6167 lines
1.4 MiB
6167 lines
1.4 MiB
# Title: Online Malicious URL Suricata Ruleset
|
|
# Updated: Mon, 03 Jan 2022 00:11:00 +0000
|
|
# Expires: 1 day (update frequency)
|
|
# Homepage: https://gitlab.com/curben/urlhaus-filter
|
|
# License: https://gitlab.com/curben/urlhaus-filter#license
|
|
# Source: https://urlhaus.abuse.ch/api/
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"1.1.188.10"; classtype:trojan-activity; sid:100000001; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"1.10.146.30"; classtype:trojan-activity; sid:100000002; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"1.10.147.106"; classtype:trojan-activity; sid:100000003; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"1.10.147.48"; classtype:trojan-activity; sid:100000004; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"1.189.101.100"; classtype:trojan-activity; sid:100000005; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"1.189.86.113"; classtype:trojan-activity; sid:100000006; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"1.196.243.88"; classtype:trojan-activity; sid:100000007; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"1.20.227.220"; classtype:trojan-activity; sid:100000008; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"1.222.140.135"; classtype:trojan-activity; sid:100000009; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"1.222.168.77"; classtype:trojan-activity; sid:100000010; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"1.222.198.69"; classtype:trojan-activity; sid:100000011; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"1.23.215.79"; classtype:trojan-activity; sid:100000012; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"1.246.222.107"; classtype:trojan-activity; sid:100000013; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"1.246.222.109"; classtype:trojan-activity; sid:100000014; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"1.246.222.113"; classtype:trojan-activity; sid:100000015; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"1.246.222.127"; classtype:trojan-activity; sid:100000016; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"1.246.222.13"; classtype:trojan-activity; sid:100000017; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"1.246.222.134"; classtype:trojan-activity; sid:100000018; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"1.246.222.15"; classtype:trojan-activity; sid:100000019; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"1.246.222.16"; classtype:trojan-activity; sid:100000020; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"1.246.222.2"; classtype:trojan-activity; sid:100000021; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"1.246.222.20"; classtype:trojan-activity; sid:100000022; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"1.246.222.201"; classtype:trojan-activity; sid:100000023; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"1.246.222.213"; classtype:trojan-activity; sid:100000024; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"1.246.222.22"; classtype:trojan-activity; sid:100000025; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"1.246.222.226"; classtype:trojan-activity; sid:100000026; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"1.246.222.228"; classtype:trojan-activity; sid:100000027; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"1.246.222.232"; classtype:trojan-activity; sid:100000028; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"1.246.222.234"; classtype:trojan-activity; sid:100000029; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"1.246.222.237"; classtype:trojan-activity; sid:100000030; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"1.246.222.245"; classtype:trojan-activity; sid:100000031; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"1.246.222.249"; classtype:trojan-activity; sid:100000032; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"1.246.222.38"; classtype:trojan-activity; sid:100000033; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"1.246.222.40"; classtype:trojan-activity; sid:100000034; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"1.246.222.41"; classtype:trojan-activity; sid:100000035; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"1.246.222.43"; classtype:trojan-activity; sid:100000036; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"1.246.222.49"; classtype:trojan-activity; sid:100000037; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"1.246.222.56"; classtype:trojan-activity; sid:100000038; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"1.246.222.6"; classtype:trojan-activity; sid:100000039; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"1.246.222.69"; classtype:trojan-activity; sid:100000040; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"1.246.222.94"; classtype:trojan-activity; sid:100000041; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"1.246.222.98"; classtype:trojan-activity; sid:100000042; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"1.246.223.10"; classtype:trojan-activity; sid:100000043; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"1.246.223.103"; classtype:trojan-activity; sid:100000044; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"1.246.223.109"; classtype:trojan-activity; sid:100000045; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"1.246.223.126"; classtype:trojan-activity; sid:100000046; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"1.246.223.130"; classtype:trojan-activity; sid:100000047; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"1.246.223.15"; classtype:trojan-activity; sid:100000048; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"1.246.223.151"; classtype:trojan-activity; sid:100000049; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"1.246.223.18"; classtype:trojan-activity; sid:100000050; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"1.246.223.223"; classtype:trojan-activity; sid:100000051; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"1.246.223.32"; classtype:trojan-activity; sid:100000052; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"1.246.223.37"; classtype:trojan-activity; sid:100000053; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"1.246.223.4"; classtype:trojan-activity; sid:100000054; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"1.246.223.48"; classtype:trojan-activity; sid:100000055; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"1.246.223.49"; classtype:trojan-activity; sid:100000056; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"1.246.223.54"; classtype:trojan-activity; sid:100000057; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"1.246.223.58"; classtype:trojan-activity; sid:100000058; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"1.246.223.59"; classtype:trojan-activity; sid:100000059; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"1.246.223.6"; classtype:trojan-activity; sid:100000060; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"1.246.223.71"; classtype:trojan-activity; sid:100000061; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"1.246.223.94"; classtype:trojan-activity; sid:100000062; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"1.36.221.101"; classtype:trojan-activity; sid:100000063; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"1.40.31.227"; classtype:trojan-activity; sid:100000064; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"1.6.135.164"; classtype:trojan-activity; sid:100000065; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"1.62.117.220"; classtype:trojan-activity; sid:100000066; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"100.12.181.52"; classtype:trojan-activity; sid:100000067; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"100.12.51.122"; classtype:trojan-activity; sid:100000068; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"100.38.34.189"; classtype:trojan-activity; sid:100000069; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"1008691.com"; classtype:trojan-activity; sid:100000070; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"101.109.242.59"; classtype:trojan-activity; sid:100000071; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"101.16.183.21"; classtype:trojan-activity; sid:100000072; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"101.20.172.27"; classtype:trojan-activity; sid:100000073; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"101.20.48.235"; classtype:trojan-activity; sid:100000074; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"101.20.54.63"; classtype:trojan-activity; sid:100000075; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"101.200.145.141"; classtype:trojan-activity; sid:100000076; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"101.23.202.46"; classtype:trojan-activity; sid:100000077; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"101.25.23.212"; classtype:trojan-activity; sid:100000078; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"101.25.66.101"; classtype:trojan-activity; sid:100000079; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"101.255.36.154"; classtype:trojan-activity; sid:100000080; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"101.26.111.134"; classtype:trojan-activity; sid:100000081; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"101.28.49.11"; classtype:trojan-activity; sid:100000082; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"101.28.77.10"; classtype:trojan-activity; sid:100000083; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"101.30.58.194"; classtype:trojan-activity; sid:100000084; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"101.51.121.206"; classtype:trojan-activity; sid:100000085; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"101.64.157.241"; classtype:trojan-activity; sid:100000086; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"101.65.130.8"; classtype:trojan-activity; sid:100000087; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"101.65.130.97"; classtype:trojan-activity; sid:100000088; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"101.65.131.158"; classtype:trojan-activity; sid:100000089; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"101.78.22.102"; classtype:trojan-activity; sid:100000090; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"102.39.242.53"; classtype:trojan-activity; sid:100000091; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"103.120.133.155"; classtype:trojan-activity; sid:100000092; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"103.125.163.10"; classtype:trojan-activity; sid:100000093; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"103.134.135.245"; classtype:trojan-activity; sid:100000094; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"103.136.82.50"; classtype:trojan-activity; sid:100000095; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"103.153.92.158"; classtype:trojan-activity; sid:100000096; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"103.153.92.63"; classtype:trojan-activity; sid:100000097; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"103.16.145.25"; classtype:trojan-activity; sid:100000098; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"103.162.29.212"; classtype:trojan-activity; sid:100000099; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"103.162.60.19"; classtype:trojan-activity; sid:100000100; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"103.164.200.170"; classtype:trojan-activity; sid:100000101; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"103.165.117.102"; classtype:trojan-activity; sid:100000102; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"103.167.92.57"; classtype:trojan-activity; sid:100000103; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"103.171.0.73"; classtype:trojan-activity; sid:100000104; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"103.19.128.254"; classtype:trojan-activity; sid:100000105; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"103.193.118.28"; classtype:trojan-activity; sid:100000106; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"103.193.118.33"; classtype:trojan-activity; sid:100000107; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"103.201.146.48"; classtype:trojan-activity; sid:100000108; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"103.204.168.34"; classtype:trojan-activity; sid:100000109; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"103.217.215.21"; classtype:trojan-activity; sid:100000110; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"103.223.15.94"; classtype:trojan-activity; sid:100000111; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"103.224.200.146"; classtype:trojan-activity; sid:100000112; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"103.224.200.40"; classtype:trojan-activity; sid:100000113; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"103.230.153.181"; classtype:trojan-activity; sid:100000114; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"103.237.174.238"; classtype:trojan-activity; sid:100000115; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"103.238.228.3"; classtype:trojan-activity; sid:100000116; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"103.238.228.4"; classtype:trojan-activity; sid:100000117; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"103.238.229.117"; classtype:trojan-activity; sid:100000118; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"103.240.249.121"; classtype:trojan-activity; sid:100000119; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"103.251.57.23"; classtype:trojan-activity; sid:100000120; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"103.252.128.166"; classtype:trojan-activity; sid:100000121; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"103.4.116.82"; classtype:trojan-activity; sid:100000122; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"103.4.117.26"; classtype:trojan-activity; sid:100000123; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"103.48.80.15"; classtype:trojan-activity; sid:100000124; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"103.66.9.5"; classtype:trojan-activity; sid:100000125; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"103.73.61.247"; classtype:trojan-activity; sid:100000126; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"103.73.62.115"; classtype:trojan-activity; sid:100000127; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"103.76.208.219"; classtype:trojan-activity; sid:100000128; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"103.79.113.154"; classtype:trojan-activity; sid:100000129; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"103.82.145.136"; classtype:trojan-activity; sid:100000130; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"103.82.187.102"; classtype:trojan-activity; sid:100000131; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"103.82.98.170"; classtype:trojan-activity; sid:100000132; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"103.88.57.226"; classtype:trojan-activity; sid:100000133; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"103.91.245.48"; classtype:trojan-activity; sid:100000134; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"103.92.113.74"; classtype:trojan-activity; sid:100000135; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"103.92.25.90"; classtype:trojan-activity; sid:100000136; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"103.92.25.95"; classtype:trojan-activity; sid:100000137; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"103.97.184.180"; classtype:trojan-activity; sid:100000138; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"103.99.207.219"; classtype:trojan-activity; sid:100000139; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"104.129.12.141"; classtype:trojan-activity; sid:100000140; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"104.168.32.9"; classtype:trojan-activity; sid:100000141; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"104.184.75.123"; classtype:trojan-activity; sid:100000142; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"104.189.92.253"; classtype:trojan-activity; sid:100000143; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"104.220.122.206"; classtype:trojan-activity; sid:100000144; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"104.223.119.167"; classtype:trojan-activity; sid:100000145; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"104.6.77.65"; classtype:trojan-activity; sid:100000146; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"105.96.5.146"; classtype:trojan-activity; sid:100000147; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"106.1.16.180"; classtype:trojan-activity; sid:100000148; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"106.1.16.212"; classtype:trojan-activity; sid:100000149; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"106.1.184.222"; classtype:trojan-activity; sid:100000150; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"106.1.20.54"; classtype:trojan-activity; sid:100000151; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"106.1.6.52"; classtype:trojan-activity; sid:100000152; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"106.1.89.145"; classtype:trojan-activity; sid:100000153; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"106.1.89.60"; classtype:trojan-activity; sid:100000154; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"106.1.94.29"; classtype:trojan-activity; sid:100000155; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"106.104.175.140"; classtype:trojan-activity; sid:100000156; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"106.104.193.155"; classtype:trojan-activity; sid:100000157; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"106.107.250.6"; classtype:trojan-activity; sid:100000158; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"106.111.246.12"; classtype:trojan-activity; sid:100000159; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"106.113.145.27"; classtype:trojan-activity; sid:100000160; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"106.115.168.141"; classtype:trojan-activity; sid:100000161; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"106.247.101.230"; classtype:trojan-activity; sid:100000162; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"106.255.49.74"; classtype:trojan-activity; sid:100000163; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"106.43.108.110"; classtype:trojan-activity; sid:100000164; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"107.13.39.147"; classtype:trojan-activity; sid:100000165; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"107.142.171.93"; classtype:trojan-activity; sid:100000166; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"107.172.137.175"; classtype:trojan-activity; sid:100000167; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"107.172.198.205"; classtype:trojan-activity; sid:100000168; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"107.172.214.23"; classtype:trojan-activity; sid:100000169; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"107.172.76.210"; classtype:trojan-activity; sid:100000170; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"107.172.79.248"; classtype:trojan-activity; sid:100000171; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"107.172.79.52"; classtype:trojan-activity; sid:100000172; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"107.173.191.75"; classtype:trojan-activity; sid:100000173; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"107.173.191.78"; classtype:trojan-activity; sid:100000174; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"107.173.229.118"; classtype:trojan-activity; sid:100000175; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"107.173.229.173"; classtype:trojan-activity; sid:100000176; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"107.174.24.161"; classtype:trojan-activity; sid:100000177; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"107.174.241.209"; classtype:trojan-activity; sid:100000178; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"107.174.35.229"; classtype:trojan-activity; sid:100000179; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"107.194.242.170"; classtype:trojan-activity; sid:100000180; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"107.219.75.188"; classtype:trojan-activity; sid:100000181; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"108.190.201.37"; classtype:trojan-activity; sid:100000182; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"108.190.250.48"; classtype:trojan-activity; sid:100000183; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"108.20.203.32"; classtype:trojan-activity; sid:100000184; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"108.214.49.232"; classtype:trojan-activity; sid:100000185; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"108.239.155.26"; classtype:trojan-activity; sid:100000186; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"108.27.217.242"; classtype:trojan-activity; sid:100000187; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"108.46.196.185"; classtype:trojan-activity; sid:100000188; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"108.58.113.114"; classtype:trojan-activity; sid:100000189; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"108.78.216.130"; classtype:trojan-activity; sid:100000190; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"109.105.1.154"; classtype:trojan-activity; sid:100000191; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"109.117.246.176"; classtype:trojan-activity; sid:100000192; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"109.124.90.229"; classtype:trojan-activity; sid:100000193; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"109.186.214.127"; classtype:trojan-activity; sid:100000194; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"109.221.239.39"; classtype:trojan-activity; sid:100000195; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"109.225.100.39"; classtype:trojan-activity; sid:100000196; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"109.235.26.228"; classtype:trojan-activity; sid:100000197; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"109.235.7.1"; classtype:trojan-activity; sid:100000198; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"109.235.7.228"; classtype:trojan-activity; sid:100000199; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"109.237.154.201"; classtype:trojan-activity; sid:100000200; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"109.72.49.148"; classtype:trojan-activity; sid:100000201; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"109.92.21.199"; classtype:trojan-activity; sid:100000202; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"109.92.26.48"; classtype:trojan-activity; sid:100000203; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"109.95.200.102"; classtype:trojan-activity; sid:100000204; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"109.96.182.219"; classtype:trojan-activity; sid:100000205; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"109.99.37.97"; classtype:trojan-activity; sid:100000206; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"10iski.com"; classtype:trojan-activity; sid:100000207; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"110.14.58.190"; classtype:trojan-activity; sid:100000208; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"110.17.77.99"; classtype:trojan-activity; sid:100000209; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"110.172.144.113"; classtype:trojan-activity; sid:100000210; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"110.172.144.114"; classtype:trojan-activity; sid:100000211; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"110.174.123.230"; classtype:trojan-activity; sid:100000212; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"110.177.102.85"; classtype:trojan-activity; sid:100000213; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"110.180.161.239"; classtype:trojan-activity; sid:100000214; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"110.180.162.38"; classtype:trojan-activity; sid:100000215; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"110.182.12.99"; classtype:trojan-activity; sid:100000216; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"110.182.145.235"; classtype:trojan-activity; sid:100000217; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"110.183.49.100"; classtype:trojan-activity; sid:100000218; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"110.186.229.239"; classtype:trojan-activity; sid:100000219; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"110.228.105.247"; classtype:trojan-activity; sid:100000220; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"110.241.47.223"; classtype:trojan-activity; sid:100000221; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"110.243.10.56"; classtype:trojan-activity; sid:100000222; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"110.243.12.189"; classtype:trojan-activity; sid:100000223; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"110.251.130.181"; classtype:trojan-activity; sid:100000224; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"110.251.165.248"; classtype:trojan-activity; sid:100000225; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"110.253.218.57"; classtype:trojan-activity; sid:100000226; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"110.253.223.118"; classtype:trojan-activity; sid:100000227; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"110.253.71.51"; classtype:trojan-activity; sid:100000228; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"110.255.217.163"; classtype:trojan-activity; sid:100000229; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"110.76.158.13"; classtype:trojan-activity; sid:100000230; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"110.82.51.87"; classtype:trojan-activity; sid:100000231; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"110.86.189.32"; classtype:trojan-activity; sid:100000232; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"110.89.9.162"; classtype:trojan-activity; sid:100000233; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"111.118.111.207"; classtype:trojan-activity; sid:100000234; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"111.118.117.210"; classtype:trojan-activity; sid:100000235; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"111.118.117.67"; classtype:trojan-activity; sid:100000236; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"111.118.118.115"; classtype:trojan-activity; sid:100000237; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"111.118.45.193"; classtype:trojan-activity; sid:100000238; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"111.119.245.114"; classtype:trojan-activity; sid:100000239; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"111.125.67.125"; classtype:trojan-activity; sid:100000240; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"111.163.231.63"; classtype:trojan-activity; sid:100000241; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"111.164.82.214"; classtype:trojan-activity; sid:100000242; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"111.165.115.215"; classtype:trojan-activity; sid:100000243; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"111.166.238.44"; classtype:trojan-activity; sid:100000244; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"111.167.10.11"; classtype:trojan-activity; sid:100000245; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"111.167.239.167"; classtype:trojan-activity; sid:100000246; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"111.17.186.194"; classtype:trojan-activity; sid:100000247; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"111.172.197.184"; classtype:trojan-activity; sid:100000248; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"111.172.2.123"; classtype:trojan-activity; sid:100000249; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"111.176.163.78"; classtype:trojan-activity; sid:100000250; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"111.178.134.4"; classtype:trojan-activity; sid:100000251; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"111.179.133.91"; classtype:trojan-activity; sid:100000252; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"111.179.187.53"; classtype:trojan-activity; sid:100000253; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"111.179.189.245"; classtype:trojan-activity; sid:100000254; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"111.182.234.148"; classtype:trojan-activity; sid:100000255; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"111.182.237.144"; classtype:trojan-activity; sid:100000256; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"111.185.0.157"; classtype:trojan-activity; sid:100000257; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"111.185.116.44"; classtype:trojan-activity; sid:100000258; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"111.185.120.11"; classtype:trojan-activity; sid:100000259; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"111.185.126.113"; classtype:trojan-activity; sid:100000260; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"111.185.127.116"; classtype:trojan-activity; sid:100000261; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"111.185.2.149"; classtype:trojan-activity; sid:100000262; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"111.185.228.72"; classtype:trojan-activity; sid:100000263; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"111.185.23.84"; classtype:trojan-activity; sid:100000264; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"111.185.230.108"; classtype:trojan-activity; sid:100000265; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"111.185.230.136"; classtype:trojan-activity; sid:100000266; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"111.185.238.165"; classtype:trojan-activity; sid:100000267; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"111.185.240.4"; classtype:trojan-activity; sid:100000268; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"111.185.27.9"; classtype:trojan-activity; sid:100000269; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"111.185.53.229"; classtype:trojan-activity; sid:100000270; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"111.185.63.165"; classtype:trojan-activity; sid:100000271; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"111.193.165.56"; classtype:trojan-activity; sid:100000272; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"111.196.60.157"; classtype:trojan-activity; sid:100000273; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"111.222.15.61"; classtype:trojan-activity; sid:100000274; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"111.224.101.4"; classtype:trojan-activity; sid:100000275; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"111.224.209.112"; classtype:trojan-activity; sid:100000276; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"111.225.11.54"; classtype:trojan-activity; sid:100000277; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"111.225.120.136"; classtype:trojan-activity; sid:100000278; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"111.255.3.192"; classtype:trojan-activity; sid:100000279; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"111.38.103.66"; classtype:trojan-activity; sid:100000280; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"111.38.104.15"; classtype:trojan-activity; sid:100000281; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"111.38.123.184"; classtype:trojan-activity; sid:100000282; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"111.38.123.197"; classtype:trojan-activity; sid:100000283; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"111.38.17.179"; classtype:trojan-activity; sid:100000284; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"111.38.26.189"; classtype:trojan-activity; sid:100000285; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"111.38.31.168"; classtype:trojan-activity; sid:100000286; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"111.79.53.114"; classtype:trojan-activity; sid:100000287; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"111.85.91.45"; classtype:trojan-activity; sid:100000288; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"111.90.191.7"; classtype:trojan-activity; sid:100000289; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"111.92.107.14"; classtype:trojan-activity; sid:100000290; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.104.54.193"; classtype:trojan-activity; sid:100000291; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.117.89.116"; classtype:trojan-activity; sid:100000292; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.122.59.158"; classtype:trojan-activity; sid:100000293; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.123.169.202"; classtype:trojan-activity; sid:100000294; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.133.196.132"; classtype:trojan-activity; sid:100000295; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.167.165.139"; classtype:trojan-activity; sid:100000296; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.167.229.237"; classtype:trojan-activity; sid:100000297; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.173.209.170"; classtype:trojan-activity; sid:100000298; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.185.189.30"; classtype:trojan-activity; sid:100000299; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.186.210.211"; classtype:trojan-activity; sid:100000300; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.186.221.107"; classtype:trojan-activity; sid:100000301; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.186.96.252"; classtype:trojan-activity; sid:100000302; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.187.249.34"; classtype:trojan-activity; sid:100000303; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.187.91.117"; classtype:trojan-activity; sid:100000304; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.220.89.114"; classtype:trojan-activity; sid:100000305; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.225.125.224"; classtype:trojan-activity; sid:100000306; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.225.174.243"; classtype:trojan-activity; sid:100000307; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.225.191.156"; classtype:trojan-activity; sid:100000308; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.225.204.163"; classtype:trojan-activity; sid:100000309; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.225.238.238"; classtype:trojan-activity; sid:100000310; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.226.1.202"; classtype:trojan-activity; sid:100000311; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.226.151.23"; classtype:trojan-activity; sid:100000312; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.226.221.206"; classtype:trojan-activity; sid:100000313; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.226.235.22"; classtype:trojan-activity; sid:100000314; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.226.26.233"; classtype:trojan-activity; sid:100000315; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.226.3.4"; classtype:trojan-activity; sid:100000316; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.229.188.10"; classtype:trojan-activity; sid:100000317; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.229.96.64"; classtype:trojan-activity; sid:100000318; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.233.136.148"; classtype:trojan-activity; sid:100000319; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.233.42.33"; classtype:trojan-activity; sid:100000320; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.234.120.128"; classtype:trojan-activity; sid:100000321; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.234.140.125"; classtype:trojan-activity; sid:100000322; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.234.193.36"; classtype:trojan-activity; sid:100000323; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.235.243.228"; classtype:trojan-activity; sid:100000324; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.236.139.208"; classtype:trojan-activity; sid:100000325; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.236.165.38"; classtype:trojan-activity; sid:100000326; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.237.143.23"; classtype:trojan-activity; sid:100000327; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.237.196.172"; classtype:trojan-activity; sid:100000328; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.237.65.38"; classtype:trojan-activity; sid:100000329; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.238.128.60"; classtype:trojan-activity; sid:100000330; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.238.170.57"; classtype:trojan-activity; sid:100000331; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.238.193.201"; classtype:trojan-activity; sid:100000332; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.238.202.226"; classtype:trojan-activity; sid:100000333; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.238.228.65"; classtype:trojan-activity; sid:100000334; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.238.237.232"; classtype:trojan-activity; sid:100000335; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.238.34.250"; classtype:trojan-activity; sid:100000336; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.238.93.33"; classtype:trojan-activity; sid:100000337; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.239.100.6"; classtype:trojan-activity; sid:100000338; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.239.100.68"; classtype:trojan-activity; sid:100000339; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.239.102.160"; classtype:trojan-activity; sid:100000340; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.239.103.111"; classtype:trojan-activity; sid:100000341; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.239.127.9"; classtype:trojan-activity; sid:100000342; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.239.98.172"; classtype:trojan-activity; sid:100000343; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.239.98.184"; classtype:trojan-activity; sid:100000344; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.239.98.26"; classtype:trojan-activity; sid:100000345; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.239.98.52"; classtype:trojan-activity; sid:100000346; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.239.98.88"; classtype:trojan-activity; sid:100000347; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.239.99.126"; classtype:trojan-activity; sid:100000348; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.239.99.25"; classtype:trojan-activity; sid:100000349; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.240.211.16"; classtype:trojan-activity; sid:100000350; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.241.179.23"; classtype:trojan-activity; sid:100000351; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.242.77.218"; classtype:trojan-activity; sid:100000352; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.244.161.55"; classtype:trojan-activity; sid:100000353; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.245.174.217"; classtype:trojan-activity; sid:100000354; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.245.185.3"; classtype:trojan-activity; sid:100000355; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.245.187.164"; classtype:trojan-activity; sid:100000356; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.245.51.48"; classtype:trojan-activity; sid:100000357; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.246.103.41"; classtype:trojan-activity; sid:100000358; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.246.144.190"; classtype:trojan-activity; sid:100000359; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.246.18.86"; classtype:trojan-activity; sid:100000360; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.246.231.8"; classtype:trojan-activity; sid:100000361; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.246.84.244"; classtype:trojan-activity; sid:100000362; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.246.85.146"; classtype:trojan-activity; sid:100000363; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.247.103.217"; classtype:trojan-activity; sid:100000364; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.247.150.34"; classtype:trojan-activity; sid:100000365; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.247.186.229"; classtype:trojan-activity; sid:100000366; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.247.222.139"; classtype:trojan-activity; sid:100000367; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.247.250.71"; classtype:trojan-activity; sid:100000368; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.247.32.158"; classtype:trojan-activity; sid:100000369; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.247.84.188"; classtype:trojan-activity; sid:100000370; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.247.86.206"; classtype:trojan-activity; sid:100000371; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.248.1.159"; classtype:trojan-activity; sid:100000372; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.248.1.89"; classtype:trojan-activity; sid:100000373; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.248.100.181"; classtype:trojan-activity; sid:100000374; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.248.103.228"; classtype:trojan-activity; sid:100000375; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.248.105.14"; classtype:trojan-activity; sid:100000376; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.248.105.219"; classtype:trojan-activity; sid:100000377; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.248.106.72"; classtype:trojan-activity; sid:100000378; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.248.107.35"; classtype:trojan-activity; sid:100000379; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.248.108.163"; classtype:trojan-activity; sid:100000380; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.248.108.213"; classtype:trojan-activity; sid:100000381; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.248.109.62"; classtype:trojan-activity; sid:100000382; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.248.110.0"; classtype:trojan-activity; sid:100000383; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.248.110.223"; classtype:trojan-activity; sid:100000384; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.248.110.96"; classtype:trojan-activity; sid:100000385; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.248.111.34"; classtype:trojan-activity; sid:100000386; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.248.112.106"; classtype:trojan-activity; sid:100000387; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.248.112.225"; classtype:trojan-activity; sid:100000388; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.248.112.23"; classtype:trojan-activity; sid:100000389; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.248.114.140"; classtype:trojan-activity; sid:100000390; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.248.115.216"; classtype:trojan-activity; sid:100000391; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.248.118.16"; classtype:trojan-activity; sid:100000392; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.248.122.207"; classtype:trojan-activity; sid:100000393; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.248.140.246"; classtype:trojan-activity; sid:100000394; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.248.142.68"; classtype:trojan-activity; sid:100000395; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.248.143.161"; classtype:trojan-activity; sid:100000396; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.248.143.231"; classtype:trojan-activity; sid:100000397; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.248.153.245"; classtype:trojan-activity; sid:100000398; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.248.155.1"; classtype:trojan-activity; sid:100000399; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.248.184.26"; classtype:trojan-activity; sid:100000400; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.248.187.145"; classtype:trojan-activity; sid:100000401; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.248.189.120"; classtype:trojan-activity; sid:100000402; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.248.189.176"; classtype:trojan-activity; sid:100000403; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.248.190.107"; classtype:trojan-activity; sid:100000404; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.248.191.239"; classtype:trojan-activity; sid:100000405; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.248.191.77"; classtype:trojan-activity; sid:100000406; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.248.215.197"; classtype:trojan-activity; sid:100000407; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.248.244.113"; classtype:trojan-activity; sid:100000408; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.248.252.177"; classtype:trojan-activity; sid:100000409; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.248.255.178"; classtype:trojan-activity; sid:100000410; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.248.3.11"; classtype:trojan-activity; sid:100000411; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.248.62.84"; classtype:trojan-activity; sid:100000412; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.248.63.240"; classtype:trojan-activity; sid:100000413; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.248.80.231"; classtype:trojan-activity; sid:100000414; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.248.80.234"; classtype:trojan-activity; sid:100000415; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.248.80.97"; classtype:trojan-activity; sid:100000416; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.248.81.119"; classtype:trojan-activity; sid:100000417; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.248.82.48"; classtype:trojan-activity; sid:100000418; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.248.83.151"; classtype:trojan-activity; sid:100000419; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.248.85.214"; classtype:trojan-activity; sid:100000420; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.249.17.150"; classtype:trojan-activity; sid:100000421; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.249.218.124"; classtype:trojan-activity; sid:100000422; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.249.222.101"; classtype:trojan-activity; sid:100000423; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.249.234.20"; classtype:trojan-activity; sid:100000424; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.249.62.244"; classtype:trojan-activity; sid:100000425; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.249.62.34"; classtype:trojan-activity; sid:100000426; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.250.186.2"; classtype:trojan-activity; sid:100000427; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.250.191.46"; classtype:trojan-activity; sid:100000428; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.252.130.113"; classtype:trojan-activity; sid:100000429; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.252.142.236"; classtype:trojan-activity; sid:100000430; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.252.156.240"; classtype:trojan-activity; sid:100000431; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.252.168.49"; classtype:trojan-activity; sid:100000432; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.252.182.152"; classtype:trojan-activity; sid:100000433; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.252.199.38"; classtype:trojan-activity; sid:100000434; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.252.200.94"; classtype:trojan-activity; sid:100000435; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.252.21.172"; classtype:trojan-activity; sid:100000436; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.252.237.77"; classtype:trojan-activity; sid:100000437; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.252.85.75"; classtype:trojan-activity; sid:100000438; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.254.185.14"; classtype:trojan-activity; sid:100000439; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.255.118.241"; classtype:trojan-activity; sid:100000440; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.255.129.140"; classtype:trojan-activity; sid:100000441; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.255.216.103"; classtype:trojan-activity; sid:100000442; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.255.37.10"; classtype:trojan-activity; sid:100000443; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.27.123.174"; classtype:trojan-activity; sid:100000444; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.27.126.243"; classtype:trojan-activity; sid:100000445; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.27.80.121"; classtype:trojan-activity; sid:100000446; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.27.80.98"; classtype:trojan-activity; sid:100000447; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.27.81.238"; classtype:trojan-activity; sid:100000448; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.27.87.130"; classtype:trojan-activity; sid:100000449; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.27.87.203"; classtype:trojan-activity; sid:100000450; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.27.87.213"; classtype:trojan-activity; sid:100000451; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.27.91.236"; classtype:trojan-activity; sid:100000452; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.30.1.119"; classtype:trojan-activity; sid:100000453; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.30.1.133"; classtype:trojan-activity; sid:100000454; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.30.1.139"; classtype:trojan-activity; sid:100000455; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.30.1.150"; classtype:trojan-activity; sid:100000456; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.30.1.152"; classtype:trojan-activity; sid:100000457; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.30.1.155"; classtype:trojan-activity; sid:100000458; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.30.1.157"; classtype:trojan-activity; sid:100000459; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.30.1.159"; classtype:trojan-activity; sid:100000460; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.30.1.175"; classtype:trojan-activity; sid:100000461; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.30.1.179"; classtype:trojan-activity; sid:100000462; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.30.1.200"; classtype:trojan-activity; sid:100000463; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.30.1.211"; classtype:trojan-activity; sid:100000464; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.30.1.230"; classtype:trojan-activity; sid:100000465; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.30.1.247"; classtype:trojan-activity; sid:100000466; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.30.1.54"; classtype:trojan-activity; sid:100000467; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.30.1.90"; classtype:trojan-activity; sid:100000468; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.30.110.27"; classtype:trojan-activity; sid:100000469; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.30.110.30"; classtype:trojan-activity; sid:100000470; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.30.110.31"; classtype:trojan-activity; sid:100000471; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.30.110.32"; classtype:trojan-activity; sid:100000472; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.30.110.33"; classtype:trojan-activity; sid:100000473; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.30.110.37"; classtype:trojan-activity; sid:100000474; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.30.110.41"; classtype:trojan-activity; sid:100000475; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.30.110.43"; classtype:trojan-activity; sid:100000476; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.30.110.45"; classtype:trojan-activity; sid:100000477; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.30.110.48"; classtype:trojan-activity; sid:100000478; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.30.110.51"; classtype:trojan-activity; sid:100000479; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.30.110.52"; classtype:trojan-activity; sid:100000480; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.30.110.55"; classtype:trojan-activity; sid:100000481; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.30.110.57"; classtype:trojan-activity; sid:100000482; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.30.110.58"; classtype:trojan-activity; sid:100000483; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.30.110.60"; classtype:trojan-activity; sid:100000484; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.30.110.62"; classtype:trojan-activity; sid:100000485; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.30.110.65"; classtype:trojan-activity; sid:100000486; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.30.127.210"; classtype:trojan-activity; sid:100000487; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.30.35.237"; classtype:trojan-activity; sid:100000488; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.30.38.101"; classtype:trojan-activity; sid:100000489; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.30.38.19"; classtype:trojan-activity; sid:100000490; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.30.4.118"; classtype:trojan-activity; sid:100000491; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.30.4.119"; classtype:trojan-activity; sid:100000492; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.30.4.124"; classtype:trojan-activity; sid:100000493; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.30.4.136"; classtype:trojan-activity; sid:100000494; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.30.4.37"; classtype:trojan-activity; sid:100000495; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.30.4.53"; classtype:trojan-activity; sid:100000496; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.30.4.57"; classtype:trojan-activity; sid:100000497; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.30.4.60"; classtype:trojan-activity; sid:100000498; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.30.4.62"; classtype:trojan-activity; sid:100000499; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.30.4.68"; classtype:trojan-activity; sid:100000500; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.30.4.73"; classtype:trojan-activity; sid:100000501; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.30.4.84"; classtype:trojan-activity; sid:100000502; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.31.177.39"; classtype:trojan-activity; sid:100000503; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.31.67.95"; classtype:trojan-activity; sid:100000504; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.31.72.39"; classtype:trojan-activity; sid:100000505; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.53.227.66"; classtype:trojan-activity; sid:100000506; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.72.238.183"; classtype:trojan-activity; sid:100000507; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.81.2.157"; classtype:trojan-activity; sid:100000508; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.81.202.41"; classtype:trojan-activity; sid:100000509; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.81.21.11"; classtype:trojan-activity; sid:100000510; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.81.72.80"; classtype:trojan-activity; sid:100000511; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.82.229.77"; classtype:trojan-activity; sid:100000512; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.83.114.251"; classtype:trojan-activity; sid:100000513; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.86.155.105"; classtype:trojan-activity; sid:100000514; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.87.103.106"; classtype:trojan-activity; sid:100000515; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.95.21.101"; classtype:trojan-activity; sid:100000516; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.95.41.254"; classtype:trojan-activity; sid:100000517; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"112.95.8.86"; classtype:trojan-activity; sid:100000518; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"113.0.74.75"; classtype:trojan-activity; sid:100000519; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"113.102.129.147"; classtype:trojan-activity; sid:100000520; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"113.104.185.62"; classtype:trojan-activity; sid:100000521; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"113.110.200.19"; classtype:trojan-activity; sid:100000522; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"113.110.247.116"; classtype:trojan-activity; sid:100000523; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"113.110.77.204"; classtype:trojan-activity; sid:100000524; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"113.116.122.10"; classtype:trojan-activity; sid:100000525; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"113.116.131.108"; classtype:trojan-activity; sid:100000526; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"113.116.135.32"; classtype:trojan-activity; sid:100000527; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"113.116.224.67"; classtype:trojan-activity; sid:100000528; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"113.116.57.69"; classtype:trojan-activity; sid:100000529; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"113.118.133.220"; classtype:trojan-activity; sid:100000530; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"113.118.133.30"; classtype:trojan-activity; sid:100000531; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"113.118.133.36"; classtype:trojan-activity; sid:100000532; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"113.118.206.117"; classtype:trojan-activity; sid:100000533; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"113.161.208.9"; classtype:trojan-activity; sid:100000534; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"113.161.58.249"; classtype:trojan-activity; sid:100000535; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"113.161.61.111"; classtype:trojan-activity; sid:100000536; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"113.161.85.21"; classtype:trojan-activity; sid:100000537; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"113.162.194.199"; classtype:trojan-activity; sid:100000538; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"113.166.177.136"; classtype:trojan-activity; sid:100000539; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"113.17.176.111"; classtype:trojan-activity; sid:100000540; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"113.170.166.23"; classtype:trojan-activity; sid:100000541; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"113.174.159.228"; classtype:trojan-activity; sid:100000542; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"113.177.165.135"; classtype:trojan-activity; sid:100000543; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"113.178.236.18"; classtype:trojan-activity; sid:100000544; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"113.180.172.7"; classtype:trojan-activity; sid:100000545; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"113.180.175.160"; classtype:trojan-activity; sid:100000546; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"113.180.71.16"; classtype:trojan-activity; sid:100000547; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"113.188.248.50"; classtype:trojan-activity; sid:100000548; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"113.193.91.211"; classtype:trojan-activity; sid:100000549; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"113.194.128.128"; classtype:trojan-activity; sid:100000550; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"113.194.137.115"; classtype:trojan-activity; sid:100000551; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"113.195.165.228"; classtype:trojan-activity; sid:100000552; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"113.195.165.229"; classtype:trojan-activity; sid:100000553; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"113.195.166.17"; classtype:trojan-activity; sid:100000554; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"113.195.168.64"; classtype:trojan-activity; sid:100000555; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"113.195.169.237"; classtype:trojan-activity; sid:100000556; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"113.195.170.20"; classtype:trojan-activity; sid:100000557; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"113.215.220.75"; classtype:trojan-activity; sid:100000558; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"113.215.221.222"; classtype:trojan-activity; sid:100000559; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"113.215.223.115"; classtype:trojan-activity; sid:100000560; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"113.215.223.217"; classtype:trojan-activity; sid:100000561; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"113.218.216.22"; classtype:trojan-activity; sid:100000562; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"113.219.60.70"; classtype:trojan-activity; sid:100000563; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"113.224.162.131"; classtype:trojan-activity; sid:100000564; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"113.226.15.98"; classtype:trojan-activity; sid:100000565; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"113.226.253.131"; classtype:trojan-activity; sid:100000566; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"113.226.67.87"; classtype:trojan-activity; sid:100000567; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"113.227.6.123"; classtype:trojan-activity; sid:100000568; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"113.232.43.198"; classtype:trojan-activity; sid:100000569; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"113.234.25.106"; classtype:trojan-activity; sid:100000570; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"113.235.234.65"; classtype:trojan-activity; sid:100000571; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"113.238.66.245"; classtype:trojan-activity; sid:100000572; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"113.239.217.238"; classtype:trojan-activity; sid:100000573; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"113.239.219.33"; classtype:trojan-activity; sid:100000574; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"113.245.185.81"; classtype:trojan-activity; sid:100000575; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"113.245.219.89"; classtype:trojan-activity; sid:100000576; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"113.246.134.49"; classtype:trojan-activity; sid:100000577; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"113.251.232.228"; classtype:trojan-activity; sid:100000578; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"113.251.232.8"; classtype:trojan-activity; sid:100000579; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"113.253.3.84"; classtype:trojan-activity; sid:100000580; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"113.4.176.55"; classtype:trojan-activity; sid:100000581; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"113.53.228.47"; classtype:trojan-activity; sid:100000582; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"113.57.149.117"; classtype:trojan-activity; sid:100000583; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"113.58.207.101"; classtype:trojan-activity; sid:100000584; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"113.59.152.233"; classtype:trojan-activity; sid:100000585; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"113.7.59.20"; classtype:trojan-activity; sid:100000586; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"113.75.84.77"; classtype:trojan-activity; sid:100000587; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"113.81.203.18"; classtype:trojan-activity; sid:100000588; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"113.87.173.78"; classtype:trojan-activity; sid:100000589; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"113.87.200.215"; classtype:trojan-activity; sid:100000590; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"113.87.225.204"; classtype:trojan-activity; sid:100000591; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"113.88.124.251"; classtype:trojan-activity; sid:100000592; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"113.88.133.112"; classtype:trojan-activity; sid:100000593; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"113.88.235.85"; classtype:trojan-activity; sid:100000594; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"113.88.240.54"; classtype:trojan-activity; sid:100000595; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"113.9.200.59"; classtype:trojan-activity; sid:100000596; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"113.90.178.207"; classtype:trojan-activity; sid:100000597; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"113.90.178.225"; classtype:trojan-activity; sid:100000598; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"113.90.179.164"; classtype:trojan-activity; sid:100000599; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"113.90.187.200"; classtype:trojan-activity; sid:100000600; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"113.90.210.88"; classtype:trojan-activity; sid:100000601; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"113.90.244.249"; classtype:trojan-activity; sid:100000602; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"113.90.244.59"; classtype:trojan-activity; sid:100000603; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"113.90.245.22"; classtype:trojan-activity; sid:100000604; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"113.91.160.246"; classtype:trojan-activity; sid:100000605; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"113.93.224.40"; classtype:trojan-activity; sid:100000606; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"114.199.228.9"; classtype:trojan-activity; sid:100000607; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"114.221.202.156"; classtype:trojan-activity; sid:100000608; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"114.223.141.174"; classtype:trojan-activity; sid:100000609; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"114.225.228.80"; classtype:trojan-activity; sid:100000610; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"114.226.100.137"; classtype:trojan-activity; sid:100000611; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"114.226.19.228"; classtype:trojan-activity; sid:100000612; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"114.226.196.14"; classtype:trojan-activity; sid:100000613; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"114.226.203.152"; classtype:trojan-activity; sid:100000614; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"114.226.203.30"; classtype:trojan-activity; sid:100000615; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"114.226.215.7"; classtype:trojan-activity; sid:100000616; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"114.226.45.28"; classtype:trojan-activity; sid:100000617; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"114.227.176.179"; classtype:trojan-activity; sid:100000618; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"114.227.182.55"; classtype:trojan-activity; sid:100000619; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"114.227.51.216"; classtype:trojan-activity; sid:100000620; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"114.227.83.93"; classtype:trojan-activity; sid:100000621; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"114.228.129.183"; classtype:trojan-activity; sid:100000622; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"114.228.133.229"; classtype:trojan-activity; sid:100000623; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"114.228.139.219"; classtype:trojan-activity; sid:100000624; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"114.228.149.83"; classtype:trojan-activity; sid:100000625; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"114.228.152.228"; classtype:trojan-activity; sid:100000626; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"114.228.83.240"; classtype:trojan-activity; sid:100000627; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"114.228.91.48"; classtype:trojan-activity; sid:100000628; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"114.229.223.176"; classtype:trojan-activity; sid:100000629; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"114.232.246.235"; classtype:trojan-activity; sid:100000630; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"114.234.126.206"; classtype:trojan-activity; sid:100000631; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"114.234.253.30"; classtype:trojan-activity; sid:100000632; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"114.235.148.175"; classtype:trojan-activity; sid:100000633; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"114.238.120.80"; classtype:trojan-activity; sid:100000634; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"114.238.86.33"; classtype:trojan-activity; sid:100000635; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"114.239.126.249"; classtype:trojan-activity; sid:100000636; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"114.239.247.109"; classtype:trojan-activity; sid:100000637; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"114.239.75.9"; classtype:trojan-activity; sid:100000638; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"114.29.105.13"; classtype:trojan-activity; sid:100000639; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"114.29.38.221"; classtype:trojan-activity; sid:100000640; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"114.30.54.64"; classtype:trojan-activity; sid:100000641; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"114.35.226.188"; classtype:trojan-activity; sid:100000642; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"114.86.161.186"; classtype:trojan-activity; sid:100000643; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"114.88.41.170"; classtype:trojan-activity; sid:100000644; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"114.92.247.38"; classtype:trojan-activity; sid:100000645; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.165.200.130"; classtype:trojan-activity; sid:100000646; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.165.214.109"; classtype:trojan-activity; sid:100000647; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.165.214.8"; classtype:trojan-activity; sid:100000648; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.165.216.112"; classtype:trojan-activity; sid:100000649; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.193.157.214"; classtype:trojan-activity; sid:100000650; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.195.238.219"; classtype:trojan-activity; sid:100000651; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.197.85.95"; classtype:trojan-activity; sid:100000652; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.20.155.44"; classtype:trojan-activity; sid:100000653; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.201.36.238"; classtype:trojan-activity; sid:100000654; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.202.249.78"; classtype:trojan-activity; sid:100000655; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.203.112.205"; classtype:trojan-activity; sid:100000656; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.203.196.80"; classtype:trojan-activity; sid:100000657; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.207.97.239"; classtype:trojan-activity; sid:100000658; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.215.179.229"; classtype:trojan-activity; sid:100000659; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.216.208.202"; classtype:trojan-activity; sid:100000660; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.221.8.38"; classtype:trojan-activity; sid:100000661; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.224.100.220"; classtype:trojan-activity; sid:100000662; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.224.153.186"; classtype:trojan-activity; sid:100000663; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.226.77.193"; classtype:trojan-activity; sid:100000664; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.23.112.218"; classtype:trojan-activity; sid:100000665; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.230.30.164"; classtype:trojan-activity; sid:100000666; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.230.87.158"; classtype:trojan-activity; sid:100000667; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.235.126.49"; classtype:trojan-activity; sid:100000668; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.45.178.12"; classtype:trojan-activity; sid:100000669; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.48.130.46"; classtype:trojan-activity; sid:100000670; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.48.135.95"; classtype:trojan-activity; sid:100000671; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.48.138.109"; classtype:trojan-activity; sid:100000672; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.48.146.150"; classtype:trojan-activity; sid:100000673; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.48.149.28"; classtype:trojan-activity; sid:100000674; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.48.184.234"; classtype:trojan-activity; sid:100000675; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.48.199.147"; classtype:trojan-activity; sid:100000676; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.48.206.213"; classtype:trojan-activity; sid:100000677; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.48.233.38"; classtype:trojan-activity; sid:100000678; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.49.176.46"; classtype:trojan-activity; sid:100000679; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.49.190.102"; classtype:trojan-activity; sid:100000680; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.49.2.135"; classtype:trojan-activity; sid:100000681; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.49.252.247"; classtype:trojan-activity; sid:100000682; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.49.29.45"; classtype:trojan-activity; sid:100000683; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.49.41.125"; classtype:trojan-activity; sid:100000684; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.49.76.156"; classtype:trojan-activity; sid:100000685; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.49.77.137"; classtype:trojan-activity; sid:100000686; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.50.0.210"; classtype:trojan-activity; sid:100000687; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.50.124.8"; classtype:trojan-activity; sid:100000688; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.50.129.71"; classtype:trojan-activity; sid:100000689; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.50.13.139"; classtype:trojan-activity; sid:100000690; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.50.145.52"; classtype:trojan-activity; sid:100000691; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.50.163.217"; classtype:trojan-activity; sid:100000692; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.50.164.8"; classtype:trojan-activity; sid:100000693; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.50.169.4"; classtype:trojan-activity; sid:100000694; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.50.170.8"; classtype:trojan-activity; sid:100000695; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.50.173.171"; classtype:trojan-activity; sid:100000696; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.50.174.103"; classtype:trojan-activity; sid:100000697; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.50.187.186"; classtype:trojan-activity; sid:100000698; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.50.231.134"; classtype:trojan-activity; sid:100000699; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.50.246.37"; classtype:trojan-activity; sid:100000700; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.50.25.247"; classtype:trojan-activity; sid:100000701; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.50.4.223"; classtype:trojan-activity; sid:100000702; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.50.4.245"; classtype:trojan-activity; sid:100000703; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.50.5.131"; classtype:trojan-activity; sid:100000704; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.50.5.209"; classtype:trojan-activity; sid:100000705; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.50.54.135"; classtype:trojan-activity; sid:100000706; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.50.69.237"; classtype:trojan-activity; sid:100000707; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.50.93.225"; classtype:trojan-activity; sid:100000708; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.50.94.110"; classtype:trojan-activity; sid:100000709; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.50.97.184"; classtype:trojan-activity; sid:100000710; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.50.98.213"; classtype:trojan-activity; sid:100000711; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.50.99.113"; classtype:trojan-activity; sid:100000712; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.51.124.4"; classtype:trojan-activity; sid:100000713; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.51.126.111"; classtype:trojan-activity; sid:100000714; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.51.88.72"; classtype:trojan-activity; sid:100000715; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.51.89.153"; classtype:trojan-activity; sid:100000716; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.52.114.133"; classtype:trojan-activity; sid:100000717; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.52.128.57"; classtype:trojan-activity; sid:100000718; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.52.161.142"; classtype:trojan-activity; sid:100000719; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.52.172.26"; classtype:trojan-activity; sid:100000720; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.52.19.189"; classtype:trojan-activity; sid:100000721; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.52.25.164"; classtype:trojan-activity; sid:100000722; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.53.201.239"; classtype:trojan-activity; sid:100000723; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.54.126.236"; classtype:trojan-activity; sid:100000724; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.54.15.4"; classtype:trojan-activity; sid:100000725; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.54.167.27"; classtype:trojan-activity; sid:100000726; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.54.167.56"; classtype:trojan-activity; sid:100000727; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.54.185.245"; classtype:trojan-activity; sid:100000728; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.54.188.235"; classtype:trojan-activity; sid:100000729; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.54.249.86"; classtype:trojan-activity; sid:100000730; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.55.1.4"; classtype:trojan-activity; sid:100000731; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.55.100.20"; classtype:trojan-activity; sid:100000732; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.55.109.114"; classtype:trojan-activity; sid:100000733; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.55.111.78"; classtype:trojan-activity; sid:100000734; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.55.148.174"; classtype:trojan-activity; sid:100000735; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.55.148.248"; classtype:trojan-activity; sid:100000736; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.55.150.80"; classtype:trojan-activity; sid:100000737; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.55.151.151"; classtype:trojan-activity; sid:100000738; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.55.152.133"; classtype:trojan-activity; sid:100000739; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.55.152.42"; classtype:trojan-activity; sid:100000740; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.55.153.151"; classtype:trojan-activity; sid:100000741; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.55.153.75"; classtype:trojan-activity; sid:100000742; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.55.180.213"; classtype:trojan-activity; sid:100000743; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.55.181.151"; classtype:trojan-activity; sid:100000744; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.55.183.240"; classtype:trojan-activity; sid:100000745; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.55.184.89"; classtype:trojan-activity; sid:100000746; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.55.185.142"; classtype:trojan-activity; sid:100000747; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.55.186.15"; classtype:trojan-activity; sid:100000748; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.55.190.123"; classtype:trojan-activity; sid:100000749; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.55.191.146"; classtype:trojan-activity; sid:100000750; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.55.195.156"; classtype:trojan-activity; sid:100000751; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.55.195.66"; classtype:trojan-activity; sid:100000752; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.55.201.68"; classtype:trojan-activity; sid:100000753; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.55.31.114"; classtype:trojan-activity; sid:100000754; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.55.43.122"; classtype:trojan-activity; sid:100000755; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.55.52.217"; classtype:trojan-activity; sid:100000756; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.55.56.228"; classtype:trojan-activity; sid:100000757; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.55.58.92"; classtype:trojan-activity; sid:100000758; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.55.62.77"; classtype:trojan-activity; sid:100000759; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.55.74.44"; classtype:trojan-activity; sid:100000760; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.55.76.116"; classtype:trojan-activity; sid:100000761; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.56.0.56"; classtype:trojan-activity; sid:100000762; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.56.132.209"; classtype:trojan-activity; sid:100000763; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.56.133.197"; classtype:trojan-activity; sid:100000764; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.56.136.205"; classtype:trojan-activity; sid:100000765; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.56.137.27"; classtype:trojan-activity; sid:100000766; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.56.142.120"; classtype:trojan-activity; sid:100000767; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.56.142.237"; classtype:trojan-activity; sid:100000768; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.56.150.227"; classtype:trojan-activity; sid:100000769; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.56.151.130"; classtype:trojan-activity; sid:100000770; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.56.154.203"; classtype:trojan-activity; sid:100000771; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.56.156.125"; classtype:trojan-activity; sid:100000772; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.56.159.34"; classtype:trojan-activity; sid:100000773; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.56.166.211"; classtype:trojan-activity; sid:100000774; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.56.181.142"; classtype:trojan-activity; sid:100000775; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.56.212.42"; classtype:trojan-activity; sid:100000776; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.56.57.83"; classtype:trojan-activity; sid:100000777; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.56.87.172"; classtype:trojan-activity; sid:100000778; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.58.102.243"; classtype:trojan-activity; sid:100000779; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.58.102.45"; classtype:trojan-activity; sid:100000780; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.58.106.127"; classtype:trojan-activity; sid:100000781; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.58.11.241"; classtype:trojan-activity; sid:100000782; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.58.117.151"; classtype:trojan-activity; sid:100000783; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.58.132.45"; classtype:trojan-activity; sid:100000784; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.58.133.16"; classtype:trojan-activity; sid:100000785; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.58.135.59"; classtype:trojan-activity; sid:100000786; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.58.141.210"; classtype:trojan-activity; sid:100000787; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.58.170.235"; classtype:trojan-activity; sid:100000788; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.58.202.215"; classtype:trojan-activity; sid:100000789; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.58.21.85"; classtype:trojan-activity; sid:100000790; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.58.38.57"; classtype:trojan-activity; sid:100000791; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.58.46.1"; classtype:trojan-activity; sid:100000792; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.58.67.235"; classtype:trojan-activity; sid:100000793; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.58.79.130"; classtype:trojan-activity; sid:100000794; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.58.83.188"; classtype:trojan-activity; sid:100000795; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.58.85.141"; classtype:trojan-activity; sid:100000796; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.58.90.114"; classtype:trojan-activity; sid:100000797; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.59.101.59"; classtype:trojan-activity; sid:100000798; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.59.117.187"; classtype:trojan-activity; sid:100000799; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.59.157.198"; classtype:trojan-activity; sid:100000800; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.59.201.99"; classtype:trojan-activity; sid:100000801; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.59.210.170"; classtype:trojan-activity; sid:100000802; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.59.211.136"; classtype:trojan-activity; sid:100000803; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.59.212.196"; classtype:trojan-activity; sid:100000804; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.59.213.50"; classtype:trojan-activity; sid:100000805; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.59.215.20"; classtype:trojan-activity; sid:100000806; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.59.23.120"; classtype:trojan-activity; sid:100000807; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.59.251.142"; classtype:trojan-activity; sid:100000808; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.59.28.220"; classtype:trojan-activity; sid:100000809; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.59.31.130"; classtype:trojan-activity; sid:100000810; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.59.34.114"; classtype:trojan-activity; sid:100000811; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.59.92.18"; classtype:trojan-activity; sid:100000812; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.60.209.43"; classtype:trojan-activity; sid:100000813; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.60.211.29"; classtype:trojan-activity; sid:100000814; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.61.103.227"; classtype:trojan-activity; sid:100000815; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.61.105.198"; classtype:trojan-activity; sid:100000816; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.61.132.152"; classtype:trojan-activity; sid:100000817; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.61.169.38"; classtype:trojan-activity; sid:100000818; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.61.176.201"; classtype:trojan-activity; sid:100000819; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.61.185.177"; classtype:trojan-activity; sid:100000820; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.61.190.231"; classtype:trojan-activity; sid:100000821; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.61.99.121"; classtype:trojan-activity; sid:100000822; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.61.99.64"; classtype:trojan-activity; sid:100000823; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.62.177.157"; classtype:trojan-activity; sid:100000824; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.62.185.120"; classtype:trojan-activity; sid:100000825; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.62.26.44"; classtype:trojan-activity; sid:100000826; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.63.12.175"; classtype:trojan-activity; sid:100000827; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.63.131.248"; classtype:trojan-activity; sid:100000828; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.63.15.64"; classtype:trojan-activity; sid:100000829; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.63.163.21"; classtype:trojan-activity; sid:100000830; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.63.183.146"; classtype:trojan-activity; sid:100000831; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.63.204.84"; classtype:trojan-activity; sid:100000832; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.63.207.47"; classtype:trojan-activity; sid:100000833; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.63.237.181"; classtype:trojan-activity; sid:100000834; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.63.26.101"; classtype:trojan-activity; sid:100000835; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.63.44.131"; classtype:trojan-activity; sid:100000836; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.63.50.210"; classtype:trojan-activity; sid:100000837; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.63.50.224"; classtype:trojan-activity; sid:100000838; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.63.50.31"; classtype:trojan-activity; sid:100000839; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.63.51.249"; classtype:trojan-activity; sid:100000840; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.63.55.127"; classtype:trojan-activity; sid:100000841; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.63.8.10"; classtype:trojan-activity; sid:100000842; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.74.30.128"; classtype:trojan-activity; sid:100000843; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.75.191.22"; classtype:trojan-activity; sid:100000844; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.75.217.79"; classtype:trojan-activity; sid:100000845; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.98.35.213"; classtype:trojan-activity; sid:100000846; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"115.98.71.130"; classtype:trojan-activity; sid:100000847; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"116.132.208.7"; classtype:trojan-activity; sid:100000848; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"116.135.30.154"; classtype:trojan-activity; sid:100000849; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"116.149.252.5"; classtype:trojan-activity; sid:100000850; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"116.169.44.177"; classtype:trojan-activity; sid:100000851; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"116.176.21.210"; classtype:trojan-activity; sid:100000852; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"116.179.139.61"; classtype:trojan-activity; sid:100000853; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"116.19.199.40"; classtype:trojan-activity; sid:100000854; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"116.193.174.178"; classtype:trojan-activity; sid:100000855; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"116.2.150.6"; classtype:trojan-activity; sid:100000856; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"116.2.167.245"; classtype:trojan-activity; sid:100000857; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"116.2.42.125"; classtype:trojan-activity; sid:100000858; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"116.2.45.160"; classtype:trojan-activity; sid:100000859; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"116.2.49.190"; classtype:trojan-activity; sid:100000860; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"116.2.94.240"; classtype:trojan-activity; sid:100000861; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"116.208.99.238"; classtype:trojan-activity; sid:100000862; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"116.209.175.134"; classtype:trojan-activity; sid:100000863; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"116.211.100.26"; classtype:trojan-activity; sid:100000864; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"116.212.132.128"; classtype:trojan-activity; sid:100000865; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"116.212.132.188"; classtype:trojan-activity; sid:100000866; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"116.212.142.215"; classtype:trojan-activity; sid:100000867; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"116.212.152.11"; classtype:trojan-activity; sid:100000868; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"116.212.152.91"; classtype:trojan-activity; sid:100000869; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"116.212.156.134"; classtype:trojan-activity; sid:100000870; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"116.212.156.31"; classtype:trojan-activity; sid:100000871; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"116.225.83.235"; classtype:trojan-activity; sid:100000872; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"116.233.74.163"; classtype:trojan-activity; sid:100000873; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"116.24.102.185"; classtype:trojan-activity; sid:100000874; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"116.241.176.181"; classtype:trojan-activity; sid:100000875; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"116.241.193.247"; classtype:trojan-activity; sid:100000876; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"116.241.49.123"; classtype:trojan-activity; sid:100000877; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"116.25.134.100"; classtype:trojan-activity; sid:100000878; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"116.3.49.186"; classtype:trojan-activity; sid:100000879; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"116.31.164.7"; classtype:trojan-activity; sid:100000880; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"116.54.98.179"; classtype:trojan-activity; sid:100000881; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"116.72.195.241"; classtype:trojan-activity; sid:100000882; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"116.72.195.73"; classtype:trojan-activity; sid:100000883; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"116.72.201.115"; classtype:trojan-activity; sid:100000884; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"116.72.8.67"; classtype:trojan-activity; sid:100000885; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"116.73.223.18"; classtype:trojan-activity; sid:100000886; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"116.73.63.175"; classtype:trojan-activity; sid:100000887; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"116.74.35.234"; classtype:trojan-activity; sid:100000888; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"117.12.72.125"; classtype:trojan-activity; sid:100000889; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"117.123.40.74"; classtype:trojan-activity; sid:100000890; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"117.13.188.20"; classtype:trojan-activity; sid:100000891; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"117.132.4.248"; classtype:trojan-activity; sid:100000892; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"117.14.14.39"; classtype:trojan-activity; sid:100000893; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"117.14.145.126"; classtype:trojan-activity; sid:100000894; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"117.176.115.16"; classtype:trojan-activity; sid:100000895; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"117.194.163.46"; classtype:trojan-activity; sid:100000896; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"117.195.80.60"; classtype:trojan-activity; sid:100000897; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"117.195.83.102"; classtype:trojan-activity; sid:100000898; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"117.196.21.46"; classtype:trojan-activity; sid:100000899; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"117.196.27.92"; classtype:trojan-activity; sid:100000900; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"117.196.30.104"; classtype:trojan-activity; sid:100000901; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"117.196.55.249"; classtype:trojan-activity; sid:100000902; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"117.196.61.221"; classtype:trojan-activity; sid:100000903; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"117.196.62.17"; classtype:trojan-activity; sid:100000904; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"117.196.62.72"; classtype:trojan-activity; sid:100000905; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"117.196.69.156"; classtype:trojan-activity; sid:100000906; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"117.196.79.14"; classtype:trojan-activity; sid:100000907; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"117.198.165.180"; classtype:trojan-activity; sid:100000908; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"117.198.166.228"; classtype:trojan-activity; sid:100000909; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"117.198.167.104"; classtype:trojan-activity; sid:100000910; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"117.198.168.0"; classtype:trojan-activity; sid:100000911; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"117.198.240.17"; classtype:trojan-activity; sid:100000912; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"117.198.242.80"; classtype:trojan-activity; sid:100000913; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"117.198.247.94"; classtype:trojan-activity; sid:100000914; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"117.198.252.131"; classtype:trojan-activity; sid:100000915; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"117.2.49.141"; classtype:trojan-activity; sid:100000916; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"117.20.243.40"; classtype:trojan-activity; sid:100000917; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"117.201.202.189"; classtype:trojan-activity; sid:100000918; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"117.204.144.167"; classtype:trojan-activity; sid:100000919; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"117.204.145.54"; classtype:trojan-activity; sid:100000920; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"117.204.148.21"; classtype:trojan-activity; sid:100000921; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"117.204.149.100"; classtype:trojan-activity; sid:100000922; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"117.204.153.207"; classtype:trojan-activity; sid:100000923; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"117.207.225.11"; classtype:trojan-activity; sid:100000924; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"117.208.140.125"; classtype:trojan-activity; sid:100000925; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"117.208.142.124"; classtype:trojan-activity; sid:100000926; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"117.208.142.238"; classtype:trojan-activity; sid:100000927; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"117.208.143.21"; classtype:trojan-activity; sid:100000928; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"117.210.149.161"; classtype:trojan-activity; sid:100000929; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"117.213.42.220"; classtype:trojan-activity; sid:100000930; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"117.213.44.10"; classtype:trojan-activity; sid:100000931; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"117.213.46.48"; classtype:trojan-activity; sid:100000932; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"117.213.47.232"; classtype:trojan-activity; sid:100000933; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"117.213.47.51"; classtype:trojan-activity; sid:100000934; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"117.213.8.138"; classtype:trojan-activity; sid:100000935; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"117.213.9.29"; classtype:trojan-activity; sid:100000936; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"117.215.203.83"; classtype:trojan-activity; sid:100000937; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"117.215.207.166"; classtype:trojan-activity; sid:100000938; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"117.215.211.42"; classtype:trojan-activity; sid:100000939; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"117.215.241.254"; classtype:trojan-activity; sid:100000940; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"117.215.246.11"; classtype:trojan-activity; sid:100000941; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"117.215.246.187"; classtype:trojan-activity; sid:100000942; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"117.215.248.230"; classtype:trojan-activity; sid:100000943; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"117.215.251.179"; classtype:trojan-activity; sid:100000944; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"117.215.254.227"; classtype:trojan-activity; sid:100000945; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"117.216.136.233"; classtype:trojan-activity; sid:100000946; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"117.217.153.2"; classtype:trojan-activity; sid:100000947; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"117.217.228.64"; classtype:trojan-activity; sid:100000948; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"117.221.191.194"; classtype:trojan-activity; sid:100000949; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"117.222.163.193"; classtype:trojan-activity; sid:100000950; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"117.222.169.188"; classtype:trojan-activity; sid:100000951; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"117.222.191.230"; classtype:trojan-activity; sid:100000952; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"117.223.82.241"; classtype:trojan-activity; sid:100000953; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"117.241.177.35"; classtype:trojan-activity; sid:100000954; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"117.241.188.44"; classtype:trojan-activity; sid:100000955; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"117.251.28.181"; classtype:trojan-activity; sid:100000956; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"117.251.54.178"; classtype:trojan-activity; sid:100000957; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"117.26.110.212"; classtype:trojan-activity; sid:100000958; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"117.26.110.5"; classtype:trojan-activity; sid:100000959; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"117.26.12.36"; classtype:trojan-activity; sid:100000960; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"117.26.238.182"; classtype:trojan-activity; sid:100000961; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"117.63.10.220"; classtype:trojan-activity; sid:100000962; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"117.63.216.245"; classtype:trojan-activity; sid:100000963; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"117.63.56.6"; classtype:trojan-activity; sid:100000964; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"117.63.97.113"; classtype:trojan-activity; sid:100000965; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"117.84.154.172"; classtype:trojan-activity; sid:100000966; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"117.84.206.92"; classtype:trojan-activity; sid:100000967; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"117.84.228.122"; classtype:trojan-activity; sid:100000968; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"117.89.40.110"; classtype:trojan-activity; sid:100000969; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"117.90.187.4"; classtype:trojan-activity; sid:100000970; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"117.91.139.63"; classtype:trojan-activity; sid:100000971; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"117.93.118.63"; classtype:trojan-activity; sid:100000972; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"117.95.14.99"; classtype:trojan-activity; sid:100000973; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"117.95.182.101"; classtype:trojan-activity; sid:100000974; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"118.113.44.186"; classtype:trojan-activity; sid:100000975; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"118.118.231.74"; classtype:trojan-activity; sid:100000976; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"118.151.221.74"; classtype:trojan-activity; sid:100000977; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"118.173.232.205"; classtype:trojan-activity; sid:100000978; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"118.174.100.244"; classtype:trojan-activity; sid:100000979; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"118.176.104.35"; classtype:trojan-activity; sid:100000980; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"118.176.157.64"; classtype:trojan-activity; sid:100000981; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"118.190.211.34"; classtype:trojan-activity; sid:100000982; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"118.223.32.74"; classtype:trojan-activity; sid:100000983; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"118.223.72.141"; classtype:trojan-activity; sid:100000984; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"118.232.12.130"; classtype:trojan-activity; sid:100000985; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"118.232.127.52"; classtype:trojan-activity; sid:100000986; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"118.232.128.147"; classtype:trojan-activity; sid:100000987; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"118.232.130.200"; classtype:trojan-activity; sid:100000988; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"118.232.130.8"; classtype:trojan-activity; sid:100000989; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"118.232.131.1"; classtype:trojan-activity; sid:100000990; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"118.232.136.84"; classtype:trojan-activity; sid:100000991; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"118.232.15.48"; classtype:trojan-activity; sid:100000992; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"118.232.170.68"; classtype:trojan-activity; sid:100000993; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"118.232.171.200"; classtype:trojan-activity; sid:100000994; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"118.232.194.190"; classtype:trojan-activity; sid:100000995; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"118.232.208.215"; classtype:trojan-activity; sid:100000996; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"118.232.209.108"; classtype:trojan-activity; sid:100000997; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"118.232.212.161"; classtype:trojan-activity; sid:100000998; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"118.232.214.72"; classtype:trojan-activity; sid:100000999; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"118.232.58.203"; classtype:trojan-activity; sid:100001000; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"118.232.88.146"; classtype:trojan-activity; sid:100001001; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"118.232.96.150"; classtype:trojan-activity; sid:100001002; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"118.232.96.6"; classtype:trojan-activity; sid:100001003; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"118.232.99.141"; classtype:trojan-activity; sid:100001004; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"118.233.165.213"; classtype:trojan-activity; sid:100001005; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"118.233.221.162"; classtype:trojan-activity; sid:100001006; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"118.233.243.14"; classtype:trojan-activity; sid:100001007; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"118.233.43.195"; classtype:trojan-activity; sid:100001008; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"118.233.92.59"; classtype:trojan-activity; sid:100001009; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"118.233.93.103"; classtype:trojan-activity; sid:100001010; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"118.233.93.72"; classtype:trojan-activity; sid:100001011; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"118.250.105.105"; classtype:trojan-activity; sid:100001012; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"118.250.3.15"; classtype:trojan-activity; sid:100001013; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"118.250.50.204"; classtype:trojan-activity; sid:100001014; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"118.250.51.66"; classtype:trojan-activity; sid:100001015; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"118.251.152.142"; classtype:trojan-activity; sid:100001016; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"118.252.86.20"; classtype:trojan-activity; sid:100001017; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"118.255.246.182"; classtype:trojan-activity; sid:100001018; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"118.36.48.250"; classtype:trojan-activity; sid:100001019; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"118.37.10.100"; classtype:trojan-activity; sid:100001020; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"118.39.76.146"; classtype:trojan-activity; sid:100001021; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"118.40.249.100"; classtype:trojan-activity; sid:100001022; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"118.40.94.152"; classtype:trojan-activity; sid:100001023; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"118.43.180.33"; classtype:trojan-activity; sid:100001024; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"118.75.136.128"; classtype:trojan-activity; sid:100001025; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"118.75.151.254"; classtype:trojan-activity; sid:100001026; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"118.75.163.101"; classtype:trojan-activity; sid:100001027; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"118.75.177.74"; classtype:trojan-activity; sid:100001028; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"118.75.59.159"; classtype:trojan-activity; sid:100001029; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"118.75.87.231"; classtype:trojan-activity; sid:100001030; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"118.77.189.128"; classtype:trojan-activity; sid:100001031; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"118.79.122.9"; classtype:trojan-activity; sid:100001032; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"118.79.17.52"; classtype:trojan-activity; sid:100001033; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"118.79.189.220"; classtype:trojan-activity; sid:100001034; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"118.79.196.110"; classtype:trojan-activity; sid:100001035; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"118.79.216.24"; classtype:trojan-activity; sid:100001036; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"118.79.225.63"; classtype:trojan-activity; sid:100001037; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"118.79.237.211"; classtype:trojan-activity; sid:100001038; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"118.79.51.61"; classtype:trojan-activity; sid:100001039; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"118.79.61.86"; classtype:trojan-activity; sid:100001040; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"118.91.53.48"; classtype:trojan-activity; sid:100001041; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"118.99.183.235"; classtype:trojan-activity; sid:100001042; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"118.99.207.107"; classtype:trojan-activity; sid:100001043; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"118.99.213.105"; classtype:trojan-activity; sid:100001044; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"119.100.172.16"; classtype:trojan-activity; sid:100001045; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"119.102.125.32"; classtype:trojan-activity; sid:100001046; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"119.102.159.74"; classtype:trojan-activity; sid:100001047; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"119.102.56.236"; classtype:trojan-activity; sid:100001048; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"119.102.88.233"; classtype:trojan-activity; sid:100001049; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"119.102.90.242"; classtype:trojan-activity; sid:100001050; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"119.108.119.1"; classtype:trojan-activity; sid:100001051; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"119.108.184.28"; classtype:trojan-activity; sid:100001052; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"119.109.2.127"; classtype:trojan-activity; sid:100001053; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"119.112.4.133"; classtype:trojan-activity; sid:100001054; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"119.115.21.79"; classtype:trojan-activity; sid:100001055; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"119.115.249.216"; classtype:trojan-activity; sid:100001056; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"119.116.27.151"; classtype:trojan-activity; sid:100001057; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"119.117.13.172"; classtype:trojan-activity; sid:100001058; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"119.118.232.249"; classtype:trojan-activity; sid:100001059; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"119.118.254.13"; classtype:trojan-activity; sid:100001060; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"119.118.48.209"; classtype:trojan-activity; sid:100001061; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"119.119.174.183"; classtype:trojan-activity; sid:100001062; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"119.119.33.141"; classtype:trojan-activity; sid:100001063; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"119.119.60.144"; classtype:trojan-activity; sid:100001064; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"119.122.215.217"; classtype:trojan-activity; sid:100001065; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"119.123.127.162"; classtype:trojan-activity; sid:100001066; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"119.123.211.200"; classtype:trojan-activity; sid:100001067; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"119.125.104.182"; classtype:trojan-activity; sid:100001068; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"119.135.124.142"; classtype:trojan-activity; sid:100001069; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"119.139.194.43"; classtype:trojan-activity; sid:100001070; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"119.14.143.145"; classtype:trojan-activity; sid:100001071; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"119.164.115.46"; classtype:trojan-activity; sid:100001072; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"119.165.179.113"; classtype:trojan-activity; sid:100001073; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"119.165.42.149"; classtype:trojan-activity; sid:100001074; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"119.165.68.34"; classtype:trojan-activity; sid:100001075; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"119.166.165.74"; classtype:trojan-activity; sid:100001076; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"119.167.45.95"; classtype:trojan-activity; sid:100001077; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"119.176.82.249"; classtype:trojan-activity; sid:100001078; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"119.177.169.100"; classtype:trojan-activity; sid:100001079; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"119.177.173.145"; classtype:trojan-activity; sid:100001080; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"119.177.247.234"; classtype:trojan-activity; sid:100001081; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"119.178.144.197"; classtype:trojan-activity; sid:100001082; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"119.178.221.6"; classtype:trojan-activity; sid:100001083; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"119.178.255.2"; classtype:trojan-activity; sid:100001084; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"119.178.61.101"; classtype:trojan-activity; sid:100001085; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"119.179.15.229"; classtype:trojan-activity; sid:100001086; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"119.179.154.146"; classtype:trojan-activity; sid:100001087; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"119.179.154.215"; classtype:trojan-activity; sid:100001088; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"119.179.236.195"; classtype:trojan-activity; sid:100001089; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"119.179.239.33"; classtype:trojan-activity; sid:100001090; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"119.179.239.72"; classtype:trojan-activity; sid:100001091; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"119.179.239.82"; classtype:trojan-activity; sid:100001092; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"119.179.25.173"; classtype:trojan-activity; sid:100001093; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"119.179.250.225"; classtype:trojan-activity; sid:100001094; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"119.179.250.71"; classtype:trojan-activity; sid:100001095; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"119.179.252.247"; classtype:trojan-activity; sid:100001096; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"119.179.75.197"; classtype:trojan-activity; sid:100001097; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"119.179.79.172"; classtype:trojan-activity; sid:100001098; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"119.179.80.210"; classtype:trojan-activity; sid:100001099; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"119.179.83.136"; classtype:trojan-activity; sid:100001100; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"119.180.183.226"; classtype:trojan-activity; sid:100001101; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"119.180.19.244"; classtype:trojan-activity; sid:100001102; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"119.180.33.139"; classtype:trojan-activity; sid:100001103; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"119.180.43.235"; classtype:trojan-activity; sid:100001104; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"119.180.83.178"; classtype:trojan-activity; sid:100001105; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"119.181.83.148"; classtype:trojan-activity; sid:100001106; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"119.183.111.231"; classtype:trojan-activity; sid:100001107; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"119.183.120.223"; classtype:trojan-activity; sid:100001108; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"119.183.137.228"; classtype:trojan-activity; sid:100001109; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"119.183.144.224"; classtype:trojan-activity; sid:100001110; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"119.183.43.247"; classtype:trojan-activity; sid:100001111; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"119.184.6.100"; classtype:trojan-activity; sid:100001112; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"119.184.61.102"; classtype:trojan-activity; sid:100001113; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"119.184.61.82"; classtype:trojan-activity; sid:100001114; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"119.184.70.102"; classtype:trojan-activity; sid:100001115; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"119.185.237.75"; classtype:trojan-activity; sid:100001116; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"119.185.43.149"; classtype:trojan-activity; sid:100001117; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"119.185.67.201"; classtype:trojan-activity; sid:100001118; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"119.185.92.156"; classtype:trojan-activity; sid:100001119; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"119.186.204.72"; classtype:trojan-activity; sid:100001120; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"119.186.206.254"; classtype:trojan-activity; sid:100001121; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"119.186.211.67"; classtype:trojan-activity; sid:100001122; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"119.186.50.130"; classtype:trojan-activity; sid:100001123; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"119.187.176.110"; classtype:trojan-activity; sid:100001124; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"119.187.176.232"; classtype:trojan-activity; sid:100001125; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"119.187.225.231"; classtype:trojan-activity; sid:100001126; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"119.187.229.128"; classtype:trojan-activity; sid:100001127; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"119.187.238.202"; classtype:trojan-activity; sid:100001128; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"119.187.239.235"; classtype:trojan-activity; sid:100001129; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"119.187.58.86"; classtype:trojan-activity; sid:100001130; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"119.187.60.153"; classtype:trojan-activity; sid:100001131; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"119.190.221.156"; classtype:trojan-activity; sid:100001132; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"119.190.243.44"; classtype:trojan-activity; sid:100001133; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"119.191.149.36"; classtype:trojan-activity; sid:100001134; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"119.191.151.183"; classtype:trojan-activity; sid:100001135; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"119.191.181.0"; classtype:trojan-activity; sid:100001136; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"119.191.190.41"; classtype:trojan-activity; sid:100001137; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"119.191.211.129"; classtype:trojan-activity; sid:100001138; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"119.197.13.218"; classtype:trojan-activity; sid:100001139; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"119.197.141.101"; classtype:trojan-activity; sid:100001140; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"119.197.163.221"; classtype:trojan-activity; sid:100001141; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"119.200.81.124"; classtype:trojan-activity; sid:100001142; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"119.202.255.162"; classtype:trojan-activity; sid:100001143; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"119.204.30.144"; classtype:trojan-activity; sid:100001144; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"119.206.86.8"; classtype:trojan-activity; sid:100001145; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"119.207.227.167"; classtype:trojan-activity; sid:100001146; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"119.207.94.234"; classtype:trojan-activity; sid:100001147; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"119.234.52.167"; classtype:trojan-activity; sid:100001148; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"119.235.77.47"; classtype:trojan-activity; sid:100001149; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"119.36.132.117"; classtype:trojan-activity; sid:100001150; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"119.36.132.72"; classtype:trojan-activity; sid:100001151; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"119.36.199.87"; classtype:trojan-activity; sid:100001152; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"119.54.151.133"; classtype:trojan-activity; sid:100001153; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"119.56.142.2"; classtype:trojan-activity; sid:100001154; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"119.56.154.46"; classtype:trojan-activity; sid:100001155; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"119.77.164.181"; classtype:trojan-activity; sid:100001156; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"119.99.188.104"; classtype:trojan-activity; sid:100001157; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"119.99.201.165"; classtype:trojan-activity; sid:100001158; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"119.99.249.36"; classtype:trojan-activity; sid:100001159; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"12.207.39.227"; classtype:trojan-activity; sid:100001160; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"120.0.243.87"; classtype:trojan-activity; sid:100001161; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"120.0.251.178"; classtype:trojan-activity; sid:100001162; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"120.1.78.147"; classtype:trojan-activity; sid:100001163; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"120.12.128.170"; classtype:trojan-activity; sid:100001164; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"120.12.224.76"; classtype:trojan-activity; sid:100001165; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"120.12.229.243"; classtype:trojan-activity; sid:100001166; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"120.138.7.98"; classtype:trojan-activity; sid:100001167; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"120.142.104.236"; classtype:trojan-activity; sid:100001168; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"120.142.93.74"; classtype:trojan-activity; sid:100001169; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"120.15.13.190"; classtype:trojan-activity; sid:100001170; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"120.193.91.180"; classtype:trojan-activity; sid:100001171; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"120.193.91.189"; classtype:trojan-activity; sid:100001172; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"120.193.91.191"; classtype:trojan-activity; sid:100001173; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"120.193.91.193"; classtype:trojan-activity; sid:100001174; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"120.193.91.199"; classtype:trojan-activity; sid:100001175; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"120.209.126.206"; classtype:trojan-activity; sid:100001176; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"120.209.126.214"; classtype:trojan-activity; sid:100001177; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"120.209.126.225"; classtype:trojan-activity; sid:100001178; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"120.209.126.235"; classtype:trojan-activity; sid:100001179; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"120.209.126.243"; classtype:trojan-activity; sid:100001180; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"120.209.126.60"; classtype:trojan-activity; sid:100001181; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"120.209.127.187"; classtype:trojan-activity; sid:100001182; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"120.209.99.118"; classtype:trojan-activity; sid:100001183; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"120.238.187.71"; classtype:trojan-activity; sid:100001184; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"120.238.187.77"; classtype:trojan-activity; sid:100001185; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"120.238.189.6"; classtype:trojan-activity; sid:100001186; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"120.238.189.72"; classtype:trojan-activity; sid:100001187; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"120.4.141.24"; classtype:trojan-activity; sid:100001188; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"120.43.35.119"; classtype:trojan-activity; sid:100001189; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"120.43.48.50"; classtype:trojan-activity; sid:100001190; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"120.57.214.124"; classtype:trojan-activity; sid:100001191; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"120.57.32.148"; classtype:trojan-activity; sid:100001192; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"120.6.7.63"; classtype:trojan-activity; sid:100001193; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"120.7.11.66"; classtype:trojan-activity; sid:100001194; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"120.7.253.196"; classtype:trojan-activity; sid:100001195; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"120.8.242.82"; classtype:trojan-activity; sid:100001196; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"120.83.130.97"; classtype:trojan-activity; sid:100001197; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"120.83.82.144"; classtype:trojan-activity; sid:100001198; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"120.85.172.131"; classtype:trojan-activity; sid:100001199; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"120.85.173.119"; classtype:trojan-activity; sid:100001200; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"120.85.173.43"; classtype:trojan-activity; sid:100001201; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"120.86.146.201"; classtype:trojan-activity; sid:100001202; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"120.86.147.225"; classtype:trojan-activity; sid:100001203; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"120.86.147.41"; classtype:trojan-activity; sid:100001204; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"120.86.248.128"; classtype:trojan-activity; sid:100001205; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"120.86.248.185"; classtype:trojan-activity; sid:100001206; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"120.86.250.8"; classtype:trojan-activity; sid:100001207; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"120.86.251.78"; classtype:trojan-activity; sid:100001208; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"120.87.32.72"; classtype:trojan-activity; sid:100001209; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"120.87.32.89"; classtype:trojan-activity; sid:100001210; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"120.87.49.233"; classtype:trojan-activity; sid:100001211; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"121.122.110.204"; classtype:trojan-activity; sid:100001212; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"121.122.127.41"; classtype:trojan-activity; sid:100001213; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"121.128.103.44"; classtype:trojan-activity; sid:100001214; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"121.129.5.221"; classtype:trojan-activity; sid:100001215; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"121.132.32.231"; classtype:trojan-activity; sid:100001216; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"121.141.11.56"; classtype:trojan-activity; sid:100001217; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"121.146.19.128"; classtype:trojan-activity; sid:100001218; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"121.147.178.116"; classtype:trojan-activity; sid:100001219; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"121.148.94.142"; classtype:trojan-activity; sid:100001220; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"121.153.28.41"; classtype:trojan-activity; sid:100001221; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"121.154.226.39"; classtype:trojan-activity; sid:100001222; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"121.158.219.89"; classtype:trojan-activity; sid:100001223; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"121.159.241.80"; classtype:trojan-activity; sid:100001224; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"121.170.8.146"; classtype:trojan-activity; sid:100001225; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"121.178.107.199"; classtype:trojan-activity; sid:100001226; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"121.179.124.109"; classtype:trojan-activity; sid:100001227; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"121.179.3.99"; classtype:trojan-activity; sid:100001228; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"121.182.196.147"; classtype:trojan-activity; sid:100001229; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"121.183.115.154"; classtype:trojan-activity; sid:100001230; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"121.186.60.63"; classtype:trojan-activity; sid:100001231; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"121.205.212.252"; classtype:trojan-activity; sid:100001232; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"121.205.222.157"; classtype:trojan-activity; sid:100001233; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"121.205.222.88"; classtype:trojan-activity; sid:100001234; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"121.205.229.46"; classtype:trojan-activity; sid:100001235; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"121.205.255.181"; classtype:trojan-activity; sid:100001236; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"121.22.188.172"; classtype:trojan-activity; sid:100001237; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"121.226.107.173"; classtype:trojan-activity; sid:100001238; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"121.23.187.29"; classtype:trojan-activity; sid:100001239; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"121.23.196.153"; classtype:trojan-activity; sid:100001240; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"121.23.57.191"; classtype:trojan-activity; sid:100001241; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"121.23.74.2"; classtype:trojan-activity; sid:100001242; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"121.231.107.68"; classtype:trojan-activity; sid:100001243; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"121.231.150.70"; classtype:trojan-activity; sid:100001244; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"121.231.205.166"; classtype:trojan-activity; sid:100001245; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"121.231.205.79"; classtype:trojan-activity; sid:100001246; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"121.231.230.46"; classtype:trojan-activity; sid:100001247; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"121.231.67.7"; classtype:trojan-activity; sid:100001248; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"121.231.99.69"; classtype:trojan-activity; sid:100001249; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"121.233.51.159"; classtype:trojan-activity; sid:100001250; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"121.234.108.44"; classtype:trojan-activity; sid:100001251; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"121.235.136.37"; classtype:trojan-activity; sid:100001252; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"121.239.6.61"; classtype:trojan-activity; sid:100001253; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"121.25.106.78"; classtype:trojan-activity; sid:100001254; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"121.25.109.218"; classtype:trojan-activity; sid:100001255; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"121.25.53.213"; classtype:trojan-activity; sid:100001256; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"121.254.76.17"; classtype:trojan-activity; sid:100001257; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"121.33.4.33"; classtype:trojan-activity; sid:100001258; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"121.34.148.86"; classtype:trojan-activity; sid:100001259; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"121.61.0.77"; classtype:trojan-activity; sid:100001260; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"121.61.101.26"; classtype:trojan-activity; sid:100001261; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"121.61.103.87"; classtype:trojan-activity; sid:100001262; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"121.61.155.8"; classtype:trojan-activity; sid:100001263; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"121.61.42.205"; classtype:trojan-activity; sid:100001264; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"121.61.97.198"; classtype:trojan-activity; sid:100001265; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"121.61.99.214"; classtype:trojan-activity; sid:100001266; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"121.62.246.106"; classtype:trojan-activity; sid:100001267; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"121.62.252.116"; classtype:trojan-activity; sid:100001268; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"121.67.99.220"; classtype:trojan-activity; sid:100001269; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"122.100.105.199"; classtype:trojan-activity; sid:100001270; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"122.100.64.223"; classtype:trojan-activity; sid:100001271; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"122.138.180.153"; classtype:trojan-activity; sid:100001272; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"122.142.110.76"; classtype:trojan-activity; sid:100001273; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"122.158.118.236"; classtype:trojan-activity; sid:100001274; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"122.160.10.209"; classtype:trojan-activity; sid:100001275; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"122.160.147.53"; classtype:trojan-activity; sid:100001276; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"122.165.6.247"; classtype:trojan-activity; sid:100001277; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"122.188.138.137"; classtype:trojan-activity; sid:100001278; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"122.188.211.116"; classtype:trojan-activity; sid:100001279; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"122.189.2.32"; classtype:trojan-activity; sid:100001280; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"122.189.21.235"; classtype:trojan-activity; sid:100001281; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"122.191.31.129"; classtype:trojan-activity; sid:100001282; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"122.191.31.232"; classtype:trojan-activity; sid:100001283; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"122.192.104.252"; classtype:trojan-activity; sid:100001284; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"122.192.195.181"; classtype:trojan-activity; sid:100001285; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"122.193.137.53"; classtype:trojan-activity; sid:100001286; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"122.194.171.177"; classtype:trojan-activity; sid:100001287; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"122.194.190.67"; classtype:trojan-activity; sid:100001288; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"122.195.31.118"; classtype:trojan-activity; sid:100001289; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"122.226.241.146"; classtype:trojan-activity; sid:100001290; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"122.233.9.105"; classtype:trojan-activity; sid:100001291; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"122.234.28.41"; classtype:trojan-activity; sid:100001292; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"122.237.15.190"; classtype:trojan-activity; sid:100001293; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"122.237.241.201"; classtype:trojan-activity; sid:100001294; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"122.239.133.65"; classtype:trojan-activity; sid:100001295; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"122.239.141.186"; classtype:trojan-activity; sid:100001296; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"122.6.254.32"; classtype:trojan-activity; sid:100001297; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"122.96.103.188"; classtype:trojan-activity; sid:100001298; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"122.96.136.72"; classtype:trojan-activity; sid:100001299; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.0.193.181"; classtype:trojan-activity; sid:100001300; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.0.222.251"; classtype:trojan-activity; sid:100001301; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.0.240.58"; classtype:trojan-activity; sid:100001302; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.0.243.169"; classtype:trojan-activity; sid:100001303; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.10.134.132"; classtype:trojan-activity; sid:100001304; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.10.162.149"; classtype:trojan-activity; sid:100001305; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.10.17.36"; classtype:trojan-activity; sid:100001306; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.10.176.152"; classtype:trojan-activity; sid:100001307; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.10.220.140"; classtype:trojan-activity; sid:100001308; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.10.32.212"; classtype:trojan-activity; sid:100001309; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.10.51.146"; classtype:trojan-activity; sid:100001310; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.10.66.1"; classtype:trojan-activity; sid:100001311; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.11.1.37"; classtype:trojan-activity; sid:100001312; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.11.12.163"; classtype:trojan-activity; sid:100001313; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.11.14.59"; classtype:trojan-activity; sid:100001314; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.11.54.14"; classtype:trojan-activity; sid:100001315; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.11.7.151"; classtype:trojan-activity; sid:100001316; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.11.7.26"; classtype:trojan-activity; sid:100001317; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.11.78.21"; classtype:trojan-activity; sid:100001318; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.110.100.199"; classtype:trojan-activity; sid:100001319; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.110.116.52"; classtype:trojan-activity; sid:100001320; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.110.124.238"; classtype:trojan-activity; sid:100001321; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.110.124.244"; classtype:trojan-activity; sid:100001322; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.110.155.10"; classtype:trojan-activity; sid:100001323; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.110.170.237"; classtype:trojan-activity; sid:100001324; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.110.176.246"; classtype:trojan-activity; sid:100001325; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.110.182.187"; classtype:trojan-activity; sid:100001326; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.110.19.248"; classtype:trojan-activity; sid:100001327; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.110.195.93"; classtype:trojan-activity; sid:100001328; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.110.200.98"; classtype:trojan-activity; sid:100001329; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.110.204.242"; classtype:trojan-activity; sid:100001330; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.110.249.164"; classtype:trojan-activity; sid:100001331; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.12.1.100"; classtype:trojan-activity; sid:100001332; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.12.221.202"; classtype:trojan-activity; sid:100001333; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.12.235.209"; classtype:trojan-activity; sid:100001334; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.12.44.24"; classtype:trojan-activity; sid:100001335; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.12.46.231"; classtype:trojan-activity; sid:100001336; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.12.8.236"; classtype:trojan-activity; sid:100001337; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.128.125.95"; classtype:trojan-activity; sid:100001338; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.128.235.46"; classtype:trojan-activity; sid:100001339; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.129.128.168"; classtype:trojan-activity; sid:100001340; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.129.128.252"; classtype:trojan-activity; sid:100001341; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.129.128.85"; classtype:trojan-activity; sid:100001342; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.129.129.100"; classtype:trojan-activity; sid:100001343; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.129.131.126"; classtype:trojan-activity; sid:100001344; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.129.131.38"; classtype:trojan-activity; sid:100001345; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.129.131.60"; classtype:trojan-activity; sid:100001346; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.129.134.37"; classtype:trojan-activity; sid:100001347; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.129.135.196"; classtype:trojan-activity; sid:100001348; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.129.135.85"; classtype:trojan-activity; sid:100001349; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.129.135.86"; classtype:trojan-activity; sid:100001350; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.129.154.66"; classtype:trojan-activity; sid:100001351; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.129.155.9"; classtype:trojan-activity; sid:100001352; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.129.3.71"; classtype:trojan-activity; sid:100001353; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.129.82.128"; classtype:trojan-activity; sid:100001354; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.129.84.1"; classtype:trojan-activity; sid:100001355; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.13.182.15"; classtype:trojan-activity; sid:100001356; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.13.50.118"; classtype:trojan-activity; sid:100001357; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.13.99.96"; classtype:trojan-activity; sid:100001358; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.130.134.220"; classtype:trojan-activity; sid:100001359; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.130.149.191"; classtype:trojan-activity; sid:100001360; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.130.71.11"; classtype:trojan-activity; sid:100001361; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.130.90.71"; classtype:trojan-activity; sid:100001362; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.132.0.252"; classtype:trojan-activity; sid:100001363; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.132.216.238"; classtype:trojan-activity; sid:100001364; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.132.88.113"; classtype:trojan-activity; sid:100001365; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.133.136.99"; classtype:trojan-activity; sid:100001366; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.133.193.150"; classtype:trojan-activity; sid:100001367; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.135.156.244"; classtype:trojan-activity; sid:100001368; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.135.215.227"; classtype:trojan-activity; sid:100001369; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.135.236.253"; classtype:trojan-activity; sid:100001370; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.139.36.15"; classtype:trojan-activity; sid:100001371; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.139.90.44"; classtype:trojan-activity; sid:100001372; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.14.105.53"; classtype:trojan-activity; sid:100001373; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.14.111.245"; classtype:trojan-activity; sid:100001374; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.14.126.236"; classtype:trojan-activity; sid:100001375; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.14.148.179"; classtype:trojan-activity; sid:100001376; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.14.171.201"; classtype:trojan-activity; sid:100001377; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.14.185.134"; classtype:trojan-activity; sid:100001378; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.14.199.130"; classtype:trojan-activity; sid:100001379; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.14.206.7"; classtype:trojan-activity; sid:100001380; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.14.207.214"; classtype:trojan-activity; sid:100001381; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.14.211.226"; classtype:trojan-activity; sid:100001382; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.14.235.194"; classtype:trojan-activity; sid:100001383; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.14.239.152"; classtype:trojan-activity; sid:100001384; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.14.248.210"; classtype:trojan-activity; sid:100001385; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.14.252.148"; classtype:trojan-activity; sid:100001386; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.14.39.99"; classtype:trojan-activity; sid:100001387; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.14.80.55"; classtype:trojan-activity; sid:100001388; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.14.84.7"; classtype:trojan-activity; sid:100001389; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.14.86.225"; classtype:trojan-activity; sid:100001390; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.14.87.101"; classtype:trojan-activity; sid:100001391; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.14.88.187"; classtype:trojan-activity; sid:100001392; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.14.89.228"; classtype:trojan-activity; sid:100001393; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.14.95.157"; classtype:trojan-activity; sid:100001394; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.155.11.209"; classtype:trojan-activity; sid:100001395; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.159.31.189"; classtype:trojan-activity; sid:100001396; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.16.129.169"; classtype:trojan-activity; sid:100001397; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.183.17.237"; classtype:trojan-activity; sid:100001398; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.185.222.20"; classtype:trojan-activity; sid:100001399; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.192.101.163"; classtype:trojan-activity; sid:100001400; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.192.253.100"; classtype:trojan-activity; sid:100001401; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.193.148.214"; classtype:trojan-activity; sid:100001402; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.193.229.118"; classtype:trojan-activity; sid:100001403; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.193.24.121"; classtype:trojan-activity; sid:100001404; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.194.235.37"; classtype:trojan-activity; sid:100001405; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.194.32.125"; classtype:trojan-activity; sid:100001406; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.194.32.140"; classtype:trojan-activity; sid:100001407; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.194.32.157"; classtype:trojan-activity; sid:100001408; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.194.35.146"; classtype:trojan-activity; sid:100001409; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.194.60.238"; classtype:trojan-activity; sid:100001410; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.194.80.31"; classtype:trojan-activity; sid:100001411; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.194.80.71"; classtype:trojan-activity; sid:100001412; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.195.105.184"; classtype:trojan-activity; sid:100001413; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.195.107.73"; classtype:trojan-activity; sid:100001414; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.195.112.201"; classtype:trojan-activity; sid:100001415; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.195.134.42"; classtype:trojan-activity; sid:100001416; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.195.56.118"; classtype:trojan-activity; sid:100001417; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.195.60.199"; classtype:trojan-activity; sid:100001418; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.195.60.5"; classtype:trojan-activity; sid:100001419; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.195.84.170"; classtype:trojan-activity; sid:100001420; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.195.87.10"; classtype:trojan-activity; sid:100001421; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.195.87.198"; classtype:trojan-activity; sid:100001422; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.204.104.42"; classtype:trojan-activity; sid:100001423; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.204.88.10"; classtype:trojan-activity; sid:100001424; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.204.89.138"; classtype:trojan-activity; sid:100001425; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.233.166.182"; classtype:trojan-activity; sid:100001426; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.234.234.105"; classtype:trojan-activity; sid:100001427; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.234.254.42"; classtype:trojan-activity; sid:100001428; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.235.127.27"; classtype:trojan-activity; sid:100001429; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.235.225.175"; classtype:trojan-activity; sid:100001430; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.240.103.89"; classtype:trojan-activity; sid:100001431; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.240.143.236"; classtype:trojan-activity; sid:100001432; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.240.181.57"; classtype:trojan-activity; sid:100001433; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.240.20.187"; classtype:trojan-activity; sid:100001434; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.240.224.61"; classtype:trojan-activity; sid:100001435; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.240.23.243"; classtype:trojan-activity; sid:100001436; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.240.72.181"; classtype:trojan-activity; sid:100001437; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.240.79.54"; classtype:trojan-activity; sid:100001438; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.240.79.61"; classtype:trojan-activity; sid:100001439; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.241.11.41"; classtype:trojan-activity; sid:100001440; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.241.123.185"; classtype:trojan-activity; sid:100001441; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.241.127.181"; classtype:trojan-activity; sid:100001442; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.241.148.58"; classtype:trojan-activity; sid:100001443; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.241.155.238"; classtype:trojan-activity; sid:100001444; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.241.184.124"; classtype:trojan-activity; sid:100001445; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.241.185.249"; classtype:trojan-activity; sid:100001446; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.241.36.124"; classtype:trojan-activity; sid:100001447; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.241.57.252"; classtype:trojan-activity; sid:100001448; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.241.60.240"; classtype:trojan-activity; sid:100001449; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.241.8.92"; classtype:trojan-activity; sid:100001450; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.28.139.13"; classtype:trojan-activity; sid:100001451; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.4.171.59"; classtype:trojan-activity; sid:100001452; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.4.203.177"; classtype:trojan-activity; sid:100001453; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.4.215.68"; classtype:trojan-activity; sid:100001454; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.4.216.209"; classtype:trojan-activity; sid:100001455; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.4.219.205"; classtype:trojan-activity; sid:100001456; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.4.220.88"; classtype:trojan-activity; sid:100001457; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.4.220.94"; classtype:trojan-activity; sid:100001458; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.4.242.195"; classtype:trojan-activity; sid:100001459; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.4.243.26"; classtype:trojan-activity; sid:100001460; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.4.248.31"; classtype:trojan-activity; sid:100001461; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.4.255.143"; classtype:trojan-activity; sid:100001462; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.4.52.159"; classtype:trojan-activity; sid:100001463; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.4.82.101"; classtype:trojan-activity; sid:100001464; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.4.85.42"; classtype:trojan-activity; sid:100001465; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.4.88.57"; classtype:trojan-activity; sid:100001466; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.4.93.129"; classtype:trojan-activity; sid:100001467; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.5.12.157"; classtype:trojan-activity; sid:100001468; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.5.121.35"; classtype:trojan-activity; sid:100001469; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.5.127.8"; classtype:trojan-activity; sid:100001470; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.5.140.75"; classtype:trojan-activity; sid:100001471; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.5.141.101"; classtype:trojan-activity; sid:100001472; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.5.150.118"; classtype:trojan-activity; sid:100001473; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.5.168.171"; classtype:trojan-activity; sid:100001474; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.5.173.6"; classtype:trojan-activity; sid:100001475; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.5.18.123"; classtype:trojan-activity; sid:100001476; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.5.18.184"; classtype:trojan-activity; sid:100001477; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.5.184.123"; classtype:trojan-activity; sid:100001478; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.5.186.120"; classtype:trojan-activity; sid:100001479; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.5.186.4"; classtype:trojan-activity; sid:100001480; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.5.197.101"; classtype:trojan-activity; sid:100001481; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.5.46.80"; classtype:trojan-activity; sid:100001482; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.5.5.225"; classtype:trojan-activity; sid:100001483; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.5.5.53"; classtype:trojan-activity; sid:100001484; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.5.63.81"; classtype:trojan-activity; sid:100001485; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.7.215.58"; classtype:trojan-activity; sid:100001486; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.7.215.94"; classtype:trojan-activity; sid:100001487; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.7.41.129"; classtype:trojan-activity; sid:100001488; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.8.1.235"; classtype:trojan-activity; sid:100001489; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.8.130.180"; classtype:trojan-activity; sid:100001490; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.8.139.68"; classtype:trojan-activity; sid:100001491; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.8.164.255"; classtype:trojan-activity; sid:100001492; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.8.166.227"; classtype:trojan-activity; sid:100001493; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.8.21.114"; classtype:trojan-activity; sid:100001494; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.8.246.229"; classtype:trojan-activity; sid:100001495; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.8.248.69"; classtype:trojan-activity; sid:100001496; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.8.58.198"; classtype:trojan-activity; sid:100001497; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.8.58.220"; classtype:trojan-activity; sid:100001498; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.8.8.193"; classtype:trojan-activity; sid:100001499; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.8.81.165"; classtype:trojan-activity; sid:100001500; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.8.84.3"; classtype:trojan-activity; sid:100001501; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.9.110.8"; classtype:trojan-activity; sid:100001502; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.9.194.193"; classtype:trojan-activity; sid:100001503; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.9.195.145"; classtype:trojan-activity; sid:100001504; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.9.199.20"; classtype:trojan-activity; sid:100001505; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.9.199.9"; classtype:trojan-activity; sid:100001506; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.9.202.100"; classtype:trojan-activity; sid:100001507; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.9.238.14"; classtype:trojan-activity; sid:100001508; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.9.248.254"; classtype:trojan-activity; sid:100001509; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.9.253.172"; classtype:trojan-activity; sid:100001510; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123.97.129.213"; classtype:trojan-activity; sid:100001511; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"123hpcom.site"; classtype:trojan-activity; sid:100001512; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"124.105.105.222"; classtype:trojan-activity; sid:100001513; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"124.129.140.124"; classtype:trojan-activity; sid:100001514; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"124.129.80.158"; classtype:trojan-activity; sid:100001515; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"124.131.113.43"; classtype:trojan-activity; sid:100001516; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"124.131.131.51"; classtype:trojan-activity; sid:100001517; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"124.131.132.250"; classtype:trojan-activity; sid:100001518; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"124.131.133.30"; classtype:trojan-activity; sid:100001519; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"124.131.146.119"; classtype:trojan-activity; sid:100001520; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"124.131.21.50"; classtype:trojan-activity; sid:100001521; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"124.132.110.150"; classtype:trojan-activity; sid:100001522; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"124.132.2.47"; classtype:trojan-activity; sid:100001523; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"124.132.36.88"; classtype:trojan-activity; sid:100001524; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"124.135.166.209"; classtype:trojan-activity; sid:100001525; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"124.135.168.132"; classtype:trojan-activity; sid:100001526; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"124.152.37.195"; classtype:trojan-activity; sid:100001527; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"124.153.136.175"; classtype:trojan-activity; sid:100001528; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"124.153.236.6"; classtype:trojan-activity; sid:100001529; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"124.155.146.133"; classtype:trojan-activity; sid:100001530; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"124.155.146.18"; classtype:trojan-activity; sid:100001531; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"124.160.126.238"; classtype:trojan-activity; sid:100001532; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"124.163.101.65"; classtype:trojan-activity; sid:100001533; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"124.163.151.226"; classtype:trojan-activity; sid:100001534; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"124.163.175.129"; classtype:trojan-activity; sid:100001535; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"124.163.21.184"; classtype:trojan-activity; sid:100001536; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"124.163.36.15"; classtype:trojan-activity; sid:100001537; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"124.163.37.240"; classtype:trojan-activity; sid:100001538; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"124.164.122.198"; classtype:trojan-activity; sid:100001539; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"124.164.160.76"; classtype:trojan-activity; sid:100001540; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"124.164.168.207"; classtype:trojan-activity; sid:100001541; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"124.165.128.82"; classtype:trojan-activity; sid:100001542; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"124.218.130.81"; classtype:trojan-activity; sid:100001543; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"124.228.109.11"; classtype:trojan-activity; sid:100001544; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"124.234.157.235"; classtype:trojan-activity; sid:100001545; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"124.44.91.1"; classtype:trojan-activity; sid:100001546; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"124.5.112.43"; classtype:trojan-activity; sid:100001547; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"124.5.24.142"; classtype:trojan-activity; sid:100001548; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"124.6.14.122"; classtype:trojan-activity; sid:100001549; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"124.6.16.234"; classtype:trojan-activity; sid:100001550; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"124.80.56.10"; classtype:trojan-activity; sid:100001551; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"124.93.60.27"; classtype:trojan-activity; sid:100001552; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.104.81.37"; classtype:trojan-activity; sid:100001553; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.104.98.131"; classtype:trojan-activity; sid:100001554; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.105.184.238"; classtype:trojan-activity; sid:100001555; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.105.239.247"; classtype:trojan-activity; sid:100001556; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.105.70.77"; classtype:trojan-activity; sid:100001557; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.106.122.179"; classtype:trojan-activity; sid:100001558; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.106.146.24"; classtype:trojan-activity; sid:100001559; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.106.223.172"; classtype:trojan-activity; sid:100001560; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.106.26.141"; classtype:trojan-activity; sid:100001561; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.106.61.138"; classtype:trojan-activity; sid:100001562; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.109.187.101"; classtype:trojan-activity; sid:100001563; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.109.21.231"; classtype:trojan-activity; sid:100001564; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.110.18.173"; classtype:trojan-activity; sid:100001565; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.113.24.209"; classtype:trojan-activity; sid:100001566; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.120.13.128"; classtype:trojan-activity; sid:100001567; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.125.32.79"; classtype:trojan-activity; sid:100001568; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.126.164.243"; classtype:trojan-activity; sid:100001569; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.133.201.225"; classtype:trojan-activity; sid:100001570; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.138.58.177"; classtype:trojan-activity; sid:100001571; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.139.100.153"; classtype:trojan-activity; sid:100001572; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.139.81.178"; classtype:trojan-activity; sid:100001573; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.140.189.95"; classtype:trojan-activity; sid:100001574; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.168.248.100"; classtype:trojan-activity; sid:100001575; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.211.23.190"; classtype:trojan-activity; sid:100001576; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.25.103.109"; classtype:trojan-activity; sid:100001577; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.25.108.192"; classtype:trojan-activity; sid:100001578; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.25.111.102"; classtype:trojan-activity; sid:100001579; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.26.22.53"; classtype:trojan-activity; sid:100001580; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.26.248.5"; classtype:trojan-activity; sid:100001581; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.36.157.30"; classtype:trojan-activity; sid:100001582; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.38.184.77"; classtype:trojan-activity; sid:100001583; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.40.107.19"; classtype:trojan-activity; sid:100001584; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.40.113.196"; classtype:trojan-activity; sid:100001585; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.40.146.101"; classtype:trojan-activity; sid:100001586; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.40.146.249"; classtype:trojan-activity; sid:100001587; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.40.154.181"; classtype:trojan-activity; sid:100001588; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.40.154.20"; classtype:trojan-activity; sid:100001589; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.40.2.249"; classtype:trojan-activity; sid:100001590; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.40.222.27"; classtype:trojan-activity; sid:100001591; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.40.27.74"; classtype:trojan-activity; sid:100001592; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.40.3.97"; classtype:trojan-activity; sid:100001593; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.40.72.54"; classtype:trojan-activity; sid:100001594; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.40.73.111"; classtype:trojan-activity; sid:100001595; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.41.0.183"; classtype:trojan-activity; sid:100001596; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.41.10.219"; classtype:trojan-activity; sid:100001597; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.41.11.109"; classtype:trojan-activity; sid:100001598; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.41.12.199"; classtype:trojan-activity; sid:100001599; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.41.139.191"; classtype:trojan-activity; sid:100001600; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.41.140.109"; classtype:trojan-activity; sid:100001601; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.41.156.248"; classtype:trojan-activity; sid:100001602; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.41.184.201"; classtype:trojan-activity; sid:100001603; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.41.188.244"; classtype:trojan-activity; sid:100001604; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.41.189.102"; classtype:trojan-activity; sid:100001605; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.41.222.52"; classtype:trojan-activity; sid:100001606; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.41.231.103"; classtype:trojan-activity; sid:100001607; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.41.3.56"; classtype:trojan-activity; sid:100001608; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.41.4.113"; classtype:trojan-activity; sid:100001609; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.41.5.166"; classtype:trojan-activity; sid:100001610; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.41.5.35"; classtype:trojan-activity; sid:100001611; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.41.91.199"; classtype:trojan-activity; sid:100001612; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.42.10.194"; classtype:trojan-activity; sid:100001613; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.42.120.6"; classtype:trojan-activity; sid:100001614; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.42.123.151"; classtype:trojan-activity; sid:100001615; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.42.125.147"; classtype:trojan-activity; sid:100001616; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.42.199.60"; classtype:trojan-activity; sid:100001617; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.42.232.186"; classtype:trojan-activity; sid:100001618; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.42.232.245"; classtype:trojan-activity; sid:100001619; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.42.25.229"; classtype:trojan-activity; sid:100001620; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.42.98.173"; classtype:trojan-activity; sid:100001621; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.42.98.76"; classtype:trojan-activity; sid:100001622; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.43.1.149"; classtype:trojan-activity; sid:100001623; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.43.10.222"; classtype:trojan-activity; sid:100001624; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.43.198.77"; classtype:trojan-activity; sid:100001625; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.43.24.162"; classtype:trojan-activity; sid:100001626; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.43.25.37"; classtype:trojan-activity; sid:100001627; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.43.26.104"; classtype:trojan-activity; sid:100001628; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.43.54.105"; classtype:trojan-activity; sid:100001629; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.43.7.165"; classtype:trojan-activity; sid:100001630; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.43.75.39"; classtype:trojan-activity; sid:100001631; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.43.9.238"; classtype:trojan-activity; sid:100001632; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.43.92.173"; classtype:trojan-activity; sid:100001633; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.44.12.211"; classtype:trojan-activity; sid:100001634; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.44.12.37"; classtype:trojan-activity; sid:100001635; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.44.153.178"; classtype:trojan-activity; sid:100001636; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.44.168.116"; classtype:trojan-activity; sid:100001637; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.44.193.179"; classtype:trojan-activity; sid:100001638; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.44.195.3"; classtype:trojan-activity; sid:100001639; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.44.197.61"; classtype:trojan-activity; sid:100001640; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.44.213.55"; classtype:trojan-activity; sid:100001641; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.44.215.55"; classtype:trojan-activity; sid:100001642; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.44.221.77"; classtype:trojan-activity; sid:100001643; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.44.232.220"; classtype:trojan-activity; sid:100001644; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.44.33.127"; classtype:trojan-activity; sid:100001645; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.44.34.40"; classtype:trojan-activity; sid:100001646; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.44.59.215"; classtype:trojan-activity; sid:100001647; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.44.8.78"; classtype:trojan-activity; sid:100001648; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.45.105.23"; classtype:trojan-activity; sid:100001649; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.45.147.76"; classtype:trojan-activity; sid:100001650; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.45.50.151"; classtype:trojan-activity; sid:100001651; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.45.54.11"; classtype:trojan-activity; sid:100001652; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.45.56.245"; classtype:trojan-activity; sid:100001653; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.45.64.251"; classtype:trojan-activity; sid:100001654; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.46.135.216"; classtype:trojan-activity; sid:100001655; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.46.138.17"; classtype:trojan-activity; sid:100001656; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.46.157.178"; classtype:trojan-activity; sid:100001657; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.46.182.81"; classtype:trojan-activity; sid:100001658; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.46.184.171"; classtype:trojan-activity; sid:100001659; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.46.200.242"; classtype:trojan-activity; sid:100001660; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.46.219.96"; classtype:trojan-activity; sid:100001661; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.46.242.177"; classtype:trojan-activity; sid:100001662; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.46.252.73"; classtype:trojan-activity; sid:100001663; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.46.254.43"; classtype:trojan-activity; sid:100001664; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.47.194.199"; classtype:trojan-activity; sid:100001665; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.47.199.217"; classtype:trojan-activity; sid:100001666; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.47.202.105"; classtype:trojan-activity; sid:100001667; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.47.205.57"; classtype:trojan-activity; sid:100001668; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.47.216.96"; classtype:trojan-activity; sid:100001669; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.47.218.242"; classtype:trojan-activity; sid:100001670; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.47.219.173"; classtype:trojan-activity; sid:100001671; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.47.240.27"; classtype:trojan-activity; sid:100001672; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.47.240.58"; classtype:trojan-activity; sid:100001673; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.47.241.172"; classtype:trojan-activity; sid:100001674; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.47.241.231"; classtype:trojan-activity; sid:100001675; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.47.246.162"; classtype:trojan-activity; sid:100001676; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.47.247.2"; classtype:trojan-activity; sid:100001677; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.47.247.24"; classtype:trojan-activity; sid:100001678; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.47.250.31"; classtype:trojan-activity; sid:100001679; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.47.253.58"; classtype:trojan-activity; sid:100001680; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.47.253.94"; classtype:trojan-activity; sid:100001681; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.47.255.98"; classtype:trojan-activity; sid:100001682; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.47.46.171"; classtype:trojan-activity; sid:100001683; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.47.48.52"; classtype:trojan-activity; sid:100001684; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.47.52.18"; classtype:trojan-activity; sid:100001685; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.47.54.92"; classtype:trojan-activity; sid:100001686; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.47.58.31"; classtype:trojan-activity; sid:100001687; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.47.61.86"; classtype:trojan-activity; sid:100001688; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.47.67.120"; classtype:trojan-activity; sid:100001689; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.47.83.80"; classtype:trojan-activity; sid:100001690; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.78.229.155"; classtype:trojan-activity; sid:100001691; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"125.83.104.77"; classtype:trojan-activity; sid:100001692; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"128.106.175.190"; classtype:trojan-activity; sid:100001693; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"128.116.228.168"; classtype:trojan-activity; sid:100001694; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"129.226.180.53"; classtype:trojan-activity; sid:100001695; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"130.162.32.102"; classtype:trojan-activity; sid:100001696; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"130.204.214.199"; classtype:trojan-activity; sid:100001697; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"130.255.159.133"; classtype:trojan-activity; sid:100001698; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"134.236.252.28"; classtype:trojan-activity; sid:100001699; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"135.125.205.204"; classtype:trojan-activity; sid:100001700; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"136.144.41.143"; classtype:trojan-activity; sid:100001701; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"136.144.41.207"; classtype:trojan-activity; sid:100001702; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"137.103.60.75"; classtype:trojan-activity; sid:100001703; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"138.99.204.224"; classtype:trojan-activity; sid:100001704; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"139.190.239.110"; classtype:trojan-activity; sid:100001705; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"139.190.239.240"; classtype:trojan-activity; sid:100001706; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"139.216.102.151"; classtype:trojan-activity; sid:100001707; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"14.102.17.222"; classtype:trojan-activity; sid:100001708; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"14.102.97.204"; classtype:trojan-activity; sid:100001709; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"14.127.240.153"; classtype:trojan-activity; sid:100001710; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"14.127.243.47"; classtype:trojan-activity; sid:100001711; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"14.138.109.129"; classtype:trojan-activity; sid:100001712; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"14.138.109.26"; classtype:trojan-activity; sid:100001713; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"14.144.68.208"; classtype:trojan-activity; sid:100001714; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"14.160.178.11"; classtype:trojan-activity; sid:100001715; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"14.160.179.85"; classtype:trojan-activity; sid:100001716; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"14.160.34.50"; classtype:trojan-activity; sid:100001717; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"14.164.237.228"; classtype:trojan-activity; sid:100001718; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"14.172.137.2"; classtype:trojan-activity; sid:100001719; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"14.173.103.175"; classtype:trojan-activity; sid:100001720; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"14.174.147.72"; classtype:trojan-activity; sid:100001721; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"14.176.141.136"; classtype:trojan-activity; sid:100001722; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"14.179.154.237"; classtype:trojan-activity; sid:100001723; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"14.180.239.103"; classtype:trojan-activity; sid:100001724; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"14.183.119.53"; classtype:trojan-activity; sid:100001725; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"14.183.91.101"; classtype:trojan-activity; sid:100001726; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"14.192.1.22"; classtype:trojan-activity; sid:100001727; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"14.224.109.58"; classtype:trojan-activity; sid:100001728; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"14.226.175.13"; classtype:trojan-activity; sid:100001729; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"14.230.134.44"; classtype:trojan-activity; sid:100001730; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"14.234.142.128"; classtype:trojan-activity; sid:100001731; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"14.234.91.243"; classtype:trojan-activity; sid:100001732; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"14.240.55.201"; classtype:trojan-activity; sid:100001733; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"14.241.227.216"; classtype:trojan-activity; sid:100001734; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"14.246.95.161"; classtype:trojan-activity; sid:100001735; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"14.252.247.237"; classtype:trojan-activity; sid:100001736; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"14.252.254.174"; classtype:trojan-activity; sid:100001737; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"14.252.254.248"; classtype:trojan-activity; sid:100001738; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"14.32.54.142"; classtype:trojan-activity; sid:100001739; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"14.39.50.17"; classtype:trojan-activity; sid:100001740; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"14.40.114.215"; classtype:trojan-activity; sid:100001741; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"14.42.160.123"; classtype:trojan-activity; sid:100001742; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"14.42.36.52"; classtype:trojan-activity; sid:100001743; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"14.45.127.110"; classtype:trojan-activity; sid:100001744; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"14.45.20.130"; classtype:trojan-activity; sid:100001745; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"14.46.25.17"; classtype:trojan-activity; sid:100001746; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"14.50.129.248"; classtype:trojan-activity; sid:100001747; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"14.54.91.154"; classtype:trojan-activity; sid:100001748; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"14.55.140.176"; classtype:trojan-activity; sid:100001749; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"140.237.10.253"; classtype:trojan-activity; sid:100001750; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"140.237.15.175"; classtype:trojan-activity; sid:100001751; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"140.237.93.1"; classtype:trojan-activity; sid:100001752; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"140.237.93.171"; classtype:trojan-activity; sid:100001753; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"141.195.20.69"; classtype:trojan-activity; sid:100001754; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"142.255.48.233"; classtype:trojan-activity; sid:100001755; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"143.255.167.37"; classtype:trojan-activity; sid:100001756; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"144.129.175.204"; classtype:trojan-activity; sid:100001757; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"144.139.130.6"; classtype:trojan-activity; sid:100001758; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"144.91.81.180"; classtype:trojan-activity; sid:100001759; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"149.3.110.195"; classtype:trojan-activity; sid:100001760; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"149.3.170.181"; classtype:trojan-activity; sid:100001761; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"149.3.170.64"; classtype:trojan-activity; sid:100001762; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"149.3.73.242"; classtype:trojan-activity; sid:100001763; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"149.3.85.55"; classtype:trojan-activity; sid:100001764; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"150.129.248.112"; classtype:trojan-activity; sid:100001765; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"151.177.186.24"; classtype:trojan-activity; sid:100001766; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"151.234.126.162"; classtype:trojan-activity; sid:100001767; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"151.251.44.6"; classtype:trojan-activity; sid:100001768; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"151.77.154.85"; classtype:trojan-activity; sid:100001769; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"153.0.56.151"; classtype:trojan-activity; sid:100001770; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"153.101.233.243"; classtype:trojan-activity; sid:100001771; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"153.101.235.167"; classtype:trojan-activity; sid:100001772; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"153.101.37.91"; classtype:trojan-activity; sid:100001773; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"153.3.135.54"; classtype:trojan-activity; sid:100001774; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"153.3.138.251"; classtype:trojan-activity; sid:100001775; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"153.3.206.78"; classtype:trojan-activity; sid:100001776; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"153.3.6.78"; classtype:trojan-activity; sid:100001777; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"153.3.63.8"; classtype:trojan-activity; sid:100001778; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"153.34.124.86"; classtype:trojan-activity; sid:100001779; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"153.34.28.166"; classtype:trojan-activity; sid:100001780; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"153.35.32.98"; classtype:trojan-activity; sid:100001781; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"153.35.38.50"; classtype:trojan-activity; sid:100001782; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"153.35.47.157"; classtype:trojan-activity; sid:100001783; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"153.36.161.145"; classtype:trojan-activity; sid:100001784; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"153.36.18.112"; classtype:trojan-activity; sid:100001785; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"154.126.178.16"; classtype:trojan-activity; sid:100001786; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"154.91.192.252"; classtype:trojan-activity; sid:100001787; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"155.94.228.223"; classtype:trojan-activity; sid:100001788; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"1566xueshe.com"; classtype:trojan-activity; sid:100001789; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"157.122.107.98"; classtype:trojan-activity; sid:100001790; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"157.122.111.178"; classtype:trojan-activity; sid:100001791; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"158.101.165.14"; classtype:trojan-activity; sid:100001792; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"158.174.218.29"; classtype:trojan-activity; sid:100001793; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"158.222.165.33"; classtype:trojan-activity; sid:100001794; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"158.222.234.146"; classtype:trojan-activity; sid:100001795; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"162.191.157.4"; classtype:trojan-activity; sid:100001796; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"162.194.28.60"; classtype:trojan-activity; sid:100001797; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"162.209.98.174"; classtype:trojan-activity; sid:100001798; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"162.224.157.135"; classtype:trojan-activity; sid:100001799; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"162.231.198.11"; classtype:trojan-activity; sid:100001800; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"162.238.152.19"; classtype:trojan-activity; sid:100001801; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"162.84.168.150"; classtype:trojan-activity; sid:100001802; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"163.125.101.94"; classtype:trojan-activity; sid:100001803; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"163.125.103.107"; classtype:trojan-activity; sid:100001804; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"163.125.124.118"; classtype:trojan-activity; sid:100001805; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"163.125.158.23"; classtype:trojan-activity; sid:100001806; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"163.125.184.25"; classtype:trojan-activity; sid:100001807; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"163.125.239.156"; classtype:trojan-activity; sid:100001808; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"163.125.43.87"; classtype:trojan-activity; sid:100001809; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"163.125.59.42"; classtype:trojan-activity; sid:100001810; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"163.125.64.150"; classtype:trojan-activity; sid:100001811; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"163.125.83.152"; classtype:trojan-activity; sid:100001812; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"163.125.93.214"; classtype:trojan-activity; sid:100001813; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"163.142.100.170"; classtype:trojan-activity; sid:100001814; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"163.142.101.86"; classtype:trojan-activity; sid:100001815; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"163.142.101.89"; classtype:trojan-activity; sid:100001816; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"163.142.102.125"; classtype:trojan-activity; sid:100001817; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"163.142.121.229"; classtype:trojan-activity; sid:100001818; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"163.142.122.207"; classtype:trojan-activity; sid:100001819; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"163.142.123.225"; classtype:trojan-activity; sid:100001820; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"163.142.78.93"; classtype:trojan-activity; sid:100001821; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"163.179.160.165"; classtype:trojan-activity; sid:100001822; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"163.179.160.40"; classtype:trojan-activity; sid:100001823; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"163.179.161.249"; classtype:trojan-activity; sid:100001824; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"163.179.162.96"; classtype:trojan-activity; sid:100001825; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"163.179.163.118"; classtype:trojan-activity; sid:100001826; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"163.179.163.198"; classtype:trojan-activity; sid:100001827; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"163.179.164.127"; classtype:trojan-activity; sid:100001828; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"163.179.166.176"; classtype:trojan-activity; sid:100001829; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"163.179.166.242"; classtype:trojan-activity; sid:100001830; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"163.179.171.166"; classtype:trojan-activity; sid:100001831; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"163.179.172.139"; classtype:trojan-activity; sid:100001832; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"163.179.173.120"; classtype:trojan-activity; sid:100001833; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"163.179.175.11"; classtype:trojan-activity; sid:100001834; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"163.179.175.162"; classtype:trojan-activity; sid:100001835; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"163.179.217.247"; classtype:trojan-activity; sid:100001836; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"163.179.232.179"; classtype:trojan-activity; sid:100001837; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"163.179.233.2"; classtype:trojan-activity; sid:100001838; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"163.179.235.102"; classtype:trojan-activity; sid:100001839; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"163.179.243.80"; classtype:trojan-activity; sid:100001840; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"163.204.208.69"; classtype:trojan-activity; sid:100001841; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"163.204.211.149"; classtype:trojan-activity; sid:100001842; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"163.204.212.127"; classtype:trojan-activity; sid:100001843; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"163.204.213.151"; classtype:trojan-activity; sid:100001844; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"163.204.216.139"; classtype:trojan-activity; sid:100001845; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"163.204.217.175"; classtype:trojan-activity; sid:100001846; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"163.204.217.233"; classtype:trojan-activity; sid:100001847; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"163.204.218.38"; classtype:trojan-activity; sid:100001848; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"163.204.218.70"; classtype:trojan-activity; sid:100001849; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"163.204.220.93"; classtype:trojan-activity; sid:100001850; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"163.204.223.148"; classtype:trojan-activity; sid:100001851; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"163.204.82.130"; classtype:trojan-activity; sid:100001852; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"163.53.206.228"; classtype:trojan-activity; sid:100001853; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"164.163.25.132"; classtype:trojan-activity; sid:100001854; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"168.121.239.172"; classtype:trojan-activity; sid:100001855; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"170.244.231.162"; classtype:trojan-activity; sid:100001856; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"170.78.39.54"; classtype:trojan-activity; sid:100001857; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"171.107.58.110"; classtype:trojan-activity; sid:100001858; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"171.112.176.24"; classtype:trojan-activity; sid:100001859; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"171.117.240.103"; classtype:trojan-activity; sid:100001860; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"171.118.75.203"; classtype:trojan-activity; sid:100001861; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"171.118.94.250"; classtype:trojan-activity; sid:100001862; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"171.119.208.121"; classtype:trojan-activity; sid:100001863; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"171.119.221.138"; classtype:trojan-activity; sid:100001864; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"171.123.182.247"; classtype:trojan-activity; sid:100001865; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"171.123.192.121"; classtype:trojan-activity; sid:100001866; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"171.123.239.217"; classtype:trojan-activity; sid:100001867; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"171.125.128.136"; classtype:trojan-activity; sid:100001868; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"171.125.189.227"; classtype:trojan-activity; sid:100001869; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"171.125.190.174"; classtype:trojan-activity; sid:100001870; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"171.125.218.165"; classtype:trojan-activity; sid:100001871; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"171.125.233.113"; classtype:trojan-activity; sid:100001872; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"171.125.244.211"; classtype:trojan-activity; sid:100001873; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"171.125.26.223"; classtype:trojan-activity; sid:100001874; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"171.249.30.22"; classtype:trojan-activity; sid:100001875; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"171.250.188.234"; classtype:trojan-activity; sid:100001876; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"171.34.176.219"; classtype:trojan-activity; sid:100001877; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"171.35.160.239"; classtype:trojan-activity; sid:100001878; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"171.35.162.249"; classtype:trojan-activity; sid:100001879; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"171.35.173.44"; classtype:trojan-activity; sid:100001880; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"171.35.174.164"; classtype:trojan-activity; sid:100001881; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"171.35.175.211"; classtype:trojan-activity; sid:100001882; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"171.36.7.100"; classtype:trojan-activity; sid:100001883; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"171.37.124.85"; classtype:trojan-activity; sid:100001884; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"171.38.144.173"; classtype:trojan-activity; sid:100001885; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"171.38.144.222"; classtype:trojan-activity; sid:100001886; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"171.38.145.117"; classtype:trojan-activity; sid:100001887; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"171.38.147.151"; classtype:trojan-activity; sid:100001888; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"171.38.148.181"; classtype:trojan-activity; sid:100001889; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"171.38.150.72"; classtype:trojan-activity; sid:100001890; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"171.38.151.149"; classtype:trojan-activity; sid:100001891; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"171.38.192.19"; classtype:trojan-activity; sid:100001892; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"171.38.193.109"; classtype:trojan-activity; sid:100001893; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"171.38.193.202"; classtype:trojan-activity; sid:100001894; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"171.38.217.121"; classtype:trojan-activity; sid:100001895; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"171.38.220.254"; classtype:trojan-activity; sid:100001896; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"171.38.221.192"; classtype:trojan-activity; sid:100001897; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"171.38.222.186"; classtype:trojan-activity; sid:100001898; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"171.38.223.112"; classtype:trojan-activity; sid:100001899; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"171.38.78.197"; classtype:trojan-activity; sid:100001900; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"171.40.180.122"; classtype:trojan-activity; sid:100001901; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"171.40.3.90"; classtype:trojan-activity; sid:100001902; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"171.42.124.153"; classtype:trojan-activity; sid:100001903; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"171.42.58.26"; classtype:trojan-activity; sid:100001904; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"171.42.80.96"; classtype:trojan-activity; sid:100001905; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"171.44.223.73"; classtype:trojan-activity; sid:100001906; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"171.44.244.158"; classtype:trojan-activity; sid:100001907; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"171.80.193.122"; classtype:trojan-activity; sid:100001908; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"171.80.233.99"; classtype:trojan-activity; sid:100001909; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"171.81.124.65"; classtype:trojan-activity; sid:100001910; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"171.81.193.84"; classtype:trojan-activity; sid:100001911; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"171.83.202.111"; classtype:trojan-activity; sid:100001912; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"172.105.36.168"; classtype:trojan-activity; sid:100001913; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"172.126.68.145"; classtype:trojan-activity; sid:100001914; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"172.245.110.133"; classtype:trojan-activity; sid:100001915; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"172.245.163.151"; classtype:trojan-activity; sid:100001916; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"172.245.163.170"; classtype:trojan-activity; sid:100001917; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"172.245.27.36"; classtype:trojan-activity; sid:100001918; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"172.88.228.41"; classtype:trojan-activity; sid:100001919; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"173.14.69.161"; classtype:trojan-activity; sid:100001920; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"173.166.207.109"; classtype:trojan-activity; sid:100001921; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"173.169.46.85"; classtype:trojan-activity; sid:100001922; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"173.220.79.82"; classtype:trojan-activity; sid:100001923; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"173.232.204.89"; classtype:trojan-activity; sid:100001924; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"173.25.113.8"; classtype:trojan-activity; sid:100001925; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"173.52.97.25"; classtype:trojan-activity; sid:100001926; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"173.56.92.166"; classtype:trojan-activity; sid:100001927; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"173.61.12.69"; classtype:trojan-activity; sid:100001928; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"173.63.39.192"; classtype:trojan-activity; sid:100001929; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"173.68.158.62"; classtype:trojan-activity; sid:100001930; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"173.77.217.250"; classtype:trojan-activity; sid:100001931; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"173.77.231.24"; classtype:trojan-activity; sid:100001932; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"173.8.38.21"; classtype:trojan-activity; sid:100001933; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"174.106.33.85"; classtype:trojan-activity; sid:100001934; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"174.116.39.203"; classtype:trojan-activity; sid:100001935; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"174.61.3.149"; classtype:trojan-activity; sid:100001936; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"174.66.116.226"; classtype:trojan-activity; sid:100001937; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"174.81.78.7"; classtype:trojan-activity; sid:100001938; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"175.0.61.193"; classtype:trojan-activity; sid:100001939; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"175.10.18.21"; classtype:trojan-activity; sid:100001940; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"175.10.222.225"; classtype:trojan-activity; sid:100001941; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"175.10.243.83"; classtype:trojan-activity; sid:100001942; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"175.10.50.121"; classtype:trojan-activity; sid:100001943; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"175.10.89.186"; classtype:trojan-activity; sid:100001944; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"175.11.20.114"; classtype:trojan-activity; sid:100001945; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"175.11.20.240"; classtype:trojan-activity; sid:100001946; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"175.11.200.191"; classtype:trojan-activity; sid:100001947; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"175.11.200.202"; classtype:trojan-activity; sid:100001948; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"175.11.200.43"; classtype:trojan-activity; sid:100001949; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"175.11.52.58"; classtype:trojan-activity; sid:100001950; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"175.11.54.9"; classtype:trojan-activity; sid:100001951; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"175.11.64.241"; classtype:trojan-activity; sid:100001952; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"175.11.70.48"; classtype:trojan-activity; sid:100001953; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"175.11.72.79"; classtype:trojan-activity; sid:100001954; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"175.11.8.117"; classtype:trojan-activity; sid:100001955; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"175.111.56.160"; classtype:trojan-activity; sid:100001956; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"175.113.50.236"; classtype:trojan-activity; sid:100001957; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"175.12.132.51"; classtype:trojan-activity; sid:100001958; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"175.120.38.2"; classtype:trojan-activity; sid:100001959; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"175.146.217.51"; classtype:trojan-activity; sid:100001960; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"175.149.51.203"; classtype:trojan-activity; sid:100001961; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"175.150.146.254"; classtype:trojan-activity; sid:100001962; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"175.151.65.72"; classtype:trojan-activity; sid:100001963; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"175.155.173.254"; classtype:trojan-activity; sid:100001964; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"175.160.252.100"; classtype:trojan-activity; sid:100001965; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"175.161.175.0"; classtype:trojan-activity; sid:100001966; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"175.161.236.46"; classtype:trojan-activity; sid:100001967; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"175.163.73.18"; classtype:trojan-activity; sid:100001968; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"175.164.98.37"; classtype:trojan-activity; sid:100001969; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"175.165.112.18"; classtype:trojan-activity; sid:100001970; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"175.165.7.38"; classtype:trojan-activity; sid:100001971; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"175.166.178.166"; classtype:trojan-activity; sid:100001972; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"175.166.244.240"; classtype:trojan-activity; sid:100001973; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"175.168.82.67"; classtype:trojan-activity; sid:100001974; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"175.169.12.90"; classtype:trojan-activity; sid:100001975; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"175.169.13.50"; classtype:trojan-activity; sid:100001976; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"175.171.182.125"; classtype:trojan-activity; sid:100001977; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"175.172.47.40"; classtype:trojan-activity; sid:100001978; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"175.172.62.157"; classtype:trojan-activity; sid:100001979; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"175.174.84.113"; classtype:trojan-activity; sid:100001980; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"175.176.185.223"; classtype:trojan-activity; sid:100001981; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"175.180.142.157"; classtype:trojan-activity; sid:100001982; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"175.180.143.169"; classtype:trojan-activity; sid:100001983; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"175.182.106.134"; classtype:trojan-activity; sid:100001984; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"175.182.254.177"; classtype:trojan-activity; sid:100001985; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"175.182.254.221"; classtype:trojan-activity; sid:100001986; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"175.182.71.20"; classtype:trojan-activity; sid:100001987; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"175.197.24.56"; classtype:trojan-activity; sid:100001988; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"175.202.73.59"; classtype:trojan-activity; sid:100001989; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"175.203.192.16"; classtype:trojan-activity; sid:100001990; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"175.212.104.29"; classtype:trojan-activity; sid:100001991; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"175.212.195.193"; classtype:trojan-activity; sid:100001992; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"175.213.25.192"; classtype:trojan-activity; sid:100001993; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"175.28.32.92"; classtype:trojan-activity; sid:100001994; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"175.3.149.95"; classtype:trojan-activity; sid:100001995; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"175.37.119.233"; classtype:trojan-activity; sid:100001996; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"175.42.73.136"; classtype:trojan-activity; sid:100001997; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"175.43.147.168"; classtype:trojan-activity; sid:100001998; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"175.44.6.9"; classtype:trojan-activity; sid:100001999; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"175.8.134.207"; classtype:trojan-activity; sid:100002000; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"175.8.31.79"; classtype:trojan-activity; sid:100002001; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"175.9.165.13"; classtype:trojan-activity; sid:100002002; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"175.9.168.116"; classtype:trojan-activity; sid:100002003; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"175.9.169.133"; classtype:trojan-activity; sid:100002004; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"175.9.171.142"; classtype:trojan-activity; sid:100002005; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"175.9.88.239"; classtype:trojan-activity; sid:100002006; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"175.98.202.129"; classtype:trojan-activity; sid:100002007; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"175.98.4.238"; classtype:trojan-activity; sid:100002008; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"176.103.16.188"; classtype:trojan-activity; sid:100002009; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"176.110.141.183"; classtype:trojan-activity; sid:100002010; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"176.111.68.226"; classtype:trojan-activity; sid:100002011; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"176.118.114.25"; classtype:trojan-activity; sid:100002012; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"176.12.117.66"; classtype:trojan-activity; sid:100002013; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"176.12.117.70"; classtype:trojan-activity; sid:100002014; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"176.123.2.2"; classtype:trojan-activity; sid:100002015; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"176.123.2.83"; classtype:trojan-activity; sid:100002016; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"176.123.7.127"; classtype:trojan-activity; sid:100002017; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"176.20.174.94"; classtype:trojan-activity; sid:100002018; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"176.202.44.104"; classtype:trojan-activity; sid:100002019; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"176.221.188.104"; classtype:trojan-activity; sid:100002020; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"176.240.18.92"; classtype:trojan-activity; sid:100002021; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"176.35.202.86"; classtype:trojan-activity; sid:100002022; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"176.63.140.234"; classtype:trojan-activity; sid:100002023; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"177.126.130.83"; classtype:trojan-activity; sid:100002024; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"177.131.226.235"; classtype:trojan-activity; sid:100002025; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"177.189.222.41"; classtype:trojan-activity; sid:100002026; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"177.22.231.104"; classtype:trojan-activity; sid:100002027; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"177.54.82.154"; classtype:trojan-activity; sid:100002028; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"177.84.220.204"; classtype:trojan-activity; sid:100002029; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"177.84.221.127"; classtype:trojan-activity; sid:100002030; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"177.84.221.159"; classtype:trojan-activity; sid:100002031; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"177.86.235.12"; classtype:trojan-activity; sid:100002032; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"177.91.20.70"; classtype:trojan-activity; sid:100002033; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"177.91.22.23"; classtype:trojan-activity; sid:100002034; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"177.91.23.84"; classtype:trojan-activity; sid:100002035; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"178.141.160.61"; classtype:trojan-activity; sid:100002036; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"178.141.216.157"; classtype:trojan-activity; sid:100002037; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"178.150.174.65"; classtype:trojan-activity; sid:100002038; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"178.151.143.2"; classtype:trojan-activity; sid:100002039; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"178.169.210.253"; classtype:trojan-activity; sid:100002040; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"178.173.143.86"; classtype:trojan-activity; sid:100002041; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"178.19.183.14"; classtype:trojan-activity; sid:100002042; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"178.204.221.17"; classtype:trojan-activity; sid:100002043; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"178.21.164.68"; classtype:trojan-activity; sid:100002044; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"178.214.220.106"; classtype:trojan-activity; sid:100002045; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"178.214.74.169"; classtype:trojan-activity; sid:100002046; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"178.22.193.63"; classtype:trojan-activity; sid:100002047; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"178.222.252.130"; classtype:trojan-activity; sid:100002048; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"178.234.212.110"; classtype:trojan-activity; sid:100002049; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"178.235.209.52"; classtype:trojan-activity; sid:100002050; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"178.34.183.30"; classtype:trojan-activity; sid:100002051; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"178.48.88.26"; classtype:trojan-activity; sid:100002052; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"178.55.193.14"; classtype:trojan-activity; sid:100002053; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"178.55.75.41"; classtype:trojan-activity; sid:100002054; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"178.55.90.161"; classtype:trojan-activity; sid:100002055; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"178.64.190.54"; classtype:trojan-activity; sid:100002056; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"178.77.17.228"; classtype:trojan-activity; sid:100002057; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"178.92.120.146"; classtype:trojan-activity; sid:100002058; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"179.218.124.58"; classtype:trojan-activity; sid:100002059; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"179.43.175.101"; classtype:trojan-activity; sid:100002060; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"179.43.175.83"; classtype:trojan-activity; sid:100002061; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"179.43.187.131"; classtype:trojan-activity; sid:100002062; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"179.43.187.99"; classtype:trojan-activity; sid:100002063; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"179.61.237.75"; classtype:trojan-activity; sid:100002064; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"18.118.110.102"; classtype:trojan-activity; sid:100002065; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"180.104.187.248"; classtype:trojan-activity; sid:100002066; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"180.110.185.85"; classtype:trojan-activity; sid:100002067; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"180.112.3.157"; classtype:trojan-activity; sid:100002068; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"180.114.6.166"; classtype:trojan-activity; sid:100002069; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"180.115.201.54"; classtype:trojan-activity; sid:100002070; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"180.115.202.97"; classtype:trojan-activity; sid:100002071; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"180.115.249.90"; classtype:trojan-activity; sid:100002072; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"180.116.201.80"; classtype:trojan-activity; sid:100002073; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"180.116.58.158"; classtype:trojan-activity; sid:100002074; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"180.116.89.189"; classtype:trojan-activity; sid:100002075; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"180.116.9.214"; classtype:trojan-activity; sid:100002076; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"180.117.134.93"; classtype:trojan-activity; sid:100002077; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"180.118.74.184"; classtype:trojan-activity; sid:100002078; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"180.120.138.181"; classtype:trojan-activity; sid:100002079; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"180.122.173.248"; classtype:trojan-activity; sid:100002080; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"180.124.189.26"; classtype:trojan-activity; sid:100002081; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"180.124.232.7"; classtype:trojan-activity; sid:100002082; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"180.125.235.160"; classtype:trojan-activity; sid:100002083; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"180.137.147.10"; classtype:trojan-activity; sid:100002084; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"180.137.147.8"; classtype:trojan-activity; sid:100002085; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"180.158.10.153"; classtype:trojan-activity; sid:100002086; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"180.163.61.172"; classtype:trojan-activity; sid:100002087; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"180.176.105.41"; classtype:trojan-activity; sid:100002088; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"180.176.165.230"; classtype:trojan-activity; sid:100002089; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"180.176.214.171"; classtype:trojan-activity; sid:100002090; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"180.176.244.14"; classtype:trojan-activity; sid:100002091; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"180.176.245.129"; classtype:trojan-activity; sid:100002092; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"180.176.245.147"; classtype:trojan-activity; sid:100002093; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"180.176.246.46"; classtype:trojan-activity; sid:100002094; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"180.176.96.248"; classtype:trojan-activity; sid:100002095; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"180.177.104.65"; classtype:trojan-activity; sid:100002096; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"180.177.128.116"; classtype:trojan-activity; sid:100002097; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"180.177.180.6"; classtype:trojan-activity; sid:100002098; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"180.177.190.119"; classtype:trojan-activity; sid:100002099; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"180.177.190.153"; classtype:trojan-activity; sid:100002100; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"180.177.213.111"; classtype:trojan-activity; sid:100002101; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"180.177.240.232"; classtype:trojan-activity; sid:100002102; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"180.177.242.73"; classtype:trojan-activity; sid:100002103; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"180.177.243.178"; classtype:trojan-activity; sid:100002104; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"180.218.0.163"; classtype:trojan-activity; sid:100002105; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"180.218.16.136"; classtype:trojan-activity; sid:100002106; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"180.218.213.142"; classtype:trojan-activity; sid:100002107; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"180.218.5.171"; classtype:trojan-activity; sid:100002108; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"180.218.97.53"; classtype:trojan-activity; sid:100002109; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"180.248.80.38"; classtype:trojan-activity; sid:100002110; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"180.250.7.106"; classtype:trojan-activity; sid:100002111; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"180.67.246.200"; classtype:trojan-activity; sid:100002112; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"181.112.138.154"; classtype:trojan-activity; sid:100002113; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"181.112.218.238"; classtype:trojan-activity; sid:100002114; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"181.112.218.6"; classtype:trojan-activity; sid:100002115; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"181.117.209.81"; classtype:trojan-activity; sid:100002116; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"181.129.124.42"; classtype:trojan-activity; sid:100002117; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"181.129.137.29"; classtype:trojan-activity; sid:100002118; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"181.174.62.24"; classtype:trojan-activity; sid:100002119; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"181.188.105.127"; classtype:trojan-activity; sid:100002120; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"181.196.241.210"; classtype:trojan-activity; sid:100002121; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"181.197.164.215"; classtype:trojan-activity; sid:100002122; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"181.199.170.210"; classtype:trojan-activity; sid:100002123; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"181.211.190.10"; classtype:trojan-activity; sid:100002124; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"181.214.152.249"; classtype:trojan-activity; sid:100002125; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"181.224.242.131"; classtype:trojan-activity; sid:100002126; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