c9feaf3907aae5%21208&authkey=adwuyrapfdzkyoa"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005861; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=5607da13ee53f950&resid=5607da13ee53f950!280&authkey=advq4p3xhfhinq8"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005862; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=5607da13ee53f950&resid=5607da13ee53f950%21280&authkey=advq4p3xhfhinq8"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005863; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=5629da828892367d&resid=5629da828892367d!803&authkey=aphjbq-bsg7ohpc"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005864; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=5696478acb744989&resid=5696478acb744989%21383&authkey=adldpuaya7kj1dk"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005865; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=5696478acb744989&resid=5696478acb744989%21384&authkey=alsuxvtsof32vea"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005866; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=57c0958db500fe0b&resid=57c0958db500fe0b!68197&authkey=aowpm7ocl_21-oc"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005867; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=57c0958db500fe0b&resid=57c0958db500fe0b%2168197&authkey=aowpm7ocl_21-oc"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005868; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=59389d626d829e8c&resid=59389d626d829e8c%212940&authkey=anx1ngd27vqeiwo"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005869; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=5b77f86dc0fa2bdf&resid=5b77f86dc0fa2bdf!823&authkey=aozjovjtbrnja-g"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005870; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=5b77f86dc0fa2bdf&resid=5b77f86dc0fa2bdf!826&authkey=aopisf0dvqlguke"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005871; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=5b77f86dc0fa2bdf&resid=5b77f86dc0fa2bdf%21823&authkey=aozjovjtbrnja-g"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005872; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=5b77f86dc0fa2bdf&resid=5b77f86dc0fa2bdf%21826&authkey=aopisf0dvqlguke"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005873; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=5bf0e9600d9f9da0&resid=5bf0e9600d9f9da0%211568&authkey=aemrnwoi75oflva"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005874; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=5bf0e9600d9f9da0&resid=5bf0e9600d9f9da0%211572&authkey=aelz-gxlrxcwtnc"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005875; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=5bf0e9600d9f9da0&resid=5bf0e9600d9f9da0%211573&authkey=ahksfdvda0doles"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005876; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=5c5404bd403dbdc9&resid=5c5404bd403dbdc9!4464&authkey=ajskjf2hshbudeg"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005877; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=5f3a7a50acb94052&resid=5f3a7a50acb94052!406&authkey=aeyeq5j9zfepgai"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005878; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=5f3a7a50acb94052&resid=5f3a7a50acb94052!407&authkey=adnh8af-rvoxlcc"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005879; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=5f3a7a50acb94052&resid=5f3a7a50acb94052%21406&authkey=aeyeq5j9zfepgai"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005880; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=5f3a7a50acb94052&resid=5f3a7a50acb94052%21407&authkey=adnh8af-rvoxlcc"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005881; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=5fb9958ff55c0123&resid=5fb9958ff55c0123%21892&authkey=apwphufzjdtsedw"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005882; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=5fb9958ff55c0123&resid=5fb9958ff55c0123%21897&authkey=aomt6el1av5ruc8"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005883; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=604aa6c584db9137&resid=604aa6c584db9137%21121&authkey=adjzlorvgx_ezhq"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005884; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=604aa6c584db9137&resid=604aa6c584db9137%21123&authkey=ancfnepawtbmnug"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005885; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=604aa6c584db9137&resid=604aa6c584db9137%21124&authkey=ao7bknnuodxtfua"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005886; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=604aa6c584db9137&resid=604aa6c584db9137%21126&authkey=an6sswp8an1kfoe"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005887; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=607978009e823f21&resid=607978009e823f21!446&authkey=aofddjtovqbb_3i"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005888; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=6196314c52185efc&resid=6196314c52185efc%21106&authkey=ape4rx1hrtmrxxe"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005889; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=65d5e5f1b48c0d94&resid=65d5e5f1b48c0d94!852&authkey=adzvvmms349gxmi"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005890; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=65f2f37122477ee7&resid=65f2f37122477ee7%211001&authkey=ap3umqxngmtk-6e"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005891; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=6605275726c6094a&resid=6605275726c6094a%21129&authkey=ak5szbnikeklmzk"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005892; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=6605275726c6094a&resid=6605275726c6094a%21132&authkey=ad3ia_1wkq0lyd4"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005893; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=6608a4dea9ff5918&resid=6608a4dea9ff5918%21399&authkey=aoya7flv_s9toxo"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005894; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=67f7a3925acbb2ad&resid=67f7a3925acbb2ad!1421&authkey=adixg2-asekemjw"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005895; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=67f7a3925acbb2ad&resid=67f7a3925acbb2ad%211421&authkey=adixg2-asekemjw"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005896; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=6819bca13312697b&resid=6819bca13312697b%213096&authkey=aob-cm9vv6erxqg"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005897; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=6819bca13312697b&resid=6819bca13312697b%213097&authkey=abcuevfyu6pdw70"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005898; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=69b503a3f081a183&resid=69b503a3f081a183%21111&authkey=aazm9wlg1rvgzoc"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005899; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=6a1602e410531072&resid=6a1602e410531072!112&authkey=aasndgbcwol3mys"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005900; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=6a1602e410531072&resid=6a1602e410531072!113&authkey=ak3tzu1lg4uuh5m"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005901; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=6a1602e410531072&resid=6a1602e410531072%21112&authkey=aasndgbcwol3mys"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005902; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=6a1602e410531072&resid=6a1602e410531072%21113&authkey=ak3tzu1lg4uuh5m"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005903; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=6a4147b45f4b0876&resid=6a4147b45f4b0876%21108