"181.229.0.19"; classtype:trojan-activity; sid:100002127; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"181.48.241.226"; classtype:trojan-activity; sid:100002128; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"181.49.225.83"; classtype:trojan-activity; sid:100002129; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"181.49.236.4"; classtype:trojan-activity; sid:100002130; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"181.59.166.73"; classtype:trojan-activity; sid:100002131; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"181.59.253.107"; classtype:trojan-activity; sid:100002132; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.112.10.125"; classtype:trojan-activity; sid:100002133; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.112.32.197"; classtype:trojan-activity; sid:100002134; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.112.44.49"; classtype:trojan-activity; sid:100002135; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.112.6.30"; classtype:trojan-activity; sid:100002136; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.113.192.192"; classtype:trojan-activity; sid:100002137; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.113.196.136"; classtype:trojan-activity; sid:100002138; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.113.200.42"; classtype:trojan-activity; sid:100002139; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.113.214.212"; classtype:trojan-activity; sid:100002140; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.113.25.238"; classtype:trojan-activity; sid:100002141; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.113.37.158"; classtype:trojan-activity; sid:100002142; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.113.62.236"; classtype:trojan-activity; sid:100002143; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.114.100.23"; classtype:trojan-activity; sid:100002144; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.114.102.184"; classtype:trojan-activity; sid:100002145; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.114.104.224"; classtype:trojan-activity; sid:100002146; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.114.106.173"; classtype:trojan-activity; sid:100002147; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.114.125.218"; classtype:trojan-activity; sid:100002148; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.114.125.89"; classtype:trojan-activity; sid:100002149; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.114.126.25"; classtype:trojan-activity; sid:100002150; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.114.193.89"; classtype:trojan-activity; sid:100002151; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.114.254.85"; classtype:trojan-activity; sid:100002152; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.114.26.170"; classtype:trojan-activity; sid:100002153; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.114.33.162"; classtype:trojan-activity; sid:100002154; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.114.35.199"; classtype:trojan-activity; sid:100002155; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.114.48.83"; classtype:trojan-activity; sid:100002156; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.114.71.69"; classtype:trojan-activity; sid:100002157; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.114.79.128"; classtype:trojan-activity; sid:100002158; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.114.91.31"; classtype:trojan-activity; sid:100002159; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.114.93.162"; classtype:trojan-activity; sid:100002160; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.114.94.41"; classtype:trojan-activity; sid:100002161; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.114.96.81"; classtype:trojan-activity; sid:100002162; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.114.97.140"; classtype:trojan-activity; sid:100002163; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.114.97.183"; classtype:trojan-activity; sid:100002164; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.114.99.139"; classtype:trojan-activity; sid:100002165; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.115.165.205"; classtype:trojan-activity; sid:100002166; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.115.172.153"; classtype:trojan-activity; sid:100002167; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.116.100.246"; classtype:trojan-activity; sid:100002168; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.116.101.61"; classtype:trojan-activity; sid:100002169; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.116.106.94"; classtype:trojan-activity; sid:100002170; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.116.108.176"; classtype:trojan-activity; sid:100002171; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.116.123.13"; classtype:trojan-activity; sid:100002172; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.116.35.54"; classtype:trojan-activity; sid:100002173; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.116.36.193"; classtype:trojan-activity; sid:100002174; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.116.45.29"; classtype:trojan-activity; sid:100002175; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.116.53.184"; classtype:trojan-activity; sid:100002176; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.116.55.79"; classtype:trojan-activity; sid:100002177; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.116.6.125"; classtype:trojan-activity; sid:100002178; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.116.76.222"; classtype:trojan-activity; sid:100002179; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.116.97.80"; classtype:trojan-activity; sid:100002180; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.116.97.9"; classtype:trojan-activity; sid:100002181; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.116.98.81"; classtype:trojan-activity; sid:100002182; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.117.149.215"; classtype:trojan-activity; sid:100002183; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.117.178.91"; classtype:trojan-activity; sid:100002184; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.117.182.131"; classtype:trojan-activity; sid:100002185; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.117.2.145"; classtype:trojan-activity; sid:100002186; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.117.24.154"; classtype:trojan-activity; sid:100002187; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.117.25.61"; classtype:trojan-activity; sid:100002188; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.117.27.20"; classtype:trojan-activity; sid:100002189; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.117.28.132"; classtype:trojan-activity; sid:100002190; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.117.29.168"; classtype:trojan-activity; sid:100002191; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.117.31.100"; classtype:trojan-activity; sid:100002192; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.117.32.34"; classtype:trojan-activity; sid:100002193; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.117.41.240"; classtype:trojan-activity; sid:100002194; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.117.41.243"; classtype:trojan-activity; sid:100002195; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.117.41.81"; classtype:trojan-activity; sid:100002196; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.117.43.163"; classtype:trojan-activity; sid:100002197; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.117.49.99"; classtype:trojan-activity; sid:100002198; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.117.9.40"; classtype:trojan-activity; sid:100002199; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.118.145.59"; classtype:trojan-activity; sid:100002200; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.118.167.205"; classtype:trojan-activity; sid:100002201; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.119.10.158"; classtype:trojan-activity; sid:100002202; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.119.100.156"; classtype:trojan-activity; sid:100002203; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.119.108.233"; classtype:trojan-activity; sid:100002204; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.119.162.233"; classtype:trojan-activity; sid:100002205; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.119.162.35"; classtype:trojan-activity; sid:100002206; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.119.166.46"; classtype:trojan-activity; sid:100002207; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.119.179.14"; classtype:trojan-activity; sid:100002208; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.119.181.12"; classtype:trojan-activity; sid:100002209; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.119.185.197"; classtype:trojan-activity; sid:100002210; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.119.186.173"; classtype:trojan-activity; sid:100002211; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.119.202.215"; classtype:trojan-activity; sid:100002212; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.119.208.168"; classtype:trojan-activity; sid:100002213; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.119.212.132"; classtype:trojan-activity; sid:100002214; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.119.212.231"; classtype:trojan-activity; sid:100002215; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.119.215.166"; classtype:trojan-activity; sid:100002216; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.119.215.229"; classtype:trojan-activity; sid:100002217; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.119.215.93"; classtype:trojan-activity; sid:100002218; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.119.22.93"; classtype:trojan-activity; sid:100002219; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.119.228.14"; classtype:trojan-activity; sid:100002220; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.119.231.127"; classtype:trojan-activity; sid:100002221; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.119.249.123"; classtype:trojan-activity; sid:100002222; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.119.249.240"; classtype:trojan-activity; sid:100002223; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.119.49.98"; classtype:trojan-activity; sid:100002224; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.119.5.223"; classtype:trojan-activity; sid:100002225; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.119.9.123"; classtype:trojan-activity; sid:100002226; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.119.9.212"; classtype:trojan-activity; sid:100002227; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.119.9.99"; classtype:trojan-activity; sid:100002228; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.119.96.122"; classtype:trojan-activity; sid:100002229; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.120.15.75"; classtype:trojan-activity; sid:100002230; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.120.37.166"; classtype:trojan-activity; sid:100002231; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.120.44.148"; classtype:trojan-activity; sid:100002232; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.120.49.71"; classtype:trojan-activity; sid:100002233; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.120.9.42"; classtype:trojan-activity; sid:100002234; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.121.107.45"; classtype:trojan-activity; sid:100002235; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.121.115.29"; classtype:trojan-activity; sid:100002236; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.121.115.6"; classtype:trojan-activity; sid:100002237; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.121.118.212"; classtype:trojan-activity; sid:100002238; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.121.119.45"; classtype:trojan-activity; sid:100002239; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.121.130.73"; classtype:trojan-activity; sid:100002240; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.121.149.239"; classtype:trojan-activity; sid:100002241; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.121.151.93"; classtype:trojan-activity; sid:100002242; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.121.153.38"; classtype:trojan-activity; sid:100002243; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.121.153.4"; classtype:trojan-activity; sid:100002244; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.121.155.126"; classtype:trojan-activity; sid:100002245; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.121.158.185"; classtype:trojan-activity; sid:100002246; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.121.163.144"; classtype:trojan-activity; sid:100002247; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.121.184.164"; classtype:trojan-activity; sid:100002248; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.121.188.174"; classtype:trojan-activity; sid:100002249; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.121.190.206"; classtype:trojan-activity; sid:100002250; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.121.200.165"; classtype:trojan-activity; sid:100002251; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.121.212.72"; classtype:trojan-activity; sid:100002252; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.121.237.22"; classtype:trojan-activity; sid:100002253; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.121.255.91"; classtype:trojan-activity; sid:100002254; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.121.41.46"; classtype:trojan-activity; sid:100002255; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.121.43.202"; classtype:trojan-activity; sid:100002256; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.121.45.199"; classtype:trojan-activity; sid:100002257; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.121.49.3"; classtype:trojan-activity; sid:100002258; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.121.71.128"; classtype:trojan-activity; sid:100002259; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.121.84.97"; classtype:trojan-activity; sid:100002260; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.121.85.2"; classtype:trojan-activity; sid:100002261; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.121.86.65"; classtype:trojan-activity; sid:100002262; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.121.91.68"; classtype:trojan-activity; sid:100002263; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.122.171.14"; classtype:trojan-activity; sid:100002264; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.122.193.17"; classtype:trojan-activity; sid:100002265; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.122.207.94"; classtype:trojan-activity; sid:100002266; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.122.208.113"; classtype:trojan-activity; sid:100002267; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.122.212.181"; classtype:trojan-activity; sid:100002268; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.122.217.220"; classtype:trojan-activity; sid:100002269; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.122.225.245"; classtype:trojan-activity; sid:100002270; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.122.225.80"; classtype:trojan-activity; sid:100002271; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.122.245.229"; classtype:trojan-activity; sid:100002272; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.122.251.176"; classtype:trojan-activity; sid:100002273; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.123.157.185"; classtype:trojan-activity; sid:100002274; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.123.161.198"; classtype:trojan-activity; sid:100002275; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.123.207.118"; classtype:trojan-activity; sid:100002276; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.123.208.213"; classtype:trojan-activity; sid:100002277; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.123.211.2"; classtype:trojan-activity; sid:100002278; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.123.211.37"; classtype:trojan-activity; sid:100002279; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.123.212.168"; classtype:trojan-activity; sid:100002280; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.124.112.53"; classtype:trojan-activity; sid:100002281; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.124.168.136"; classtype:trojan-activity; sid:100002282; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.124.216.135"; classtype:trojan-activity; sid:100002283; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.124.25.85"; classtype:trojan-activity; sid:100002284; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.124.29.120"; classtype:trojan-activity; sid:100002285; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.124.80.210"; classtype:trojan-activity; sid:100002286; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.126.112.10"; classtype:trojan-activity; sid:100002287; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.126.112.241"; classtype:trojan-activity; sid:100002288; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.126.115.34"; classtype:trojan-activity; sid:100002289; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.126.116.193"; classtype:trojan-activity; sid:100002290; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.126.116.233"; classtype:trojan-activity; sid:100002291; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.126.122.75"; classtype:trojan-activity; sid:100002292; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.126.124.129"; classtype:trojan-activity; sid:100002293; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.126.124.160"; classtype:trojan-activity; sid:100002294; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.126.20.191"; classtype:trojan-activity; sid:100002295; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.126.232.123"; classtype:trojan-activity; sid:100002296; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.126.233.24"; classtype:trojan-activity; sid:100002297; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.126.81.64"; classtype:trojan-activity; sid:100002298; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.126.84.249"; classtype:trojan-activity; sid:100002299; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.126.84.56"; classtype:trojan-activity; sid:100002300; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.126.87.31"; classtype:trojan-activity; sid:100002301; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.126.88.230"; classtype:trojan-activity; sid:100002302; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.126.93.110"; classtype:trojan-activity; sid:100002303; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.127.102.107"; classtype:trojan-activity; sid:100002304; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.127.124.133"; classtype:trojan-activity; sid:100002305; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.127.132.115"; classtype:trojan-activity; sid:100002306; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.127.133.100"; classtype:trojan-activity; sid:100002307; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.127.137.236"; classtype:trojan-activity; sid:100002308; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.127.152.243"; classtype:trojan-activity; sid:100002309; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.127.152.84"; classtype:trojan-activity; sid:100002310; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.127.165.195"; classtype:trojan-activity; sid:100002311; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.127.177.14"; classtype:trojan-activity; sid:100002312; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.127.179.177"; classtype:trojan-activity; sid:100002313; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.127.181.117"; classtype:trojan-activity; sid:100002314; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.127.202.166"; classtype:trojan-activity; sid:100002315; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.127.209.193"; classtype:trojan-activity; sid:100002316; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.127.3.121"; classtype:trojan-activity; sid:100002317; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.127.37.249"; classtype:trojan-activity; sid:100002318; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.127.65.56"; classtype:trojan-activity; sid:100002319; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.127.66.11"; classtype:trojan-activity; sid:100002320; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.127.66.212"; classtype:trojan-activity; sid:100002321; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.127.70.193"; classtype:trojan-activity; sid:100002322; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.127.70.26"; classtype:trojan-activity; sid:100002323; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.127.98.119"; classtype:trojan-activity; sid:100002324; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.142.125.159"; classtype:trojan-activity; sid:100002325; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.160.98.250"; classtype:trojan-activity; sid:100002326; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.173.73.220"; classtype:trojan-activity; sid:100002327; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.203.80.53"; classtype:trojan-activity; sid:100002328; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.207.222.109"; classtype:trojan-activity; sid:100002329; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.207.222.56"; classtype:trojan-activity; sid:100002330; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.235.248.190"; classtype:trojan-activity; sid:100002331; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.235.248.204"; classtype:trojan-activity; sid:100002332; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.235.250.223"; classtype:trojan-activity; sid:100002333; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.237.15.152"; classtype:trojan-activity; sid:100002334; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.253.205.235"; classtype:trojan-activity; sid:100002335; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.32.229.134"; classtype:trojan-activity; sid:100002336; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.52.51.215"; classtype:trojan-activity; sid:100002337; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.53.197.62"; classtype:trojan-activity; sid:100002338; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.53.50.146"; classtype:trojan-activity; sid:100002339; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.56.114.180"; classtype:trojan-activity; sid:100002340; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.56.170.157"; classtype:trojan-activity; sid:100002341; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.57.216.76"; classtype:trojan-activity; sid:100002342; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.57.68.42"; classtype:trojan-activity; sid:100002343; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.84.190.197"; classtype:trojan-activity; sid:100002344; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.85.216.186"; classtype:trojan-activity; sid:100002345; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.88.44.6"; classtype:trojan-activity; sid:100002346; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"182.93.54.42"; classtype:trojan-activity; sid:100002347; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"183.104.255.139"; classtype:trojan-activity; sid:100002348; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"183.105.163.80"; classtype:trojan-activity; sid:100002349; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"183.106.162.52"; classtype:trojan-activity; sid:100002350; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"183.106.210.1"; classtype:trojan-activity; sid:100002351; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"183.108.201.171"; classtype:trojan-activity; sid:100002352; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"183.109.144.84"; classtype:trojan-activity; sid:100002353; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"183.109.169.45"; classtype:trojan-activity; sid:100002354; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"183.128.108.233"; classtype:trojan-activity; sid:100002355; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"183.128.144.104"; classtype:trojan-activity; sid:100002356; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"183.142.113.145"; classtype:trojan-activity; sid:100002357; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"183.15.88.189"; classtype:trojan-activity; sid:100002358; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"183.15.88.24"; classtype:trojan-activity; sid:100002359; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"183.15.89.238"; classtype:trojan-activity; sid:100002360; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"183.15.89.96"; classtype:trojan-activity; sid:100002361; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"183.15.90.72"; classtype:trojan-activity; sid:100002362; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"183.150.237.28"; classtype:trojan-activity; sid:100002363; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"183.150.58.100"; classtype:trojan-activity; sid:100002364; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"183.151.166.106"; classtype:trojan-activity; sid:100002365; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"183.151.80.144"; classtype:trojan-activity; sid:100002366; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"183.159.52.20"; classtype:trojan-activity; sid:100002367; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"183.16.210.89"; classtype:trojan-activity; sid:100002368; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"183.185.110.141"; classtype:trojan-activity; sid:100002369; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"183.186.225.0"; classtype:trojan-activity; sid:100002370; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"183.186.226.78"; classtype:trojan-activity; sid:100002371; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"183.188.144.233"; classtype:trojan-activity; sid:100002372; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"183.188.164.88"; classtype:trojan-activity; sid:100002373; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"183.188.194.140"; classtype:trojan-activity; sid:100002374; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"183.188.222.26"; classtype:trojan-activity; sid:100002375; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"183.188.238.107"; classtype:trojan-activity; sid:100002376; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"183.188.51.155"; classtype:trojan-activity; sid:100002377; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"183.188.53.11"; classtype:trojan-activity; sid:100002378; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"183.188.55.142"; classtype:trojan-activity; sid:100002379; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"183.188.56.93"; classtype:trojan-activity; sid:100002380; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"183.188.90.177"; classtype:trojan-activity; sid:100002381; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"183.190.191.74"; classtype:trojan-activity; sid:100002382; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"183.233.173.186"; classtype:trojan-activity; sid:100002383; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"183.248.252.11"; classtype:trojan-activity; sid:100002384; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"183.248.252.12"; classtype:trojan-activity; sid:100002385; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"183.33.128.21"; classtype:trojan-activity; sid:100002386; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"183.33.131.247"; classtype:trojan-activity; sid:100002387; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"183.80.220.173"; classtype:trojan-activity; sid:100002388; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"183.83.184.161"; classtype:trojan-activity; sid:100002389; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"183.83.187.89"; classtype:trojan-activity; sid:100002390; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"183.92.154.253"; classtype:trojan-activity; sid:100002391; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"183.92.87.146"; classtype:trojan-activity; sid:100002392; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"183.95.123.41"; classtype:trojan-activity; sid:100002393; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"183.95.145.97"; classtype:trojan-activity; sid:100002394; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"183.97.139.14"; classtype:trojan-activity; sid:100002395; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"183.97.5.155"; classtype:trojan-activity; sid:100002396; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"183.99.120.235"; classtype:trojan-activity; sid:100002397; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"183.99.18.203"; classtype:trojan-activity; sid:100002398; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"184.153.182.89"; classtype:trojan-activity; sid:100002399; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"184.154.77.140"; classtype:trojan-activity; sid:100002400; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"184.175.115.10"; classtype:trojan-activity; sid:100002401; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"185.101.107.70"; classtype:trojan-activity; sid:100002402; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"185.106.209.68"; classtype:trojan-activity; sid:100002403; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"185.107.0.213"; classtype:trojan-activity; sid:100002404; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"185.107.96.180"; classtype:trojan-activity; sid:100002405; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"185.112.83.75"; classtype:trojan-activity; sid:100002406; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"185.112.83.8"; classtype:trojan-activity; sid:100002407; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"185.12.78.161"; classtype:trojan-activity; sid:100002408; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"185.138.123.179"; classtype:trojan-activity; sid:100002409; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"185.157.168.198"; classtype:trojan-activity; sid:100002410; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"185.18.7.19"; classtype:trojan-activity; sid:100002411; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"185.191.246.45"; classtype:trojan-activity; sid:100002412; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"185.198.57.75"; classtype:trojan-activity; sid:100002413; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"185.204.217.174"; classtype:trojan-activity; sid:100002414; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"185.215.113.208"; classtype:trojan-activity; sid:100002415; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"185.215.113.77"; classtype:trojan-activity; sid:100002416; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"185.215.113.84"; classtype:trojan-activity; sid:100002417; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"185.221.3.244"; classtype:trojan-activity; sid:100002418; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"185.222.6.207"; classtype:trojan-activity; sid:100002419; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"185.228.141.74"; classtype:trojan-activity; sid:100002420; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"185.26.113.95"; classtype:trojan-activity; sid:100002421; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"185.7.214.171"; classtype:trojan-activity; sid:100002422; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"185.89.177.39"; classtype:trojan-activity; sid:100002423; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"185.99.47.249"; classtype:trojan-activity; sid:100002424; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"186.120.114.44"; classtype:trojan-activity; sid:100002425; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"186.136.101.237"; classtype:trojan-activity; sid:100002426; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"186.151.144.85"; classtype:trojan-activity; sid:100002427; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"186.179.219.164"; classtype:trojan-activity; sid:100002428; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"186.179.243.112"; classtype:trojan-activity; sid:100002429; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"186.179.243.77"; classtype:trojan-activity; sid:100002430; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"186.179.253.150"; classtype:trojan-activity; sid:100002431; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"186.222.76.176"; classtype:trojan-activity; sid:100002432; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"186.227.148.107"; classtype:trojan-activity; sid:100002433; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"186.235.186.217"; classtype:trojan-activity; sid:100002434; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"186.250.30.146"; classtype:trojan-activity; sid:100002435; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"186.33.65.220"; classtype:trojan-activity; sid:100002436; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"186.33.70.16"; classtype:trojan-activity; sid:100002437; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"186.33.70.31"; classtype:trojan-activity; sid:100002438; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"186.33.76.253"; classtype:trojan-activity; sid:100002439; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"186.33.78.160"; classtype:trojan-activity; sid:100002440; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"186.33.82.218"; classtype:trojan-activity; sid:100002441; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"186.33.83.196"; classtype:trojan-activity; sid:100002442; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"186.33.84.110"; classtype:trojan-activity; sid:100002443; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"186.33.91.106"; classtype:trojan-activity; sid:100002444; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"186.33.91.118"; classtype:trojan-activity; sid:100002445; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"186.33.93.59"; classtype:trojan-activity; sid:100002446; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"186.96.217.226"; classtype:trojan-activity; sid:100002447; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"187.104.141.124"; classtype:trojan-activity; sid:100002448; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"187.188.124.229"; classtype:trojan-activity; sid:100002449; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"187.23.134.166"; classtype:trojan-activity; sid:100002450; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"187.64.25.220"; classtype:trojan-activity; sid:100002451; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"188.0.148.132"; classtype:trojan-activity; sid:100002452; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"188.10.231.246"; classtype:trojan-activity; sid:100002453; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"188.12.87.231"; classtype:trojan-activity; sid:100002454; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"188.134.18.36"; classtype:trojan-activity; sid:100002455; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"188.152.246.130"; classtype:trojan-activity; sid:100002456; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"188.169.174.237"; classtype:trojan-activity; sid:100002457; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"188.169.178.50"; classtype:trojan-activity; sid:100002458; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"188.169.30.30"; classtype:trojan-activity; sid:100002459; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"188.169.30.46"; classtype:trojan-activity; sid:100002460; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"188.169.36.163"; classtype:trojan-activity; sid:100002461; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"188.169.36.27"; classtype:trojan-activity; sid:100002462; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"188.169.45.140"; classtype:trojan-activity; sid:100002463; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"188.18.104.44"; classtype:trojan-activity; sid:100002464; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"188.213.49.155"; classtype:trojan-activity; sid:100002465; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"188.234.112.48"; classtype:trojan-activity; sid:100002466; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"188.234.214.19"; classtype:trojan-activity; sid:100002467; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"188.242.167.159"; classtype:trojan-activity; sid:100002468; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"188.242.242.144"; classtype:trojan-activity; sid:100002469; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"188.4.120.49"; classtype:trojan-activity; sid:100002470; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"188.64.205.249"; classtype:trojan-activity; sid:100002471; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"188.72.204.213"; classtype:trojan-activity; sid:100002472; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"189.1.138.60"; classtype:trojan-activity; sid:100002473; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"189.136.130.180"; classtype:trojan-activity; sid:100002474; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"189.140.185.38"; classtype:trojan-activity; sid:100002475; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"189.203.214.232"; classtype:trojan-activity; sid:100002476; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"189.39.204.218"; classtype:trojan-activity; sid:100002477; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"189.51.100.46"; classtype:trojan-activity; sid:100002478; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"189.85.32.214"; classtype:trojan-activity; sid:100002479; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"189.85.32.218"; classtype:trojan-activity; sid:100002480; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"189.85.32.67"; classtype:trojan-activity; sid:100002481; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"189.85.34.135"; classtype:trojan-activity; sid:100002482; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"189.85.34.178"; classtype:trojan-activity; sid:100002483; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"189.85.35.116"; classtype:trojan-activity; sid:100002484; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"189.85.35.149"; classtype:trojan-activity; sid:100002485; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"189.85.35.156"; classtype:trojan-activity; sid:100002486; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"189.85.35.157"; classtype:trojan-activity; sid:100002487; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"189.85.35.172"; classtype:trojan-activity; sid:100002488; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"189.85.35.173"; classtype:trojan-activity; sid:100002489; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"189.85.35.194"; classtype:trojan-activity; sid:100002490; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"189.85.35.20"; classtype:trojan-activity; sid:100002491; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"189.85.35.230"; classtype:trojan-activity; sid:100002492; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"189.85.35.96"; classtype:trojan-activity; sid:100002493; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"190.0.42.106"; classtype:trojan-activity; sid:100002494; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"190.109.178.139"; classtype:trojan-activity; sid:100002495; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"190.110.161.252"; classtype:trojan-activity; sid:100002496; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"190.110.222.174"; classtype:trojan-activity; sid:100002497; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"190.119.207.58"; classtype:trojan-activity; sid:100002498; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"190.12.99.194"; classtype:trojan-activity; sid:100002499; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"190.122.112.97"; classtype:trojan-activity; sid:100002500; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"190.130.15.212"; classtype:trojan-activity; sid:100002501; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"190.147.16.184"; classtype:trojan-activity; sid:100002502; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"190.147.81.54"; classtype:trojan-activity; sid:100002503; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"190.171.116.71"; classtype:trojan-activity; sid:100002504; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"190.192.214.192"; classtype:trojan-activity; sid:100002505; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"190.196.237.254"; classtype:trojan-activity; sid:100002506; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"190.214.24.194"; classtype:trojan-activity; sid:100002507; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"190.216.140.123"; classtype:trojan-activity; sid:100002508; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"190.219.6.150"; classtype:trojan-activity; sid:100002509; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"190.219.96.206"; classtype:trojan-activity; sid:100002510; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"190.53.21.7"; classtype:trojan-activity; sid:100002511; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"190.79.116.52"; classtype:trojan-activity; sid:100002512; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"190.85.106.42"; classtype:trojan-activity; sid:100002513; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"190.85.213.51"; classtype:trojan-activity; sid:100002514; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"190.98.37.135"; classtype:trojan-activity; sid:100002515; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"190.98.37.200"; classtype:trojan-activity; sid:100002516; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"190.98.41.33"; classtype:trojan-activity; sid:100002517; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"191.101.207.208"; classtype:trojan-activity; sid:100002518; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"191.209.82.96"; classtype:trojan-activity; sid:100002519; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"191.33.171.242"; classtype:trojan-activity; sid:100002520; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"191.53.169.145"; classtype:trojan-activity; sid:100002521; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"192.227.196.194"; classtype:trojan-activity; sid:100002522; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"192.34.109.104"; classtype:trojan-activity; sid:100002523; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"193.110.85.65"; classtype:trojan-activity; sid:100002524; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"193.93.77.186"; classtype:trojan-activity; sid:100002525; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"194.152.35.139"; classtype:trojan-activity; sid:100002526; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"194.158.222.30"; classtype:trojan-activity; sid:100002527; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"194.190.49.103"; classtype:trojan-activity; sid:100002528; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"194.38.20.232"; classtype:trojan-activity; sid:100002529; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"194.88.153.71"; classtype:trojan-activity; sid:100002530; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"195.133.40.56"; classtype:trojan-activity; sid:100002531; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"195.144.235.42"; classtype:trojan-activity; sid:100002532; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"195.162.70.104"; classtype:trojan-activity; sid:100002533; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"195.211.29.229"; classtype:trojan-activity; sid:100002534; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"195.228.231.218"; classtype:trojan-activity; sid:100002535; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"196.2.11.215"; classtype:trojan-activity; sid:100002536; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"196.202.26.182"; classtype:trojan-activity; sid:100002537; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"196.221.148.90"; classtype:trojan-activity; sid:100002538; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"196.221.148.92"; classtype:trojan-activity; sid:100002539; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"196.221.166.203"; classtype:trojan-activity; sid:100002540; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"196.25.96.72"; classtype:trojan-activity; sid:100002541; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"196.41.215.153"; classtype:trojan-activity; sid:100002542; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"197.221.144.22"; classtype:trojan-activity; sid:100002543; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"197.232.104.127"; classtype:trojan-activity; sid:100002544; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"197.232.109.193"; classtype:trojan-activity; sid:100002545; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"197.83.252.160"; classtype:trojan-activity; sid:100002546; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"198.23.255.14"; classtype:trojan-activity; sid:100002547; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"198.46.148.130"; classtype:trojan-activity; sid:100002548; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"198.46.161.135"; classtype:trojan-activity; sid:100002549; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"198.46.199.153"; classtype:trojan-activity; sid:100002550; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"199.203.204.116"; classtype:trojan-activity; sid:100002551; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"1skt.com"; classtype:trojan-activity; sid:100002552; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"1stcreditsg.qnotice.com"; classtype:trojan-activity; sid:100002553; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"1stnail.zoomworld.vn"; classtype:trojan-activity; sid:100002554; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"2.106.156.53"; classtype:trojan-activity; sid:100002555; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"2.140.105.245"; classtype:trojan-activity; sid:100002556; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"2.196.133.221"; classtype:trojan-activity; sid:100002557; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"2.32.205.162"; classtype:trojan-activity; sid:100002558; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"2.36.231.201"; classtype:trojan-activity; sid:100002559; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"2.37.203.65"; classtype:trojan-activity; sid:100002560; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"2.42.182.152"; classtype:trojan-activity; sid:100002561; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"2.55.125.182"; classtype:trojan-activity; sid:100002562; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"2.55.85.242"; classtype:trojan-activity; sid:100002563; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"2.55.97.36"; classtype:trojan-activity; sid:100002564; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"2.56.57.14"; classtype:trojan-activity; sid:100002565; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"2.56.57.56"; classtype:trojan-activity; sid:100002566; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"2.58.149.206"; classtype:trojan-activity; sid:100002567; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"2.58.149.40"; classtype:trojan-activity; sid:100002568; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"2.58.170.212"; classtype:trojan-activity; sid:100002569; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"2.64.21.212"; classtype:trojan-activity; sid:100002570; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"2.83.152.16"; classtype:trojan-activity; sid:100002571; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"2.indexsinas.me"; classtype:trojan-activity; sid:100002572; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"20.106.163.35"; classtype:trojan-activity; sid:100002573; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"200.110.56.120"; classtype:trojan-activity; sid:100002574; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"200.125.165.178"; classtype:trojan-activity; sid:100002575; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"200.2.161.171"; classtype:trojan-activity; sid:100002576; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"200.31.19.179"; classtype:trojan-activity; sid:100002577; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"200.53.84.205"; classtype:trojan-activity; sid:100002578; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"200.53.84.242"; classtype:trojan-activity; sid:100002579; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"200.53.84.57"; classtype:trojan-activity; sid:100002580; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"201.163.99.83"; classtype:trojan-activity; sid:100002581; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"201.172.206.60"; classtype:trojan-activity; sid:100002582; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"201.184.163.170"; classtype:trojan-activity; sid:100002583; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"201.187.102.73"; classtype:trojan-activity; sid:100002584; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"201.200.4.44"; classtype:trojan-activity; sid:100002585; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"201.206.146.33"; classtype:trojan-activity; sid:100002586; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"201.206.66.171"; classtype:trojan-activity; sid:100002587; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"201.21.221.4"; classtype:trojan-activity; sid:100002588; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"201.78.58.94"; classtype:trojan-activity; sid:100002589; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"202.107.233.41"; classtype:trojan-activity; sid:100002590; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"202.110.42.28"; classtype:trojan-activity; sid:100002591; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"202.137.138.88"; classtype:trojan-activity; sid:100002592; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"202.175.103.10"; classtype:trojan-activity; sid:100002593; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"202.178.113.11"; classtype:trojan-activity; sid:100002594; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"202.178.113.23"; classtype:trojan-activity; sid:100002595; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"202.178.113.240"; classtype:trojan-activity; sid:100002596; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"202.178.113.32"; classtype:trojan-activity; sid:100002597; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"202.178.125.12"; classtype:trojan-activity; sid:100002598; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"202.178.125.147"; classtype:trojan-activity; sid:100002599; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"202.178.125.218"; classtype:trojan-activity; sid:100002600; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"202.178.125.67"; classtype:trojan-activity; sid:100002601; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"202.4.124.58"; classtype:trojan-activity; sid:100002602; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"202.51.176.114"; classtype:trojan-activity; sid:100002603; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"202.51.181.238"; classtype:trojan-activity; sid:100002604; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"202.60.47.20"; classtype:trojan-activity; sid:100002605; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"202.66.178.88"; classtype:trojan-activity; sid:100002606; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"202.83.168.127"; classtype:trojan-activity; sid:100002607; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"202.99.146.205"; classtype:trojan-activity; sid:100002608; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"203.109.201.243"; classtype:trojan-activity; sid:100002609; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"203.159.80.66"; classtype:trojan-activity; sid:100002610; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"203.162.86.110"; classtype:trojan-activity; sid:100002611; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"203.170.105.8"; classtype:trojan-activity; sid:100002612; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"203.170.98.130"; classtype:trojan-activity; sid:100002613; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"203.189.156.107"; classtype:trojan-activity; sid:100002614; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"203.202.248.22"; classtype:trojan-activity; sid:100002615; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"203.203.34.107"; classtype:trojan-activity; sid:100002616; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"203.204.193.17"; classtype:trojan-activity; sid:100002617; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"203.204.232.18"; classtype:trojan-activity; sid:100002618; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"203.212.221.123"; classtype:trojan-activity; sid:100002619; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"203.217.118.61"; classtype:trojan-activity; sid:100002620; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"203.223.44.206"; classtype:trojan-activity; sid:100002621; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"203.229.21.56"; classtype:trojan-activity; sid:100002622; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"203.236.190.28"; classtype:trojan-activity; sid:100002623; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"203.70.166.107"; classtype:trojan-activity; sid:100002624; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"203.77.69.82"; classtype:trojan-activity; sid:100002625; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"203.80.119.166"; classtype:trojan-activity; sid:100002626; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"203.80.171.138"; classtype:trojan-activity; sid:100002627; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"203.82.36.34"; classtype:trojan-activity; sid:100002628; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"204.116.248.146"; classtype:trojan-activity; sid:100002629; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"204.157.136.206"; classtype:trojan-activity; sid:100002630; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"205.185.121.53"; classtype:trojan-activity; sid:100002631; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"206.47.41.175"; classtype:trojan-activity; sid:100002632; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"207.144.22.78"; classtype:trojan-activity; sid:100002633; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"207.5.32.6"; classtype:trojan-activity; sid:100002634; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"208.163.58.18"; classtype:trojan-activity; sid:100002635; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"209.12.192.98"; classtype:trojan-activity; sid:100002636; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"209.141.33.122"; classtype:trojan-activity; sid:100002637; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"209.141.54.110"; classtype:trojan-activity; sid:100002638; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"209.141.58.111"; classtype:trojan-activity; sid:100002639; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"209.53.154.202"; classtype:trojan-activity; sid:100002640; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"210.113.211.169"; classtype:trojan-activity; sid:100002641; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"210.126.16.88"; classtype:trojan-activity; sid:100002642; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"210.201.120.150"; classtype:trojan-activity; sid:100002643; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"210.202.60.183"; classtype:trojan-activity; sid:100002644; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"210.205.1.161"; classtype:trojan-activity; sid:100002645; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"210.209.175.157"; classtype:trojan-activity; sid:100002646; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"210.209.186.212"; classtype:trojan-activity; sid:100002647; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"210.217.12.155"; classtype:trojan-activity; sid:100002648; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"210.64.244.133"; classtype:trojan-activity; sid:100002649; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"210.91.49.223"; classtype:trojan-activity; sid:100002650; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"210.99.126.199"; classtype:trojan-activity; sid:100002651; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"211.107.151.26"; classtype:trojan-activity; sid:100002652; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"211.114.28.95"; classtype:trojan-activity; sid:100002653; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"211.168.224.117"; classtype:trojan-activity; sid:100002654; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"211.180.62.113"; classtype:trojan-activity; sid:100002655; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"211.194.58.50"; classtype:trojan-activity; sid:100002656; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"211.219.6.5"; classtype:trojan-activity; sid:100002657; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"211.220.110.171"; classtype:trojan-activity; sid:100002658; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"211.223.44.68"; classtype:trojan-activity; sid:100002659; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"211.227.199.94"; classtype:trojan-activity; sid:100002660; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"211.227.227.182"; classtype:trojan-activity; sid:100002661; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"211.230.105.92"; classtype:trojan-activity; sid:100002662; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"211.237.113.250"; classtype:trojan-activity; sid:100002663; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"211.243.212.34"; classtype:trojan-activity; sid:100002664; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"211.250.243.131"; classtype:trojan-activity; sid:100002665; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"211.250.48.238"; classtype:trojan-activity; sid:100002666; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"211.50.17.115"; classtype:trojan-activity; sid:100002667; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"211.50.54.124"; classtype:trojan-activity; sid:100002668; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"211.51.181.106"; classtype:trojan-activity; sid:100002669; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"211.76.32.237"; classtype:trojan-activity; sid:100002670; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"211.76.32.59"; classtype:trojan-activity; sid:100002671; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"212.107.239.43"; classtype:trojan-activity; sid:100002672; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"212.143.128.213"; classtype:trojan-activity; sid:100002673; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"212.150.218.226"; classtype:trojan-activity; sid:100002674; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"212.170.171.120"; classtype:trojan-activity; sid:100002675; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"212.179.31.136"; classtype:trojan-activity; sid:100002676; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"212.192.216.45"; classtype:trojan-activity; sid:100002677; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"212.192.216.46"; classtype:trojan-activity; sid:100002678; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"212.192.216.51"; classtype:trojan-activity; sid:100002679; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"212.192.241.44"; classtype:trojan-activity; sid:100002680; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"212.193.30.29"; classtype:trojan-activity; sid:100002681; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"212.193.30.45"; classtype:trojan-activity; sid:100002682; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"212.200.115.20"; classtype:trojan-activity; sid:100002683; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"212.45.27.112"; classtype:trojan-activity; sid:100002684; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"212.46.197.114"; classtype:trojan-activity; sid:100002685; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"213.101.190.120"; classtype:trojan-activity; sid:100002686; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"213.123.124.58"; classtype:trojan-activity; sid:100002687; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"213.135.93.254"; classtype:trojan-activity; sid:100002688; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"213.14.173.117"; classtype:trojan-activity; sid:100002689; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"213.149.182.113"; classtype:trojan-activity; sid:100002690; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"213.149.190.193"; classtype:trojan-activity; sid:100002691; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"213.154.19.233"; classtype:trojan-activity; sid:100002692; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"213.154.23.170"; classtype:trojan-activity; sid:100002693; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"213.195.118.108"; classtype:trojan-activity; sid:100002694; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"213.207.178.31"; classtype:trojan-activity; sid:100002695; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"213.235.183.42"; classtype:trojan-activity; sid:100002696; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"213.240.218.15"; classtype:trojan-activity; sid:100002697; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"213.243.216.3"; classtype:trojan-activity; sid:100002698; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"213.57.130.199"; classtype:trojan-activity; sid:100002699; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"213.87.87.173"; classtype:trojan-activity; sid:100002700; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"213.92.254.214"; classtype:trojan-activity; sid:100002701; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"213.92.254.255"; classtype:trojan-activity; sid:100002702; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"216.170.240.98"; classtype:trojan-activity; sid:100002703; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"216.183.54.169"; classtype:trojan-activity; sid:100002704; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"216.19.191.194"; classtype:trojan-activity; sid:100002705; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"216.36.12.98"; classtype:trojan-activity; sid:100002706; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"216.49.20.50"; classtype:trojan-activity; sid:100002707; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"216.66.185.223"; classtype:trojan-activity; sid:100002708; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"217.11.75.162"; classtype:trojan-activity; sid:100002709; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"217.133.100.91"; classtype:trojan-activity; sid:100002710; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"217.145.193.216"; classtype:trojan-activity; sid:100002711; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"217.210.104.187"; classtype:trojan-activity; sid:100002712; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"217.36.225.237"; classtype:trojan-activity; sid:100002713; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"217.8.228.92"; classtype:trojan-activity; sid:100002714; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"218.11.104.83"; classtype:trojan-activity; sid:100002715; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"218.12.173.80"; classtype:trojan-activity; sid:100002716; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"218.148.156.69"; classtype:trojan-activity; sid:100002717; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"218.155.136.57"; classtype:trojan-activity; sid:100002718; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"218.214.241.2"; classtype:trojan-activity; sid:100002719; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"218.35.203.201"; classtype:trojan-activity; sid:100002720; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"218.35.210.194"; classtype:trojan-activity; sid:100002721; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"218.35.224.42"; classtype:trojan-activity; sid:100002722; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"218.35.227.133"; classtype:trojan-activity; sid:100002723; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"218.35.81.81"; classtype:trojan-activity; sid:100002724; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"218.38.241.103"; classtype:trojan-activity; sid:100002725; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"218.38.241.105"; classtype:trojan-activity; sid:100002726; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"218.56.140.98"; classtype:trojan-activity; sid:100002727; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"218.57.122.194"; classtype:trojan-activity; sid:100002728; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"218.57.96.112"; classtype:trojan-activity; sid:100002729; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"218.58.185.139"; classtype:trojan-activity; sid:100002730; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"218.59.43.137"; classtype:trojan-activity; sid:100002731; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"218.72.208.20"; classtype:trojan-activity; sid:100002732; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"218.72.242.218"; classtype:trojan-activity; sid:100002733; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"218.8.132.233"; classtype:trojan-activity; sid:100002734; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"218.81.119.230"; classtype:trojan-activity; sid:100002735; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"218.91.106.177"; classtype:trojan-activity; sid:100002736; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"218.93.102.4"; classtype:trojan-activity; sid:100002737; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"218.93.109.176"; classtype:trojan-activity; sid:100002738; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"218.93.131.24"; classtype:trojan-activity; sid:100002739; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"218.93.132.120"; classtype:trojan-activity; sid:100002740; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"219.140.124.250"; classtype:trojan-activity; sid:100002741; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"219.140.17.172"; classtype:trojan-activity; sid:100002742; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"219.154.101.172"; classtype:trojan-activity; sid:100002743; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"219.154.104.185"; classtype:trojan-activity; sid:100002744; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"219.154.108.226"; classtype:trojan-activity; sid:100002745; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"219.154.121.141"; classtype:trojan-activity; sid:100002746; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"219.154.121.27"; classtype:trojan-activity; sid:100002747; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"219.154.125.138"; classtype:trojan-activity; sid:100002748; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"219.154.137.14"; classtype:trojan-activity; sid:100002749; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"219.154.154.117"; classtype:trojan-activity; sid:100002750; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"219.154.184.192"; classtype:trojan-activity; sid:100002751; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"219.154.184.50"; classtype:trojan-activity; sid:100002752; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"219.154.97.59"; classtype:trojan-activity; sid:100002753; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"219.155.110.88"; classtype:trojan-activity; sid:100002754; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"219.155.171.244"; classtype:trojan-activity; sid:100002755; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"219.155.208.133"; classtype:trojan-activity; sid:100002756; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"219.155.210.43"; classtype:trojan-activity; sid:100002757; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"219.155.230.3"; classtype:trojan-activity; sid:100002758; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"219.155.235.175"; classtype:trojan-activity; sid:100002759; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"219.155.235.255"; classtype:trojan-activity; sid:100002760; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"219.155.24.170"; classtype:trojan-activity; sid:100002761; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"219.155.242.53"; classtype:trojan-activity; sid:100002762; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"219.155.248.37"; classtype:trojan-activity; sid:100002763; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"219.155.26.77"; classtype:trojan-activity; sid:100002764; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"219.155.27.233"; classtype:trojan-activity; sid:100002765; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"219.155.27.246"; classtype:trojan-activity; sid:100002766; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"219.155.28.228"; classtype:trojan-activity; sid:100002767; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"219.155.30.156"; classtype:trojan-activity; sid:100002768; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"219.155.31.167"; classtype:trojan-activity; sid:100002769; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"219.155.41.11"; classtype:trojan-activity; sid:100002770; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"219.155.73.75"; classtype:trojan-activity; sid:100002771; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"219.155.96.28"; classtype:trojan-activity; sid:100002772; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"219.156.100.213"; classtype:trojan-activity; sid:100002773; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"219.156.18.131"; classtype:trojan-activity; sid:100002774; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"219.156.19.96"; classtype:trojan-activity; sid:100002775; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"219.156.196.104"; classtype:trojan-activity; sid:100002776; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"219.156.23.137"; classtype:trojan-activity; sid:100002777; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"219.156.34.16"; classtype:trojan-activity; sid:100002778; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"219.156.42.76"; classtype:trojan-activity; sid:100002779; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"219.156.49.67"; classtype:trojan-activity; sid:100002780; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"219.156.74.102"; classtype:trojan-activity; sid:100002781; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"219.156.88.153"; classtype:trojan-activity; sid:100002782; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"219.156.99.150"; classtype:trojan-activity; sid:100002783; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"219.157.136.226"; classtype:trojan-activity; sid:100002784; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"219.157.137.60"; classtype:trojan-activity; sid:100002785; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"219.157.138.138"; classtype:trojan-activity; sid:100002786; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"219.157.144.174"; classtype:trojan-activity; sid:100002787; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"219.157.144.32"; classtype:trojan-activity; sid:100002788; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"219.157.144.70"; classtype:trojan-activity; sid:100002789; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"219.157.160.76"; classtype:trojan-activity; sid:100002790; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"219.157.180.175"; classtype:trojan-activity; sid:100002791; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"219.157.183.216"; classtype:trojan-activity; sid:100002792; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"219.157.206.17"; classtype:trojan-activity; sid:100002793; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"219.157.21.151"; classtype:trojan-activity; sid:100002794; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"219.157.214.31"; classtype:trojan-activity; sid:100002795; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"219.157.218.191"; classtype:trojan-activity; sid:100002796; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"219.157.220.36"; classtype:trojan-activity; sid:100002797; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"219.157.222.31"; classtype:trojan-activity; sid:100002798; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"219.157.227.244"; classtype:trojan-activity; sid:100002799; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"219.157.242.121"; classtype:trojan-activity; sid:100002800; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"219.157.252.212"; classtype:trojan-activity; sid:100002801; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"219.157.253.24"; classtype:trojan-activity; sid:100002802; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"219.157.37.34"; classtype:trojan-activity; sid:100002803; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"219.157.52.43"; classtype:trojan-activity; sid:100002804; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"219.157.53.157"; classtype:trojan-activity; sid:100002805; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"219.157.53.240"; classtype:trojan-activity; sid:100002806; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"219.157.55.206"; classtype:trojan-activity; sid:100002807; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"219.157.55.93"; classtype:trojan-activity; sid:100002808; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"219.157.59.26"; classtype:trojan-activity; sid:100002809; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"219.157.65.239"; classtype:trojan-activity; sid:100002810; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"219.157.65.245"; classtype:trojan-activity; sid:100002811; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"219.241.65.207"; classtype:trojan-activity; sid:100002812; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"219.68.1.148"; classtype:trojan-activity; sid:100002813; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"219.68.1.84"; classtype:trojan-activity; sid:100002814; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"219.68.13.193"; classtype:trojan-activity; sid:100002815; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"219.68.163.7"; classtype:trojan-activity; sid:100002816; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"219.68.2.83"; classtype:trojan-activity; sid:100002817; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"219.68.244.6"; classtype:trojan-activity; sid:100002818; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"219.68.245.160"; classtype:trojan-activity; sid:100002819; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"219.68.245.35"; classtype:trojan-activity; sid:100002820; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"219.68.245.63"; classtype:trojan-activity; sid:100002821; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"219.68.251.184"; classtype:trojan-activity; sid:100002822; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"219.68.5.140"; classtype:trojan-activity; sid:100002823; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"219.69.101.7"; classtype:trojan-activity; sid:100002824; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"219.70.239.115"; classtype:trojan-activity; sid:100002825; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"219.70.254.144"; classtype:trojan-activity; sid:100002826; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"219.71.217.73"; classtype:trojan-activity; sid:100002827; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"219.80.160.101"; classtype:trojan-activity; sid:100002828; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"219.80.217.209"; classtype:trojan-activity; sid:100002829; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"219.84.190.235"; classtype:trojan-activity; sid:100002830; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"219.85.144.87"; classtype:trojan-activity; sid:100002831; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"219.85.185.238"; classtype:trojan-activity; sid:100002832; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"219.85.39.19"; classtype:trojan-activity; sid:100002833; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