&authkey=ameouv2jdxo5obw"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005904; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=6a4147b45f4b0876&resid=6a4147b45f4b0876%21119&authkey=aazzzrl7mv2xbwq"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005905; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=6a7b40a2bc530c6c&resid=6a7b40a2bc530c6c%21112&authkey=afuov36rbymlvxm"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005906; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=6b3ee3b3b5fb10d3&resid=6b3ee3b3b5fb10d3!118&authkey=aepf8f3mfmlsng0"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005907; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=6b3ee3b3b5fb10d3&resid=6b3ee3b3b5fb10d3%21118&authkey=aepf8f3mfmlsng0"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005908; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=6b71cecfb2f8c8a7&resid=6b71cecfb2f8c8a7!1154&authkey=acnbdscb8-rbmcu"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005909; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=6b71cecfb2f8c8a7&resid=6b71cecfb2f8c8a7%211154&authkey=acnbdscb8-rbmcu"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005910; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=6e551f13c97e830a&resid=6e551f13c97e830a%21474&authkey=aifmcykqojaq60u"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005911; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=70c4976fc04ddb54&resid=70c4976fc04ddb54%21106&authkey=apvhok6edhtogfu"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005912; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=70c4976fc04ddb54&resid=70c4976fc04ddb54%21115&authkey=amc_k1nnlywdc4i"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005913; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=724b5c509337556e&resid=724b5c509337556e%21908&authkey=agcbb3nakpteyam"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005914; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=7285f51e65036769&resid=7285f51e65036769%21264&authkey=akyjvrz006qlble"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005915; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=7366fefc2190d2e3&resid=7366fefc2190d2e3%21243&authkey=apivjmxivosek60"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005916; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=7366fefc2190d2e3&resid=7366fefc2190d2e3%21256&authkey=adljht0ogfq775k"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005917; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=7366fefc2190d2e3&resid=7366fefc2190d2e3%21260&authkey=aig6cydr4_e-qj8"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005918; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=7366fefc2190d2e3&resid=7366fefc2190d2e3%21262&authkey=ak4fiz1-a1ks8rg"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005919; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=7366fefc2190d2e3&resid=7366fefc2190d2e3%21264&authkey=aizkjymvlgqwpte"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005920; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=77518d098ad4dfb0&resid=77518d098ad4dfb0%21939&authkey=akzqobxxxn89z34"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005921; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=78bfb08e0f7bc86f&resid=78bfb08e0f7bc86f%21111&authkey=aggnhgqj6uhxm2w"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005922; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=78bfb08e0f7bc86f&resid=78bfb08e0f7bc86f%21112&authkey=abser1xtkpb3-ta"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005923; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=78bfb08e0f7bc86f&resid=78bfb08e0f7bc86f%21117&authkey=aivf1ddcvvu22em"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005924; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=7a5e689dd1dc641f&resid=7a5e689dd1dc641f!119&authkey=aozjai26izprqto"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005925; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=7a5e689dd1dc641f&resid=7a5e689dd1dc641f!120&authkey=ajj7ueqjvobgfum"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005926; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=7a5e689dd1dc641f&resid=7a5e689dd1dc641f%21119&authkey=aozjai26izprqto"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005927; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=7a5e689dd1dc641f&resid=7a5e689dd1dc641f%21120&authkey=ajj7ueqjvobgfum"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005928; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=7c1fc7da38ab958e&resid=7c1fc7da38ab958e!146&authkey=aktmjqz8n4s_sbm"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005929; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=7c41ddcfa01aeff7&resid=7c41ddcfa01aeff7!5295&authkey=aasceqj1mdodeuo"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005930; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=7c41ddcfa01aeff7&resid=7c41ddcfa01aeff7!5296&authkey=ank3vz5syaf6bny"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005931; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=7c41ddcfa01aeff7&resid=7c41ddcfa01aeff7!5298&authkey=albzyizuqczfv9s"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005932; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=7c41ddcfa01aeff7&resid=7c41ddcfa01aeff7%215295&authkey=aasceqj1mdodeuo"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005933; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=7c41ddcfa01aeff7&resid=7c41ddcfa01aeff7%215296&authkey=ank3vz5syaf6bny"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005934; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=7c41ddcfa01aeff7&resid=7c41ddcfa01aeff7%215298&authkey=albzyizuqczfv9s"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005935; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=7d109f249b512466&resid=7d109f249b512466!543&authkey=acqc4xjghclmwbs"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005936; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=7e778f544ede5f73&resid=7e778f544ede5f73%211270&authkey=afzzvoio9f5qgbe"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005937; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=7e81645429ac5a22&resid=7e81645429ac5a22%21105&authkey=aa691jwf5wqi80c"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005938; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=7f5b26d7f02a87af&resid=7f5b26d7f02a87af%211204&authkey=am2v4dncjqjucas"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005939; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=7f5b26d7f02a87af&resid=7f5b26d7f02a87af%211220&authkey=amh_oy4-xxsv5u8"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005940; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=7fed4fbea32e3c1e&resid=7fed4fbea32e3c1e%21107&authkey=aeoxfycpolifch0"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005941; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=806bac90dc071edf&resid=806bac90dc071edf!105&authkey=!ao7jyz6-licb8hq"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005942; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=81c2d8b116274e17&resid=81c2d8b116274e17%21107&authkey=aaqw-t4dx2sbvda"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005943; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=82977114b1af209d&resid=82977114b1af209d!220&authkey=abuin5vdedjughm"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005944; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=850ddf1b98071979&resid=850ddf1b98071979%21272&authkey=ach9j2qyxffq_-e"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005945; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=860a0980486c93fa&resid=860a0980486c93fa!303&authkey=!agcmlab4r6syfvk"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005946; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=87dc3e587977c459&resid=87dc3e587977c459%21164&authkey=agbeiinncf8ok_4"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005947; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=87dc3e587977c459&resid=87dc3e587977c459%21165&authkey=aiof8rdvxglnm-c"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005948; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=883587d3e32ee1c4&resid=883587d3e32ee1c4!2402&authkey=amigiam45mt6jia"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005949; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=883587d3e32ee1c4&resid=883587d3e32ee1c4%212402&authkey=amigiam45mt6jia"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005950; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=890837b4e4ca07c6&resid=890837b4e4ca07c6%21289&authkey=abujc0akmtbsxf4"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005951; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=8a1574ed0cecd68a&resid=8a1574ed0cecd68a%21395&authkey=ane01evt0sz-1wk"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005952; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=8c77cee60e33a6b1&resid=8c77cee60e33a6b1%21106&authkey=af8h8jn801bjnbk"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005953; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=8ffd8cbd6540c065&resid=8ffd8cbd6540c065!822&authkey=acfj7bbrmktj1i0"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005954; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=911a03165832a3d6&resid=911a03165832a3d6%21276&authkey=afig5wsljtdc33s"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005955; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=911a03165832a3d6&resid=911a03165832a3d6%21278&authkey=abdo23i3bvy0_my"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005956; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=914146ba02b70d25&resid=914146ba02b70d25!130&authkey=ais_g9dqoddonsc"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005957; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=914146ba02b70d25&resid=914146ba02b70d25%21106&authkey=ahfgxp0p6nk0eby"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005958; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=914146ba02b70d25&resid=914146ba02b70d25%21109&authkey=akr1n3qxtmnttuo"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005959; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=914146ba02b70d25&resid=914146ba02b70d25%21113&authkey=ajpvf1h89sqstti"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005960; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=934ea1b22867831c&resid=934ea1b22867831c%211247&authkey=agahe1sb0a4gbes"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005961; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=9380514f67248562&resid=9380514f67248562%21482&authkey=abogxllcxeax5i4"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005962; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=944cfbbd7823d265&resid=944cfbbd7823d265%21105&authkey=ah9x7rn0p03kd_m"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005963; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=944cfbbd7823d265&resid=944cfbbd7823d265%21110&authkey=ammswulpdsjeu4w"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005964; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=94fefff7000581d3&resid=94fefff7000581d3!107&authkey=ac-m9dlvo5l7wfk"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005965; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=94fefff7000581d3&resid=94fefff7000581d3%21107&authkey=ac-m9dlvo5l7wfk"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005966; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=96a54b19ff5f6bab&resid=96a54b19ff5f6bab%21107&authkey=anxv07ez7s5sh_k"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005967; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=98103c88c2d68867&resid=98103c88c2d68867!773&authkey=akptbml43mi4ufc"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005968; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=982b2c4bb2a23649&resid=982b2c4bb2a23649%211925&authkey=amhhfhcsigeue9w"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005969; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=982b2c4bb2a23649&resid=982b2c4bb2a23649%211927&authkey=an_3paqpemptbvm"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005970; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=982b2c4bb2a23649&resid=982b2c4bb2a23649%211953&authkey=abdfqiyruwplpo0"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005971; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=982b2c4bb2a23649&resid=982b2c4bb2a23649%211954&authkey=aok-srkhxjazccy"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005972; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=9a8688776fe2dbf4&resid=9a8688776fe2dbf4%21172&authkey=ahharhcv0fmn5fm"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005973; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=9a8688776fe2dbf4&resid=9a8688776fe2dbf4%21173&authkey=aecb3qcquacvzhi"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005974; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=9a8688776fe2dbf4&resid=9a8688776fe2dbf4%21174&authkey=afv7cprqwxezgsi"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005975; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=9a8688776fe2dbf4&resid=9a8688776fe2dbf4%21177&authkey=als6_be40lt5jk8"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005976; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=9e4e4faca91ad3d2&resid=9e4e4faca91ad3d2!113&authkey=akeqdnxllfzf8hq"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005977; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=9e4e4faca91ad3d2&resid=9e4e4faca91ad3d2%21113&authkey=akeqdnxllfzf8hq"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005978; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=9fba865c1fdce17f&resid=9fba865c1fdce17f%211109&authkey=achpeiyvsphyn9o"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005979; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=a023fe2d1ac611f2&resid=a023fe2d1ac611f2!514&authkey=alaxh02uycquui4"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005980; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=a04a98741fafee2b&resid=a04a98741fafee2b%211857&authkey=af3qhnjtfnffevi"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005981; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=a1c8c8055848b889&resid=a1c8c8055848b889!111&authkey=agzlftsgr4lspvo"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005982; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=a1e292fc31781e42&resid=a1e292fc31781e42!264&authkey=ahwhlnt55uqzxei"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005983; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=a1e292fc31781e42&resid=a1e292fc31781e42%21264&authkey=ahwhlnt55uqzxei"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005984; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=a263f254a0224137&resid=a263f254a0224137%211109&authkey=anmk57mbalfvk6k"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005985; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=a2cd2cdb93584d7e&resid=a2cd2cdb93584d7e%21106&authkey=aeifpqbwo1s3dyq"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005986; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=a4000de54b92dcc6&resid=a4000de54b92dcc6%211064&authkey=apebndb6tstxywi"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005987; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=a4000de54b92dcc6&resid=a4000de54b92dcc6%211065&authkey=aca4_dggi5gbbfs"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005988; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=a4000de54b92dcc6&resid=a4000de54b92dcc6%211067&authkey=ae-3ej9zzj4ibhw"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005989; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=a4000de54b92dcc6&resid=a4000de54b92dcc6%211069&authkey=agx6b8qjt_clm-o"