"219.85.53.120"; classtype:trojan-activity; sid:100002834; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"219.85.53.134"; classtype:trojan-activity; sid:100002835; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"219.85.56.111"; classtype:trojan-activity; sid:100002836; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"219.86.10.192"; classtype:trojan-activity; sid:100002837; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"220.121.22.68"; classtype:trojan-activity; sid:100002838; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"220.133.178.19"; classtype:trojan-activity; sid:100002839; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"220.134.159.5"; classtype:trojan-activity; sid:100002840; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"220.135.190.219"; classtype:trojan-activity; sid:100002841; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"220.161.160.253"; classtype:trojan-activity; sid:100002842; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"220.168.240.139"; classtype:trojan-activity; sid:100002843; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"220.233.69.182"; classtype:trojan-activity; sid:100002844; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"220.79.180.243"; classtype:trojan-activity; sid:100002845; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"220.80.187.75"; classtype:trojan-activity; sid:100002846; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"220.81.123.35"; classtype:trojan-activity; sid:100002847; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"220.81.164.180"; classtype:trojan-activity; sid:100002848; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"220.83.177.93"; classtype:trojan-activity; sid:100002849; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"220.90.61.48"; classtype:trojan-activity; sid:100002850; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"220.92.54.119"; classtype:trojan-activity; sid:100002851; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"220.93.239.104"; classtype:trojan-activity; sid:100002852; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"220.95.54.147"; classtype:trojan-activity; sid:100002853; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"221.0.107.176"; classtype:trojan-activity; sid:100002854; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"221.0.192.99"; classtype:trojan-activity; sid:100002855; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"221.0.46.119"; classtype:trojan-activity; sid:100002856; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"221.0.55.158"; classtype:trojan-activity; sid:100002857; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"221.1.224.119"; classtype:trojan-activity; sid:100002858; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"221.1.226.179"; classtype:trojan-activity; sid:100002859; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"221.1.227.178"; classtype:trojan-activity; sid:100002860; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"221.1.227.48"; classtype:trojan-activity; sid:100002861; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"221.120.42.134"; classtype:trojan-activity; sid:100002862; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"221.124.78.15"; classtype:trojan-activity; sid:100002863; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"221.13.151.50"; classtype:trojan-activity; sid:100002864; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"221.135.97.211"; classtype:trojan-activity; sid:100002865; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"221.14.123.120"; classtype:trojan-activity; sid:100002866; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"221.14.160.41"; classtype:trojan-activity; sid:100002867; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"221.14.163.27"; classtype:trojan-activity; sid:100002868; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"221.14.165.6"; classtype:trojan-activity; sid:100002869; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"221.14.168.189"; classtype:trojan-activity; sid:100002870; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"221.14.52.88"; classtype:trojan-activity; sid:100002871; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"221.14.57.124"; classtype:trojan-activity; sid:100002872; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"221.14.58.62"; classtype:trojan-activity; sid:100002873; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"221.14.63.228"; classtype:trojan-activity; sid:100002874; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"221.15.10.196"; classtype:trojan-activity; sid:100002875; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"221.15.125.161"; classtype:trojan-activity; sid:100002876; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"221.15.126.144"; classtype:trojan-activity; sid:100002877; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"221.15.147.213"; classtype:trojan-activity; sid:100002878; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"221.15.18.159"; classtype:trojan-activity; sid:100002879; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"221.15.187.136"; classtype:trojan-activity; sid:100002880; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"221.15.194.120"; classtype:trojan-activity; sid:100002881; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"221.15.194.152"; classtype:trojan-activity; sid:100002882; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"221.15.21.248"; classtype:trojan-activity; sid:100002883; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"221.15.237.46"; classtype:trojan-activity; sid:100002884; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"221.15.6.195"; classtype:trojan-activity; sid:100002885; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"221.15.6.98"; classtype:trojan-activity; sid:100002886; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"221.15.60.5"; classtype:trojan-activity; sid:100002887; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"221.15.7.24"; classtype:trojan-activity; sid:100002888; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"221.15.7.240"; classtype:trojan-activity; sid:100002889; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"221.15.8.120"; classtype:trojan-activity; sid:100002890; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"221.15.87.84"; classtype:trojan-activity; sid:100002891; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"221.151.244.147"; classtype:trojan-activity; sid:100002892; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"221.155.229.103"; classtype:trojan-activity; sid:100002893; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"221.157.191.178"; classtype:trojan-activity; sid:100002894; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"221.157.205.78"; classtype:trojan-activity; sid:100002895; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"221.159.216.138"; classtype:trojan-activity; sid:100002896; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"221.160.177.107"; classtype:trojan-activity; sid:100002897; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"221.160.177.119"; classtype:trojan-activity; sid:100002898; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"221.160.177.179"; classtype:trojan-activity; sid:100002899; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"221.160.177.183"; classtype:trojan-activity; sid:100002900; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"221.160.177.196"; classtype:trojan-activity; sid:100002901; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"221.160.177.197"; classtype:trojan-activity; sid:100002902; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"221.160.177.198"; classtype:trojan-activity; sid:100002903; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"221.160.177.201"; classtype:trojan-activity; sid:100002904; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"221.160.177.30"; classtype:trojan-activity; sid:100002905; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"221.160.177.49"; classtype:trojan-activity; sid:100002906; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"221.160.177.66"; classtype:trojan-activity; sid:100002907; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"221.160.177.83"; classtype:trojan-activity; sid:100002908; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"221.160.89.118"; classtype:trojan-activity; sid:100002909; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"221.164.53.189"; classtype:trojan-activity; sid:100002910; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"221.165.86.45"; classtype:trojan-activity; sid:100002911; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"221.167.61.157"; classtype:trojan-activity; sid:100002912; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"221.201.109.122"; classtype:trojan-activity; sid:100002913; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"221.201.118.76"; classtype:trojan-activity; sid:100002914; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"221.203.86.88"; classtype:trojan-activity; sid:100002915; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"221.205.195.215"; classtype:trojan-activity; sid:100002916; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"221.207.206.15"; classtype:trojan-activity; sid:100002917; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"221.212.112.41"; classtype:trojan-activity; sid:100002918; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"221.214.193.14"; classtype:trojan-activity; sid:100002919; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"221.214.204.141"; classtype:trojan-activity; sid:100002920; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"221.214.238.225"; classtype:trojan-activity; sid:100002921; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"221.215.123.18"; classtype:trojan-activity; sid:100002922; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"221.215.252.32"; classtype:trojan-activity; sid:100002923; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"221.215.35.79"; classtype:trojan-activity; sid:100002924; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"221.215.54.250"; classtype:trojan-activity; sid:100002925; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"221.229.40.179"; classtype:trojan-activity; sid:100002926; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"221.230.193.168"; classtype:trojan-activity; sid:100002927; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"221.231.23.212"; classtype:trojan-activity; sid:100002928; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"221.232.179.62"; classtype:trojan-activity; sid:100002929; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"221.232.196.31"; classtype:trojan-activity; sid:100002930; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"221.232.2.151"; classtype:trojan-activity; sid:100002931; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"221.232.29.7"; classtype:trojan-activity; sid:100002932; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"221.232.73.135"; classtype:trojan-activity; sid:100002933; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"221.234.150.225"; classtype:trojan-activity; sid:100002934; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"221.234.73.3"; classtype:trojan-activity; sid:100002935; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"221.235.137.213"; classtype:trojan-activity; sid:100002936; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"221.3.67.11"; classtype:trojan-activity; sid:100002937; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"221.5.60.103"; classtype:trojan-activity; sid:100002938; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"222.100.89.36"; classtype:trojan-activity; sid:100002939; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"222.102.109.245"; classtype:trojan-activity; sid:100002940; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"222.103.144.210"; classtype:trojan-activity; sid:100002941; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"222.103.181.173"; classtype:trojan-activity; sid:100002942; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"222.105.145.190"; classtype:trojan-activity; sid:100002943; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"222.105.162.29"; classtype:trojan-activity; sid:100002944; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"222.107.29.75"; classtype:trojan-activity; sid:100002945; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"222.114.215.49"; classtype:trojan-activity; sid:100002946; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"222.114.95.114"; classtype:trojan-activity; sid:100002947; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"222.121.112.246"; classtype:trojan-activity; sid:100002948; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"222.133.151.117"; classtype:trojan-activity; sid:100002949; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"222.134.162.171"; classtype:trojan-activity; sid:100002950; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"222.134.163.90"; classtype:trojan-activity; sid:100002951; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"222.134.172.237"; classtype:trojan-activity; sid:100002952; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"222.134.174.208"; classtype:trojan-activity; sid:100002953; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"222.134.174.227"; classtype:trojan-activity; sid:100002954; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"222.134.175.135"; classtype:trojan-activity; sid:100002955; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"222.135.10.35"; classtype:trojan-activity; sid:100002956; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"222.135.114.123"; classtype:trojan-activity; sid:100002957; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"222.135.137.206"; classtype:trojan-activity; sid:100002958; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"222.135.39.39"; classtype:trojan-activity; sid:100002959; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"222.135.83.185"; classtype:trojan-activity; sid:100002960; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"222.136.101.212"; classtype:trojan-activity; sid:100002961; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"222.136.27.101"; classtype:trojan-activity; sid:100002962; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"222.136.29.178"; classtype:trojan-activity; sid:100002963; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"222.136.38.154"; classtype:trojan-activity; sid:100002964; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"222.137.112.214"; classtype:trojan-activity; sid:100002965; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"222.137.120.194"; classtype:trojan-activity; sid:100002966; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"222.137.121.50"; classtype:trojan-activity; sid:100002967; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"222.137.136.163"; classtype:trojan-activity; sid:100002968; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"222.137.139.82"; classtype:trojan-activity; sid:100002969; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"222.137.16.119"; classtype:trojan-activity; sid:100002970; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"222.137.200.230"; classtype:trojan-activity; sid:100002971; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"222.137.214.248"; classtype:trojan-activity; sid:100002972; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"222.137.228.89"; classtype:trojan-activity; sid:100002973; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"222.137.23.233"; classtype:trojan-activity; sid:100002974; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"222.137.248.18"; classtype:trojan-activity; sid:100002975; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"222.137.250.134"; classtype:trojan-activity; sid:100002976; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"222.137.28.248"; classtype:trojan-activity; sid:100002977; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"222.137.33.12"; classtype:trojan-activity; sid:100002978; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"222.137.50.53"; classtype:trojan-activity; sid:100002979; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"222.137.70.130"; classtype:trojan-activity; sid:100002980; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"222.137.75.209"; classtype:trojan-activity; sid:100002981; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"222.137.76.29"; classtype:trojan-activity; sid:100002982; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"222.137.84.182"; classtype:trojan-activity; sid:100002983; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"222.137.9.84"; classtype:trojan-activity; sid:100002984; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"222.137.90.255"; classtype:trojan-activity; sid:100002985; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"222.138.100.141"; classtype:trojan-activity; sid:100002986; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"222.138.104.13"; classtype:trojan-activity; sid:100002987; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"222.138.117.117"; classtype:trojan-activity; sid:100002988; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"222.138.117.17"; classtype:trojan-activity; sid:100002989; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"222.138.148.148"; classtype:trojan-activity; sid:100002990; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"222.138.16.157"; classtype:trojan-activity; sid:100002991; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"222.138.179.141"; classtype:trojan-activity; sid:100002992; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"222.138.182.63"; classtype:trojan-activity; sid:100002993; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"222.138.183.46"; classtype:trojan-activity; sid:100002994; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"222.138.184.93"; classtype:trojan-activity; sid:100002995; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"222.138.186.9"; classtype:trojan-activity; sid:100002996; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"222.138.204.125"; classtype:trojan-activity; sid:100002997; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"222.138.234.226"; classtype:trojan-activity; sid:100002998; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"222.138.235.168"; classtype:trojan-activity; sid:100002999; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"222.139.116.127"; classtype:trojan-activity; sid:100003000; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"222.139.121.140"; classtype:trojan-activity; sid:100003001; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"222.139.13.252"; classtype:trojan-activity; sid:100003002; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"222.139.14.150"; classtype:trojan-activity; sid:100003003; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"222.139.216.111"; classtype:trojan-activity; sid:100003004; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"222.139.22.54"; classtype:trojan-activity; sid:100003005; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"222.139.37.215"; classtype:trojan-activity; sid:100003006; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"222.139.40.67"; classtype:trojan-activity; sid:100003007; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"222.139.76.65"; classtype:trojan-activity; sid:100003008; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"222.140.134.212"; classtype:trojan-activity; sid:100003009; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"222.140.161.240"; classtype:trojan-activity; sid:100003010; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"222.140.176.29"; classtype:trojan-activity; sid:100003011; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"222.140.244.75"; classtype:trojan-activity; sid:100003012; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"222.140.248.235"; classtype:trojan-activity; sid:100003013; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"222.141.12.240"; classtype:trojan-activity; sid:100003014; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"222.141.14.43"; classtype:trojan-activity; sid:100003015; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"222.141.169.197"; classtype:trojan-activity; sid:100003016; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"222.141.37.226"; classtype:trojan-activity; sid:100003017; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"222.141.40.56"; classtype:trojan-activity; sid:100003018; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"222.141.46.104"; classtype:trojan-activity; sid:100003019; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"222.141.46.83"; classtype:trojan-activity; sid:100003020; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"222.141.62.81"; classtype:trojan-activity; sid:100003021; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"222.141.90.32"; classtype:trojan-activity; sid:100003022; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"222.142.141.154"; classtype:trojan-activity; sid:100003023; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"222.142.201.237"; classtype:trojan-activity; sid:100003024; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"222.142.202.213"; classtype:trojan-activity; sid:100003025; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"222.142.209.17"; classtype:trojan-activity; sid:100003026; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"222.142.210.95"; classtype:trojan-activity; sid:100003027; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"222.142.225.187"; classtype:trojan-activity; sid:100003028; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"222.142.228.199"; classtype:trojan-activity; sid:100003029; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"222.142.71.12"; classtype:trojan-activity; sid:100003030; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"222.162.34.135"; classtype:trojan-activity; sid:100003031; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"222.173.11.62"; classtype:trojan-activity; sid:100003032; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"222.185.106.250"; classtype:trojan-activity; sid:100003033; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"222.185.117.114"; classtype:trojan-activity; sid:100003034; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"222.185.62.127"; classtype:trojan-activity; sid:100003035; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"222.188.137.9"; classtype:trojan-activity; sid:100003036; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"222.188.245.103"; classtype:trojan-activity; sid:100003037; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"222.191.186.255"; classtype:trojan-activity; sid:100003038; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"222.211.72.29"; classtype:trojan-activity; sid:100003039; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"222.214.5.26"; classtype:trojan-activity; sid:100003040; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"222.217.144.23"; classtype:trojan-activity; sid:100003041; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"222.241.194.53"; classtype:trojan-activity; sid:100003042; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"222.243.14.67"; classtype:trojan-activity; sid:100003043; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"222.245.52.7"; classtype:trojan-activity; sid:100003044; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"222.248.36.3"; classtype:trojan-activity; sid:100003045; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"222.253.84.236"; classtype:trojan-activity; sid:100003046; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"223.11.56.232"; classtype:trojan-activity; sid:100003047; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"223.13.124.201"; classtype:trojan-activity; sid:100003048; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"223.13.80.220"; classtype:trojan-activity; sid:100003049; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"223.154.81.197"; classtype:trojan-activity; sid:100003050; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"223.154.81.57"; classtype:trojan-activity; sid:100003051; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"223.212.235.50"; classtype:trojan-activity; sid:100003052; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"223.212.75.32"; classtype:trojan-activity; sid:100003053; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"223.213.177.241"; classtype:trojan-activity; sid:100003054; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"223.221.98.36"; classtype:trojan-activity; sid:100003055; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"223.93.171.204"; classtype:trojan-activity; sid:100003056; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"225km.com"; classtype:trojan-activity; sid:100003057; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"23.115.118.232"; classtype:trojan-activity; sid:100003058; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"23.118.190.23"; classtype:trojan-activity; sid:100003059; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"23.121.154.175"; classtype:trojan-activity; sid:100003060; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"23.124.203.20"; classtype:trojan-activity; sid:100003061; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"23.125.186.135"; classtype:trojan-activity; sid:100003062; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"23.126.120.25"; classtype:trojan-activity; sid:100003063; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"23.160.193.99"; classtype:trojan-activity; sid:100003064; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"23.228.143.58"; classtype:trojan-activity; sid:100003065; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"23.94.138.57"; classtype:trojan-activity; sid:100003066; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"23.94.174.158"; classtype:trojan-activity; sid:100003067; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"23.94.36.134"; classtype:trojan-activity; sid:100003068; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"23.94.37.59"; classtype:trojan-activity; sid:100003069; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"23.94.7.237"; classtype:trojan-activity; sid:100003070; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"23.95.130.103"; classtype:trojan-activity; sid:100003071; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"23.95.222.119"; classtype:trojan-activity; sid:100003072; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"23.95.246.19"; classtype:trojan-activity; sid:100003073; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"24.103.74.180"; classtype:trojan-activity; sid:100003074; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"24.11.141.134"; classtype:trojan-activity; sid:100003075; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"24.115.142.60"; classtype:trojan-activity; sid:100003076; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"24.115.48.108"; classtype:trojan-activity; sid:100003077; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"24.119.158.74"; classtype:trojan-activity; sid:100003078; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"24.123.10.93"; classtype:trojan-activity; sid:100003079; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"24.123.182.218"; classtype:trojan-activity; sid:100003080; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"24.139.39.207"; classtype:trojan-activity; sid:100003081; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"24.146.228.146"; classtype:trojan-activity; sid:100003082; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"24.151.66.229"; classtype:trojan-activity; sid:100003083; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"24.152.220.167"; classtype:trojan-activity; sid:100003084; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"24.152.46.183"; classtype:trojan-activity; sid:100003085; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"24.158.25.98"; classtype:trojan-activity; sid:100003086; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"24.176.184.138"; classtype:trojan-activity; sid:100003087; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"24.184.1.41"; classtype:trojan-activity; sid:100003088; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"24.189.237.246"; classtype:trojan-activity; sid:100003089; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"24.190.246.66"; classtype:trojan-activity; sid:100003090; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"24.192.191.109"; classtype:trojan-activity; sid:100003091; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"24.214.13.153"; classtype:trojan-activity; sid:100003092; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"24.24.128.154"; classtype:trojan-activity; sid:100003093; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"24.30.81.254"; classtype:trojan-activity; sid:100003094; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"24.30.95.55"; classtype:trojan-activity; sid:100003095; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"24.39.181.18"; classtype:trojan-activity; sid:100003096; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"24.39.34.242"; classtype:trojan-activity; sid:100003097; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"24.45.249.142"; classtype:trojan-activity; sid:100003098; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"24.53.163.10"; classtype:trojan-activity; sid:100003099; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"24.53.163.9"; classtype:trojan-activity; sid:100003100; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"24.68.127.176"; classtype:trojan-activity; sid:100003101; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"24.85.246.47"; classtype:trojan-activity; sid:100003102; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"24.85.29.177"; classtype:trojan-activity; sid:100003103; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"24.88.169.93"; classtype:trojan-activity; sid:100003104; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"24.96.250.239"; classtype:trojan-activity; sid:100003105; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.1.245.16"; classtype:trojan-activity; sid:100003106; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.105.106.201"; classtype:trojan-activity; sid:100003107; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.105.152.107"; classtype:trojan-activity; sid:100003108; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.117.105.125"; classtype:trojan-activity; sid:100003109; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.12.53.240"; classtype:trojan-activity; sid:100003110; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.13.61.166"; classtype:trojan-activity; sid:100003111; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.136.62.71"; classtype:trojan-activity; sid:100003112; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.147.29.52"; classtype:trojan-activity; sid:100003113; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.147.40.128"; classtype:trojan-activity; sid:100003114; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.15.16.235"; classtype:trojan-activity; sid:100003115; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.15.48.18"; classtype:trojan-activity; sid:100003116; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.153.141.150"; classtype:trojan-activity; sid:100003117; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.153.141.193"; classtype:trojan-activity; sid:100003118; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.153.142.205"; classtype:trojan-activity; sid:100003119; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.187.249.247"; classtype:trojan-activity; sid:100003120; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.187.251.148"; classtype:trojan-activity; sid:100003121; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.19.87.192"; classtype:trojan-activity; sid:100003122; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.190.195.126"; classtype:trojan-activity; sid:100003123; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.191.40.46"; classtype:trojan-activity; sid:100003124; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.192.238.175"; classtype:trojan-activity; sid:100003125; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.193.117.95"; classtype:trojan-activity; sid:100003126; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.193.146.90"; classtype:trojan-activity; sid:100003127; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.193.21.152"; classtype:trojan-activity; sid:100003128; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.194.110.141"; classtype:trojan-activity; sid:100003129; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.194.111.234"; classtype:trojan-activity; sid:100003130; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.194.14.253"; classtype:trojan-activity; sid:100003131; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.194.154.57"; classtype:trojan-activity; sid:100003132; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.194.19.198"; classtype:trojan-activity; sid:100003133; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.194.251.57"; classtype:trojan-activity; sid:100003134; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.194.64.207"; classtype:trojan-activity; sid:100003135; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.196.225.123"; classtype:trojan-activity; sid:100003136; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.197.42.171"; classtype:trojan-activity; sid:100003137; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.198.66.169"; classtype:trojan-activity; sid:100003138; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.199.242.71"; classtype:trojan-activity; sid:100003139; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.199.29.34"; classtype:trojan-activity; sid:100003140; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.200.1.12"; classtype:trojan-activity; sid:100003141; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.200.17.23"; classtype:trojan-activity; sid:100003142; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.200.180.217"; classtype:trojan-activity; sid:100003143; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.201.171.0"; classtype:trojan-activity; sid:100003144; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.201.22.76"; classtype:trojan-activity; sid:100003145; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.201.8.53"; classtype:trojan-activity; sid:100003146; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.202.102.102"; classtype:trojan-activity; sid:100003147; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.202.187.112"; classtype:trojan-activity; sid:100003148; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.202.214.241"; classtype:trojan-activity; sid:100003149; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.202.36.80"; classtype:trojan-activity; sid:100003150; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.202.60.133"; classtype:trojan-activity; sid:100003151; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.202.72.237"; classtype:trojan-activity; sid:100003152; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.202.75.231"; classtype:trojan-activity; sid:100003153; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.203.152.197"; classtype:trojan-activity; sid:100003154; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.203.189.49"; classtype:trojan-activity; sid:100003155; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.203.202.238"; classtype:trojan-activity; sid:100003156; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.203.208.65"; classtype:trojan-activity; sid:100003157; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.203.253.239"; classtype:trojan-activity; sid:100003158; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.203.28.66"; classtype:trojan-activity; sid:100003159; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.203.3.225"; classtype:trojan-activity; sid:100003160; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.203.37.43"; classtype:trojan-activity; sid:100003161; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.203.49.61"; classtype:trojan-activity; sid:100003162; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.203.71.215"; classtype:trojan-activity; sid:100003163; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.203.88.161"; classtype:trojan-activity; sid:100003164; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.204.239.84"; classtype:trojan-activity; sid:100003165; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.206.107.90"; classtype:trojan-activity; sid:100003166; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.206.115.81"; classtype:trojan-activity; sid:100003167; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.206.24.148"; classtype:trojan-activity; sid:100003168; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.206.240.27"; classtype:trojan-activity; sid:100003169; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.206.75.182"; classtype:trojan-activity; sid:100003170; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.206.83.210"; classtype:trojan-activity; sid:100003171; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.207.177.177"; classtype:trojan-activity; sid:100003172; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.207.198.130"; classtype:trojan-activity; sid:100003173; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.207.227.140"; classtype:trojan-activity; sid:100003174; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.207.81.226"; classtype:trojan-activity; sid:100003175; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.208.148.165"; classtype:trojan-activity; sid:100003176; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.208.152.75"; classtype:trojan-activity; sid:100003177; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.208.159.244"; classtype:trojan-activity; sid:100003178; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.208.225.115"; classtype:trojan-activity; sid:100003179; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.208.232.113"; classtype:trojan-activity; sid:100003180; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.209.101.146"; classtype:trojan-activity; sid:100003181; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.209.84.194"; classtype:trojan-activity; sid:100003182; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.210.123.153"; classtype:trojan-activity; sid:100003183; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.210.155.193"; classtype:trojan-activity; sid:100003184; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.210.179.93"; classtype:trojan-activity; sid:100003185; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.210.92.182"; classtype:trojan-activity; sid:100003186; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.210.94.177"; classtype:trojan-activity; sid:100003187; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.213.117.229"; classtype:trojan-activity; sid:100003188; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.213.123.91"; classtype:trojan-activity; sid:100003189; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.213.163.68"; classtype:trojan-activity; sid:100003190; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.213.177.41"; classtype:trojan-activity; sid:100003191; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.213.209.178"; classtype:trojan-activity; sid:100003192; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.213.240.253"; classtype:trojan-activity; sid:100003193; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.213.240.38"; classtype:trojan-activity; sid:100003194; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.213.33.243"; classtype:trojan-activity; sid:100003195; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.213.5.67"; classtype:trojan-activity; sid:100003196; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.213.60.188"; classtype:trojan-activity; sid:100003197; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.213.96.183"; classtype:trojan-activity; sid:100003198; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.214.224.76"; classtype:trojan-activity; sid:100003199; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.215.108.154"; classtype:trojan-activity; sid:100003200; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.215.109.175"; classtype:trojan-activity; sid:100003201; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.215.110.172"; classtype:trojan-activity; sid:100003202; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.215.111.177"; classtype:trojan-activity; sid:100003203; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.215.121.181"; classtype:trojan-activity; sid:100003204; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.215.121.43"; classtype:trojan-activity; sid:100003205; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.215.127.68"; classtype:trojan-activity; sid:100003206; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.215.136.17"; classtype:trojan-activity; sid:100003207; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.215.136.199"; classtype:trojan-activity; sid:100003208; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.215.141.122"; classtype:trojan-activity; sid:100003209; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.215.150.112"; classtype:trojan-activity; sid:100003210; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.215.158.214"; classtype:trojan-activity; sid:100003211; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.215.178.101"; classtype:trojan-activity; sid:100003212; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.215.178.32"; classtype:trojan-activity; sid:100003213; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.215.179.24"; classtype:trojan-activity; sid:100003214; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.215.179.59"; classtype:trojan-activity; sid:100003215; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.215.182.159"; classtype:trojan-activity; sid:100003216; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.215.186.24"; classtype:trojan-activity; sid:100003217; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.215.210.130"; classtype:trojan-activity; sid:100003218; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.215.211.199"; classtype:trojan-activity; sid:100003219; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.215.211.207"; classtype:trojan-activity; sid:100003220; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.215.212.121"; classtype:trojan-activity; sid:100003221; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.215.213.90"; classtype:trojan-activity; sid:100003222; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.215.215.248"; classtype:trojan-activity; sid:100003223; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.215.48.251"; classtype:trojan-activity; sid:100003224; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.215.49.131"; classtype:trojan-activity; sid:100003225; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.215.50.47"; classtype:trojan-activity; sid:100003226; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.215.53.105"; classtype:trojan-activity; sid:100003227; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.215.55.167"; classtype:trojan-activity; sid:100003228; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.215.69.219"; classtype:trojan-activity; sid:100003229; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.215.76.201"; classtype:trojan-activity; sid:100003230; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.215.80.12"; classtype:trojan-activity; sid:100003231; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.215.80.225"; classtype:trojan-activity; sid:100003232; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.215.81.112"; classtype:trojan-activity; sid:100003233; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.215.81.42"; classtype:trojan-activity; sid:100003234; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.215.82.26"; classtype:trojan-activity; sid:100003235; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.215.82.43"; classtype:trojan-activity; sid:100003236; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.215.84.107"; classtype:trojan-activity; sid:100003237; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.215.84.175"; classtype:trojan-activity; sid:100003238; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.215.84.225"; classtype:trojan-activity; sid:100003239; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.215.86.155"; classtype:trojan-activity; sid:100003240; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.215.87.112"; classtype:trojan-activity; sid:100003241; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.215.87.30"; classtype:trojan-activity; sid:100003242; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.215.98.41"; classtype:trojan-activity; sid:100003243; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.216.101.3"; classtype:trojan-activity; sid:100003244; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.216.136.82"; classtype:trojan-activity; sid:100003245; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.216.154.110"; classtype:trojan-activity; sid:100003246; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.216.212.3"; classtype:trojan-activity; sid:100003247; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.216.24.219"; classtype:trojan-activity; sid:100003248; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.216.64.182"; classtype:trojan-activity; sid:100003249; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.216.65.165"; classtype:trojan-activity; sid:100003250; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.216.67.165"; classtype:trojan-activity; sid:100003251; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.217.128.178"; classtype:trojan-activity; sid:100003252; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.217.146.117"; classtype:trojan-activity; sid:100003253; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.217.169.148"; classtype:trojan-activity; sid:100003254; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.217.201.175"; classtype:trojan-activity; sid:100003255; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.217.205.6"; classtype:trojan-activity; sid:100003256; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.217.213.220"; classtype:trojan-activity; sid:100003257; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.217.227.128"; classtype:trojan-activity; sid:100003258; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.218.162.41"; classtype:trojan-activity; sid:100003259; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.219.178.104"; classtype:trojan-activity; sid:100003260; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.219.99.74"; classtype:trojan-activity; sid:100003261; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.220.119.160"; classtype:trojan-activity; sid:100003262; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.220.144.90"; classtype:trojan-activity; sid:100003263; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.220.171.3"; classtype:trojan-activity; sid:100003264; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.220.56.247"; classtype:trojan-activity; sid:100003265; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.222.152.22"; classtype:trojan-activity; sid:100003266; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.222.205.11"; classtype:trojan-activity; sid:100003267; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.222.238.14"; classtype:trojan-activity; sid:100003268; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.222.60.98"; classtype:trojan-activity; sid:100003269; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.223.151.245"; classtype:trojan-activity; sid:100003270; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.35.122.226"; classtype:trojan-activity; sid:100003271; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.35.2.22"; classtype:trojan-activity; sid:100003272; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.35.58.5"; classtype:trojan-activity; sid:100003273; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.35.87.153"; classtype:trojan-activity; sid:100003274; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.37.10.93"; classtype:trojan-activity; sid:100003275; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.37.198.73"; classtype:trojan-activity; sid:100003276; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.37.208.130"; classtype:trojan-activity; sid:100003277; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.37.225.32"; classtype:trojan-activity; sid:100003278; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.38.108.70"; classtype:trojan-activity; sid:100003279; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.38.141.171"; classtype:trojan-activity; sid:100003280; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.38.180.166"; classtype:trojan-activity; sid:100003281; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.40.101.72"; classtype:trojan-activity; sid:100003282; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.40.102.227"; classtype:trojan-activity; sid:100003283; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.40.116.35"; classtype:trojan-activity; sid:100003284; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.40.122.155"; classtype:trojan-activity; sid:100003285; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.40.123.27"; classtype:trojan-activity; sid:100003286; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.40.75.0"; classtype:trojan-activity; sid:100003287; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.40.79.171"; classtype:trojan-activity; sid:100003288; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.40.81.152"; classtype:trojan-activity; sid:100003289; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.40.85.98"; classtype:trojan-activity; sid:100003290; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.40.87.70"; classtype:trojan-activity; sid:100003291; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.41.0.201"; classtype:trojan-activity; sid:100003292; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.41.11.128"; classtype:trojan-activity; sid:100003293; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.41.11.43"; classtype:trojan-activity; sid:100003294; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.41.37.74"; classtype:trojan-activity; sid:100003295; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.43.108.122"; classtype:trojan-activity; sid:100003296; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.43.109.76"; classtype:trojan-activity; sid:100003297; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.43.110.71"; classtype:trojan-activity; sid:100003298; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.43.111.110"; classtype:trojan-activity; sid:100003299; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.43.111.146"; classtype:trojan-activity; sid:100003300; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.43.112.149"; classtype:trojan-activity; sid:100003301; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.43.115.183"; classtype:trojan-activity; sid:100003302; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.43.115.45"; classtype:trojan-activity; sid:100003303; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.43.115.96"; classtype:trojan-activity; sid:100003304; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.43.116.116"; classtype:trojan-activity; sid:100003305; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.43.116.241"; classtype:trojan-activity; sid:100003306; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.43.117.248"; classtype:trojan-activity; sid:100003307; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.43.119.182"; classtype:trojan-activity; sid:100003308; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.44.101.6"; classtype:trojan-activity; sid:100003309; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.45.102.45"; classtype:trojan-activity; sid:100003310; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.45.11.27"; classtype:trojan-activity; sid:100003311; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.45.113.90"; classtype:trojan-activity; sid:100003312; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.45.115.237"; classtype:trojan-activity; sid:100003313; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.45.116.55"; classtype:trojan-activity; sid:100003314; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.45.119.14"; classtype:trojan-activity; sid:100003315; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.45.119.154"; classtype:trojan-activity; sid:100003316; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.45.119.241"; classtype:trojan-activity; sid:100003317; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.45.12.32"; classtype:trojan-activity; sid:100003318; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.45.13.209"; classtype:trojan-activity; sid:100003319; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.45.13.34"; classtype:trojan-activity; sid:100003320; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.45.14.105"; classtype:trojan-activity; sid:100003321; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.45.14.117"; classtype:trojan-activity; sid:100003322; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.45.33.64"; classtype:trojan-activity; sid:100003323; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.45.38.221"; classtype:trojan-activity; sid:100003324; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.45.56.48"; classtype:trojan-activity; sid:100003325; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.45.56.71"; classtype:trojan-activity; sid:100003326; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.45.57.117"; classtype:trojan-activity; sid:100003327; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.45.8.130"; classtype:trojan-activity; sid:100003328; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.45.84.30"; classtype:trojan-activity; sid:100003329; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.45.88.223"; classtype:trojan-activity; sid:100003330; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.45.9.162"; classtype:trojan-activity; sid:100003331; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.45.92.139"; classtype:trojan-activity; sid:100003332; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.45.93.96"; classtype:trojan-activity; sid:100003333; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.45.94.136"; classtype:trojan-activity; sid:100003334; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.46.44.92"; classtype:trojan-activity; sid:100003335; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.47.123.13"; classtype:trojan-activity; sid:100003336; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.47.76.235"; classtype:trojan-activity; sid:100003337; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.47.77.96"; classtype:trojan-activity; sid:100003338; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.47.78.188"; classtype:trojan-activity; sid:100003339; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.5.18.47"; classtype:trojan-activity; sid:100003340; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.5.33.151"; classtype:trojan-activity; sid:100003341; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.5.42.52"; classtype:trojan-activity; sid:100003342; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.6.37.161"; classtype:trojan-activity; sid:100003343; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.6.43.233"; classtype:trojan-activity; sid:100003344; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.64.151.162"; classtype:trojan-activity; sid:100003345; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.64.157.86"; classtype:trojan-activity; sid:100003346; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.74.165.87"; classtype:trojan-activity; sid:100003347; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.77.250.194"; classtype:trojan-activity; sid:100003348; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"27.8.250.127"; classtype:trojan-activity; sid:100003349; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"2ndwind.co.kr"; classtype:trojan-activity; sid:100003350; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"31.11.51.54"; classtype:trojan-activity; sid:100003351; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"31.13.23.180"; classtype:trojan-activity; sid:100003352; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"31.132.167.195"; classtype:trojan-activity; sid:100003353; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"31.16.40.102"; classtype:trojan-activity; sid:100003354; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"31.163.146.129"; classtype:trojan-activity; sid:100003355; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"31.163.185.175"; classtype:trojan-activity; sid:100003356; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"31.168.104.102"; classtype:trojan-activity; sid:100003357; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"31.168.146.199"; classtype:trojan-activity; sid:100003358; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"31.168.16.68"; classtype:trojan-activity; sid:100003359; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"31.168.179.83"; classtype:trojan-activity; sid:100003360; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"31.168.184.59"; classtype:trojan-activity; sid:100003361; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"31.168.194.67"; classtype:trojan-activity; sid:100003362; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"31.168.216.132"; classtype:trojan-activity; sid:100003363; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"31.168.218.95"; classtype:trojan-activity; sid:100003364; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"31.168.220.58"; classtype:trojan-activity; sid:100003365; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"31.168.30.65"; classtype:trojan-activity; sid:100003366; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"31.168.60.234"; classtype:trojan-activity; sid:100003367; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"31.168.62.37"; classtype:trojan-activity; sid:100003368; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"31.168.63.146"; classtype:trojan-activity; sid:100003369; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"31.168.65.233"; classtype:trojan-activity; sid:100003370; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"31.168.72.224"; classtype:trojan-activity; sid:100003371; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"31.195.198.94"; classtype:trojan-activity; sid:100003372; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"31.210.182.56"; classtype:trojan-activity; sid:100003373; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"31.210.20.142"; classtype:trojan-activity; sid:100003374; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"35.131.161.166"; classtype:trojan-activity; sid:100003375; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"36.105.170.172"; classtype:trojan-activity; sid:100003376; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"36.110.4.26"; classtype:trojan-activity; sid:100003377; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"36.248.248.4"; classtype:trojan-activity; sid:100003378; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"36.251.140.199"; classtype:trojan-activity; sid:100003379; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"36.251.94.251"; classtype:trojan-activity; sid:100003380; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"36.26.135.114"; classtype:trojan-activity; sid:100003381; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"36.26.138.130"; classtype:trojan-activity; sid:100003382; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"36.32.166.80"; classtype:trojan-activity; sid:100003383; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"36.32.45.125"; classtype:trojan-activity; sid:100003384; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"36.33.133.67"; classtype:trojan-activity; sid:100003385; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"36.34.23.26"; classtype:trojan-activity; sid:100003386; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"36.35.161.21"; classtype:trojan-activity; sid:100003387; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"36.36.242.175"; classtype:trojan-activity; sid:100003388; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"36.36.50.193"; classtype:trojan-activity; sid:100003389; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"36.38.184.145"; classtype:trojan-activity; sid:100003390; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"36.66.105.159"; classtype:trojan-activity; sid:100003391; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"36.66.139.36"; classtype:trojan-activity; sid:100003392; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"36.89.18.133"; classtype:trojan-activity; sid:100003393; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"36.89.18.195"; classtype:trojan-activity; sid:100003394; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"360.lcy2zzx.pw"; classtype:trojan-activity; sid:100003395; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"360down7.miiyun.cn"; classtype:trojan-activity; sid:100003396; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"37.120.222.192"; classtype:trojan-activity; sid:100003397; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"37.142.32.162"; classtype:trojan-activity; sid:100003398; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"37.191.236.194"; classtype:trojan-activity; sid:100003399; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"37.193.26.66"; classtype:trojan-activity; sid:100003400; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"37.233.60.68"; classtype:trojan-activity; sid:100003401; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"37.34.179.221"; classtype:trojan-activity; sid:100003402; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"37.34.180.172"; classtype:trojan-activity; sid:100003403; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"37.54.14.36"; classtype:trojan-activity; sid:100003404; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"37.78.148.50"; classtype:trojan-activity; sid:100003405; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"39.107.141.48"; classtype:trojan-activity; sid:100003406; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"39.113.245.254"; classtype:trojan-activity; sid:100003407; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"39.65.102.141"; classtype:trojan-activity; sid:100003408; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"39.65.123.44"; classtype:trojan-activity; sid:100003409; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"39.66.111.9"; classtype:trojan-activity; sid:100003410; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"39.66.132.210"; classtype:trojan-activity; sid:100003411; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"39.66.165.156"; classtype:trojan-activity; sid:100003412; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"39.66.19.55"; classtype:trojan-activity; sid:100003413; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"39.66.80.12"; classtype:trojan-activity; sid:100003414; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"39.67.167.246"; classtype:trojan-activity; sid:100003415; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"39.67.57.76"; classtype:trojan-activity; sid:100003416; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"39.67.95.184"; classtype:trojan-activity; sid:100003417; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"39.68.123.46"; classtype:trojan-activity; sid:100003418; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"39.72.159.222"; classtype:trojan-activity; sid:100003419; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"39.72.164.40"; classtype:trojan-activity; sid:100003420; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"39.72.213.44"; classtype:trojan-activity; sid:100003421; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"39.72.69.123"; classtype:trojan-activity; sid:100003422; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"39.73.110.80"; classtype:trojan-activity; sid:100003423; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"39.73.19.229"; classtype:trojan-activity; sid:100003424; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"39.73.210.77"; classtype:trojan-activity; sid:100003425; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"39.73.44.62"; classtype:trojan-activity; sid:100003426; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"39.73.48.199"; classtype:trojan-activity; sid:100003427; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"39.74.11.105"; classtype:trojan-activity; sid:100003428; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"39.74.31.46"; classtype:trojan-activity; sid:100003429; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"39.74.72.191"; classtype:trojan-activity; sid:100003430; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"39.76.100.133"; classtype:trojan-activity; sid:100003431; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"39.76.32.241"; classtype:trojan-activity; sid:100003432; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"39.77.121.152"; classtype:trojan-activity; sid:100003433; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"39.77.136.66"; classtype:trojan-activity; sid:100003434; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"39.77.169.114"; classtype:trojan-activity; sid:100003435; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"39.77.194.154"; classtype:trojan-activity; sid:100003436; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"39.79.148.247"; classtype:trojan-activity; sid:100003437; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"39.79.167.25"; classtype:trojan-activity; sid:100003438; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"39.79.209.26"; classtype:trojan-activity; sid:100003439; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"39.80.105.210"; classtype:trojan-activity; sid:100003440; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"39.80.115.118"; classtype:trojan-activity; sid:100003441; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"39.80.117.160"; classtype:trojan-activity; sid:100003442; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"39.80.152.164"; classtype:trojan-activity; sid:100003443; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"39.80.153.128"; classtype:trojan-activity; sid:100003444; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"39.80.24.86"; classtype:trojan-activity; sid:100003445; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"39.81.118.218"; classtype:trojan-activity; sid:100003446; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"39.81.133.58"; classtype:trojan-activity; sid:100003447; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"39.81.183.168"; classtype:trojan-activity; sid:100003448; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"39.81.19.155"; classtype:trojan-activity; sid:100003449; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"39.81.197.121"; classtype:trojan-activity; sid:100003450; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"39.81.203.30"; classtype:trojan-activity; sid:100003451; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"39.81.224.167"; classtype:trojan-activity; sid:100003452; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"39.81.70.225"; classtype:trojan-activity; sid:100003453; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"39.81.81.114"; classtype:trojan-activity; sid:100003454; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"39.83.37.79"; classtype:trojan-activity; sid:100003455; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"39.83.83.84"; classtype:trojan-activity; sid:100003456; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"39.84.163.176"; classtype:trojan-activity; sid:100003457; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"39.85.129.71"; classtype:trojan-activity; sid:100003458; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"39.85.55.22"; classtype:trojan-activity; sid:100003459; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"39.86.22.50"; classtype:trojan-activity; sid:100003460; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"39.86.237.214"; classtype:trojan-activity; sid:100003461; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"39.86.239.212"; classtype:trojan-activity; sid:100003462; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"39.86.241.163"; classtype:trojan-activity; sid:100003463; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"39.86.25.160"; classtype:trojan-activity; sid:100003464; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"39.87.113.15"; classtype:trojan-activity; sid:100003465; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"39.87.174.119"; classtype:trojan-activity; sid:100003466; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"39.87.175.221"; classtype:trojan-activity; sid:100003467; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"39.87.230.247"; classtype:trojan-activity; sid:100003468; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"39.87.62.177"; classtype:trojan-activity; sid:100003469; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"39.87.81.20"; classtype:trojan-activity; sid:100003470; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"39.88.193.15"; classtype:trojan-activity; sid:100003471; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"39.88.226.9"; classtype:trojan-activity; sid:100003472; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"39.88.4.51"; classtype:trojan-activity; sid:100003473; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"39.88.5.202"; classtype:trojan-activity; sid:100003474; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"39.88.82.178"; classtype:trojan-activity; sid:100003475; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"39.88.85.153"; classtype:trojan-activity; sid:100003476; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"39.89.134.146"; classtype:trojan-activity; sid:100003477; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"39.89.149.66"; classtype:trojan-activity; sid:100003478; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"39.89.150.236"; classtype:trojan-activity; sid:100003479; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"39.89.31.250"; classtype:trojan-activity; sid:100003480; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"39.90.144.12"; classtype:trojan-activity; sid:100003481; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"39.90.146.206"; classtype:trojan-activity; sid:100003482; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"39.90.149.8"; classtype:trojan-activity; sid:100003483; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"39.90.150.116"; classtype:trojan-activity; sid:100003484; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"39.90.150.66"; classtype:trojan-activity; sid:100003485; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"39.90.178.233"; classtype:trojan-activity; sid:100003486; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"39.90.185.103"; classtype:trojan-activity; sid:100003487; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"39.90.185.253"; classtype:trojan-activity; sid:100003488; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"39.90.187.144"; classtype:trojan-activity; sid:100003489; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"3demon.biz"; classtype:trojan-activity; sid:100003490; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"40.76.9.118"; classtype:trojan-activity; sid:100003491; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"41.139.209.46"; classtype:trojan-activity; sid:100003492; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"41.165.130.43"; classtype:trojan-activity; sid:100003493; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"41.190.63.174"; classtype:trojan-activity; sid:100003494; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"41.211.100.137"; classtype:trojan-activity; sid:100003495; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"41.215.134.60"; classtype:trojan-activity; sid:100003496; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"41.215.244.66"; classtype:trojan-activity; sid:100003497; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"41.222.195.232"; classtype:trojan-activity; sid:100003498; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"41.230.17.135"; classtype:trojan-activity; sid:100003499; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"41.251.248.90"; classtype:trojan-activity; sid:100003500; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"41.32.225.220"; classtype:trojan-activity; sid:100003501; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"41.38.61.82"; classtype:trojan-activity; sid:100003502; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"41.72.203.82"; classtype:trojan-activity; sid:100003503; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"41.86.18.133"; classtype:trojan-activity; sid:100003504; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"41.86.18.148"; classtype:trojan-activity; sid:100003505; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"41.86.18.157"; classtype:trojan-activity; sid:100003506; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"41.86.19.100"; classtype:trojan-activity; sid:100003507; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"41.86.19.151"; classtype:trojan-activity; sid:100003508; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"41.86.19.70"; classtype:trojan-activity; sid:100003509; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"41.86.21.38"; classtype:trojan-activity; sid:100003510; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"41.86.21.62"; classtype:trojan-activity; sid:100003511; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"41.86.5.142"; classtype:trojan-activity; sid:100003512; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"41.86.5.151"; classtype:trojan-activity; sid:100003513; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"41.86.5.154"; classtype:trojan-activity; sid:100003514; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"41.86.5.164"; classtype:trojan-activity; sid:100003515; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.177.70.253"; classtype:trojan-activity; sid:100003516; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.178.178.52"; classtype:trojan-activity; sid:100003517; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.2.33.135"; classtype:trojan-activity; sid:100003518; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.202.100.101"; classtype:trojan-activity; sid:100003519; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.202.100.26"; classtype:trojan-activity; sid:100003520; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.202.101.69"; classtype:trojan-activity; sid:100003521; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.202.102.244"; classtype:trojan-activity; sid:100003522; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.224.1.30"; classtype:trojan-activity; sid:100003523; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.224.10.196"; classtype:trojan-activity; sid:100003524; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.224.118.24"; classtype:trojan-activity; sid:100003525; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.224.120.122"; classtype:trojan-activity; sid:100003526; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.224.120.59"; classtype:trojan-activity; sid:100003527; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.224.121.255"; classtype:trojan-activity; sid:100003528; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.224.136.106"; classtype:trojan-activity; sid:100003529; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.224.137.236"; classtype:trojan-activity; sid:100003530; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.224.155.241"; classtype:trojan-activity; sid:100003531; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.224.168.209"; classtype:trojan-activity; sid:100003532; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.224.170.205"; classtype:trojan-activity; sid:100003533; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.224.170.244"; classtype:trojan-activity; sid:100003534; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.224.172.19"; classtype:trojan-activity; sid:100003535; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.224.172.218"; classtype:trojan-activity; sid:100003536; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.224.172.27"; classtype:trojan-activity; sid:100003537; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.224.179.106"; classtype:trojan-activity; sid:100003538; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.224.180.176"; classtype:trojan-activity; sid:100003539; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.224.186.179"; classtype:trojan-activity; sid:100003540; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.224.210.15"; classtype:trojan-activity; sid:100003541; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.224.214.11"; classtype:trojan-activity; sid:100003542; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.224.253.181"; classtype:trojan-activity; sid:100003543; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.224.26.104"; classtype:trojan-activity; sid:100003544; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.224.46.143"; classtype:trojan-activity; sid:100003545; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.224.46.160"; classtype:trojan-activity; sid:100003546; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.224.5.45"; classtype:trojan-activity; sid:100003547; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.224.59.110"; classtype:trojan-activity; sid:100003548; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.224.62.247"; classtype:trojan-activity; sid:100003549; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.224.69.176"; classtype:trojan-activity; sid:100003550; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.224.69.190"; classtype:trojan-activity; sid:100003551; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.224.73.185"; classtype:trojan-activity; sid:100003552; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.224.81.245"; classtype:trojan-activity; sid:100003553; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.225.198.245"; classtype:trojan-activity; sid:100003554; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.225.205.129"; classtype:trojan-activity; sid:100003555; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.225.207.111"; classtype:trojan-activity; sid:100003556; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.225.21.48"; classtype:trojan-activity; sid:100003557; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.225.231.93"; classtype:trojan-activity; sid:100003558; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.225.240.197"; classtype:trojan-activity; sid:100003559; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.225.250.151"; classtype:trojan-activity; sid:100003560; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.225.29.126"; classtype:trojan-activity; sid:100003561; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.225.33.232"; classtype:trojan-activity; sid:100003562; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.226.88.116"; classtype:trojan-activity; sid:100003563; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.226.89.12"; classtype:trojan-activity; sid:100003564; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.227.126.158"; classtype:trojan-activity; sid:100003565; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.227.153.88"; classtype:trojan-activity; sid:100003566; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.227.157.104"; classtype:trojan-activity; sid:100003567; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.227.165.204"; classtype:trojan-activity; sid:100003568; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.227.237.6"; classtype:trojan-activity; sid:100003569; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.227.48.99"; classtype:trojan-activity; sid:100003570; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.227.69.208"; classtype:trojan-activity; sid:100003571; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.228.100.131"; classtype:trojan-activity; sid:100003572; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.228.125.136"; classtype:trojan-activity; sid:100003573; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.228.126.10"; classtype:trojan-activity; sid:100003574; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.228.232.201"; classtype:trojan-activity; sid:100003575; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.228.233.46"; classtype:trojan-activity; sid:100003576; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.228.238.216"; classtype:trojan-activity; sid:100003577; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.228.238.254"; classtype:trojan-activity; sid:100003578; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.228.244.66"; classtype:trojan-activity; sid:100003579; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.228.33.61"; classtype:trojan-activity; sid:100003580; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.228.38.191"; classtype:trojan-activity; sid:100003581; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.228.42.35"; classtype:trojan-activity; sid:100003582; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.228.43.5"; classtype:trojan-activity; sid:100003583; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.228.44.248"; classtype:trojan-activity; sid:100003584; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.228.47.144"; classtype:trojan-activity; sid:100003585; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.228.68.172"; classtype:trojan-activity; sid:100003586; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.228.75.133"; classtype:trojan-activity; sid:100003587; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.228.79.119"; classtype:trojan-activity; sid:100003588; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.229.185.129"; classtype:trojan-activity; sid:100003589; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.230.112.184"; classtype:trojan-activity; sid:100003590; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.230.120.65"; classtype:trojan-activity; sid:100003591; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.230.121.196"; classtype:trojan-activity; sid:100003592; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.230.124.147"; classtype:trojan-activity; sid:100003593; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.230.124.166"; classtype:trojan-activity; sid:100003594; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.230.124.73"; classtype:trojan-activity; sid:100003595; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.230.133.146"; classtype:trojan-activity; sid:100003596; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.230.171.94"; classtype:trojan-activity; sid:100003597; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.230.203.223"; classtype:trojan-activity; sid:100003598; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.230.213.126"; classtype:trojan-activity; sid:100003599; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.230.219.145"; classtype:trojan-activity; sid:100003600; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.230.228.73"; classtype:trojan-activity; sid:100003601; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.230.35.12"; classtype:trojan-activity; sid:100003602; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.230.37.117"; classtype:trojan-activity; sid:100003603; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.230.44.75"; classtype:trojan-activity; sid:100003604; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.230.44.94"; classtype:trojan-activity; sid:100003605; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.230.67.97"; classtype:trojan-activity; sid:100003606; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.230.89.231"; classtype:trojan-activity; sid:100003607; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.231.14.17"; classtype:trojan-activity; sid:100003608; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.231.204.138"; classtype:trojan-activity; sid:100003609; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.231.220.224"; classtype:trojan-activity; sid:100003610; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.231.223.70"; classtype:trojan-activity; sid:100003611; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.231.227.216"; classtype:trojan-activity; sid:100003612; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.231.245.13"; classtype:trojan-activity; sid:100003613; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.231.67.17"; classtype:trojan-activity; sid:100003614; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.231.71.201"; classtype:trojan-activity; sid:100003615; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.231.92.151"; classtype:trojan-activity; sid:100003616; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.232.115.20"; classtype:trojan-activity; sid:100003617; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.232.170.67"; classtype:trojan-activity; sid:100003618; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.232.235.229"; classtype:trojan-activity; sid:100003619; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.232.74.13"; classtype:trojan-activity; sid:100003620; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.233.116.84"; classtype:trojan-activity; sid:100003621; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.233.119.205"; classtype:trojan-activity; sid:100003622; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.233.119.82"; classtype:trojan-activity; sid:100003623; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.233.120.237"; classtype:trojan-activity; sid:100003624; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.233.121.125"; classtype:trojan-activity; sid:100003625; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.233.145.171"; classtype:trojan-activity; sid:100003626; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.233.234.234"; classtype:trojan-activity; sid:100003627; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.233.87.164"; classtype:trojan-activity; sid:100003628; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.234.109.123"; classtype:trojan-activity; sid:100003629; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.234.161.54"; classtype:trojan-activity; sid:100003630; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.234.161.90"; classtype:trojan-activity; sid:100003631; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.234.165.15"; classtype:trojan-activity; sid:100003632; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.234.178.201"; classtype:trojan-activity; sid:100003633; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.234.209.155"; classtype:trojan-activity; sid:100003634; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.234.232.225"; classtype:trojan-activity; sid:100003635; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.234.233.51"; classtype:trojan-activity; sid:100003636; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.234.233.56"; classtype:trojan-activity; sid:100003637; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.234.237.255"; classtype:trojan-activity; sid:100003638; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.234.249.215"; classtype:trojan-activity; sid:100003639; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.234.85.67"; classtype:trojan-activity; sid:100003640; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.235.119.224"; classtype:trojan-activity; sid:100003641; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.235.126.15"; classtype:trojan-activity; sid:100003642; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.235.162.252"; classtype:trojan-activity; sid:100003643; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.235.171.24"; classtype:trojan-activity; sid:100003644; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.235.173.61"; classtype:trojan-activity; sid:100003645; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.235.18.150"; classtype:trojan-activity; sid:100003646; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.235.180.150"; classtype:trojan-activity; sid:100003647; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.235.182.143"; classtype:trojan-activity; sid:100003648; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.235.182.157"; classtype:trojan-activity; sid:100003649; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.235.49.115"; classtype:trojan-activity; sid:100003650; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.235.51.81"; classtype:trojan-activity; sid:100003651; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.235.64.114"; classtype:trojan-activity; sid:100003652; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.235.8.107"; classtype:trojan-activity; sid:100003653; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.235.81.145"; classtype:trojan-activity; sid:100003654; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.235.86.170"; classtype:trojan-activity; sid:100003655; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.235.90.194"; classtype:trojan-activity; sid:100003656; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.235.91.173"; classtype:trojan-activity; sid:100003657; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.235.92.115"; classtype:trojan-activity; sid:100003658; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.236.137.86"; classtype:trojan-activity; sid:100003659; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.236.161.180"; classtype:trojan-activity; sid:100003660; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.236.213.112"; classtype:trojan-activity; sid:100003661; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.236.213.16"; classtype:trojan-activity; sid:100003662; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.236.213.195"; classtype:trojan-activity; sid:100003663; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.236.214.201"; classtype:trojan-activity; sid:100003664; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.236.215.145"; classtype:trojan-activity; sid:100003665; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.236.215.84"; classtype:trojan-activity; sid:100003666; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.236.220.218"; classtype:trojan-activity; sid:100003667; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.236.221.119"; classtype:trojan-activity; sid:100003668; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.236.223.131"; classtype:trojan-activity; sid:100003669; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.236.236.30"; classtype:trojan-activity; sid:100003670; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.236.238.139"; classtype:trojan-activity; sid:100003671; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.237.217.188"; classtype:trojan-activity; sid:100003672; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.237.50.187"; classtype:trojan-activity; sid:100003673; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.237.7.98"; classtype:trojan-activity; sid:100003674; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.237.85.227"; classtype:trojan-activity; sid:100003675; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.238.194.125"; classtype:trojan-activity; sid:100003676; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.238.195.117"; classtype:trojan-activity; sid:100003677; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.238.227.56"; classtype:trojan-activity; sid:100003678; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.238.242.119"; classtype:trojan-activity; sid:100003679; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.239.151.169"; classtype:trojan-activity; sid:100003680; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.239.213.131"; classtype:trojan-activity; sid:100003681; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.239.229.163"; classtype:trojan-activity; sid:100003682; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.239.236.45"; classtype:trojan-activity; sid:100003683; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.239.243.147"; classtype:trojan-activity; sid:100003684; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.239.39.182"; classtype:trojan-activity; sid:100003685; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.52.202.174"; classtype:trojan-activity; sid:100003686; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.53.227.105"; classtype:trojan-activity; sid:100003687; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.54.158.216"; classtype:trojan-activity; sid:100003688; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.54.233.159"; classtype:trojan-activity; sid:100003689; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.6.56.129"; classtype:trojan-activity; sid:100003690; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"42.84.35.243"; classtype:trojan-activity; sid:100003691; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"43.226.234.42"; classtype:trojan-activity; sid:100003692; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"43.241.106.183"; classtype:trojan-activity; sid:100003693; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"43.247.160.182"; classtype:trojan-activity; sid:100003694; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"43.251.73.110"; classtype:trojan-activity; sid:100003695; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"43.255.141.191"; classtype:trojan-activity; sid:100003696; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"43.255.241.176"; classtype:trojan-activity; sid:100003697; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"45.115.255.235"; classtype:trojan-activity; sid:100003698; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"45.115.255.236"; classtype:trojan-activity; sid:100003699; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"45.118.34.20"; classtype:trojan-activity; sid:100003700; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"45.134.225.20"; classtype:trojan-activity; sid:100003701; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"45.134.8.218"; classtype:trojan-activity; sid:100003702; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"45.144.225.57"; classtype:trojan-activity; sid:100003703; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"45.148.10.76"; classtype:trojan-activity; sid:100003704; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"45.182.47.169"; classtype:trojan-activity; sid:100003705; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"45.187.193.203"; classtype:trojan-activity; sid:100003706; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"45.187.193.211"; classtype:trojan-activity; sid:100003707; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"45.189.234.234"; classtype:trojan-activity; sid:100003708; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"45.190.46.60"; classtype:trojan-activity; sid:100003709; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"45.201.204.240"; classtype:trojan-activity; sid:100003710; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"45.22.209.58"; classtype:trojan-activity; sid:100003711; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"45.224.171.17"; classtype:trojan-activity; sid:100003712; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"45.224.171.187"; classtype:trojan-activity; sid:100003713; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"45.224.171.203"; classtype:trojan-activity; sid:100003714; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"45.224.171.45"; classtype:trojan-activity; sid:100003715; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"45.224.171.64"; classtype:trojan-activity; sid:100003716; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"45.224.171.73"; classtype:trojan-activity; sid:100003717; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"45.224.57.91"; classtype:trojan-activity; sid:100003718; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"45.231.209.188"; classtype:trojan-activity; sid:100003719; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"45.231.209.229"; classtype:trojan-activity; sid:100003720; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"45.231.210.228"; classtype:trojan-activity; sid:100003721; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"45.232.73.46"; classtype:trojan-activity; sid:100003722; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"45.232.73.56"; classtype:trojan-activity; sid:100003723; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"45.233.226.15"; classtype:trojan-activity; sid:100003724; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"45.248.65.2"; classtype:trojan-activity; sid:100003725; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"45.27.253.137"; classtype:trojan-activity; sid:100003726; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"45.5.209.188"; classtype:trojan-activity; sid:100003727; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"45.51.104.59"; classtype:trojan-activity; sid:100003728; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"45.6.25.241"; classtype:trojan-activity; sid:100003729; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"45.6.27.125"; classtype:trojan-activity; sid:100003730; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"45.6.27.127"; classtype:trojan-activity; sid:100003731; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"45.65.222.222"; classtype:trojan-activity; sid:100003732; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"45.9.20.238"; classtype:trojan-activity; sid:100003733; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"45.9.20.240"; classtype:trojan-activity; sid:100003734; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"45.90.162.23"; classtype:trojan-activity; sid:100003735; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"46.100.107.142"; classtype:trojan-activity; sid:100003736; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"46.107.206.141"; classtype:trojan-activity; sid:100003737; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"46.139.27.132"; classtype:trojan-activity; sid:100003738; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"46.172.75.231"; classtype:trojan-activity; sid:100003739; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"46.175.22.54"; classtype:trojan-activity; sid:100003740; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"46.20.63.218"; classtype:trojan-activity; sid:100003741; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"46.200.228.188"; classtype:trojan-activity; sid:100003742; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"46.214.27.4"; classtype:trojan-activity; sid:100003743; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"46.214.37.242"; classtype:trojan-activity; sid:100003744; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"46.23.199.41"; classtype:trojan-activity; sid:100003745; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"46.236.65.108"; classtype:trojan-activity; sid:100003746; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"46.24.130.254"; classtype:trojan-activity; sid:100003747; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"46.241.120.165"; classtype:trojan-activity; sid:100003748; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"46.249.32.109"; classtype:trojan-activity; sid:100003749; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"46.36.74.43"; classtype:trojan-activity; sid:100003750; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"46.41.103.95"; classtype:trojan-activity; sid:100003751; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"46.47.80.41"; classtype:trojan-activity; sid:100003752; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"46.97.21.162"; classtype:trojan-activity; sid:100003753; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"47.145.144.219"; classtype:trojan-activity; sid:100003754; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"47.145.152.26"; classtype:trojan-activity; sid:100003755; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"47.148.133.227"; classtype:trojan-activity; sid:100003756; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"47.148.46.57"; classtype:trojan-activity; sid:100003757; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"47.151.7.143"; classtype:trojan-activity; sid:100003758; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"47.180.188.158"; classtype:trojan-activity; sid:100003759; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"47.199.199.17"; classtype:trojan-activity; sid:100003760; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"47.200.1.26"; classtype:trojan-activity; sid:100003761; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"47.203.68.174"; classtype:trojan-activity; sid:100003762; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"47.21.19.222"; classtype:trojan-activity; sid:100003763; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"47.22.159.114"; classtype:trojan-activity; sid:100003764; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"47.227.122.43"; classtype:trojan-activity; sid:100003765; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"47.46.231.38"; classtype:trojan-activity; sid:100003766; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"47.62.139.206"; classtype:trojan-activity; sid:100003767; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"49.112.90.164"; classtype:trojan-activity; sid:100003768; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"49.142.240.85"; classtype:trojan-activity; sid:100003769; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"49.143.32.36"; classtype:trojan-activity; sid:100003770; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"49.143.43.93"; classtype:trojan-activity; sid:100003771; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"49.156.35.166"; classtype:trojan-activity; sid:100003772; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"49.158.112.149"; classtype:trojan-activity; sid:100003773; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"49.158.201.200"; classtype:trojan-activity; sid:100003774; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"49.158.202.113"; classtype:trojan-activity; sid:100003775; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"49.158.206.47"; classtype:trojan-activity; sid:100003776; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"49.158.44.191"; classtype:trojan-activity; sid:100003777; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"49.159.20.121"; classtype:trojan-activity; sid:100003778; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"49.159.21.171"; classtype:trojan-activity; sid:100003779; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"49.159.21.3"; classtype:trojan-activity; sid:100003780; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"49.159.92.189"; classtype:trojan-activity; sid:100003781; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"49.213.164.114"; classtype:trojan-activity; sid:100003782; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"49.213.179.129"; classtype:trojan-activity; sid:100003783; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"49.213.212.154"; classtype:trojan-activity; sid:100003784; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"49.213.232.24"; classtype:trojan-activity; sid:100003785; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"49.68.162.174"; classtype:trojan-activity; sid:100003786; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"49.68.24.253"; classtype:trojan-activity; sid:100003787; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"49.68.246.151"; classtype:trojan-activity; sid:100003788; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"49.70.125.16"; classtype:trojan-activity; sid:100003789; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"49.70.171.62"; classtype:trojan-activity; sid:100003790; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"49.70.20.57"; classtype:trojan-activity; sid:100003791; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"49.72.130.239"; classtype:trojan-activity; sid:100003792; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"49.79.163.163"; classtype:trojan-activity; sid:100003793; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"49.81.102.248"; classtype:trojan-activity; sid:100003794; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"49.81.179.39"; classtype:trojan-activity; sid:100003795; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"49.83.53.230"; classtype:trojan-activity; sid:100003796; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"49.86.33.192"; classtype:trojan-activity; sid:100003797; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"49.87.25.199"; classtype:trojan-activity; sid:100003798; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"49.87.27.82"; classtype:trojan-activity; sid:100003799; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"4mytag.com"; classtype:trojan-activity; sid:100003800; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"5.133.65.53"; classtype:trojan-activity; sid:100003801; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"5.140.164.58"; classtype:trojan-activity; sid:100003802; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"5.141.106.185"; classtype:trojan-activity; sid:100003803; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"5.141.106.217"; classtype:trojan-activity; sid:100003804; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"5.141.106.226"; classtype:trojan-activity; sid:100003805; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"5.185.124.242"; classtype:trojan-activity; sid:100003806; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"5.28.139.28"; classtype:trojan-activity; sid:100003807; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"5.28.140.186"; classtype:trojan-activity; sid:100003808; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"5.34.178.68"; classtype:trojan-activity; sid:100003809; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"5.38.218.23"; classtype:trojan-activity; sid:100003810; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"5.59.177.121"; classtype:trojan-activity; sid:100003811; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"5.59.177.63"; classtype:trojan-activity; sid:100003812; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"5.8.110.188"; classtype:trojan-activity; sid:100003813; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"50.192.171.85"; classtype:trojan-activity; sid:100003814; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"50.194.110.19"; classtype:trojan-activity; sid:100003815; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"50.209.208.17"; classtype:trojan-activity; sid:100003816; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"50.212.94.242"; classtype:trojan-activity; sid:100003817; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"50.218.62.172"; classtype:trojan-activity; sid:100003818; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"50.226.94.6"; classtype:trojan-activity; sid:100003819; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"50.245.199.220"; classtype:trojan-activity; sid:100003820; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"50.247.83.66"; classtype:trojan-activity; sid:100003821; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"50.250.81.38"; classtype:trojan-activity; sid:100003822; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"50.251.250.50"; classtype:trojan-activity; sid:100003823; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"50.88.53.62"; classtype:trojan-activity; sid:100003824; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"51.19.146.200"; classtype:trojan-activity; sid:100003825; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"51.195.61.169"; classtype:trojan-activity; sid:100003826; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"51.250.28.5"; classtype:trojan-activity; sid:100003827; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"51.81.84.178"; classtype:trojan-activity; sid:100003828; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.115.160.110"; classtype:trojan-activity; sid:100003829; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.115.160.149"; classtype:trojan-activity; sid:100003830; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.115.161.155"; classtype:trojan-activity; sid:100003831; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.115.161.70"; classtype:trojan-activity; sid:100003832; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.115.162.92"; classtype:trojan-activity; sid:100003833; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.115.174.4"; classtype:trojan-activity; sid:100003834; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.142.166.120"; classtype:trojan-activity; sid:100003835; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.142.200.124"; classtype:trojan-activity; sid:100003836; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.142.96.245"; classtype:trojan-activity; sid:100003837; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.147.182.213"; classtype:trojan-activity; sid:100003838; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.153.182.115"; classtype:trojan-activity; sid:100003839; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.19.15.201"; classtype:trojan-activity; sid:100003840; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.19.212.121"; classtype:trojan-activity; sid:100003841; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.209.202.39"; classtype:trojan-activity; sid:100003842; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.23.25.160"; classtype:trojan-activity; sid:100003843; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.230.89.42"; classtype:trojan-activity; sid:100003844; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.240.126.52"; classtype:trojan-activity; sid:100003845; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.241.126.35"; classtype:trojan-activity; sid:100003846; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.241.53.11"; classtype:trojan-activity; sid:100003847; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.241.58.112"; classtype:trojan-activity; sid:100003848; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.242.173.84"; classtype:trojan-activity; sid:100003849; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.243.20.89"; classtype:trojan-activity; sid:100003850; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.243.212.135"; classtype:trojan-activity; sid:100003851; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.248.112.94"; classtype:trojan-activity; sid:100003852; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.248.116.9"; classtype:trojan-activity; sid:100003853; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.248.118.176"; classtype:trojan-activity; sid:100003854; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.248.119.52"; classtype:trojan-activity; sid:100003855; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.248.140.136"; classtype:trojan-activity; sid:100003856; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.248.140.8"; classtype:trojan-activity; sid:100003857; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.248.141.29"; classtype:trojan-activity; sid:100003858; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.248.141.61"; classtype:trojan-activity; sid:100003859; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.248.142.130"; classtype:trojan-activity; sid:100003860; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.248.143.42"; classtype:trojan-activity; sid:100003861; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.248.146.171"; classtype:trojan-activity; sid:100003862; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.248.147.190"; classtype:trojan-activity; sid:100003863; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.248.147.85"; classtype:trojan-activity; sid:100003864; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.248.149.247"; classtype:trojan-activity; sid:100003865; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.248.150.205"; classtype:trojan-activity; sid:100003866; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.248.150.37"; classtype:trojan-activity; sid:100003867; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.248.151.3"; classtype:trojan-activity; sid:100003868; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.248.73.187"; classtype:trojan-activity; sid:100003869; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.248.84.80"; classtype:trojan-activity; sid:100003870; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.249.14.53"; classtype:trojan-activity; sid:100003871; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.249.16.41"; classtype:trojan-activity; sid:100003872; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.249.18.185"; classtype:trojan-activity; sid:100003873; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.249.19.52"; classtype:trojan-activity; sid:100003874; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.249.72.120"; classtype:trojan-activity; sid:100003875; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.249.72.162"; classtype:trojan-activity; sid:100003876; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.249.73.136"; classtype:trojan-activity; sid:100003877; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.249.74.112"; classtype:trojan-activity; sid:100003878; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.249.74.119"; classtype:trojan-activity; sid:100003879; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.249.74.57"; classtype:trojan-activity; sid:100003880; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.249.77.102"; classtype:trojan-activity; sid:100003881; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.249.77.197"; classtype:trojan-activity; sid:100003882; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.249.77.74"; classtype:trojan-activity; sid:100003883; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.249.79.161"; classtype:trojan-activity; sid:100003884; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.249.8.172"; classtype:trojan-activity; sid:100003885; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.249.80.16"; classtype:trojan-activity; sid:100003886; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.249.80.162"; classtype:trojan-activity; sid:100003887; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.249.80.177"; classtype:trojan-activity; sid:100003888; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.249.80.188"; classtype:trojan-activity; sid:100003889; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.249.80.198"; classtype:trojan-activity; sid:100003890; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.249.80.40"; classtype:trojan-activity; sid:100003891; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.249.81.100"; classtype:trojan-activity; sid:100003892; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.249.81.118"; classtype:trojan-activity; sid:100003893; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.249.81.62"; classtype:trojan-activity; sid:100003894; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.249.82.169"; classtype:trojan-activity; sid:100003895; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.249.82.54"; classtype:trojan-activity; sid:100003896; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.249.83.209"; classtype:trojan-activity; sid:100003897; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.249.83.49"; classtype:trojan-activity; sid:100003898; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.249.84.249"; classtype:trojan-activity; sid:100003899; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.249.85.112"; classtype:trojan-activity; sid:100003900; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.249.85.176"; classtype:trojan-activity; sid:100003901; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.249.85.2"; classtype:trojan-activity; sid:100003902; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.249.85.4"; classtype:trojan-activity; sid:100003903; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.249.86.115"; classtype:trojan-activity; sid:100003904; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.249.86.170"; classtype:trojan-activity; sid:100003905; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.249.86.180"; classtype:trojan-activity; sid:100003906; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.249.86.42"; classtype:trojan-activity; sid:100003907; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.249.88.198"; classtype:trojan-activity; sid:100003908; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.249.88.72"; classtype:trojan-activity; sid:100003909; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.249.89.53"; classtype:trojan-activity; sid:100003910; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.249.9.187"; classtype:trojan-activity; sid:100003911; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.249.9.223"; classtype:trojan-activity; sid:100003912; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.249.9.226"; classtype:trojan-activity; sid:100003913; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.249.90.128"; classtype:trojan-activity; sid:100003914; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.252.162.210"; classtype:trojan-activity; sid:100003915; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.252.165.126"; classtype:trojan-activity; sid:100003916; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.252.175.159"; classtype:trojan-activity; sid:100003917; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.252.177.60"; classtype:trojan-activity; sid:100003918; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.252.177.64"; classtype:trojan-activity; sid:100003919; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.252.181.134"; classtype:trojan-activity; sid:100003920; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.252.197.241"; classtype:trojan-activity; sid:100003921; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.252.197.63"; classtype:trojan-activity; sid:100003922; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.252.202.70"; classtype:trojan-activity; sid:100003923; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.253.10.218"; classtype:trojan-activity; sid:100003924; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.253.11.21"; classtype:trojan-activity; sid:100003925; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.253.11.72"; classtype:trojan-activity; sid:100003926; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.253.12.76"; classtype:trojan-activity; sid:100003927; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.253.13.25"; classtype:trojan-activity; sid:100003928; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.253.13.44"; classtype:trojan-activity; sid:100003929; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.253.14.12"; classtype:trojan-activity; sid:100003930; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.253.14.35"; classtype:trojan-activity; sid:100003931; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.253.4.183"; classtype:trojan-activity; sid:100003932; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.253.6.233"; classtype:trojan-activity; sid:100003933; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.253.7.182"; classtype:trojan-activity; sid:100003934; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.253.8.93"; classtype:trojan-activity; sid:100003935; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.253.9.193"; classtype:trojan-activity; sid:100003936; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.255.12.229"; classtype:trojan-activity; sid:100003937; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.255.13.10"; classtype:trojan-activity; sid:100003938; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.255.133.163"; classtype:trojan-activity; sid:100003939; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.255.136.173"; classtype:trojan-activity; sid:100003940; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.255.142.48"; classtype:trojan-activity; sid:100003941; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.255.143.197"; classtype:trojan-activity; sid:100003942; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.255.15.123"; classtype:trojan-activity; sid:100003943; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.255.19.65"; classtype:trojan-activity; sid:100003944; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.255.205.204"; classtype:trojan-activity; sid:100003945; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.255.205.238"; classtype:trojan-activity; sid:100003946; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.255.208.14"; classtype:trojan-activity; sid:100003947; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.255.209.173"; classtype:trojan-activity; sid:100003948; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.255.211.23"; classtype:trojan-activity; sid:100003949; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.255.212.93"; classtype:trojan-activity; sid:100003950; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.255.217.134"; classtype:trojan-activity; sid:100003951; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.46.196.26"; classtype:trojan-activity; sid:100003952; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.50.218.204"; classtype:trojan-activity; sid:100003953; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.50.221.96"; classtype:trojan-activity; sid:100003954; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.53.69.157"; classtype:trojan-activity; sid:100003955; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.58.14.132"; classtype:trojan-activity; sid:100003956; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.58.41.106"; classtype:trojan-activity; sid:100003957; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.71.214.90"; classtype:trojan-activity; sid:100003958; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.71.218.109"; classtype:trojan-activity; sid:100003959; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.72.165.153"; classtype:trojan-activity; sid:100003960; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"58.72.165.39"; classtype:trojan-activity; sid:100003961; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"59.0.158.67"; classtype:trojan-activity; sid:100003962; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"59.1.115.162"; classtype:trojan-activity; sid:100003963; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"59.1.251.12"; classtype:trojan-activity; sid:100003964; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"59.127.146.126"; classtype:trojan-activity; sid:100003965; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"59.13.78.186"; classtype:trojan-activity; sid:100003966; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"59.15.78.225"; classtype:trojan-activity; sid:100003967; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"59.151.214.13"; classtype:trojan-activity; sid:100003968; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"59.172.90.91"; classtype:trojan-activity; sid:100003969; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"59.174.94.250"; classtype:trojan-activity; sid:100003970; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"59.175.125.12"; classtype:trojan-activity; sid:100003971; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"59.23.165.145"; classtype:trojan-activity; sid:100003972; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"59.23.218.91"; classtype:trojan-activity; sid:100003973; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"59.24.221.222"; classtype:trojan-activity; sid:100003974; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"59.27.255.101"; classtype:trojan-activity; sid:100003975; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"59.3.30.251"; classtype:trojan-activity; sid:100003976; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"59.30.127.140"; classtype:trojan-activity; sid:100003977; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"59.31.130.205"; classtype:trojan-activity; sid:100003978; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"59.32.97.7"; classtype:trojan-activity; sid:100003979; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"59.42.63.227"; classtype:trojan-activity; sid:100003980; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"59.47.167.251"; classtype:trojan-activity; sid:100003981; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"59.50.125.33"; classtype:trojan-activity; sid:100003982; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"59.58.116.134"; classtype:trojan-activity; sid:100003983; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"59.58.116.254"; classtype:trojan-activity; sid:100003984; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"59.58.150.218"; classtype:trojan-activity; sid:100003985; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"59.60.108.25"; classtype:trojan-activity; sid:100003986; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"59.7.240.168"; classtype:trojan-activity; sid:100003987; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"59.8.56.67"; classtype:trojan-activity; sid:100003988; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"59.89.213.105"; classtype:trojan-activity; sid:100003989; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"59.92.46.221"; classtype:trojan-activity; sid:100003990; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"59.93.16.66"; classtype:trojan-activity; sid:100003991; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"59.93.18.24"; classtype:trojan-activity; sid:100003992; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"59.93.24.202"; classtype:trojan-activity; sid:100003993; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"59.94.131.212"; classtype:trojan-activity; sid:100003994; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"59.94.132.120"; classtype:trojan-activity; sid:100003995; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"59.94.134.81"; classtype:trojan-activity; sid:100003996; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"59.94.135.173"; classtype:trojan-activity; sid:100003997; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"59.94.182.35"; classtype:trojan-activity; sid:100003998; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"59.94.195.228"; classtype:trojan-activity; sid:100003999; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"59.94.195.68"; classtype:trojan-activity; sid:100004000; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"59.94.200.164"; classtype:trojan-activity; sid:100004001; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"59.94.204.205"; classtype:trojan-activity; sid:100004002; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"59.95.65.38"; classtype:trojan-activity; sid:100004003; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"59.95.66.215"; classtype:trojan-activity; sid:100004004; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"59.95.73.126"; classtype:trojan-activity; sid:100004005; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"59.95.74.76"; classtype:trojan-activity; sid:100004006; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"59.95.75.171"; classtype:trojan-activity; sid:100004007; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"59.95.77.187"; classtype:trojan-activity; sid:100004008; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"59.95.78.156"; classtype:trojan-activity; sid:100004009; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"59.95.79.245"; classtype:trojan-activity; sid:100004010; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"59.96.24.117"; classtype:trojan-activity; sid:100004011; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"59.96.26.190"; classtype:trojan-activity; sid:100004012; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"59.96.28.132"; classtype:trojan-activity; sid:100004013; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"59.96.29.12"; classtype:trojan-activity; sid:100004014; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"59.96.45.166"; classtype:trojan-activity; sid:100004015; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"59.99.129.57"; classtype:trojan-activity; sid:100004016; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"59.99.130.37"; classtype:trojan-activity; sid:100004017; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"59.99.132.104"; classtype:trojan-activity; sid:100004018; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"59.99.136.45"; classtype:trojan-activity; sid:100004019; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"59.99.137.231"; classtype:trojan-activity; sid:100004020; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"59.99.140.184"; classtype:trojan-activity; sid:100004021; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"59.99.156.199"; classtype:trojan-activity; sid:100004022; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"59.99.204.236"; classtype:trojan-activity; sid:100004023; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"59.99.46.173"; classtype:trojan-activity; sid:100004024; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"59.99.47.3"; classtype:trojan-activity; sid:100004025; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"5buckshop.ml"; classtype:trojan-activity; sid:100004026; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"5ycode.com"; classtype:trojan-activity; sid:100004027; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"60.0.229.69"; classtype:trojan-activity; sid:100004028; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"60.13.60.205"; classtype:trojan-activity; sid:100004029; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"60.13.81.247"; classtype:trojan-activity; sid:100004030; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"60.16.249.185"; classtype:trojan-activity; sid:100004031; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"60.162.114.127"; classtype:trojan-activity; sid:100004032; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"60.162.116.141"; classtype:trojan-activity; sid:100004033; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"60.162.18.198"; classtype:trojan-activity; sid:100004034; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"60.162.182.185"; classtype:trojan-activity; sid:100004035; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"60.162.187.94"; classtype:trojan-activity; sid:100004036; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"60.162.194.215"; classtype:trojan-activity; sid:100004037; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"60.162.222.0"; classtype:trojan-activity; sid:100004038; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"60.177.174.211"; classtype:trojan-activity; sid:100004039; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"60.177.98.172"; classtype:trojan-activity; sid:100004040; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"60.178.224.76"; classtype:trojan-activity; sid:100004041; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"60.179.218.166"; classtype:trojan-activity; sid:100004042; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"60.185.142.181"; classtype:trojan-activity; sid:100004043; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"60.185.50.163"; classtype:trojan-activity; sid:100004044; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"60.189.25.22"; classtype:trojan-activity; sid:100004045; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"60.19.145.65"; classtype:trojan-activity; sid:100004046; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"60.209.173.213"; classtype:trojan-activity; sid:100004047; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"60.209.211.16"; classtype:trojan-activity; sid:100004048; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"60.21.22.159"; classtype:trojan-activity; sid:100004049; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"60.211.10.73"; classtype:trojan-activity; sid:100004050; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"60.211.5.164"; classtype:trojan-activity; sid:100004051; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"60.211.65.17"; classtype:trojan-activity; sid:100004052; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"60.212.158.108"; classtype:trojan-activity; sid:100004053; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"60.212.227.6"; classtype:trojan-activity; sid:100004054; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"60.212.27.124"; classtype:trojan-activity; sid:100004055; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"60.212.64.203"; classtype:trojan-activity; sid:100004056; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"60.212.65.8"; classtype:trojan-activity; sid:100004057; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"60.213.105.98"; classtype:trojan-activity; sid:100004058; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"60.213.236.199"; classtype:trojan-activity; sid:100004059; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"60.214.55.5"; classtype:trojan-activity; sid:100004060; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"60.214.81.140"; classtype:trojan-activity; sid:100004061; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"60.215.14.244"; classtype:trojan-activity; sid:100004062; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"60.215.161.206"; classtype:trojan-activity; sid:100004063; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"60.215.162.12"; classtype:trojan-activity; sid:100004064; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"60.215.188.169"; classtype:trojan-activity; sid:100004065; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"60.215.191.217"; classtype:trojan-activity; sid:100004066; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"60.215.198.35"; classtype:trojan-activity; sid:100004067; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"60.215.221.190"; classtype:trojan-activity; sid:100004068; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"60.217.176.141"; classtype:trojan-activity; sid:100004069; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"60.217.191.107"; classtype:trojan-activity; sid:100004070; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"60.223.84.66"; classtype:trojan-activity; sid:100004071; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"60.223.92.59"; classtype:trojan-activity; sid:100004072; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"60.24.71.65"; classtype:trojan-activity; sid:100004073; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"60.246.107.0"; classtype:trojan-activity; sid:100004074; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"60.7.131.214"; classtype:trojan-activity; sid:100004075; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"60.7.181.121"; classtype:trojan-activity; sid:100004076; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"60.7.208.17"; classtype:trojan-activity; sid:100004077; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"60.9.156.233"; classtype:trojan-activity; sid:100004078; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"60.9.191.212"; classtype:trojan-activity; sid:100004079; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"61.136.89.241"; classtype:trojan-activity; sid:100004080; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"61.137.150.253"; classtype:trojan-activity; sid:100004081; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"61.141.112.95"; classtype:trojan-activity; sid:100004082; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"61.153.168.18"; classtype:trojan-activity; sid:100004083; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"61.162.171.196"; classtype:trojan-activity; sid:100004084; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"61.162.182.160"; classtype:trojan-activity; sid:100004085; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"61.163.12.87"; classtype:trojan-activity; sid:100004086; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"61.163.137.32"; classtype:trojan-activity; sid:100004087; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"61.163.142.205"; classtype:trojan-activity; sid:100004088; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"61.163.144.165"; classtype:trojan-activity; sid:100004089; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"61.163.146.1"; classtype:trojan-activity; sid:100004090; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"61.163.159.231"; classtype:trojan-activity; sid:100004091; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"61.168.141.239"; classtype:trojan-activity; sid:100004092; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"61.241.198.32"; classtype:trojan-activity; sid:100004093; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"61.247.183.18"; classtype:trojan-activity; sid:100004094; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"61.3.155.157"; classtype:trojan-activity; sid:100004095; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"61.3.187.16"; classtype:trojan-activity; sid:100004096; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"61.3.189.213"; classtype:trojan-activity; sid:100004097; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"61.3.190.103"; classtype:trojan-activity; sid:100004098; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"61.3.191.166"; classtype:trojan-activity; sid:100004099; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"61.41.230.161"; classtype:trojan-activity; sid:100004100; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"61.51.143.179"; classtype:trojan-activity; sid:100004101; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"61.52.10.251"; classtype:trojan-activity; sid:100004102; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"61.52.10.45"; classtype:trojan-activity; sid:100004103; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"61.52.100.114"; classtype:trojan-activity; sid:100004104; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"61.52.102.166"; classtype:trojan-activity; sid:100004105; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"61.52.103.70"; classtype:trojan-activity; sid:100004106; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"61.52.103.71"; classtype:trojan-activity; sid:100004107; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"61.52.11.8"; classtype:trojan-activity; sid:100004108; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"61.52.128.204"; classtype:trojan-activity; sid:100004109; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"61.52.132.226"; classtype:trojan-activity; sid:100004110; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"61.52.137.25"; classtype:trojan-activity; sid:100004111; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"61.52.156.124"; classtype:trojan-activity; sid:100004112; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"61.52.156.214"; classtype:trojan-activity; sid:100004113; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"61.52.158.216"; classtype:trojan-activity; sid:100004114; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"61.52.159.246"; classtype:trojan-activity; sid:100004115; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"61.52.178.121"; classtype:trojan-activity; sid:100004116; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"61.52.180.157"; classtype:trojan-activity; sid:100004117; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"61.52.183.99"; classtype:trojan-activity; sid:100004118; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"61.52.194.37"; classtype:trojan-activity; sid:100004119; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"61.52.199.110"; classtype:trojan-activity; sid:100004120; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"61.52.204.65"; classtype:trojan-activity; sid:100004121; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"61.52.208.115"; classtype:trojan-activity; sid:100004122; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"61.52.228.74"; classtype:trojan-activity; sid:100004123; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"61.52.30.225"; classtype:trojan-activity; sid:100004124; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"61.52.33.189"; classtype:trojan-activity; sid:100004125; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"61.52.34.146"; classtype:trojan-activity; sid:100004126; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"61.52.34.199"; classtype:trojan-activity; sid:100004127; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"61.52.36.39"; classtype:trojan-activity; sid:100004128; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"61.52.37.219"; classtype:trojan-activity; sid:100004129; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"61.52.38.16"; classtype:trojan-activity; sid:100004130; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"61.52.40.197"; classtype:trojan-activity; sid:100004131; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"61.52.58.2"; classtype:trojan-activity; sid:100004132; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"61.52.73.89"; classtype:trojan-activity; sid:100004133; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"61.52.78.29"; classtype:trojan-activity; sid:100004134; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"61.52.80.212"; classtype:trojan-activity; sid:100004135; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"61.52.84.69"; classtype:trojan-activity; sid:100004136; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"61.52.87.53"; classtype:trojan-activity; sid:100004137; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"61.52.96.123"; classtype:trojan-activity; sid:100004138; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"61.53.119.80"; classtype:trojan-activity; sid:100004139; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"61.53.127.135"; classtype:trojan-activity; sid:100004140; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"61.53.138.168"; classtype:trojan-activity; sid:100004141; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"61.53.147.70"; classtype:trojan-activity; sid:100004142; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"61.53.15.154"; classtype:trojan-activity; sid:100004143; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"61.53.18.130"; classtype:trojan-activity; sid:100004144; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"61.53.199.80"; classtype:trojan-activity; sid:100004145; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"61.53.248.117"; classtype:trojan-activity; sid:100004146; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"61.53.32.78"; classtype:trojan-activity; sid:100004147; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"61.53.37.150"; classtype:trojan-activity; sid:100004148; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"61.53.44.112"; classtype:trojan-activity; sid:100004149; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"61.53.45.3"; classtype:trojan-activity; sid:100004150; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"61.53.54.80"; classtype:trojan-activity; sid:100004151; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"61.53.58.31"; classtype:trojan-activity; sid:100004152; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"61.53.59.24"; classtype:trojan-activity; sid:100004153; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"61.53.73.9"; classtype:trojan-activity; sid:100004154; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"61.53.83.230"; classtype:trojan-activity; sid:100004155; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"61.53.85.216"; classtype:trojan-activity; sid:100004156; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"61.53.87.147"; classtype:trojan-activity; sid:100004157; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"61.53.87.197"; classtype:trojan-activity; sid:100004158; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"61.53.88.1"; classtype:trojan-activity; sid:100004159; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"61.53.89.140"; classtype:trojan-activity; sid:100004160; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"61.53.91.48"; classtype:trojan-activity; sid:100004161; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"61.53.92.129"; classtype:trojan-activity; sid:100004162; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"61.54.180.215"; classtype:trojan-activity; sid:100004163; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"61.54.218.46"; classtype:trojan-activity; sid:100004164; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"61.54.223.33"; classtype:trojan-activity; sid:100004165; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"61.54.234.49"; classtype:trojan-activity; sid:100004166; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"61.54.42.21"; classtype:trojan-activity; sid:100004167; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"61.54.42.220"; classtype:trojan-activity; sid:100004168; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"61.54.42.26"; classtype:trojan-activity; sid:100004169; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"61.54.62.130"; classtype:trojan-activity; sid:100004170; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"61.54.69.37"; classtype:trojan-activity; sid:100004171; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"61.54.71.254"; classtype:trojan-activity; sid:100004172; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"61.54.76.70"; classtype:trojan-activity; sid:100004173; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"61.56.150.9"; classtype:trojan-activity; sid:100004174; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"61.56.180.67"; classtype:trojan-activity; sid:100004175; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"61.58.165.59"; classtype:trojan-activity; sid:100004176; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"61.58.172.244"; classtype:trojan-activity; sid:100004177; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"61.58.73.220"; classtype:trojan-activity; sid:100004178; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"61.61.218.23"; classtype:trojan-activity; sid:100004179; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"61.63.246.140"; classtype:trojan-activity; sid:100004180; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"61.70.0.22"; classtype:trojan-activity; sid:100004181; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"61.70.132.195"; classtype:trojan-activity; sid:100004182; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"61.70.133.75"; classtype:trojan-activity; sid:100004183; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"61.70.155.27"; classtype:trojan-activity; sid:100004184; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"61.70.247.150"; classtype:trojan-activity; sid:100004185; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"61.70.255.230"; classtype:trojan-activity; sid:100004186; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"61.70.45.130"; classtype:trojan-activity; sid:100004187; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"61.70.67.139"; classtype:trojan-activity; sid:100004188; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"61.70.69.15"; classtype:trojan-activity; sid:100004189; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"61.70.69.173"; classtype:trojan-activity; sid:100004190; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"61.75.36.225"; classtype:trojan-activity; sid:100004191; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"61.84.250.145"; classtype:trojan-activity; sid:100004192; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"61.85.133.73"; classtype:trojan-activity; sid:100004193; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"61.85.171.104"; classtype:trojan-activity; sid:100004194; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"62.141.73.58"; classtype:trojan-activity; sid:100004195; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"62.16.59.64"; classtype:trojan-activity; sid:100004196; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"62.219.131.205"; classtype:trojan-activity; sid:100004197; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"62.219.138.150"; classtype:trojan-activity; sid:100004198; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"62.219.143.46"; classtype:trojan-activity; sid:100004199; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"62.219.237.224"; classtype:trojan-activity; sid:100004200; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"62.33.1.87"; classtype:trojan-activity; sid:100004201; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"62.38.115.196"; classtype:trojan-activity; sid:100004202; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"62.38.130.177"; classtype:trojan-activity; sid:100004203; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"62.38.149.66"; classtype:trojan-activity; sid:100004204; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"62.38.222.98"; classtype:trojan-activity; sid:100004205; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"62.38.244.80"; classtype:trojan-activity; sid:100004206; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"62.73.73.58"; classtype:trojan-activity; sid:100004207; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"62.90.142.43"; classtype:trojan-activity; sid:100004208; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"62.90.161.62"; classtype:trojan-activity; sid:100004209; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"62.90.165.236"; classtype:trojan-activity; sid:100004210; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"63.245.122.93"; classtype:trojan-activity; sid:100004211; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"64.112.182.150"; classtype:trojan-activity; sid:100004212; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"64.150.228.130"; classtype:trojan-activity; sid:100004213; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"65.108.180.72"; classtype:trojan-activity; sid:100004214; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"65.108.81.182"; classtype:trojan-activity; sid:100004215; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"65.26.155.131"; classtype:trojan-activity; sid:100004216; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"65.34.193.250"; classtype:trojan-activity; sid:100004217; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"65.34.214.4"; classtype:trojan-activity; sid:100004218; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"65.75.102.36"; classtype:trojan-activity; sid:100004219; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"66.154.103.78"; classtype:trojan-activity; sid:100004220; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"66.187.4.17"; classtype:trojan-activity; sid:100004221; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"66.189.122.244"; classtype:trojan-activity; sid:100004222; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"66.229.212.29"; classtype:trojan-activity; sid:100004223; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"66.229.92.206"; classtype:trojan-activity; sid:100004224; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"66.26.238.102"; classtype:trojan-activity; sid:100004225; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"66.57.55.210"; classtype:trojan-activity; sid:100004226; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"66.85.229.121"; classtype:trojan-activity; sid:100004227; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"67.245.120.145"; classtype:trojan-activity; sid:100004228; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"67.247.123.0"; classtype:trojan-activity; sid:100004229; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"67.250.98.123"; classtype:trojan-activity; sid:100004230; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"67.253.160.37"; classtype:trojan-activity; sid:100004231; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"67.8.138.101"; classtype:trojan-activity; sid:100004232; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"67.80.30.18"; classtype:trojan-activity; sid:100004233; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"68.174.182.226"; classtype:trojan-activity; sid:100004234; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"68.188.144.143"; classtype:trojan-activity; sid:100004235; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"68.195.217.253"; classtype:trojan-activity; sid:100004236; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"68.205.119.241"; classtype:trojan-activity; sid:100004237; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"68.84.51.98"; classtype:trojan-activity; sid:100004238; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"69.11.121.34"; classtype:trojan-activity; sid:100004239; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"69.112.162.61"; classtype:trojan-activity; sid:100004240; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"69.115.37.205"; classtype:trojan-activity; sid:100004241; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"69.119.109.186"; classtype:trojan-activity; sid:100004242; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"69.120.237.255"; classtype:trojan-activity; sid:100004243; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"69.59.92.28"; classtype:trojan-activity; sid:100004244; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"69.63.73.234"; classtype:trojan-activity; sid:100004245; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"69.75.227.186"; classtype:trojan-activity; sid:100004246; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"70.115.31.30"; classtype:trojan-activity; sid:100004247; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"70.167.10.180"; classtype:trojan-activity; sid:100004248; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"70.189.198.5"; classtype:trojan-activity; sid:100004249; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"70.236.190.250"; classtype:trojan-activity; sid:100004250; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"70.44.154.126"; classtype:trojan-activity; sid:100004251; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"70.79.173.244"; classtype:trojan-activity; sid:100004252; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"71.163.125.165"; classtype:trojan-activity; sid:100004253; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"71.17.10.8"; classtype:trojan-activity; sid:100004254; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"71.184.123.66"; classtype:trojan-activity; sid:100004255; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"71.190.150.144"; classtype:trojan-activity; sid:100004256; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"71.192.121.145"; classtype:trojan-activity; sid:100004257; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"71.235.58.187"; classtype:trojan-activity; sid:100004258; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