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005990; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=a502994ea313f5c7&resid=a502994ea313f5c7%21215&authkey=aiydvejv0l8stbs"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005991; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=a6dd95780c6c7e21&resid=a6dd95780c6c7e21!6053&authkey=agfh0ahstj7rrki"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005992; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=a6dd95780c6c7e21&resid=a6dd95780c6c7e21%216053&authkey=agfh0ahstj7rrki"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005993; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=a75074ec168603e4&resid=a75074ec168603e4%21108&authkey=apnjueurszwr7fi"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005994; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=aa4e252db942faec&resid=aa4e252db942faec%21168&authkey=anlnjo7xnwtswuk"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005995; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=ae28961c75435487&resid=ae28961c75435487%21106&authkey=alph5awcis8r9iw"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005996; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=ae80108520d75992&resid=ae80108520d75992!113&authkey=agh9q_zzyjjcspc"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005997; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=ae80108520d75992&resid=ae80108520d75992%21113&authkey=agh9q_zzyjjcspc"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005998; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=af84ebf13dd5499c&resid=af84ebf13dd5499c!167&authkey=anqr_yvn_hdh2_e"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100005999; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=b03ee17d51411308&resid=b03ee17d51411308!2152&authkey=abutaac83l5utks"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006000; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=b03ee17d51411308&resid=b03ee17d51411308%212152&authkey=abutaac83l5utks"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006001; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=b1239884e2deb3b9&resid=b1239884e2deb3b9%21650&authkey=aht-wbxsofyx33u"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006002; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=b1239884e2deb3b9&resid=b1239884e2deb3b9%21651&authkey=aebbyk6sevdmzgm"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006003; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=b1239884e2deb3b9&resid=b1239884e2deb3b9%21652&authkey=afsw5wahxo5kwjy"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006004; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=b1c3a5ef115e135c&resid=b1c3a5ef115e135c%216219&authkey=ahr7bklirbub0pc"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006005; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=b3805920e5eb0711&resid=b3805920e5eb0711%21120&authkey=aozmspl2dqkgkgy"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006006; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=b3805920e5eb0711&resid=b3805920e5eb0711%21123&authkey=aj18p0rtfbtwa84"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006007; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=b3a118354e81d1bb&resid=b3a118354e81d1bb%21139&authkey=ahwfjvw4zmjukeo"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006008; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=b3a118354e81d1bb&resid=b3a118354e81d1bb%21140&authkey=aksvfpmrfqrrggw"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006009; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=b3a118354e81d1bb&resid=b3a118354e81d1bb%21141&authkey=acznh6clby0qyww"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006010; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=b3a118354e81d1bb&resid=b3a118354e81d1bb%21142&authkey=ajf7j1rr3d7jcxy"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006011; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=b3a118354e81d1bb&resid=b3a118354e81d1bb%21143&authkey=ahs21wnsqb_vu9w"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006012; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=b50c4248502103d0&resid=b50c4248502103d0%21107&authkey=alf1nley7ja4dbq"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006013; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=b5ea8d4249d866e6&resid=b5ea8d4249d866e6!164&authkey=adfsfcdaw3biboy"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006014; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=b5ea8d4249d866e6&resid=b5ea8d4249d866e6%21164&authkey=adfsfcdaw3biboy"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006015; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=b68f720bdb7557e9&resid=b68f720bdb7557e9%21124&authkey=aajm5susw8vx6ga"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006016; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=b7cb31db66675eb4&resid=b7cb31db66675eb4%21922&authkey=aghayyucvwey7lg"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006017; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=b86046e8cbd4254b&resid=b86046e8cbd4254b%21115&authkey=agwstptwpaquleg"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006018; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=b8ba73db68da7c0b&resid=b8ba73db68da7c0b!7521&authkey=ablt9zdyq2d4rb0"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006019; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=b8ba73db68da7c0b&resid=b8ba73db68da7c0b%217521&authkey=ablt9zdyq2d4rb0"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006020; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=b90c1aa3b6cd0326&resid=b90c1aa3b6cd0326%21471&authkey=aoil8ra4oc4s_2m"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006021; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=b9690a1860a591d0&resid=b9690a1860a591d0%21161&authkey=aehawjpwf6tqtm8"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006022; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=bac03012ec7bd279&resid=bac03012ec7bd279%21134&authkey=aleqfpsaed1cg5a"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006023; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=bac03012ec7bd279&resid=bac03012ec7bd279%21135&authkey=ajowleaql9x5hly"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006024; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=bac03012ec7bd279&resid=bac03012ec7bd279%21136&authkey=aea0cqph-5qisew"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006025; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=beaf30da1f621c9b&resid=beaf30da1f621c9b!246&authkey=afyrchdutalpu90"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006026; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=beaf30da1f621c9b&resid=beaf30da1f621c9b%21246&authkey=afyrchdutalpu90"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006027; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=bf83d9247c2329e0&resid=bf83d9247c2329e0%211108&authkey=absaw-bpqrc6mpq"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006028; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=c121261804708478&resid=c121261804708478%214199&authkey=adgqe8qiyu92bqm"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006029; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=c121261804708478&resid=c121261804708478%214200&authkey=adqtju8i3nmlgai"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006030; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=c121261804708478&resid=c121261804708478%214201&authkey=ahqber27s7gg8kk"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006031; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=c359b1a8babc6019&resid=c359b1a8babc6019!1251&authkey=act34eizpzjugfa"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006032; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=c359b1a8babc6019&resid=c359b1a8babc6019%211251&authkey=act34eizpzjugfa"