"71.40.234.166"; classtype:trojan-activity; sid:100004259; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"71.43.106.142"; classtype:trojan-activity; sid:100004260; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"71.47.133.58"; classtype:trojan-activity; sid:100004261; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"71.66.168.76"; classtype:trojan-activity; sid:100004262; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"71.66.203.234"; classtype:trojan-activity; sid:100004263; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"71.71.60.69"; classtype:trojan-activity; sid:100004264; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"71.76.173.75"; classtype:trojan-activity; sid:100004265; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"71.79.235.170"; classtype:trojan-activity; sid:100004266; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"71.85.106.211"; classtype:trojan-activity; sid:100004267; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"72.133.148.246"; classtype:trojan-activity; sid:100004268; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"72.186.139.38"; classtype:trojan-activity; sid:100004269; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"72.202.249.109"; classtype:trojan-activity; sid:100004270; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"72.214.61.120"; classtype:trojan-activity; sid:100004271; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"72.214.69.226"; classtype:trojan-activity; sid:100004272; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"72.43.71.36"; classtype:trojan-activity; sid:100004273; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"72.68.173.197"; classtype:trojan-activity; sid:100004274; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"72.89.197.189"; classtype:trojan-activity; sid:100004275; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"73.127.64.11"; classtype:trojan-activity; sid:100004276; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"73.163.134.45"; classtype:trojan-activity; sid:100004277; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"73.181.135.190"; classtype:trojan-activity; sid:100004278; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"73.31.139.77"; classtype:trojan-activity; sid:100004279; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"73.56.81.5"; classtype:trojan-activity; sid:100004280; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"73.84.49.191"; classtype:trojan-activity; sid:100004281; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"73.97.12.152"; classtype:trojan-activity; sid:100004282; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"74.108.224.112"; classtype:trojan-activity; sid:100004283; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"74.75.165.81"; classtype:trojan-activity; sid:100004284; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"75.127.141.52"; classtype:trojan-activity; sid:100004285; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"75.129.90.99"; classtype:trojan-activity; sid:100004286; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"75.151.35.77"; classtype:trojan-activity; sid:100004287; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"75.155.123.172"; classtype:trojan-activity; sid:100004288; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"75.186.100.206"; classtype:trojan-activity; sid:100004289; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"75.33.180.129"; classtype:trojan-activity; sid:100004290; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"75.67.206.39"; classtype:trojan-activity; sid:100004291; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"75.83.102.27"; classtype:trojan-activity; sid:100004292; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"75.9.154.131"; classtype:trojan-activity; sid:100004293; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"75.97.202.184"; classtype:trojan-activity; sid:100004294; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"75.99.143.195"; classtype:trojan-activity; sid:100004295; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"75.99.144.114"; classtype:trojan-activity; sid:100004296; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"75.99.213.61"; classtype:trojan-activity; sid:100004297; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"76.108.187.210"; classtype:trojan-activity; sid:100004298; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"76.108.191.3"; classtype:trojan-activity; sid:100004299; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"76.170.11.82"; classtype:trojan-activity; sid:100004300; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"76.178.22.145"; classtype:trojan-activity; sid:100004301; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"76.217.92.231"; classtype:trojan-activity; sid:100004302; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"76.227.244.2"; classtype:trojan-activity; sid:100004303; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"76.250.199.133"; classtype:trojan-activity; sid:100004304; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"76.79.220.181"; classtype:trojan-activity; sid:100004305; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"76.84.134.33"; classtype:trojan-activity; sid:100004306; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"76.86.84.204"; classtype:trojan-activity; sid:100004307; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"76.89.121.143"; classtype:trojan-activity; sid:100004308; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"77.124.99.231"; classtype:trojan-activity; sid:100004309; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"77.225.209.29"; classtype:trojan-activity; sid:100004310; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"77.253.228.49"; classtype:trojan-activity; sid:100004311; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"77.79.191.32"; classtype:trojan-activity; sid:100004312; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"78.156.18.174"; classtype:trojan-activity; sid:100004313; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"78.177.238.5"; classtype:trojan-activity; sid:100004314; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"78.181.44.144"; classtype:trojan-activity; sid:100004315; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"78.185.190.215"; classtype:trojan-activity; sid:100004316; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"78.186.40.28"; classtype:trojan-activity; sid:100004317; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"78.187.141.144"; classtype:trojan-activity; sid:100004318; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"78.188.131.165"; classtype:trojan-activity; sid:100004319; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"78.188.168.64"; classtype:trojan-activity; sid:100004320; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"78.188.188.141"; classtype:trojan-activity; sid:100004321; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"78.188.38.250"; classtype:trojan-activity; sid:100004322; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"78.189.237.53"; classtype:trojan-activity; sid:100004323; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"78.189.27.157"; classtype:trojan-activity; sid:100004324; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"78.197.6.50"; classtype:trojan-activity; sid:100004325; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"78.31.71.248"; classtype:trojan-activity; sid:100004326; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"78.36.75.210"; classtype:trojan-activity; sid:100004327; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"78.38.31.69"; classtype:trojan-activity; sid:100004328; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"79.106.157.33"; classtype:trojan-activity; sid:100004329; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"79.11.226.146"; classtype:trojan-activity; sid:100004330; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"79.170.31.164"; classtype:trojan-activity; sid:100004331; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"79.170.31.169"; classtype:trojan-activity; sid:100004332; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"79.18.125.250"; classtype:trojan-activity; sid:100004333; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"79.183.115.201"; classtype:trojan-activity; sid:100004334; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"79.186.52.130"; classtype:trojan-activity; sid:100004335; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"79.3.72.208"; classtype:trojan-activity; sid:100004336; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"79.7.170.58"; classtype:trojan-activity; sid:100004337; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"79.9.38.231"; classtype:trojan-activity; sid:100004338; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"8.210.133.129"; classtype:trojan-activity; sid:100004339; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"80.209.131.96"; classtype:trojan-activity; sid:100004340; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"80.211.181.77"; classtype:trojan-activity; sid:100004341; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"80.212.232.58"; classtype:trojan-activity; sid:100004342; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"80.216.144.55"; classtype:trojan-activity; sid:100004343; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"80.29.102.135"; classtype:trojan-activity; sid:100004344; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"80.39.34.189"; classtype:trojan-activity; sid:100004345; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"80.42.82.136"; classtype:trojan-activity; sid:100004346; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"81.1.242.16"; classtype:trojan-activity; sid:100004347; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"81.163.246.9"; classtype:trojan-activity; sid:100004348; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"81.163.54.120"; classtype:trojan-activity; sid:100004349; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"81.165.44.109"; classtype:trojan-activity; sid:100004350; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"81.182.68.152"; classtype:trojan-activity; sid:100004351; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"81.214.189.185"; classtype:trojan-activity; sid:100004352; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"81.218.156.164"; classtype:trojan-activity; sid:100004353; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"81.218.170.52"; classtype:trojan-activity; sid:100004354; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"81.218.195.216"; classtype:trojan-activity; sid:100004355; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"81.218.196.175"; classtype:trojan-activity; sid:100004356; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"81.230.174.182"; classtype:trojan-activity; sid:100004357; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"81.234.96.233"; classtype:trojan-activity; sid:100004358; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"81.24.82.72"; classtype:trojan-activity; sid:100004359; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"81.5.66.115"; classtype:trojan-activity; sid:100004360; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"81.60.194.183"; classtype:trojan-activity; sid:100004361; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"81.61.234.34"; classtype:trojan-activity; sid:100004362; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"82.130.236.240"; classtype:trojan-activity; sid:100004363; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"82.139.30.142"; classtype:trojan-activity; sid:100004364; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"82.166.252.133"; classtype:trojan-activity; sid:100004365; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"82.166.85.112"; classtype:trojan-activity; sid:100004366; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"82.208.189.252"; classtype:trojan-activity; sid:100004367; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"82.50.10.19"; classtype:trojan-activity; sid:100004368; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"82.62.110.252"; classtype:trojan-activity; sid:100004369; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"82.62.210.102"; classtype:trojan-activity; sid:100004370; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"82.62.53.77"; classtype:trojan-activity; sid:100004371; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"82.74.135.142"; classtype:trojan-activity; sid:100004372; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"82.80.138.72"; classtype:trojan-activity; sid:100004373; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"82.80.139.92"; classtype:trojan-activity; sid:100004374; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"82.80.142.134"; classtype:trojan-activity; sid:100004375; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"82.80.154.214"; classtype:trojan-activity; sid:100004376; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"82.80.166.183"; classtype:trojan-activity; sid:100004377; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"82.80.187.109"; classtype:trojan-activity; sid:100004378; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"82.80.55.131"; classtype:trojan-activity; sid:100004379; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"82.81.100.54"; classtype:trojan-activity; sid:100004380; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"82.81.106.65"; classtype:trojan-activity; sid:100004381; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"82.81.108.172"; classtype:trojan-activity; sid:100004382; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"82.81.108.230"; classtype:trojan-activity; sid:100004383; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"82.81.131.158"; classtype:trojan-activity; sid:100004384; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"82.81.134.66"; classtype:trojan-activity; sid:100004385; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"82.81.19.42"; classtype:trojan-activity; sid:100004386; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"82.81.208.232"; classtype:trojan-activity; sid:100004387; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"82.81.232.68"; classtype:trojan-activity; sid:100004388; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"82.81.234.195"; classtype:trojan-activity; sid:100004389; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"82.81.254.242"; classtype:trojan-activity; sid:100004390; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"82.81.31.9"; classtype:trojan-activity; sid:100004391; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"82.81.4.57"; classtype:trojan-activity; sid:100004392; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"82.81.42.161"; classtype:trojan-activity; sid:100004393; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"82.81.73.245"; classtype:trojan-activity; sid:100004394; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"83.0.233.13"; classtype:trojan-activity; sid:100004395; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"83.165.237.163"; classtype:trojan-activity; sid:100004396; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"83.171.122.225"; classtype:trojan-activity; sid:100004397; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"83.172.1.145"; classtype:trojan-activity; sid:100004398; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"83.174.229.108"; classtype:trojan-activity; sid:100004399; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"83.218.189.6"; classtype:trojan-activity; sid:100004400; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"83.224.137.101"; classtype:trojan-activity; sid:100004401; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"83.234.135.11"; classtype:trojan-activity; sid:100004402; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"83.234.135.79"; classtype:trojan-activity; sid:100004403; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"83.234.147.99"; classtype:trojan-activity; sid:100004404; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"83.234.218.42"; classtype:trojan-activity; sid:100004405; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"83.239.6.202"; classtype:trojan-activity; sid:100004406; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"83.243.164.200"; classtype:trojan-activity; sid:100004407; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"83.243.248.159"; classtype:trojan-activity; sid:100004408; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"83.251.143.42"; classtype:trojan-activity; sid:100004409; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"83.33.203.10"; classtype:trojan-activity; sid:100004410; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"83.69.90.81"; classtype:trojan-activity; sid:100004411; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"84.1.22.11"; classtype:trojan-activity; sid:100004412; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"84.111.46.162"; classtype:trojan-activity; sid:100004413; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"84.124.168.112"; classtype:trojan-activity; sid:100004414; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"84.124.170.226"; classtype:trojan-activity; sid:100004415; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"84.15.171.61"; classtype:trojan-activity; sid:100004416; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"84.194.130.232"; classtype:trojan-activity; sid:100004417; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"84.194.131.233"; classtype:trojan-activity; sid:100004418; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"84.210.214.182"; classtype:trojan-activity; sid:100004419; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"84.215.180.60"; classtype:trojan-activity; sid:100004420; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"84.228.112.240"; classtype:trojan-activity; sid:100004421; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"84.228.114.91"; classtype:trojan-activity; sid:100004422; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"84.228.124.26"; classtype:trojan-activity; sid:100004423; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"84.228.50.118"; classtype:trojan-activity; sid:100004424; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"84.238.62.208"; classtype:trojan-activity; sid:100004425; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"84.254.39.129"; classtype:trojan-activity; sid:100004426; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"84.33.111.227"; classtype:trojan-activity; sid:100004427; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"84.33.118.104"; classtype:trojan-activity; sid:100004428; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"84.33.122.235"; classtype:trojan-activity; sid:100004429; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"84.33.89.12"; classtype:trojan-activity; sid:100004430; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"84.40.127.242"; classtype:trojan-activity; sid:100004431; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"84.94.164.119"; classtype:trojan-activity; sid:100004432; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"8402d53c-17e9-4250-8011-20f28f5d404f.certbooster.com"; classtype:trojan-activity; sid:100004433; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"85.10.28.152"; classtype:trojan-activity; sid:100004434; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"85.105.180.228"; classtype:trojan-activity; sid:100004435; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"85.105.192.117"; classtype:trojan-activity; sid:100004436; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"85.105.202.53"; classtype:trojan-activity; sid:100004437; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"85.105.208.25"; classtype:trojan-activity; sid:100004438; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"85.105.223.87"; classtype:trojan-activity; sid:100004439; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"85.105.226.128"; classtype:trojan-activity; sid:100004440; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"85.105.241.2"; classtype:trojan-activity; sid:100004441; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"85.105.8.9"; classtype:trojan-activity; sid:100004442; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"85.112.32.172"; classtype:trojan-activity; sid:100004443; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"85.186.151.246"; classtype:trojan-activity; sid:100004444; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"85.202.169.120"; classtype:trojan-activity; sid:100004445; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"85.239.33.9"; classtype:trojan-activity; sid:100004446; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"85.243.31.46"; classtype:trojan-activity; sid:100004447; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"85.247.67.171"; classtype:trojan-activity; sid:100004448; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"85.97.111.84"; classtype:trojan-activity; sid:100004449; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"85.97.130.227"; classtype:trojan-activity; sid:100004450; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"85.99.110.13"; classtype:trojan-activity; sid:100004451; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"86.12.245.33"; classtype:trojan-activity; sid:100004452; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"86.127.232.77"; classtype:trojan-activity; sid:100004453; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"86.34.49.153"; classtype:trojan-activity; sid:100004454; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"86.6.187.44"; classtype:trojan-activity; sid:100004455; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"87.1.141.232"; classtype:trojan-activity; sid:100004456; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"87.251.64.133"; classtype:trojan-activity; sid:100004457; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"87.251.85.100"; classtype:trojan-activity; sid:100004458; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"87.251.85.102"; classtype:trojan-activity; sid:100004459; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"87.251.86.178"; classtype:trojan-activity; sid:100004460; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"87.26.181.132"; classtype:trojan-activity; sid:100004461; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"87.88.137.245"; classtype:trojan-activity; sid:100004462; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"88.119.171.253"; classtype:trojan-activity; sid:100004463; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"88.12.54.150"; classtype:trojan-activity; sid:100004464; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"88.2.208.71"; classtype:trojan-activity; sid:100004465; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"88.204.210.194"; classtype:trojan-activity; sid:100004466; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"88.247.195.125"; classtype:trojan-activity; sid:100004467; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"88.247.222.82"; classtype:trojan-activity; sid:100004468; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"88.248.117.243"; classtype:trojan-activity; sid:100004469; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"88.248.51.139"; classtype:trojan-activity; sid:100004470; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"88.250.19.224"; classtype:trojan-activity; sid:100004471; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"88.250.226.26"; classtype:trojan-activity; sid:100004472; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"88.250.240.245"; classtype:trojan-activity; sid:100004473; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"88.250.251.88"; classtype:trojan-activity; sid:100004474; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"88.250.254.90"; classtype:trojan-activity; sid:100004475; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"88.31.171.136"; classtype:trojan-activity; sid:100004476; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"88.83.53.164"; classtype:trojan-activity; sid:100004477; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"88.95.99.218"; classtype:trojan-activity; sid:100004478; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"89.122.198.237"; classtype:trojan-activity; sid:100004479; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"89.122.96.52"; classtype:trojan-activity; sid:100004480; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"89.160.157.171"; classtype:trojan-activity; sid:100004481; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"89.165.170.54"; classtype:trojan-activity; sid:100004482; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"89.208.30.34"; classtype:trojan-activity; sid:100004483; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"89.215.188.163"; classtype:trojan-activity; sid:100004484; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"89.22.202.171"; classtype:trojan-activity; sid:100004485; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"89.248.112.202"; classtype:trojan-activity; sid:100004486; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"89.253.179.76"; classtype:trojan-activity; sid:100004487; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"89.40.85.166"; classtype:trojan-activity; sid:100004488; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"89.97.62.134"; classtype:trojan-activity; sid:100004489; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"89.97.64.171"; classtype:trojan-activity; sid:100004490; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"8db3b91a-ea93-419b-b51b-0a69902759c5.usrfiles.com"; classtype:trojan-activity; sid:100004491; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"90.159.233.113"; classtype:trojan-activity; sid:100004492; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"90.63.176.144"; classtype:trojan-activity; sid:100004493; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"90.84.224.152"; classtype:trojan-activity; sid:100004494; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"90.84.231.230"; classtype:trojan-activity; sid:100004495; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"91.122.213.250"; classtype:trojan-activity; sid:100004496; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"91.130.37.160"; classtype:trojan-activity; sid:100004497; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"91.138.215.5"; classtype:trojan-activity; sid:100004498; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"91.148.182.27"; classtype:trojan-activity; sid:100004499; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"91.187.103.32"; classtype:trojan-activity; sid:100004500; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"91.199.147.81"; classtype:trojan-activity; sid:100004501; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"91.217.104.185"; classtype:trojan-activity; sid:100004502; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"91.222.78.171"; classtype:trojan-activity; sid:100004503; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"91.240.209.170"; classtype:trojan-activity; sid:100004504; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"91.243.44.128"; classtype:trojan-activity; sid:100004505; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"91.244.169.139"; classtype:trojan-activity; sid:100004506; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"91.92.16.244"; classtype:trojan-activity; sid:100004507; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"91.98.248.104"; classtype:trojan-activity; sid:100004508; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"91xxxooo.com"; classtype:trojan-activity; sid:100004509; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"91yudao.com"; classtype:trojan-activity; sid:100004510; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"92.114.191.82"; classtype:trojan-activity; sid:100004511; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"92.255.85.131"; classtype:trojan-activity; sid:100004512; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"92.27.246.202"; classtype:trojan-activity; sid:100004513; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"92.44.186.164"; classtype:trojan-activity; sid:100004514; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"92.44.60.212"; classtype:trojan-activity; sid:100004515; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"92.54.237.237"; classtype:trojan-activity; sid:100004516; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"92.54.237.72"; classtype:trojan-activity; sid:100004517; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"92.63.100.2"; classtype:trojan-activity; sid:100004518; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"92.85.32.209"; classtype:trojan-activity; sid:100004519; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"92c49223-b37f-4157-904d-daf4679f14d5.usrfiles.com"; classtype:trojan-activity; sid:100004520; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"93.155.194.69"; classtype:trojan-activity; sid:100004521; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"93.170.119.69"; classtype:trojan-activity; sid:100004522; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"93.172.136.16"; classtype:trojan-activity; sid:100004523; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"93.21.224.154"; classtype:trojan-activity; sid:100004524; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"93.39.115.176"; classtype:trojan-activity; sid:100004525; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"93.39.79.41"; classtype:trojan-activity; sid:100004526; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"93.41.137.16"; classtype:trojan-activity; sid:100004527; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"93.41.182.249"; classtype:trojan-activity; sid:100004528; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"93.41.206.56"; classtype:trojan-activity; sid:100004529; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"93.56.202.158"; classtype:trojan-activity; sid:100004530; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"93.57.43.233"; classtype:trojan-activity; sid:100004531; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"94.120.61.123"; classtype:trojan-activity; sid:100004532; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"94.137.31.250"; classtype:trojan-activity; sid:100004533; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"94.154.152.248"; classtype:trojan-activity; sid:100004534; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"94.154.152.250"; classtype:trojan-activity; sid:100004535; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"94.154.17.170"; classtype:trojan-activity; sid:100004536; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"94.178.56.234"; classtype:trojan-activity; sid:100004537; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"94.179.234.87"; classtype:trojan-activity; sid:100004538; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"94.195.8.236"; classtype:trojan-activity; sid:100004539; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"94.200.86.70"; classtype:trojan-activity; sid:100004540; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"94.226.98.236"; classtype:trojan-activity; sid:100004541; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"94.230.82.183"; classtype:trojan-activity; sid:100004542; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"94.241.5.75"; classtype:trojan-activity; sid:100004543; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"94.245.52.195"; classtype:trojan-activity; sid:100004544; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"94.255.248.222"; classtype:trojan-activity; sid:100004545; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"94.43.10.243"; classtype:trojan-activity; sid:100004546; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"94.43.139.153"; classtype:trojan-activity; sid:100004547; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"94.51.100.121"; classtype:trojan-activity; sid:100004548; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"94.60.228.152"; classtype:trojan-activity; sid:100004549; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"94.69.177.109"; classtype:trojan-activity; sid:100004550; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"94.85.0.3"; classtype:trojan-activity; sid:100004551; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"95.107.2.143"; classtype:trojan-activity; sid:100004552; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"95.132.129.250"; classtype:trojan-activity; sid:100004553; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"95.134.137.60"; classtype:trojan-activity; sid:100004554; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"95.134.238.36"; classtype:trojan-activity; sid:100004555; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"95.135.117.210"; classtype:trojan-activity; sid:100004556; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"95.154.70.215"; classtype:trojan-activity; sid:100004557; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"95.158.19.130"; classtype:trojan-activity; sid:100004558; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"95.170.113.227"; classtype:trojan-activity; sid:100004559; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"95.170.113.52"; classtype:trojan-activity; sid:100004560; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"95.170.201.34"; classtype:trojan-activity; sid:100004561; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"95.194.91.84"; classtype:trojan-activity; sid:100004562; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"95.255.11.243"; classtype:trojan-activity; sid:100004563; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"95.255.130.177"; classtype:trojan-activity; sid:100004564; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"95.9.33.229"; classtype:trojan-activity; sid:100004565; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"95.9.74.89"; classtype:trojan-activity; sid:100004566; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"95.9.94.240"; classtype:trojan-activity; sid:100004567; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"96.125.140.164"; classtype:trojan-activity; sid:100004568; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"96.47.147.169"; classtype:trojan-activity; sid:100004569; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"96.56.55.147"; classtype:trojan-activity; sid:100004570; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"96.69.95.138"; classtype:trojan-activity; sid:100004571; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"96.8.118.142"; classtype:trojan-activity; sid:100004572; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"96.9.77.58"; classtype:trojan-activity; sid:100004573; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"96.90.2.245"; classtype:trojan-activity; sid:100004574; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"97.68.140.254"; classtype:trojan-activity; sid:100004575; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"97.96.199.75"; classtype:trojan-activity; sid:100004576; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"98.113.239.207"; classtype:trojan-activity; sid:100004577; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"98.14.30.176"; classtype:trojan-activity; sid:100004578; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"98.157.228.234"; classtype:trojan-activity; sid:100004579; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"98.189.156.54"; classtype:trojan-activity; sid:100004580; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"98.191.111.116"; classtype:trojan-activity; sid:100004581; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"98.231.124.39"; classtype:trojan-activity; sid:100004582; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"98.247.95.152"; classtype:trojan-activity; sid:100004583; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"98.26.168.218"; classtype:trojan-activity; sid:100004584; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"98.30.24.54"; classtype:trojan-activity; sid:100004585; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"9812890593.com"; classtype:trojan-activity; sid:100004586; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"99.107.113.242"; classtype:trojan-activity; sid:100004587; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"99.150.245.203"; classtype:trojan-activity; sid:100004588; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"99.165.34.49"; classtype:trojan-activity; sid:100004589; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"99.2.117.58"; classtype:trojan-activity; sid:100004590; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"99.33.195.164"; classtype:trojan-activity; sid:100004591; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"99.74.63.103"; classtype:trojan-activity; sid:100004592; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"99.8.30.116"; classtype:trojan-activity; sid:100004593; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"a3ium.davaohorizon.com"; classtype:trojan-activity; sid:100004594; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"aarsaindustries.com"; classtype:trojan-activity; sid:100004595; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"abbayedetarasteix.fr"; classtype:trojan-activity; sid:100004596; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"abdheshdesign.com"; classtype:trojan-activity; sid:100004597; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"abigaillagus.com"; classtype:trojan-activity; sid:100004598; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"abissnet.net"; classtype:trojan-activity; sid:100004599; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"abmaxdigital.com"; classtype:trojan-activity; sid:100004600; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"aboveandbelow.com.au"; classtype:trojan-activity; sid:100004601; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"abreshamcollection.com"; classtype:trojan-activity; sid:100004602; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"academiaoslo.com.uy"; classtype:trojan-activity; sid:100004603; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"acadmaritime.com"; classtype:trojan-activity; sid:100004604; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"acellr.co.uk"; classtype:trojan-activity; sid:100004605; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"acmvietnamjsc.com"; classtype:trojan-activity; sid:100004606; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"acts-portal-live.serverdatahost.com"; classtype:trojan-activity; sid:100004607; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"adeniyisaleem.com"; classtype:trojan-activity; sid:100004608; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"adeoba.com"; classtype:trojan-activity; sid:100004609; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"adityasolsurf.in"; classtype:trojan-activity; sid:100004610; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"adl-asia.com"; classtype:trojan-activity; sid:100004611; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"admin.classified.pointsource.ng"; classtype:trojan-activity; sid:100004612; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"admin.gentbcn.org"; classtype:trojan-activity; sid:100004613; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"adnl.com.mx"; classtype:trojan-activity; sid:100004614; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"adu.polimi.it"; classtype:trojan-activity; sid:100004615; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"advconstructora.cl"; classtype:trojan-activity; sid:100004616; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"affordabledebtrelief.com"; classtype:trojan-activity; sid:100004617; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"afrimedspecialist.com"; classtype:trojan-activity; sid:100004618; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"agdm.ml"; classtype:trojan-activity; sid:100004619; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"agemn.co.za"; classtype:trojan-activity; sid:100004620; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"ah.btp-inc.ca"; classtype:trojan-activity; sid:100004621; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"aiqtest.com"; classtype:trojan-activity; sid:100004622; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"al-wahd.com"; classtype:trojan-activity; sid:100004623; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"aladainexpress.com"; classtype:trojan-activity; sid:100004624; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"alberts.diamondrelationscrm.us"; classtype:trojan-activity; sid:100004625; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"aldahwiprivatehospital.com"; classtype:trojan-activity; sid:100004626; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"alemelektronik.com"; classtype:trojan-activity; sid:100004627; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"alexdubai.com.aldiabsteel.com"; classtype:trojan-activity; sid:100004628; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"alittlebrave.com"; classtype:trojan-activity; sid:100004629; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"allforcreative.com.au"; classtype:trojan-activity; sid:100004630; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"allhomesrealestate.com.au"; classtype:trojan-activity; sid:100004631; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"alltestagain.lukehadaj.com.au"; classtype:trojan-activity; sid:100004632; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"almeriahot.com"; classtype:trojan-activity; sid:100004633; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"alphaimoveissa.com.br"; classtype:trojan-activity; sid:100004634; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"alshergrouphomeservices.wpsupport.urdemo.website"; classtype:trojan-activity; sid:100004635; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"amarteargentina.com.ar"; classtype:trojan-activity; sid:100004636; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"amooma.sourcetaggers.com"; classtype:trojan-activity; sid:100004637; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"amyconcepts.com"; classtype:trojan-activity; sid:100004638; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"andres.ug"; classtype:trojan-activity; sid:100004639; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"angel.bk.idv.tw"; classtype:trojan-activity; sid:100004640; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"annamdecor.vn"; classtype:trojan-activity; sid:100004641; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"apdes.smartbumdes.id"; classtype:trojan-activity; sid:100004642; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"api.52kkg.com"; classtype:trojan-activity; sid:100004643; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"api.cstdevs.com"; classtype:trojan-activity; sid:100004644; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"api.huokejinglingvip.com"; classtype:trojan-activity; sid:100004645; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"apoolcondo.com"; classtype:trojan-activity; sid:100004646; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"apps.saintsoporte.com"; classtype:trojan-activity; sid:100004647; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"archbal.sbs"; classtype:trojan-activity; sid:100004648; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"ardmtshidayatulfirdaus.inas.web.id"; classtype:trojan-activity; sid:100004649; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"arrkcelebrations.com"; classtype:trojan-activity; sid:100004650; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"arshadbrother.com"; classtype:trojan-activity; sid:100004651; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"art-line.jp"; classtype:trojan-activity; sid:100004652; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"artenazarov.com.ar"; classtype:trojan-activity; sid:100004653; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"artursemth.com"; classtype:trojan-activity; sid:100004654; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"arushagems.com"; classtype:trojan-activity; sid:100004655; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"ascendingprofitsystem.com"; classtype:trojan-activity; sid:100004656; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"ashwagandha.co.in"; classtype:trojan-activity; sid:100004657; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"ask-regard.call-save.biz"; classtype:trojan-activity; sid:100004658; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"assets.dsztfso.cn"; classtype:trojan-activity; sid:100004659; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"asu.com.vn"; classtype:trojan-activity; sid:100004660; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"atgame888.com"; classtype:trojan-activity; sid:100004661; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"aulist.com"; classtype:trojan-activity; sid:100004662; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"autofficinaguerreri.it"; classtype:trojan-activity; sid:100004663; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"automoto.in.ua"; classtype:trojan-activity; sid:100004664; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"avadhanagames.com"; classtype:trojan-activity; sid:100004665; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"avtobaza.info"; classtype:trojan-activity; sid:100004666; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"awokeq.co.za"; classtype:trojan-activity; sid:100004667; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"ayam-geprek-pitoe.com"; classtype:trojan-activity; sid:100004668; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"ayearatthetable.wpsupport.urdemo.website"; classtype:trojan-activity; sid:100004669; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"ayvalikciceksiparisi.com"; classtype:trojan-activity; sid:100004670; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"ayyildizoto.com"; classtype:trojan-activity; sid:100004671; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"azerbaijan-tourism.com"; classtype:trojan-activity; sid:100004672; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"azmeasurement.com"; classtype:trojan-activity; sid:100004673; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"b.dxyzgame.com"; classtype:trojan-activity; sid:100004674; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"b2gnegocios.com"; classtype:trojan-activity; sid:100004675; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"backbenchfilm.chadfoto.com"; classtype:trojan-activity; sid:100004676; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"backgrounds.pk"; classtype:trojan-activity; sid:100004677; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"backpackumbrella.com"; classtype:trojan-activity; sid:100004678; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"badeggdesign.com"; classtype:trojan-activity; sid:100004679; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"ballatstone.com"; classtype:trojan-activity; sid:100004680; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"bangkok-orchids.com"; classtype:trojan-activity; sid:100004681; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"bank.zanderscloud.com.ng"; classtype:trojan-activity; sid:100004682; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"barkodsolutions.com"; classtype:trojan-activity; sid:100004683; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"bazaar-shahr-alborz.ir"; classtype:trojan-activity; sid:100004684; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"bberker.com"; classtype:trojan-activity; sid:100004685; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"bbia.co.uk"; classtype:trojan-activity; sid:100004686; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"bearcatpumps.com.cn"; classtype:trojan-activity; sid:100004687; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"bec.demo.myitas.net"; classtype:trojan-activity; sid:100004688; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"bedroomset.club"; classtype:trojan-activity; sid:100004689; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"beepro.ir"; classtype:trojan-activity; sid:100004690; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"belanjalagi.com"; classtype:trojan-activity; sid:100004691; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"benwellgroup.co.uk"; classtype:trojan-activity; sid:100004692; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"bespokeweddings.ie"; classtype:trojan-activity; sid:100004693; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"beta.profissaopiloto.com.br"; classtype:trojan-activity; sid:100004694; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"bharattank.me"; classtype:trojan-activity; sid:100004695; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"biosafepro.in"; classtype:trojan-activity; sid:100004696; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"bitllab.com.br"; classtype:trojan-activity; sid:100004697; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"bitmex-trade.com"; classtype:trojan-activity; sid:100004698; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"bkbikesport.com.br"; classtype:trojan-activity; sid:100004699; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"blanche.gr"; classtype:trojan-activity; sid:100004700; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"bleezzmultimedia.com"; classtype:trojan-activity; sid:100004701; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"bleskoindustries.com"; classtype:trojan-activity; sid:100004702; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"blloco.com"; classtype:trojan-activity; sid:100004703; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"blog.drmostafafouadivf.com"; classtype:trojan-activity; sid:100004704; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"blog.grnstore.com"; classtype:trojan-activity; sid:100004705; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"blog.institutoevollution.com.br"; classtype:trojan-activity; sid:100004706; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"blog.stetgzs.cn"; classtype:trojan-activity; sid:100004707; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"bloom-here.org"; classtype:trojan-activity; sid:100004708; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"bmss.org.in"; classtype:trojan-activity; sid:100004709; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"bnbwealth.net"; classtype:trojan-activity; sid:100004710; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"boardingschoolsoftware.com"; classtype:trojan-activity; sid:100004711; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"bobcatminer-store.e-mantra.in"; classtype:trojan-activity; sid:100004712; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"bondpertayenergy.com"; classtype:trojan-activity; sid:100004713; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"botmaybe11.mcdir.me"; classtype:trojan-activity; sid:100004714; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"breakingbread.modelacademy.co.in"; classtype:trojan-activity; sid:100004715; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"briar.com.my"; classtype:trojan-activity; sid:100004716; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"bricolambert.com"; classtype:trojan-activity; sid:100004717; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"brideofmessiah.com"; classtype:trojan-activity; sid:100004718; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"bridgesfoundationrepair.com"; classtype:trojan-activity; sid:100004719; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"brightmega.com"; classtype:trojan-activity; sid:100004720; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"brightstarshop.com"; classtype:trojan-activity; sid:100004721; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"brownlowlimited.co.uk"; classtype:trojan-activity; sid:100004722; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"bthuu.com"; classtype:trojan-activity; sid:100004723; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"bucbuc.in"; classtype:trojan-activity; sid:100004724; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"bugharytea.com"; classtype:trojan-activity; sid:100004725; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"buigiaphat.com.vn"; classtype:trojan-activity; sid:100004726; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"builder.tarekujjaman.com"; classtype:trojan-activity; sid:100004727; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"bujogradba.com"; classtype:trojan-activity; sid:100004728; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"bukuonline2u.com"; classtype:trojan-activity; sid:100004729; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"bunge.skybitvest.com"; classtype:trojan-activity; sid:100004730; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"buscascolegios.diit.cl"; classtype:trojan-activity; sid:100004731; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"c.oooooooooo.ga"; classtype:trojan-activity; sid:100004732; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"caballo.com.au"; classtype:trojan-activity; sid:100004733; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"cable-online.ir"; classtype:trojan-activity; sid:100004734; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"caioaraujo.vip"; classtype:trojan-activity; sid:100004735; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"callandget.co.in"; classtype:trojan-activity; sid:100004736; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"camminachetipassa.it"; classtype:trojan-activity; sid:100004737; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"canadacannabis.live"; classtype:trojan-activity; sid:100004738; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"canconsulting.in"; classtype:trojan-activity; sid:100004739; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"caragudigital.com.mx"; classtype:trojan-activity; sid:100004740; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"carbinz.ml"; classtype:trojan-activity; sid:100004741; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"cariustadz.org"; classtype:trojan-activity; sid:100004742; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"carpal-imperfect.quarantine-pnap.web-hosting.com"; classtype:trojan-activity; sid:100004743; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"cars-taxonomy.mywebartist.eu"; classtype:trojan-activity; sid:100004744; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"carte-deuil.com"; classtype:trojan-activity; sid:100004745; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"casinoc.ru"; classtype:trojan-activity; sid:100004746; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"cat.maletasoriginales.eu"; classtype:trojan-activity; sid:100004747; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"cbn.hypervoizd.com"; classtype:trojan-activity; sid:100004748; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"cdaonline.com.ar"; classtype:trojan-activity; sid:100004749; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"cdn-10049480.file.myqcloud.com"; classtype:trojan-activity; sid:100004750; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"cdn.medicatusb.xyz"; classtype:trojan-activity; sid:100004751; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"cellas.sk"; classtype:trojan-activity; sid:100004752; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"centralcdmx.gq"; classtype:trojan-activity; sid:100004753; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"centre.ng"; classtype:trojan-activity; sid:100004754; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"centrichotel.com"; classtype:trojan-activity; sid:100004755; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"centuaryfabindia.com"; classtype:trojan-activity; sid:100004756; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"cereaisterraprodutosnaturais.exloja.com.br"; classtype:trojan-activity; sid:100004757; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"certification.jacsai.org"; classtype:trojan-activity; sid:100004758; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"ceysaenerji.com.tr"; classtype:trojan-activity; sid:100004759; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"cfihoa.com"; classtype:trojan-activity; sid:100004760; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"cfs10.blog.daum.net"; classtype:trojan-activity; sid:100004761; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"cfs13.tistory.com"; classtype:trojan-activity; sid:100004762; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"cfs5.tistory.com"; classtype:trojan-activity; sid:100004763; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"cfs7.blog.daum.net"; classtype:trojan-activity; sid:100004764; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"cfs9.blog.daum.net"; classtype:trojan-activity; sid:100004765; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"cgp3solutions.co.za"; classtype:trojan-activity; sid:100004766; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"ch1.spacermodem.com"; classtype:trojan-activity; sid:100004767; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"chafferimpex.com"; classtype:trojan-activity; sid:100004768; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"charmsukh.vip"; classtype:trojan-activity; sid:100004769; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"chase-com-home-pages-sites.dargalawomen.org"; classtype:trojan-activity; sid:100004770; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"chezalice.co.za"; classtype:trojan-activity; sid:100004771; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"chiaper.com.br"; classtype:trojan-activity; sid:100004772; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"childselect.com"; classtype:trojan-activity; sid:100004773; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"chiukim.com"; classtype:trojan-activity; sid:100004774; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"chukouneee.com"; classtype:trojan-activity; sid:100004775; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"cifeer.net"; classtype:trojan-activity; sid:100004776; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"ciidental.com.ec"; classtype:trojan-activity; sid:100004777; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"cimcpatna.com"; classtype:trojan-activity; sid:100004778; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"ciraliruyahotel.com"; classtype:trojan-activity; sid:100004779; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"ciroflores.com"; classtype:trojan-activity; sid:100004780; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"citihits.lk"; classtype:trojan-activity; sid:100004781; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"citiqproperties.co.za"; classtype:trojan-activity; sid:100004782; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"cittadinomondo.com"; classtype:trojan-activity; sid:100004783; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"client.meetsusolutions.com"; classtype:trojan-activity; sid:100004784; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"clinicareers.com"; classtype:trojan-activity; sid:100004785; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"cloud.fc.co.mz"; classtype:trojan-activity; sid:100004786; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"cloudsoft.or.ke"; classtype:trojan-activity; sid:100004787; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"clovekwealth.com"; classtype:trojan-activity; sid:100004788; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"cm-arquitetos.com"; classtype:trojan-activity; sid:100004789; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"coachingcorporal.cl"; classtype:trojan-activity; sid:100004790; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"cobhamplasteringservices.co.uk"; classtype:trojan-activity; sid:100004791; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"cofenator.ru"; classtype:trojan-activity; sid:100004792; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"coffeewithunicorns.com"; classtype:trojan-activity; sid:100004793; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"colinde.pricesne.com"; classtype:trojan-activity; sid:100004794; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"colonialpizzapub.wpsupport.urdemo.website"; classtype:trojan-activity; sid:100004795; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"colonialpizzapub2.wpsupport.urdemo.website"; classtype:trojan-activity; sid:100004796; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"colonna.ac.ug"; classtype:trojan-activity; sid:100004797; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"colonna.ug"; classtype:trojan-activity; sid:100004798; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"community.reimclub.com"; classtype:trojan-activity; sid:100004799; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"computec-zim.com.mx"; classtype:trojan-activity; sid:100004800; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"config.cqhbkjzx.com"; classtype:trojan-activity; sid:100004801; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"conquestcapital.co.ke"; classtype:trojan-activity; sid:100004802; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"contabilinloco.com.br"; classtype:trojan-activity; sid:100004803; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"cookery.irooniafile.ir"; classtype:trojan-activity; sid:100004804; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"copelandscapes.com"; classtype:trojan-activity; sid:100004805; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"corebooks.app"; classtype:trojan-activity; sid:100004806; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"coroprocantopopular.com.ar"; classtype:trojan-activity; sid:100004807; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"costanortepotrerillos.com"; classtype:trojan-activity; sid:100004808; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"count.mail.163.com.impactmedfoundation.com"; classtype:trojan-activity; sid:100004809; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"courtneyjones.ac.ug"; classtype:trojan-activity; sid:100004810; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"covid19.cyberschool.or.id"; classtype:trojan-activity; sid:100004811; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"cp-saofacundo.pt"; classtype:trojan-activity; sid:100004812; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"crearechile.cl"; classtype:trojan-activity; sid:100004813; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"creationskateboards.com"; classtype:trojan-activity; sid:100004814; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"creativexlab.com"; classtype:trojan-activity; sid:100004815; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"crecerco.com"; classtype:trojan-activity; sid:100004816; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"cresvin.com"; classtype:trojan-activity; sid:100004817; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"cricket.theglobalindia.net"; classtype:trojan-activity; sid:100004818; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"crittersbythebay.com"; classtype:trojan-activity; sid:100004819; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"crmfarko.manivelasst.com"; classtype:trojan-activity; sid:100004820; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"crmroche.manivelasst.com"; classtype:trojan-activity; sid:100004821; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"crownadvertising.ca"; classtype:trojan-activity; sid:100004822; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"crownpacificpartners.com"; classtype:trojan-activity; sid:100004823; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"cryptoforextrading56.com"; classtype:trojan-activity; sid:100004824; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"ct.mba"; classtype:trojan-activity; sid:100004825; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"cuneytkocas.com"; classtype:trojan-activity; sid:100004826; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"curious-george.me"; classtype:trojan-activity; sid:100004827; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"cursodeparapsicologia.org"; classtype:trojan-activity; sid:100004828; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"cursossemana.com"; classtype:trojan-activity; sid:100004829; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"cushyscl.com.bd"; classtype:trojan-activity; sid:100004830; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"custominsure.com"; classtype:trojan-activity; sid:100004831; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"customtrackbatons.com"; classtype:trojan-activity; sid:100004832; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"cynkon.kairoscs.net"; classtype:trojan-activity; sid:100004833; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"d.powerofwish.com"; classtype:trojan-activity; sid:100004834; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"d.torreblancamusica.com"; classtype:trojan-activity; sid:100004835; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"d1.udashi.com"; classtype:trojan-activity; sid:100004836; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"d9.99ddd.com"; classtype:trojan-activity; sid:100004837; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"da.alibuf.com"; classtype:trojan-activity; sid:100004838; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"dacremabotanicals.wpsupport.urdemo.website"; classtype:trojan-activity; sid:100004839; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"dacui.online"; classtype:trojan-activity; sid:100004840; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"daftar.site"; classtype:trojan-activity; sid:100004841; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"daichiinternational.com"; classtype:trojan-activity; sid:100004842; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"dalice.edu.zm"; classtype:trojan-activity; sid:100004843; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"danaevara.com"; classtype:trojan-activity; sid:100004844; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"daohang1.oss-cn-beijing.aliyuncs.com"; classtype:trojan-activity; sid:100004845; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"darkartists.org"; classtype:trojan-activity; sid:100004846; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"darna-online.org"; classtype:trojan-activity; sid:100004847; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"dashboard.khholdings.co.za"; classtype:trojan-activity; sid:100004848; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"data-host-coin-8.com"; classtype:trojan-activity; sid:100004849; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"data.cdevelop.org"; classtype:trojan-activity; sid:100004850; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"data.over-blog-kiwi.com"; classtype:trojan-activity; sid:100004851; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"datapolish.com"; classtype:trojan-activity; sid:100004852; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"dauiel.com"; classtype:trojan-activity; sid:100004853; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"davidmcguinness.info"; classtype:trojan-activity; sid:100004854; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"ddl7.data.hu"; classtype:trojan-activity; sid:100004855; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"ddl8.data.hu"; classtype:trojan-activity; sid:100004856; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"deagroup-ks.com"; classtype:trojan-activity; sid:100004857; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"deb43e46-145f-4ebd-abfb-69a78b67bacf.usrfiles.com"; classtype:trojan-activity; sid:100004858; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"definingdetail.ca"; classtype:trojan-activity; sid:100004859; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"dekasitkimya.com"; classtype:trojan-activity; sid:100004860; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"dekovizyon.com"; classtype:trojan-activity; sid:100004861; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"delihuerto.com"; classtype:trojan-activity; sid:100004862; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"demo.aakar360.com"; classtype:trojan-activity; sid:100004863; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"demo.fontecsys.net"; classtype:trojan-activity; sid:100004864; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"demo.nhabe360.com"; classtype:trojan-activity; sid:100004865; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"demo.shooes.in"; classtype:trojan-activity; sid:100004866; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"dental.xiaoxiao.media"; classtype:trojan-activity; sid:100004867; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"derekmok.wpsupport.urdemo.website"; classtype:trojan-activity; sid:100004868; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"deseo.torreblancamusica.com"; classtype:trojan-activity; sid:100004869; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"designerliving.co.za"; classtype:trojan-activity; sid:100004870; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"designoweb.website"; classtype:trojan-activity; sid:100004871; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"dev-exec-champions-for-growth.pantheonsite.io"; classtype:trojan-activity; sid:100004872; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"dev.apna-foods.com"; classtype:trojan-activity; sid:100004873; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"dev.beneficialelectrification-co.com"; classtype:trojan-activity; sid:100004874; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"dev.crystalclearvapestore.co.uk"; classtype:trojan-activity; sid:100004875; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"dev.sebpo.net"; classtype:trojan-activity; sid:100004876; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"dev2-admin.ycbnt.net"; classtype:trojan-activity; sid:100004877; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"development.goipcloud.co.ke"; classtype:trojan-activity; sid:100004878; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"dezcom.com"; classtype:trojan-activity; sid:100004879; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"dft.global"; classtype:trojan-activity; sid:100004880; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"dhart.id"; classtype:trojan-activity; sid:100004881; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"diacomarket.com"; classtype:trojan-activity; sid:100004882; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"diamantesviagens.com.br"; classtype:trojan-activity; sid:100004883; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"digitalfrontieracademy.com"; classtype:trojan-activity; sid:100004884; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"dijkstra-kolbe.nl"; classtype:trojan-activity; sid:100004885; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"discoveryast.com"; classtype:trojan-activity; sid:100004886; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"divinaprovidenciaautlan.com"; classtype:trojan-activity; sid:100004887; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"djking.f3322.net"; classtype:trojan-activity; sid:100004888; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"djtransport.ch"; classtype:trojan-activity; sid:100004889; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"dkkdlfrl.beget.tech"; classtype:trojan-activity; sid:100004890; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"dl.1003b.56a.com"; classtype:trojan-activity; sid:100004891; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"dl.198424.com"; classtype:trojan-activity; sid:100004892; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"dl.9xu.com"; classtype:trojan-activity; sid:100004893; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"dl.installcdn-aws.com"; classtype:trojan-activity; sid:100004894; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"dl.pandasecur.com"; classtype:trojan-activity; sid:100004895; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"dl.rina-roleplay.com"; classtype:trojan-activity; sid:100004896; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"dmequest.com"; classtype:trojan-activity; sid:100004897; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"dnstructure.com"; classtype:trojan-activity; sid:100004898; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"do-cloclo.com"; classtype:trojan-activity; sid:100004899; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"dodsonimaging.com"; classtype:trojan-activity; sid:100004900; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"dodunggiadinhbendep.shop"; classtype:trojan-activity; sid:100004901; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"dolceandcafe.wpsupport.urdemo.website"; classtype:trojan-activity; sid:100004902; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"dollscorner.com"; classtype:trojan-activity; sid:100004903; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"dom.daf.free.fr"; classtype:trojan-activity; sid:100004904; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"doncedyhall.com"; classtype:trojan-activity; sid:100004905; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"dongnaitw.com"; classtype:trojan-activity; sid:100004906; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"dosman.pl"; classtype:trojan-activity; sid:100004907; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"doublekgraphics.wpsupport.urdemo.website"; classtype:trojan-activity; sid:100004908; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"down.1230578.com"; classtype:trojan-activity; sid:100004909; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"down.pcclear.com"; classtype:trojan-activity; sid:100004910; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"down.rxgif.cn"; classtype:trojan-activity; sid:100004911; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"down.udashi.com"; classtype:trojan-activity; sid:100004912; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"down.webbora.com"; classtype:trojan-activity; sid:100004913; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"down.yjhyjl.cn"; classtype:trojan-activity; sid:100004914; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"download.caihong.com"; classtype:trojan-activity; sid:100004915; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"download.pdf00.cn"; classtype:trojan-activity; sid:100004916; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"download.rising.com.cn"; classtype:trojan-activity; sid:100004917; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"download.skycn.com"; classtype:trojan-activity; sid:100004918; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"download2.info"; classtype:trojan-activity; sid:100004919; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"downloads.bcweb.org.uk"; classtype:trojan-activity; sid:100004920; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"downloafilesaccess.ddns.net"; classtype:trojan-activity; sid:100004921; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"downshiftingrace.top"; classtype:trojan-activity; sid:100004922; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"dr-management.org"; classtype:trojan-activity; sid:100004923; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"dralexandrecavalcante.com.br"; classtype:trojan-activity; sid:100004924; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"dreamwatchevent.com"; classtype:trojan-activity; sid:100004925; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"drkalan.com"; classtype:trojan-activity; sid:100004926; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"drsha.innovativesolutions.mobi"; classtype:trojan-activity; sid:100004927; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"du-wizards.com"; classtype:trojan-activity; sid:100004928; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"dukaree.com"; classtype:trojan-activity; sid:100004929; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"dunsonkauai.com"; classtype:trojan-activity; sid:100004930; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"duoyuhudong.cn"; classtype:trojan-activity; sid:100004931; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"dutapp.wisolve.co.za"; classtype:trojan-activity; sid:100004932; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"dx.qqyewu.com"; classtype:trojan-activity; sid:100004933; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"e-learning.iskandariah.perubatan.org"; classtype:trojan-activity; sid:100004934; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"e-weddingcardswala.in"; classtype:trojan-activity; sid:100004935; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"earnmoneylending.joinbuyerslist.com"; classtype:trojan-activity; sid:100004936; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"earthconservationcorps.wpsupport.urdemo.website"; classtype:trojan-activity; sid:100004937; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"earthconservationcorps2017.wpsupport.urdemo.website"; classtype:trojan-activity; sid:100004938; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"eastmatt.com"; classtype:trojan-activity; sid:100004939; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"easybrand.vn"; classtype:trojan-activity; sid:100004940; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"easyviettravel.vn"; classtype:trojan-activity; sid:100004941; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"ebow.wpsupport.urdemo.website"; classtype:trojan-activity; sid:100004942; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"ebow1.wpsupport.urdemo.website"; classtype:trojan-activity; sid:100004943; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"ec2-54-176-200-147.