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006033; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=c3d8ad85ba2add4e&resid=c3d8ad85ba2add4e!1337&authkey=afnvu1fsuczht5e"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006034; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=c3d8ad85ba2add4e&resid=c3d8ad85ba2add4e!1338&authkey=ajngambosws75_c"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006035; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=c3d8ad85ba2add4e&resid=c3d8ad85ba2add4e!1340&authkey=al1ay3fbtude6d8"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006036; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=c3d8ad85ba2add4e&resid=c3d8ad85ba2add4e!1342&authkey=acpr_htn2jtaxfu"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006037; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=c3d8ad85ba2add4e&resid=c3d8ad85ba2add4e!1343&authkey=abodysrxu9l2xxu"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006038; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=c3d8ad85ba2add4e&resid=c3d8ad85ba2add4e!1344&authkey=aozerppd6mnokwy"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006039; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=c3d8ad85ba2add4e&resid=c3d8ad85ba2add4e!1345&authkey=aevvyhonxhtcdh0"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006040; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=c3d8ad85ba2add4e&resid=c3d8ad85ba2add4e!1346&authkey=achrnf5vlov1gf4"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006041; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=c3d8ad85ba2add4e&resid=c3d8ad85ba2add4e!1347&authkey=al-zge-ttvr921s"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006042; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=c3d8ad85ba2add4e&resid=c3d8ad85ba2add4e%211337&authkey=afnvu1fsuczht5e"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006043; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=c3d8ad85ba2add4e&resid=c3d8ad85ba2add4e%211338&authkey=ajngambosws75_c"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006044; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=c3d8ad85ba2add4e&resid=c3d8ad85ba2add4e%211340&authkey=al1ay3fbtude6d8"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006045; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=c3d8ad85ba2add4e&resid=c3d8ad85ba2add4e%211343&authkey=abodysrxu9l2xxu"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006046; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=c3d8ad85ba2add4e&resid=c3d8ad85ba2add4e%211344&authkey=aozerppd6mnokwy"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006047; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=c3d8ad85ba2add4e&resid=c3d8ad85ba2add4e%211345&authkey=aevvyhonxhtcdh0"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006048; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=c3d8ad85ba2add4e&resid=c3d8ad85ba2add4e%211346&authkey=achrnf5vlov1gf4"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006049; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=c3d8ad85ba2add4e&resid=c3d8ad85ba2add4e%211347&authkey=al-zge-ttvr921s"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006050; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=c701663053a57d59&resid=c701663053a57d59%211009&authkey=ahowgkak7j0p2q8"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006051; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=c719b388e99d5356&resid=c719b388e99d5356%21148&authkey=aksdwp8mbv2h0gg"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006052; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=c71b410673c49a80&resid=c71b410673c49a80%21486&authkey=amy4euf_rrlcykc"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006053; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=c71b410673c49a80&resid=c71b410673c49a80%21489&authkey=ako3anwfnqfohnc"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006054; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=c80630c4d385fb9d&resid=c80630c4d385fb9d%21286&authkey=amgaucv8bld_5qs"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006055; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=cb64e6e1a6ce15a2&resid=cb64e6e1a6ce15a2!109&authkey=ac4gxwjoopafr9a"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006056; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=cb64e6e1a6ce15a2&resid=cb64e6e1a6ce15a2%21109&authkey=ac4gxwjoopafr9a"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006057; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=cc4ef05c46583174&resid=cc4ef05c46583174%218398&authkey=abkwfajwcwtg0xm"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006058; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=cc4ef05c46583174&resid=cc4ef05c46583174%219485&authkey=amqopb-mtbphioa"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006059; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=ce34e56174adf49f&resid=ce34e56174adf49f%21119&authkey=afa-eyd-ubl3kum"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006060; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=ce8b733b5e29c6fa&resid=ce8b733b5e29c6fa%212056&authkey=aldbghtwoxcmbsa"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006061; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=cf0c6d1a4c15233d&resid=cf0c6d1a4c15233d!742&authkey=akbxju17f8g0r2s"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006062; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=cf0c6d1a4c15233d&resid=cf0c6d1a4c15233d!744&authkey=adak4zftd0yhhhs"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006063; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=cf0c6d1a4c15233d&resid=cf0c6d1a4c15233d%21742&authkey=akbxju17f8g0r2s"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006064; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=cf0c6d1a4c15233d&resid=cf0c6d1a4c15233d%21744&authkey=adak4zftd0yhhhs"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006065; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=d06d60404544fb85&resid=d06d60404544fb85!872&authkey=ap9hchztywo8zuo"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006066; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=d06d60404544fb85&resid=d06d60404544fb85!874&authkey=alkzcbxz-dscgum"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006067; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=d06d60404544fb85&resid=d06d60404544fb85!875&authkey=aka55ybdhqnoc6c"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006068; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=d06d60404544fb85&resid=d06d60404544fb85%21872&authkey=ap9hchztywo8zuo"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006069; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=d06d60404544fb85&resid=d06d60404544fb85%21874&authkey=alkzcbxz-dscgum"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006070; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=d06d60404544fb85&resid=d06d60404544fb85%21875&authkey=aka55ybdhqnoc6c"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006071; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=d2a609584332b259&resid=d2a609584332b259%211958&authkey=agr4wwgmoavw9jy"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006072; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=d2f3748954f6f8a8&resid=d2f3748954f6f8a8%21119&authkey=aex5s9uoun2zps0"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006073; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=d718e3c8e3bc53c0&resid=d718e3c8e3bc53c0!191&authkey=ajl2uegqunsgc3q"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006074; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=d718e3c8e3bc53c0&resid=d718e3c8e3bc53c0!192&authkey=acd_hx4bka3z0nw"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006075; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=d718e3c8e3bc53c0&resid=d718e3c8e3bc53c0%21191&authkey=ajl2uegqunsgc3q"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006076; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=d718e3c8e3bc53c0&resid=d718e3c8e3bc53c0%21192&authkey=acd_hx4bka3z0nw"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006077; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=d718e3c8e3bc53c0&resid=d718e3c8e3bc53c0%21193&authkey=ah68m6pamjvyscy"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006078; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=db0fc77df51690e1&resid=db0fc77df51690e1%21802&authkey=apefr8w_rdk--pe"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006079; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=db5548cd728f142b&resid=db5548cd728f142b%21187&authkey=aansxudby0o7uwq"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006080; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=db62f747c6d887d0&resid=db62f747c6d887d0%21111&authkey=ai2guftczvfehs4"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006081; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=dcd65237fcd1a1a9&resid=dcd65237fcd1a1a9%21162&authkey=aprqs0hugnfo6uq"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006082; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=dd0a0ec58f4ac5f5&resid=dd0a0ec58f4ac5f5!7527&authkey=aipybipwht56um8"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006083; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=dd0a0ec58f4ac5f5&resid=dd0a0ec58f4ac5f5!7530&authkey=am9p2ic6zdkgfmy"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006084; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=dd0a0ec58f4ac5f5&resid=dd0a0ec58f4ac5f5!7532&authkey=aonjnubquvon_uk"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006085; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=dd0a0ec58f4ac5f5&resid=dd0a0ec58f4ac5f5%217527&authkey=aipybipwht56um8"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006086; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=dd0a0ec58f4ac5f5&resid=dd0a0ec58f4ac5f5%217530&authkey=am9p2ic6zdkgfmy"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006087; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=dd0a0ec58f4ac5f5&resid=dd0a0ec58f4ac5f5%217532&authkey=aonjnubquvon_uk"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006088; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=df679db45a35617c&resid=df679db45a35617c!2852&authkey=aoqhnxwkqyfsyvs"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006089; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=df679db45a35617c&resid=df679db45a35617c!2853&authkey=aahjdvnvn--b37k"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006090; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=df679db45a35617c&resid=df679db45a35617c%212852&authkey=aoqhnxwkqyfsyvs"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006091; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=df679db45a35617c&resid=df679db45a35617c%212853&authkey=aahjdvnvn--b37k"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006092; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=e08e2d452e10fc69&resid=e08e2d452e10fc69%21107&authkey=akrabrcroiddkxw"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006093; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=e08e2d452e10fc69&resid=e08e2d452e10fc69%21115&authkey=ad1ncwtj_zcjsh0"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006094; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=e08e2d452e10fc69&resid=e08e2d452e10fc69%21132&authkey=akpbxohbtjebyn4"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006095; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=e08e2d452e10fc69&resid=e08e2d452e10fc69%21150&authkey=aevazjbqnu7cmjs"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006096; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=e08e2d452e10fc69&resid=e08e2d452e10fc69%21160&authkey=aiendf-9lyln0x0"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006097; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=e1065ab3e86a5fc2&resid=e1065ab3e86a5fc2%211443&authkey=apybkcvf4iwxp_q"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006098; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=e2ea0eaee1f43ce2&resid=e2ea0eaee1f43ce2!129&authkey=afk5vdt49soo3co"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006099; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=e2ea0eaee1f43ce2&resid=e2ea0eaee1f43ce2%21129&authkey=afk5vdt49soo3co"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006100; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=e3ddc3980f743711&resid=e3ddc3980f743711%21795&authkey=aptivsvyk2we5xc"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006101; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=e424d4f4fe44dedf&resid=e424d4f4fe44dedf%21745&authkey=ah1i_jo73zgdxpc"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006102; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=e424d4f4fe44dedf&resid=e424d4f4fe44dedf%21746&authkey=ag1mhwlznwdxpw0"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006103; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=e4b1e1072dc91f5c&resid=e4b1e1072dc91f5c!509&authkey=akmdyqkzcsuf_gg"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006104; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=e4b1e1072dc91f5c&resid=e4b1e1072dc91f5c!511&authkey=agfs0q7dz7os1lu"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006105; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=e4b1e1072dc91f5c&resid=e4b1e1072dc91f5c%21511&authkey=agfs0q7dz7os1lu"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006106; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=e54ea4e0368d023b&resid=e54ea4e0368d023b%21106&authkey=aozas6g9pm0fzvq"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006107; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=e790c3d4dd4fa5db&resid=e790c3d4dd4fa5db%21349&authkey=ae9ea8jdsa7vmom"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006108; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=e790c3d4dd4fa5db&resid=e790c3d4dd4fa5db%21350&authkey=ao-vuexoihzj7da"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006109; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=e859da0f2c81d5f2&resid=e859da0f2c81d5f2!142&authkey=ais88uad5aom6qu"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006110; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=e859da0f2c81d5f2&resid=e859da0f2c81d5f2%21142&authkey=ais88uad5aom6qu"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006111; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=e97110434470423e&resid=e97110434470423e%21113&authkey=afowclex54if0g0"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006112; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=e9a57719b11feb33&resid=e9a57719b11feb33!1192&authkey=apnhep6fmmxxdkw"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006113; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=e9a57719b11feb33&resid=e9a57719b11feb33%211192&authkey=apnhep6fmmxxdkw"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006114; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=ead0e1196bd04320&resid=ead0e1196bd04320%211215&authkey=ac1jr_bieufz0ai"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006115; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=ead0e1196bd04320&resid=ead0e1196bd04320%211219&authkey=akgo75rmvr4khlc"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006116; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=ebacca5dec27fd20&resid=ebacca5dec27fd20%2118735&authkey=ajfyl1mzidnylc8"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006117; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=edd7401a7180b54c&resid=edd7401a7180b54c%21113&authkey=aovavpmokd2jrns"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006118; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=edd7401a7180b54c&resid=edd7401a7180b54c%21116&authkey=aadnj5xyfasugu8"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006119; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=ee68e098d6c84d9b&resid=ee68e098d6c84d9b!4955&authkey=agjfpa2jl8mwn_k"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006120; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=efdf2c8d834a1928&resid=efdf2c8d834a1928!202&authkey=ah1gjq8j29darw4"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006121; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=efdf2c8d834a1928&resid=efdf2c8d834a1928!203&authkey=af8xr99mrqp8um8"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006122; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=efdf2c8d834a1928&resid=efdf2c8d834a1928!204&authkey=ad0nbzlscbg-0sa"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006123; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=efdf2c8d834a1928&resid=efdf2c8d834a1928%21202&authkey=ah1gjq8j29darw4"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006124; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=efdf2c8d834a1928&resid=efdf2c8d834a1928%21203&authkey=af8xr99mrqp8um8"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006125; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=efdf2c8d834a1928&resid=efdf2c8d834a1928%21204&authkey=ad0nbzlscbg-0sa"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006126; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=f05e45800a084e63&resid=f05e45800a084e63%21489&authkey=ads_gff3tjkd0w0"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006127; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=f05e45800a084e63&resid=f05e45800a084e63%21490&authkey=aj_rld7xooge6aw"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006128; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=f05e45800a084e63&resid=f05e45800a084e63%21492&authkey=ahdb75ptd1_uc8e"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006129; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=f06038a5f7dbd6d6&resid=f06038a5f7dbd6d6%215498&authkey=aiozi3z5qzdysmu"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006130; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=f293cebb54e5ea71&resid=f293cebb54e5ea71%21293&authkey=aha74rsqiuewnpq"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006131; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=f40a6c678d20c1eb&resid=f40a6c678d20c1eb%21566&authkey=aevafh7rydhi19k"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006132; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=f40a6c678d20c1eb&resid=f40a6c678d20c1eb%21581&authkey=agx0b8ho87w4uie"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006133; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=f40a6c678d20c1eb&resid=f40a6c678d20c1eb%21582&authkey=af-9_xwysl1o7-c"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006134; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=f40a6c678d20c1eb&resid=f40a6c678d20c1eb%21598&authkey=ah-gkc-b7fa8h-g"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006135; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=f40a6c678d20c1eb&resid=f40a6c678d20c1eb%21599&authkey=aajunhe1ex_-zta"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006136; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=f79e41c0e32d3314&resid=f79e41c0e32d3314%211182&authkey=aiqtptberyvlgqk&em=2%22"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006137; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=f7ae097903082806&resid=f7ae097903082806!1368&authkey=anphh1fijhvzv6c"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006138; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=f7ae097903082806&resid=f7ae097903082806%211368&authkey=anphh1fijhvzv6c"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006139; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=f824f5d726d5c382&resid=f824f5d726d5c382!159&authkey=ai4_8srrzf48hw0"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006140; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=f824f5d726d5c382&resid=f824f5d726d5c382%21159&authkey=ai4_8srrzf48hw0"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006141; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=fb2177c192eed796&resid=fb2177c192eed796%21124&authkey=abotnmdhu_tg7bc"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006142; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=fd50774e5ce0e314&resid=fd50774e5ce0e314%21778&authkey=aoxb2vhhz3qodiu"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006143; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=fe85161c3947f2c1&resid=fe85161c3947f2c1%211441&authkey=agb6c1ecr91svrw"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006144; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=fea66f7d23a51c27&resid=fea66f7d23a51c27%21573&authkey=ajkvuiiwaagy76a"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006145; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=ff1d187273dfbf73&resid=ff1d187273dfbf73!693&authkey=agcpkhnewfte_yc"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006146; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=ff1d187273dfbf73&resid=ff1d187273dfbf73!694&authkey=aa5jqzjsp0esr1s"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006147; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=ff1d187273dfbf73&resid=ff1d187273dfbf73%21693&authkey=agcpkhnewfte_yc"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006148; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=ff1d187273dfbf73&resid=ff1d187273dfbf73%21694&authkey=aa5jqzjsp0esr1s"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006149; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=ffde14d2c0ef634a&resid=ffde14d2c0ef634a%21643&authkey=amuzcawdjv7eg3e"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006150; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=ffde14d2c0ef634a&resid=ffde14d2c0ef634a%21645&authkey=ann9yoazyxp01a0"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006151; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/download?cid=ffde14d2c0ef634a&resid=ffde14d2c0ef634a%21646&authkey=anfwqxeoxdegwnw"; http_uri; nocase; content:"onedrive.live.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006152; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/500279229/c4d1ce167d49df4f2206a5fe210b189f/winlocker.exe"; http_uri; nocase; content:"padlet-uploads.storage.googleapis.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006153; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/500279229/dfd16dbfc5b6c3ac5e3468e0929d1973/karlocker_exe.exe"; http_uri; nocase; content:"padlet-uploads.storage.googleapis.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006154; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/500279229/ebc8ef7d87c522e51b4dc3429f48d2db/systemcrasher_bydaniel.exe"; http_uri; nocase; content:"padlet-uploads.storage.googleapis.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006155; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/raw/4fvypptf"; http_uri; nocase; content:"pastebin.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006156; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/raw/4fwgxkzb"; http_uri; nocase; content:"pastebin.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006157; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/raw/6ut0pbxt"; http_uri; nocase; content:"pastebin.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006158; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/raw/77jhk0iw"; http_uri; nocase; content:"pastebin.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006159; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/raw/89hkc7wb"; http_uri; nocase; content:"pastebin.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006160; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/raw/bqhbezhr"; http_uri; nocase; content:"pastebin.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006161; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/raw/ct99tglf"; http_uri; nocase; content:"pastebin.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006162; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/raw/emy1xgpz"; http_uri; nocase; content:"pastebin.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006163; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/raw/gkj9jeek"; http_uri; nocase; content:"pastebin.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006164; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/raw/gs3l8dwc"; http_uri; nocase; content:"pastebin.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006165; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/raw/gudcxzqi"; http_uri; nocase; content:"pastebin.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006166; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/raw/j829zaxe"; http_uri; nocase; content:"pastebin.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006167; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/raw/qjigyejs"; http_uri; nocase; content:"pastebin.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006168; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/raw/tzetmw43"; http_uri; nocase; content:"pastebin.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006169; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/raw/u59eearf"; http_uri; nocase; content:"pastebin.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006170; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/raw/udqsatcz"; http_uri; nocase; content:"pastebin.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006171; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/raw/ukdkvfd8"; http_uri; nocase; content:"pastebin.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006172; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/raw/vg7m1ser"; http_uri; nocase; content:"pastebin.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006173; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/raw/vz0sldw3"; http_uri; nocase; content:"pastebin.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006174; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/raw/w97es7cw"; http_uri; nocase; content:"pastebin.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006175; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/raw/yqvsvlvq"; http_uri; nocase; content:"pastebin.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006176; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/raw/zxsp2w7h"; http_uri; nocase; content:"pastebin.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006177; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/wp-admin/llc/mwcacs65xienqdp/"; http_uri; nocase; content:"pierreconsulting.info"; content:"Host"; http_header; classtype:trojan-activity; sid:100006178; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/alessandrowilliam4u/direct/master/index.jar"; http_uri; nocase; content:"raw.githubusercontent.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006179; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/arntsonl/calc_security_poc/master/dll/calc.dll"; http_uri; nocase; content:"raw.githubusercontent.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006180; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/aztek2/sasxvsy/gh-pages/yho7.svg"; http_uri; nocase; content:"raw.githubusercontent.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006181; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/bero1985/berotinypascal/e34bd4164f4b7c27e7cf667dffd9274d33d6dfbe/bin/btpc.exe"; http_uri; nocase; content:"raw.githubusercontent.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006182; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/dorobucci914/files/main/scvhost.exe"; http_uri; nocase; content:"raw.githubusercontent.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006183; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/evil-coder66/defendercontrol/main/defendercontrol.exe"; http_uri; nocase; content:"raw.githubusercontent.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006184; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/fuzzbunch/fuzzbunch/master/payloads/doublepulsar-1.3.1.exe"; http_uri; nocase; content:"raw.githubusercontent.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006185; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/realtek25556/rhti2/gh-pages/90hfnvo69vk2ot.bmp"; http_uri; nocase; content:"raw.githubusercontent.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006186; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/lzzvirtualdrive/lzzvirtualdrive_2.5.0.0.exe"; http_uri; nocase; content:"softdl.360tpcdn.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006187; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/siam.stiepancasetia.ac.id/kf6o16tw0/"; http_uri; nocase; content:"stiepancasetia.ac.id"; content:"Host"; http_header; classtype:trojan-activity; sid:100006188; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/includes/66/asynccrypted.exe"; http_uri; nocase; content:"suyashcollegeofnursing.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006189; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/language/don109/cryptedfile109.exe"; http_uri; nocase; content:"suyashcollegeofnursing.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006190; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/language/don109/ltd5jpcpqvoh3te.exe"; http_uri; nocase; content:"suyashcollegeofnursing.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006191; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/language/don163/cryptedfile163.exe"; http_uri; nocase; content:"suyashcollegeofnursing.com"; content:"Host"; http_header; classtype:trojan-activity; sid:100006192; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/img/image/10/b4f750f880a0c089f7ea7989a38e3dee/dll.jpg"; http_uri; nocase; content:"uplooder.net"; content:"Host"; http_header; classtype:trojan-activity; sid:100006193; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/gnuboard/data/scan/amowvegfrt9ja/"; http_uri; nocase; content:"vniel.co.kr"; content:"Host"; http_header; classtype:trojan-activity; sid:100006194; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/gnuboard/data/scan/fu6jvxzzs46uqlp7l/"; http_uri; nocase; content:"vniel.co.kr"; content:"Host"; http_header; classtype:trojan-activity; sid:100006195; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/kolya/.f/root/net.mit.edu/net/user/chris/winnt/mit_agenda2a.doc"; http_uri; nocase; content:"web.mit.edu"; content:"Host"; http_header; classtype:trojan-activity; sid:100006196; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/issues/136_140/flt_shovemydiscoupyourarse.exe"; http_uri; nocase; content:"websound.ru"; content:"Host"; http_header; classtype:trojan-activity; sid:100006197; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/issues/136_140/kb%5efr_ouverture.exe"; http_uri; nocase; content:"websound.ru"; content:"Host"; http_header; classtype:trojan-activity; sid:100006198; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/issues/136_140/kb^fr_ouverture.exe"; http_uri; nocase; content:"websound.ru"; content:"Host"; http_header; classtype:trojan-activity; sid:100006199; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/issues/146_150/bc_memories_from_the_mcp.exe"; http_uri; nocase; content:"websound.ru"; content:"Host"; http_header; classtype:trojan-activity; sid:100006200; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/issues/151_155/tidex_-_short_stuff.exe"; http_uri; nocase; content:"websound.ru"; content:"Host"; http_header; classtype:trojan-activity; sid:100006201; rev:1;)
|
|
|
|
alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; content:"GET"; http_method; content:"/syria-files/attach/222/222051_instruction.zip"; http_uri; nocase; content:"wikileaks.org"; content:"Host"; http_header; classtype:trojan-activity; sid:100006202; rev:1;)
|