us-west-1.compute.amazonaws.com"; classtype:trojan-activity; sid:100004944; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"ecim.azneomedia.ro"; classtype:trojan-activity; sid:100004945; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"edesign-agency.com"; classtype:trojan-activity; sid:100004946; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"edf41f52-452f-4671-a310-1da9f1d2ecd8.usrfiles.com"; classtype:trojan-activity; sid:100004947; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"edu.adels.store"; classtype:trojan-activity; sid:100004948; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"edu.pmvanini.rs.gov.br"; classtype:trojan-activity; sid:100004949; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"educationconsortium.org"; classtype:trojan-activity; sid:100004950; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"ef-web.com"; classtype:trojan-activity; sid:100004951; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"eidoss.mx"; classtype:trojan-activity; sid:100004952; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"elbauldelosregalos.com"; classtype:trojan-activity; sid:100004953; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"elearning.physiotraining.com.gt"; classtype:trojan-activity; sid:100004954; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"electrocanada.online"; classtype:trojan-activity; sid:100004955; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"elevate.kushedup.com"; classtype:trojan-activity; sid:100004956; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"emaids.co.za"; classtype:trojan-activity; sid:100004957; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"email.ogivart.us"; classtype:trojan-activity; sid:100004958; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"email.uki.co.il"; classtype:trojan-activity; sid:100004959; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"emegablog.com"; classtype:trojan-activity; sid:100004960; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"emepassports.com.xdtech.site"; classtype:trojan-activity; sid:100004961; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"emmanuelle-guillemard.fr"; classtype:trojan-activity; sid:100004962; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"empowercareer.com"; classtype:trojan-activity; sid:100004963; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"emtc.jp"; classtype:trojan-activity; sid:100004964; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"en.baoend.com"; classtype:trojan-activity; sid:100004965; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"en.dsdkochoracin.com.mk"; classtype:trojan-activity; sid:100004966; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"enc-tech.com"; classtype:trojan-activity; sid:100004967; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"endoinstruments.co.uk"; classtype:trojan-activity; sid:100004968; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"entelkoy.net"; classtype:trojan-activity; sid:100004969; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"ergotherapeia-kalamata.gr"; classtype:trojan-activity; sid:100004970; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"es.islamforchristians.com"; classtype:trojan-activity; sid:100004971; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"eslomingenieria.com.ar"; classtype:trojan-activity; sid:100004972; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"esoftworld.co.kr"; classtype:trojan-activity; sid:100004973; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"estiloymadera.com.py"; classtype:trojan-activity; sid:100004974; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"estudeoline.colegioomega.com"; classtype:trojan-activity; sid:100004975; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"estudiogflz.com.ar"; classtype:trojan-activity; sid:100004976; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"etisalatbuyback.com"; classtype:trojan-activity; sid:100004977; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"evaluecrm.com"; classtype:trojan-activity; sid:100004978; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"excavatorgroup.com"; classtype:trojan-activity; sid:100004979; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"exilum.com"; classtype:trojan-activity; sid:100004980; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"expansion.co.uk"; classtype:trojan-activity; sid:100004981; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"expansion360.net"; classtype:trojan-activity; sid:100004982; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"extensivevinylservices.com"; classtype:trojan-activity; sid:100004983; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"extractjob.com"; classtype:trojan-activity; sid:100004984; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"f.gogamef.com"; classtype:trojan-activity; sid:100004985; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"faai-international.com"; classtype:trojan-activity; sid:100004986; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"fabritonescontract.com"; classtype:trojan-activity; sid:100004987; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"fam-int.com"; classtype:trojan-activity; sid:100004988; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"familydentist.site"; classtype:trojan-activity; sid:100004989; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"familytree.swantech.ae"; classtype:trojan-activity; sid:100004990; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"fbtautotrade.com"; classtype:trojan-activity; sid:100004991; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"fc.co.mz"; classtype:trojan-activity; sid:100004992; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"fd.uqidong.com"; classtype:trojan-activity; sid:100004993; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"felicienne.nl"; classtype:trojan-activity; sid:100004994; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"ferozeajmali.com"; classtype:trojan-activity; sid:100004995; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"festivalcircus.com"; classtype:trojan-activity; sid:100004996; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"fibidomarkets.com"; classtype:trojan-activity; sid:100004997; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"file-file-host4.com"; classtype:trojan-activity; sid:100004998; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"files5.uludagbilisim.com"; classtype:trojan-activity; sid:100004999; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"files6.uludagbilisim.com"; classtype:trojan-activity; sid:100005000; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"filmfestival.sourcetaggers.com"; classtype:trojan-activity; sid:100005001; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"filmigalaxy.com"; classtype:trojan-activity; sid:100005002; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"finconsulting.us"; classtype:trojan-activity; sid:100005003; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"finewoodframes.com"; classtype:trojan-activity; sid:100005004; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"fisio.rshasto.com"; classtype:trojan-activity; sid:100005005; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"fit4allabilities.wpsupport.urdemo.website"; classtype:trojan-activity; sid:100005006; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"fitnesstrening.digitalmdia.com"; classtype:trojan-activity; sid:100005007; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"fitrahhanniah.sch.id"; classtype:trojan-activity; sid:100005008; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"fixstudio.co.kr"; classtype:trojan-activity; sid:100005009; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"fizik.tv.tr"; classtype:trojan-activity; sid:100005010; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"flyff.asia"; classtype:trojan-activity; sid:100005011; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"formacionpoliticachihuahua.org"; classtype:trojan-activity; sid:100005012; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"formaprolangues.fr"; classtype:trojan-activity; sid:100005013; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"fortcomfurniture.com"; classtype:trojan-activity; sid:100005014; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"fotoobjetivo.com"; classtype:trojan-activity; sid:100005015; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"foundationrepairhoustontx.net"; classtype:trojan-activity; sid:100005016; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"foxeps.com.br"; classtype:trojan-activity; sid:100005017; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"frcomex.com.br"; classtype:trojan-activity; sid:100005018; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"freemanuat.megahubhk.com"; classtype:trojan-activity; sid:100005019; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"freereadmanga.com"; classtype:trojan-activity; sid:100005020; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"freesoftwares.ml"; classtype:trojan-activity; sid:100005021; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"fromtofor.ca"; classtype:trojan-activity; sid:100005022; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"fse.in.ua"; classtype:trojan-activity; sid:100005023; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"fullelectronica.com.ar"; classtype:trojan-activity; sid:100005024; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"fulltai.top"; classtype:trojan-activity; sid:100005025; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"funletters.net"; classtype:trojan-activity; sid:100005026; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"funpress.ir"; classtype:trojan-activity; sid:100005027; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"furyx.de"; classtype:trojan-activity; sid:100005028; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"fxliquiditymarkets.com"; classtype:trojan-activity; sid:100005029; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"g.nxxxn.ga"; classtype:trojan-activity; sid:100005030; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"g2amarketing.com"; classtype:trojan-activity; sid:100005031; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"gadopax.vn"; classtype:trojan-activity; sid:100005032; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"gaia-enterprise.com"; classtype:trojan-activity; sid:100005033; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"gaidov.bg"; classtype:trojan-activity; sid:100005034; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"galaxy.managesquare.com"; classtype:trojan-activity; sid:100005035; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"gan-n.cloud-downloader.com"; classtype:trojan-activity; sid:100005036; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"garibaldidal1970.com"; classtype:trojan-activity; sid:100005037; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"gastronews.by"; classtype:trojan-activity; sid:100005038; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"gaurav.wpsupport.urdemo.website"; classtype:trojan-activity; sid:100005039; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"gdyakali.com"; classtype:trojan-activity; sid:100005040; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"geo-lines.com"; classtype:trojan-activity; sid:100005041; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"geograf.uz"; classtype:trojan-activity; sid:100005042; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"giadinhviet.com"; classtype:trojan-activity; sid:100005043; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"global-dis.com"; classtype:trojan-activity; sid:100005044; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"globaldeeds.com"; classtype:trojan-activity; sid:100005045; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"globalprod.ru"; classtype:trojan-activity; sid:100005046; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"globodyinc.globodyinc.biz"; classtype:trojan-activity; sid:100005047; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"gobiernaconingenio.com"; classtype:trojan-activity; sid:100005048; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"gocnhotaichinh.com"; classtype:trojan-activity; sid:100005049; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"godfathersjunk.com"; classtype:trojan-activity; sid:100005050; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"godubai.club"; classtype:trojan-activity; sid:100005051; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"godzuwaglobalventures.com"; classtype:trojan-activity; sid:100005052; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"goldenasiacapital.com"; classtype:trojan-activity; sid:100005053; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"goldfinancenews.com"; classtype:trojan-activity; sid:100005054; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"gp.gamebuy768.com"; classtype:trojan-activity; sid:100005055; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"gpoleri.com.ar"; classtype:trojan-activity; sid:100005056; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"grand-element.ru"; classtype:trojan-activity; sid:100005057; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"grandspree.com"; classtype:trojan-activity; sid:100005058; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"grantpacejuuva.com"; classtype:trojan-activity; sid:100005059; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"greatemploy.com"; classtype:trojan-activity; sid:100005060; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"greatmagazinesgift.co.uk"; classtype:trojan-activity; sid:100005061; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"greektaverna.tk"; classtype:trojan-activity; sid:100005062; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"greendayband.top"; classtype:trojan-activity; sid:100005063; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"greenhillsacademy.org"; classtype:trojan-activity; sid:100005064; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"greenso.com.vn"; classtype:trojan-activity; sid:100005065; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"greenvalleycustomknives.wpsupport.urdemo.website"; classtype:trojan-activity; sid:100005066; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"greepie.com"; classtype:trojan-activity; sid:100005067; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"grey-boat.flywheelsites.com"; classtype:trojan-activity; sid:100005068; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"grubbear.com"; classtype:trojan-activity; sid:100005069; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"grundrente24.de"; classtype:trojan-activity; sid:100005070; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"gruzof.by"; classtype:trojan-activity; sid:100005071; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"gs.monerorx.com"; classtype:trojan-activity; sid:100005072; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"gstsevacenter.wpsupport.urdemo.website"; classtype:trojan-activity; sid:100005073; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"gstsuvidhakendrauchana.wpsupport.urdemo.website"; classtype:trojan-activity; sid:100005074; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"gt-max.com.my"; classtype:trojan-activity; sid:100005075; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"guillermomanrique.com.mx"; classtype:trojan-activity; sid:100005076; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"guongnoithat.com"; classtype:trojan-activity; sid:100005077; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"gwcrresearch.org"; classtype:trojan-activity; sid:100005078; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"gyapu-b2b.digitechnologynepal.com"; classtype:trojan-activity; sid:100005079; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"gyapu.digitechnologynepal.com"; classtype:trojan-activity; sid:100005080; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"gym.quicksoft.in"; classtype:trojan-activity; sid:100005081; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"gzesa.net"; classtype:trojan-activity; sid:100005082; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"gzndfit.com"; classtype:trojan-activity; sid:100005083; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"habbotips.free.fr"; classtype:trojan-activity; sid:100005084; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"hachiryoukai.net"; classtype:trojan-activity; sid:100005085; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"hagebakken.no"; classtype:trojan-activity; sid:100005086; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"halkidikinet.gr"; classtype:trojan-activity; sid:100005087; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"hanafoodco.com"; classtype:trojan-activity; sid:100005088; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"hanso.com.au"; classtype:trojan-activity; sid:100005089; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"hartcontractorsltd.com"; classtype:trojan-activity; sid:100005090; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"hashtagmedia.co.in"; classtype:trojan-activity; sid:100005091; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"hata.co.za"; classtype:trojan-activity; sid:100005092; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"hb888.luminati-china.net"; classtype:trojan-activity; sid:100005093; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"hdkamera2003.hu"; classtype:trojan-activity; sid:100005094; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"healthandwellnessbotanicals.wpsupport.urdemo.website"; classtype:trojan-activity; sid:100005095; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"healthandwellnessbotanicalsdemo.wpsupport.urdemo.website"; classtype:trojan-activity; sid:100005096; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"healthnoteacademy.com"; classtype:trojan-activity; sid:100005097; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"heinrich.su-projects2.de"; classtype:trojan-activity; sid:100005098; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"hellogorgeous.com.au"; classtype:trojan-activity; sid:100005099; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"helpfoundation.uxgorilla.com"; classtype:trojan-activity; sid:100005100; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"herchinfitout.com.sg"; classtype:trojan-activity; sid:100005101; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"heyyou6013.lowjunnhoi.repl.co"; classtype:trojan-activity; sid:100005102; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"hhaward.org"; classtype:trojan-activity; sid:100005103; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"highlandslasvegas.atakdev.com"; classtype:trojan-activity; sid:100005104; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"himganic.com"; classtype:trojan-activity; sid:100005105; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"hindimedia.in"; classtype:trojan-activity; sid:100005106; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"hitstation.nl"; classtype:trojan-activity; sid:100005107; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"hlm-indonesia.com"; classtype:trojan-activity; sid:100005108; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"hongluosi.com"; classtype:trojan-activity; sid:100005109; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"honours.com.ng"; classtype:trojan-activity; sid:100005110; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"hookafrica.com"; classtype:trojan-activity; sid:100005111; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"hookedupboatclub.com"; classtype:trojan-activity; sid:100005112; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"hordlepc.com"; classtype:trojan-activity; sid:100005113; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"hospital.isra.support"; classtype:trojan-activity; sid:100005114; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"hospital.shuleyanguonline.co.ke"; classtype:trojan-activity; sid:100005115; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"hospitech.my"; classtype:trojan-activity; sid:100005116; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"hostingparacolombia.com"; classtype:trojan-activity; sid:100005117; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"hotelhadieh.ir"; classtype:trojan-activity; sid:100005118; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"hotelluxura.com"; classtype:trojan-activity; sid:100005119; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"houseatthebeachinoc.com"; classtype:trojan-activity; sid:100005120; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"houstonshutters.site"; classtype:trojan-activity; sid:100005121; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"hoverspec.com"; classtype:trojan-activity; sid:100005122; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"howimetyourdata.com"; classtype:trojan-activity; sid:100005123; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"hr2019.vrcom7.com"; classtype:trojan-activity; sid:100005124; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"hsecaravans.co.uk"; classtype:trojan-activity; sid:100005125; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"hseda.com"; classtype:trojan-activity; sid:100005126; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"htownbars.com"; classtype:trojan-activity; sid:100005127; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"humanresourceslifeline.com"; classtype:trojan-activity; sid:100005128; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"humvegetarian.w3.eyeteam.vn"; classtype:trojan-activity; sid:100005129; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"hunggiang.vn"; classtype:trojan-activity; sid:100005130; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"hyundai-automotorsport.com"; classtype:trojan-activity; sid:100005131; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"hz1.xhjmmm.com"; classtype:trojan-activity; sid:100005132; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"ia801502.us.archive.org"; classtype:trojan-activity; sid:100005133; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"ibooking.campaignhub.net"; classtype:trojan-activity; sid:100005134; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"icmarkets-zhg.cn"; classtype:trojan-activity; sid:100005135; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"idcard.northerntrader.net"; classtype:trojan-activity; sid:100005136; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"idilsoft.com"; classtype:trojan-activity; sid:100005137; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"idj.no"; classtype:trojan-activity; sid:100005138; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"ikejaclub.org"; classtype:trojan-activity; sid:100005139; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"ikomfort.hk"; classtype:trojan-activity; sid:100005140; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"iloop.sourcetaggers.com"; classtype:trojan-activity; sid:100005141; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"immunotec.network"; classtype:trojan-activity; sid:100005142; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"imobiles.pk"; classtype:trojan-activity; sid:100005143; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"incrediblepixels.com"; classtype:trojan-activity; sid:100005144; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"incredicole.com"; classtype:trojan-activity; sid:100005145; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"indianjewellery.art"; classtype:trojan-activity; sid:100005146; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"indonesias.me"; classtype:trojan-activity; sid:100005147; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"indrasbikaner.com"; classtype:trojan-activity; sid:100005148; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"indrayasambavam.com"; classtype:trojan-activity; sid:100005149; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"informativemind.com"; classtype:trojan-activity; sid:100005150; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"infovator.com"; classtype:trojan-activity; sid:100005151; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"inkwellcafe.com"; classtype:trojan-activity; sid:100005152; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"innerknower.co.uk"; classtype:trojan-activity; sid:100005153; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"innosolv-idine.com"; classtype:trojan-activity; sid:100005154; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"inquo.com.mx"; classtype:trojan-activity; sid:100005155; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"interviewsetup.com"; classtype:trojan-activity; sid:100005156; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"inventory.sourcetaggers.com"; classtype:trojan-activity; sid:100005157; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"invoice.99p.ru"; classtype:trojan-activity; sid:100005158; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"iptel.cy"; classtype:trojan-activity; sid:100005159; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"isaac.mikhailmotoringschool.com"; classtype:trojan-activity; sid:100005160; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"isatechnology.com"; classtype:trojan-activity; sid:100005161; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"izeltelekom.com"; classtype:trojan-activity; sid:100005162; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"j2prints.com"; classtype:trojan-activity; sid:100005163; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"jamshed.pk"; classtype:trojan-activity; sid:100005164; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"jardinaix.fr"; classtype:trojan-activity; sid:100005165; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"jay.diamondrelationscrm.us"; classtype:trojan-activity; sid:100005166; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"jcedu.org"; classtype:trojan-activity; sid:100005167; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"jcon.in"; classtype:trojan-activity; sid:100005168; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"jebs.net.au"; classtype:trojan-activity; sid:100005169; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"jeffdahlke.com"; classtype:trojan-activity; sid:100005170; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"jennwolfemtb.com"; classtype:trojan-activity; sid:100005171; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"jerminpelle.com"; classtype:trojan-activity; sid:100005172; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"jfsc.chauka.in"; classtype:trojan-activity; sid:100005173; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"jhayesconsulting.com"; classtype:trojan-activity; sid:100005174; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"jingyaotrading.simply.com.sg"; classtype:trojan-activity; sid:100005175; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"jochiexpress.com"; classtype:trojan-activity; sid:100005176; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"jointings.org"; classtype:trojan-activity; sid:100005177; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"joldishop.com"; classtype:trojan-activity; sid:100005178; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"jpcleaningservices2.davaohorizon.com"; classtype:trojan-activity; sid:100005179; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"jqueri-web.at"; classtype:trojan-activity; sid:100005180; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"js-hurling.com"; classtype:trojan-activity; sid:100005181; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"juancarloshernandez.us"; classtype:trojan-activity; sid:100005182; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"jurnalismictv.com"; classtype:trojan-activity; sid:100005183; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"justinscott.com.au"; classtype:trojan-activity; sid:100005184; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"k-antiques.jp"; classtype:trojan-activity; sid:100005185; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"kadigital.co.uk"; classtype:trojan-activity; sid:100005186; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"kalogirosfinance.com"; classtype:trojan-activity; sid:100005187; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"kamac.com.br"; classtype:trojan-activity; sid:100005188; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"kaptured.io"; classtype:trojan-activity; sid:100005189; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"karer.by"; classtype:trojan-activity; sid:100005190; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"katanvetov.co.il"; classtype:trojan-activity; sid:100005191; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"kc4el.org"; classtype:trojan-activity; sid:100005192; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"kdaoskdokaodkwldld.blogspot.com"; classtype:trojan-activity; sid:100005193; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"kdavisinsurancegroup.com"; classtype:trojan-activity; sid:100005194; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"kedaiweb.com.my"; classtype:trojan-activity; sid:100005195; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"kenaridjaja.com"; classtype:trojan-activity; sid:100005196; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"kensingtondriving.com"; classtype:trojan-activity; sid:100005197; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"khbd.41319.top"; classtype:trojan-activity; sid:100005198; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"khbd.mbtuan.com"; classtype:trojan-activity; sid:100005199; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"kickofflaos.com"; classtype:trojan-activity; sid:100005200; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"kimjikuk.luxeone.cn"; classtype:trojan-activity; sid:100005201; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"kimyen.net"; classtype:trojan-activity; sid:100005202; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"kingsquare.pk"; classtype:trojan-activity; sid:100005203; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"kizitox.cf"; classtype:trojan-activity; sid:100005204; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"kjcpromo.com"; classtype:trojan-activity; sid:100005205; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"klearning.co.uk"; classtype:trojan-activity; sid:100005206; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"klija.net"; classtype:trojan-activity; sid:100005207; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"kodekode.ac.ug"; classtype:trojan-activity; sid:100005208; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"korrectconceptservices.com"; classtype:trojan-activity; sid:100005209; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"kotob.top"; classtype:trojan-activity; sid:100005210; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"krainikovvlad.eternalhost.info"; classtype:trojan-activity; sid:100005211; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"kramersmarionnettes.com"; classtype:trojan-activity; sid:100005212; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"krisbadminton.com"; classtype:trojan-activity; sid:100005213; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"krishnapowers.com"; classtype:trojan-activity; sid:100005214; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"krusevo.gov.mk"; classtype:trojan-activity; sid:100005215; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"ks.cn"; classtype:trojan-activity; sid:100005216; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"ksansari.pk"; classtype:trojan-activity; sid:100005217; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"ku555vn.win"; classtype:trojan-activity; sid:100005218; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"kutegiagoc.com"; classtype:trojan-activity; sid:100005219; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"lameguard.ru"; classtype:trojan-activity; sid:100005220; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"landing.serv-il.co.il"; classtype:trojan-activity; sid:100005221; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"landing.yetiapp.ec"; classtype:trojan-activity; sid:100005222; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"lasermobilesounds.co.uk"; classtype:trojan-activity; sid:100005223; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"lasflores.sayhellosv.com"; classtype:trojan-activity; sid:100005224; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"latinaked.club"; classtype:trojan-activity; sid:100005225; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"lawfirm.paperbirdtech.com"; classtype:trojan-activity; sid:100005226; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"lceventos.net"; classtype:trojan-activity; sid:100005227; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"ld.mediaget.com"; classtype:trojan-activity; sid:100005228; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"ldgcorp.com"; classtype:trojan-activity; sid:100005229; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"learnfastearn.com"; classtype:trojan-activity; sid:100005230; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"learning.fawe.org"; classtype:trojan-activity; sid:100005231; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"learninglectures.com"; classtype:trojan-activity; sid:100005232; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"leasiacherise.com"; classtype:trojan-activity; sid:100005233; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"legend.nu"; classtype:trojan-activity; sid:100005234; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"lennart.serv.se"; classtype:trojan-activity; sid:100005235; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"lestesteux.ca"; classtype:trojan-activity; sid:100005236; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"library.arihantmbainstitute.ac.in"; classtype:trojan-activity; sid:100005237; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"lidamtour.com"; classtype:trojan-activity; sid:100005238; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"lindnerelektroanlagen.de"; classtype:trojan-activity; sid:100005239; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"linhkienzopo.vn"; classtype:trojan-activity; sid:100005240; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"linkintec.cn"; classtype:trojan-activity; sid:100005241; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"livehelpco.com"; classtype:trojan-activity; sid:100005242; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"livetrack.in"; classtype:trojan-activity; sid:100005243; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"lm.stagingarea.co.za"; classtype:trojan-activity; sid:100005244; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"lms.cstdevs.com"; classtype:trojan-activity; sid:100005245; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"lngdzc.love"; classtype:trojan-activity; sid:100005246; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"location-voitures.ma"; classtype:trojan-activity; sid:100005247; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"londonschoolofmotoring.co.uk"; classtype:trojan-activity; sid:100005248; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"longcheckdo.com"; classtype:trojan-activity; sid:100005249; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"lookvitrine.com"; classtype:trojan-activity; sid:100005250; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"lorimakafrica.com"; classtype:trojan-activity; sid:100005251; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"los3don.com"; classtype:trojan-activity; sid:100005252; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"lotsync.com"; classtype:trojan-activity; sid:100005253; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"ls-droid.com"; classtype:trojan-activity; sid:100005254; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"ltc.typoten.com"; classtype:trojan-activity; sid:100005255; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"lucyonmued.site"; classtype:trojan-activity; sid:100005256; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"luminouspneuma.com"; classtype:trojan-activity; sid:100005257; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"lurchmath.org"; classtype:trojan-activity; sid:100005258; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"m-techcollege.com"; classtype:trojan-activity; sid:100005259; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"m-technics.kz"; classtype:trojan-activity; sid:100005260; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"m.ashiwenhua.net"; classtype:trojan-activity; sid:100005261; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"macmor-media.com.au"; classtype:trojan-activity; sid:100005262; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"madicon.co.za"; classtype:trojan-activity; sid:100005263; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"magic-tiles-stain-remover.com"; classtype:trojan-activity; sid:100005264; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"mahalkoh.com"; classtype:trojan-activity; sid:100005265; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"mail.bs-eiendomme.co.za"; classtype:trojan-activity; sid:100005266; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"mail.filastiniyat.org"; classtype:trojan-activity; sid:100005267; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"mail.tucorp.com.au"; classtype:trojan-activity; sid:100005268; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"mailer.srkcommunication.biz"; classtype:trojan-activity; sid:100005269; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"maison-du-parc.com"; classtype:trojan-activity; sid:100005270; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"makeupuccino.com"; classtype:trojan-activity; sid:100005271; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"maltese-company.com"; classtype:trojan-activity; sid:100005272; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"manumaarifkds.sch.id"; classtype:trojan-activity; sid:100005273; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"maquinadosgutierrez.com"; classtype:trojan-activity; sid:100005274; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"marcyovcx.ru"; classtype:trojan-activity; sid:100005275; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"mario-sunjic.com"; classtype:trojan-activity; sid:100005276; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"mariobrown.net"; classtype:trojan-activity; sid:100005277; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"marketingonline.com"; classtype:trojan-activity; sid:100005278; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"marketplace-devel.supplychaintrace.com"; classtype:trojan-activity; sid:100005279; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"marketshares43.com"; classtype:trojan-activity; sid:100005280; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"marksidfgs.ug"; classtype:trojan-activity; sid:100005281; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"marquesvogt.com"; classtype:trojan-activity; sid:100005282; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"masterlimpieza.com.ar"; classtype:trojan-activity; sid:100005283; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"matisaas.ac.ug"; classtype:trojan-activity; sid:100005284; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"matiti.ug"; classtype:trojan-activity; sid:100005285; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"matong47.com"; classtype:trojan-activity; sid:100005286; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"mayank.cybervate.com"; classtype:trojan-activity; sid:100005287; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"mbgrm.com"; classtype:trojan-activity; sid:100005288; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"mbologwuholing.co.ug"; classtype:trojan-activity; sid:100005289; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"mbsolutions.ge"; classtype:trojan-activity; sid:100005290; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"mebli-land.com"; classtype:trojan-activity; sid:100005291; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"mechanoesis.gr"; classtype:trojan-activity; sid:100005292; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"medianews.ge"; classtype:trojan-activity; sid:100005293; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"meetinvestment.club"; classtype:trojan-activity; sid:100005294; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"meeweb.com"; classtype:trojan-activity; sid:100005295; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"megagynreformas.com.br"; classtype:trojan-activity; sid:100005296; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"megamart.afnan-amc.com"; classtype:trojan-activity; sid:100005297; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"meltatours.co.za"; classtype:trojan-activity; sid:100005298; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"members.westnet.com.au"; classtype:trojan-activity; sid:100005299; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"meninadofuturo.com.br"; classtype:trojan-activity; sid:100005300; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"merchantbli.myitas.net"; classtype:trojan-activity; sid:100005301; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"metro.fingerbus.cn"; classtype:trojan-activity; sid:100005302; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"mex035.com"; classtype:trojan-activity; sid:100005303; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"mfevr.com"; classtype:trojan-activity; sid:100005304; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"mgah.flywheelsites.com"; classtype:trojan-activity; sid:100005305; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"mibilizi.rw"; classtype:trojan-activity; sid:100005306; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"michimichiblog.net"; classtype:trojan-activity; sid:100005307; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"microblading.mirliandias.com.br"; classtype:trojan-activity; sid:100005308; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"microcomm-group.com"; classtype:trojan-activity; sid:100005309; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"midlandtexasconstruction.com"; classtype:trojan-activity; sid:100005310; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"mijinogu.com"; classtype:trojan-activity; sid:100005311; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"mikhailmotoringschool.com"; classtype:trojan-activity; sid:100005312; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"milhojas.is"; classtype:trojan-activity; sid:100005313; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"minareklam.com.tr"; classtype:trojan-activity; sid:100005314; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"miradordeingunza.org"; classtype:trojan-activity; sid:100005315; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"mirror.mypage.sk"; classtype:trojan-activity; sid:100005316; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"misterson.com"; classtype:trojan-activity; sid:100005317; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"mistydeblasiophotography.com"; classtype:trojan-activity; sid:100005318; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"mkontakt.az"; classtype:trojan-activity; sid:100005319; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"mktf.mx"; classtype:trojan-activity; sid:100005320; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"mladtehnik.com"; classtype:trojan-activity; sid:100005321; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"mmdx.com"; classtype:trojan-activity; sid:100005322; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"mncarteam.com"; classtype:trojan-activity; sid:100005323; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"mobile.lovplus.com"; classtype:trojan-activity; sid:100005324; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"moe.xiaomitq.com"; classtype:trojan-activity; sid:100005325; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"moninediy.com"; classtype:trojan-activity; sid:100005326; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"monorailegypt.com"; classtype:trojan-activity; sid:100005327; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"monosun.net"; classtype:trojan-activity; sid:100005328; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"montanasanadora.co"; classtype:trojan-activity; sid:100005329; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"morishim.com"; classtype:trojan-activity; sid:100005330; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"morrysbagels.com"; classtype:trojan-activity; sid:100005331; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"mos-app.myitas.net"; classtype:trojan-activity; sid:100005332; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"motocarbrasil.org"; classtype:trojan-activity; sid:100005333; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"mourao.net"; classtype:trojan-activity; sid:100005334; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"mpesa.shuleyanguonline.co.ke"; classtype:trojan-activity; sid:100005335; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"mr-iroonia.ir"; classtype:trojan-activity; sid:100005336; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"mr-mahmoud-hassan.com"; classtype:trojan-activity; sid:100005337; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"ms-logistics.us"; classtype:trojan-activity; sid:100005338; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"msc-services.s3.eu-west-3.amazonaws.com"; classtype:trojan-activity; sid:100005339; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"mtc.joburg.org.za"; classtype:trojan-activity; sid:100005340; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"mtmusicaemercado.com.br"; classtype:trojan-activity; sid:100005341; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"multiairsrl.com.ar"; classtype:trojan-activity; sid:100005342; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"multilevelcarparkingindia.com"; classtype:trojan-activity; sid:100005343; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"mumgee.co.za"; classtype:trojan-activity; sid:100005344; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"mutebimetalworks.com"; classtype:trojan-activity; sid:100005345; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"muzimbiti.xigubo.co.mz"; classtype:trojan-activity; sid:100005346; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"mwu.com.mx"; classtype:trojan-activity; sid:100005347; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"my.cloudme.com"; classtype:trojan-activity; sid:100005348; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"mybest-way.com"; classtype:trojan-activity; sid:100005349; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"myfreekart.com"; classtype:trojan-activity; sid:100005350; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"myhealthtrack-ta-api.brettyates.com"; classtype:trojan-activity; sid:100005351; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"myhobbyjapan.com"; classtype:trojan-activity; sid:100005352; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"mymlql.com"; classtype:trojan-activity; sid:100005353; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"mynandika.com"; classtype:trojan-activity; sid:100005354; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"mysura.it"; classtype:trojan-activity; sid:100005355; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"n2n.ph"; classtype:trojan-activity; sid:100005356; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"n4flb.net"; classtype:trojan-activity; sid:100005357; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"naeemacademy.com"; classtype:trojan-activity; sid:100005358; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"nagains.azurewebsites.net"; classtype:trojan-activity; sid:100005359; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"nasapaul.com"; classtype:trojan-activity; sid:100005360; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"nattawut-gamefowl.com"; classtype:trojan-activity; sid:100005361; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"naturespackers.co.za"; classtype:trojan-activity; sid:100005362; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"nbacancel.com"; classtype:trojan-activity; sid:100005363; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"ncrplacement.com"; classtype:trojan-activity; sid:100005364; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"necocheasexshop.com"; classtype:trojan-activity; sid:100005365; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"neoxora.lk"; classtype:trojan-activity; sid:100005366; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"nerve.untergrund.net"; classtype:trojan-activity; sid:100005367; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"nesthomes.co.ke"; classtype:trojan-activity; sid:100005368; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"netconnect.lk"; classtype:trojan-activity; sid:100005369; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"netflixmovi.com"; classtype:trojan-activity; sid:100005370; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"nettube.com.br"; classtype:trojan-activity; sid:100005371; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"networkwheels.co.za"; classtype:trojan-activity; sid:100005372; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"nevermiss.su"; classtype:trojan-activity; sid:100005373; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"newdevjyq.devjyq.com"; classtype:trojan-activity; sid:100005374; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"newhpx.com"; classtype:trojan-activity; sid:100005375; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"nextdigitalday.ru"; classtype:trojan-activity; sid:100005376; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"ngdaycare.co.za"; classtype:trojan-activity; sid:100005377; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"nhorangtreem.com"; classtype:trojan-activity; sid:100005378; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"nissan-automotorsport.com"; classtype:trojan-activity; sid:100005379; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"nitropixel.com.br"; classtype:trojan-activity; sid:100005380; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"niwf.sourcetaggers.com"; classtype:trojan-activity; sid:100005381; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"njtiledesigncenter.com"; classtype:trojan-activity; sid:100005382; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"nmkonline.com"; classtype:trojan-activity; sid:100005383; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"nomadicbees.com"; classtype:trojan-activity; sid:100005384; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"nomadknight.com"; classtype:trojan-activity; sid:100005385; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"noonimpex.com"; classtype:trojan-activity; sid:100005386; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"notebookparcalari.com"; classtype:trojan-activity; sid:100005387; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"novecchio.com"; classtype:trojan-activity; sid:100005388; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"ns1.the-widyantos.com"; classtype:trojan-activity; sid:100005389; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"nsb.org.uk"; classtype:trojan-activity; sid:100005390; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"nwx.mwtbusiness.com"; classtype:trojan-activity; sid:100005391; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"oblivioperfumes.com"; classtype:trojan-activity; sid:100005392; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"oceancitymdforsalebyowner.com"; classtype:trojan-activity; sid:100005393; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"oceancityrentalbyowner.com"; classtype:trojan-activity; sid:100005394; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"ocmdbeachrentals.com"; classtype:trojan-activity; sid:100005395; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"octopus-ecommerce.com"; classtype:trojan-activity; sid:100005396; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"odawara-paint.com"; classtype:trojan-activity; sid:100005397; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"oexcelence.com"; classtype:trojan-activity; sid:100005398; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"ofatomaringa.com.br"; classtype:trojan-activity; sid:100005399; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"office365.bellboyindia.com"; classtype:trojan-activity; sid:100005400; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"ohsewgorgeous.co.uk"; classtype:trojan-activity; sid:100005401; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"old.cybers.com.ua"; classtype:trojan-activity; sid:100005402; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"old.liceum9.ru"; classtype:trojan-activity; sid:100005403; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"oleholeh.memangbeda.website"; classtype:trojan-activity; sid:100005404; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"ombrapiatta.com"; classtype:trojan-activity; sid:100005405; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"oms.pappai.com"; classtype:trojan-activity; sid:100005406; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"omscoc.pappai.com"; classtype:trojan-activity; sid:100005407; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"on-sights.com"; classtype:trojan-activity; sid:100005408; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"online.creedglobal.in"; classtype:trojan-activity; sid:100005409; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"onyx-food.com"; classtype:trojan-activity; sid:100005410; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"opolis.io"; classtype:trojan-activity; sid:100005411; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"oracle.zzhreceive.top"; classtype:trojan-activity; sid:100005412; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"orangedoorrequest.com"; classtype:trojan-activity; sid:100005413; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"order.redroseofbristol.com"; classtype:trojan-activity; sid:100005414; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"ordereasy.hk"; classtype:trojan-activity; sid:100005415; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"ordersofmagnetude.com"; classtype:trojan-activity; sid:100005416; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"ordinateur.ogivart.us"; classtype:trojan-activity; sid:100005417; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"oreokitkat.ddns.net"; classtype:trojan-activity; sid:100005418; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"orientgatewayltd.com"; classtype:trojan-activity; sid:100005419; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"oronoziparraguirre.com"; classtype:trojan-activity; sid:100005420; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"orsan.gruporhynous.com"; classtype:trojan-activity; sid:100005421; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"oshosanzen.in"; classtype:trojan-activity; sid:100005422; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"otopmarketshop.com"; classtype:trojan-activity; sid:100005423; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"outdoortacklebox.com"; classtype:trojan-activity; sid:100005424; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"ozadowear.com"; classtype:trojan-activity; sid:100005425; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"ozemag.com"; classtype:trojan-activity; sid:100005426; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"p-sea.com"; classtype:trojan-activity; sid:100005427; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"p2db.fitrahhanniah.sch.id"; classtype:trojan-activity; sid:100005428; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"p3.zbjimg.com"; classtype:trojan-activity; sid:100005429; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"p6.zbjimg.com"; classtype:trojan-activity; sid:100005430; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"pablobrothel.com.ar"; classtype:trojan-activity; sid:100005431; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"packagingpeople.in"; classtype:trojan-activity; sid:100005432; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"pacwebdesigns.com"; classtype:trojan-activity; sid:100005433; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"paint-regen.club"; classtype:trojan-activity; sid:100005434; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"pallascapital.katchpurcity.com"; classtype:trojan-activity; sid:100005435; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"palomino.embarcar.com.pe"; classtype:trojan-activity; sid:100005436; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"panel.betfredtakeaway.com"; classtype:trojan-activity; sid:100005437; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"parallel.rockvideos.at"; classtype:trojan-activity; sid:100005438; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"parkwooddoors.co.nz"; classtype:trojan-activity; sid:100005439; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"parrotbay.net"; classtype:trojan-activity; sid:100005440; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"pataphysics.net.au"; classtype:trojan-activity; sid:100005441; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"patch2.51lg.com"; classtype:trojan-activity; sid:100005442; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"patch2.99ddd.com"; classtype:trojan-activity; sid:100005443; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"patch3.99ddd.com"; classtype:trojan-activity; sid:100005444; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"patriotpath.am"; classtype:trojan-activity; sid:100005445; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"paulmercier.biz"; classtype:trojan-activity; sid:100005446; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"pavetto.com"; classtype:trojan-activity; sid:100005447; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"paxz.tk"; classtype:trojan-activity; sid:100005448; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"pay.ewalletgold.com"; classtype:trojan-activity; sid:100005449; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"payerrealty.com"; classtype:trojan-activity; sid:100005450; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"payments.atifsiddiqui.me"; classtype:trojan-activity; sid:100005451; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"pedagogicobilingue.edu.pe"; classtype:trojan-activity; sid:100005452; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"pereiracadvogados.com.br"; classtype:trojan-activity; sid:100005453; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"pertamaperkasa55vr.com"; classtype:trojan-activity; sid:100005454; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"petknorra.com"; classtype:trojan-activity; sid:100005455; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"petroleumtechnologies.ru"; classtype:trojan-activity; sid:100005456; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"phasdesign.com"; classtype:trojan-activity; sid:100005457; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"phatthalung.drr.go.th"; classtype:trojan-activity; sid:100005458; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"phuket-expat-vaccinations.com"; classtype:trojan-activity; sid:100005459; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"piemontesasaffitti.e-bill.it"; classtype:trojan-activity; sid:100005460; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"pikasho.com"; classtype:trojan-activity; sid:100005461; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"pilotscience.com"; classtype:trojan-activity; sid:100005462; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"pink99.com"; classtype:trojan-activity; sid:100005463; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"pivot-to-virtual.com"; classtype:trojan-activity; sid:100005464; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"pixelbot.id"; classtype:trojan-activity; sid:100005465; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"pizza-italia.hu"; classtype:trojan-activity; sid:100005466; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"pk-kanavit.co.th"; classtype:trojan-activity; sid:100005467; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"placingpeoplewithpassion.com.au"; classtype:trojan-activity; sid:100005468; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"plasfan.ind.br"; classtype:trojan-activity; sid:100005469; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"playground.oaklife.ca"; classtype:trojan-activity; sid:100005470; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"playswimsuit.com"; classtype:trojan-activity; sid:100005471; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"pole.com.vc"; classtype:trojan-activity; sid:100005472; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"portocenterhotel.com.br"; classtype:trojan-activity; sid:100005473; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"posmicrosystems.com"; classtype:trojan-activity; sid:100005474; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"ppdb.smk-ciptaskill.sch.id"; classtype:trojan-activity; sid:100005475; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"predskolskaustanovastonogica.rs"; classtype:trojan-activity; sid:100005476; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"prestasicash.com.ar"; classtype:trojan-activity; sid:100005477; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"prestigehomeautomation.net"; classtype:trojan-activity; sid:100005478; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"pretorian.ac.ug"; classtype:trojan-activity; sid:100005479; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"prevenzioneformazionelavoro.it"; classtype:trojan-activity; sid:100005480; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"printee.shop"; classtype:trojan-activity; sid:100005481; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"privacytools-foryou-777.com"; classtype:trojan-activity; sid:100005482; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"privacytools-foryou777.com"; classtype:trojan-activity; sid:100005483; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"proapsoluciones.com.ar"; classtype:trojan-activity; sid:100005484; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"promas.com"; classtype:trojan-activity; sid:100005485; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"promoversdubai.com"; classtype:trojan-activity; sid:100005486; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"prosoc.nl"; classtype:trojan-activity; sid:100005487; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"prosupport.cl"; classtype:trojan-activity; sid:100005488; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"protechasia.com"; classtype:trojan-activity; sid:100005489; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"provantagemtn.co.za"; classtype:trojan-activity; sid:100005490; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"proyectartpanama.com"; classtype:trojan-activity; sid:100005491; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"prueba2.adivertirse.com.mx"; classtype:trojan-activity; sid:100005492; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"psb.sunandrajat.or.id"; classtype:trojan-activity; sid:100005493; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"punjabdevelopersassociation.com.pk"; classtype:trojan-activity; sid:100005494; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"puxudong.com"; classtype:trojan-activity; sid:100005495; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"pvcprinting.co.uk"; classtype:trojan-activity; sid:100005496; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"qe.jupiterstar.ru"; classtype:trojan-activity; sid:100005497; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"qmsled.com"; classtype:trojan-activity; sid:100005498; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"qqqformula.co.za"; classtype:trojan-activity; sid:100005499; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"qsbinternational.com"; classtype:trojan-activity; sid:100005500; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"quanminvip.cn"; classtype:trojan-activity; sid:100005501; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"quhedong.com"; classtype:trojan-activity; sid:100005502; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"quinielanfl.excellsusgroup.com"; classtype:trojan-activity; sid:100005503; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"qureshitrust.com"; classtype:trojan-activity; sid:100005504; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"qwc.com.br"; classtype:trojan-activity; sid:100005505; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"radionetprovedor.com.br"; classtype:trojan-activity; sid:100005506; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"rainbowisp.info"; classtype:trojan-activity; sid:100005507; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"rakeshkhatri.in"; classtype:trojan-activity; sid:100005508; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"ramseywetruss.com"; classtype:trojan-activity; sid:100005509; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"rangsay.com"; classtype:trojan-activity; sid:100005510; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"raqmnh.com"; classtype:trojan-activity; sid:100005511; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"raquelhelena.com.br"; classtype:trojan-activity; sid:100005512; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"rashika.ascarvalho.co.za"; classtype:trojan-activity; sid:100005513; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"ratemyfenancialadvisor.com"; classtype:trojan-activity; sid:100005514; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"reacredit.com.br"; classtype:trojan-activity; sid:100005515; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"recurehealthcare.com"; classtype:trojan-activity; sid:100005516; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"redbats.co.in"; classtype:trojan-activity; sid:100005517; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"reelectnanbaker.com"; classtype:trojan-activity; sid:100005518; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"register.srpoly.ac.th"; classtype:trojan-activity; sid:100005519; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"reifenquick.de"; classtype:trojan-activity; sid:100005520; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"relance.msk.ru"; classtype:trojan-activity; sid:100005521; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"relaxindulge.co.nz"; classtype:trojan-activity; sid:100005522; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"renehavis.com.ua"; classtype:trojan-activity; sid:100005523; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"renton.apttechsol.com"; classtype:trojan-activity; sid:100005524; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"restauranteelconvento.es"; classtype:trojan-activity; sid:100005525; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"restrolife.com"; classtype:trojan-activity; sid:100005526; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"retailelectricprovider.com"; classtype:trojan-activity; sid:100005527; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"retailexpertscloud.com"; classtype:trojan-activity; sid:100005528; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"ricambi.fixtofix.it"; classtype:trojan-activity; sid:100005529; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"rinaefoundation.org.za"; classtype:trojan-activity; sid:100005530; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"rinkaisystem-ht.com"; classtype:trojan-activity; sid:100005531; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"rkaccountants4contractors.co.uk"; classtype:trojan-activity; sid:100005532; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"romanianpoints.com"; classtype:trojan-activity; sid:100005533; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"ronakdaru.com"; classtype:trojan-activity; sid:100005534; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"roofing.galacticleads.com"; classtype:trojan-activity; sid:100005535; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"roshanzamir.ir"; classtype:trojan-activity; sid:100005536; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"roshnijewellery.com"; classtype:trojan-activity; sid:100005537; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"ruisgood.ru"; classtype:trojan-activity; sid:100005538; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"rxnasklola.com"; classtype:trojan-activity; sid:100005539; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"s.51shijuan.com"; classtype:trojan-activity; sid:100005540; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"saboo.in"; classtype:trojan-activity; sid:100005541; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"saf-oil.ru"; classtype:trojan-activity; sid:100005542; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"safcol-colors.com"; classtype:trojan-activity; sid:100005543; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"safehouseacademy.apollosystems.ph"; classtype:trojan-activity; sid:100005544; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"saffronflourmill.com"; classtype:trojan-activity; sid:100005545; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"sagitariobpa.com"; classtype:trojan-activity; sid:100005546; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"sainzim.co.za"; classtype:trojan-activity; sid:100005547; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"salemazonjp.com"; classtype:trojan-activity; sid:100005548; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"sales.reoprime.com"; classtype:trojan-activity; sid:100005549; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"salonways.com"; classtype:trojan-activity; sid:100005550; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"sample3.khushiyonkazariya.in"; classtype:trojan-activity; sid:100005551; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"samritz1.atpvitaltesting.com"; classtype:trojan-activity; sid:100005552; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"satisfactionapp.club"; classtype:trojan-activity; sid:100005553; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"savethefuture.us"; classtype:trojan-activity; sid:100005554; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"sayed.azq1.com"; classtype:trojan-activity; sid:100005555; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"scarfaceindustries.com"; classtype:trojan-activity; sid:100005556; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"scffirm.com"; classtype:trojan-activity; sid:100005557; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"schoolofspanish.co.za"; classtype:trojan-activity; sid:100005558; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"sciencehome.sonyreviews.com"; classtype:trojan-activity; sid:100005559; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"searchmotorinc.club"; classtype:trojan-activity; sid:100005560; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"seba.sit.uproducts.in"; classtype:trojan-activity; sid:100005561; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"secure-doc-reader.com"; classtype:trojan-activity; sid:100005562; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"segredosdasupermaquiagem.com.br"; classtype:trojan-activity; sid:100005563; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"seioworks.com"; classtype:trojan-activity; sid:100005564; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"senbiaojita.com"; classtype:trojan-activity; sid:100005565; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"seniorweekoc.net"; classtype:trojan-activity; sid:100005566; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"sepantacorp.ir"; classtype:trojan-activity; sid:100005567; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"sericaasia.com"; classtype:trojan-activity; sid:100005568; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"server.easysalepage.in.th"; classtype:trojan-activity; sid:100005569; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"server.toeicswt.co.kr"; classtype:trojan-activity; sid:100005570; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"service.easytrace.mn"; classtype:trojan-activity; sid:100005571; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"serviciovirtual.com.ar"; classtype:trojan-activity; sid:100005572; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"servidor.indommus.com"; classtype:trojan-activity; sid:100005573; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"setupbrokerage.com"; classtype:trojan-activity; sid:100005574; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"sexologistpakistan.net"; classtype:trojan-activity; sid:100005575; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"sezb.net"; classtype:trojan-activity; sid:100005576; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"shadihub.hmrngroup.com"; classtype:trojan-activity; sid:100005577; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"shaheentbfoundation.com"; classtype:trojan-activity; sid:100005578; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"shahikhana.cstdevs.com"; classtype:trojan-activity; sid:100005579; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"shahu66.com"; classtype:trojan-activity; sid:100005580; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"shop.mediasova.ru"; classtype:trojan-activity; sid:100005581; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"short.extrafandome.com"; classtype:trojan-activity; sid:100005582; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"shunda321.com"; classtype:trojan-activity; sid:100005583; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"sietaurangabad.com"; classtype:trojan-activity; sid:100005584; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"sige.brisainformatica.com.br"; classtype:trojan-activity; sid:100005585; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"signatureads.co.in"; classtype:trojan-activity; sid:100005586; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"siili.net"; classtype:trojan-activity; sid:100005587; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"silentlegion.duckdns.org"; classtype:trojan-activity; sid:100005588; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"silverrunreserve.com"; classtype:trojan-activity; sid:100005589; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"silvesterinmailand.com"; classtype:trojan-activity; sid:100005590; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"simgftesting.kabtakalar.id"; classtype:trojan-activity; sid:100005591; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"sindicato1ucm.cl"; classtype:trojan-activity; sid:100005592; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"siriusblackshop.com"; classtype:trojan-activity; sid:100005593; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"site.aau.edu.et"; classtype:trojan-activity; sid:100005594; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"site.coalahost.com.br"; classtype:trojan-activity; sid:100005595; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"skilltik.com"; classtype:trojan-activity; sid:100005596; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"sksjks.in"; classtype:trojan-activity; sid:100005597; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"skymaster.de"; classtype:trojan-activity; sid:100005598; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"skyscan.com"; classtype:trojan-activity; sid:100005599; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"skyviewonlineltd.com"; classtype:trojan-activity; sid:100005600; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"slidertech.net"; classtype:trojan-activity; sid:100005601; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"smarthouseforum.ru"; classtype:trojan-activity; sid:100005602; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"smda.gr"; classtype:trojan-activity; sid:100005603; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"sociofans.com"; classtype:trojan-activity; sid:100005604; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"sodovip88.com"; classtype:trojan-activity; sid:100005605; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"soft.110route.com"; classtype:trojan-activity; sid:100005606; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"solarforafrica.net"; classtype:trojan-activity; sid:100005607; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"solotrainingcenter.com"; classtype:trojan-activity; sid:100005608; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"sota-france.fr"; classtype:trojan-activity; sid:100005609; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"source3.boys4dayz.com"; classtype:trojan-activity; sid:100005610; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"sp.mongoso.com"; classtype:trojan-activity; sid:100005611; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"spaceframe.mobi.space-frame.co.za"; classtype:trojan-activity; sid:100005612; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"sparcalabar.lightzillion.com"; classtype:trojan-activity; sid:100005613; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"spent.com.pl"; classtype:trojan-activity; sid:100005614; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"spetsesyachtcharter.gr"; classtype:trojan-activity; sid:100005615; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"spices.com.sg"; classtype:trojan-activity; sid:100005616; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"src1.minibai.com"; classtype:trojan-activity; sid:100005617; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"srvmanos.no-ip.info"; classtype:trojan-activity; sid:100005618; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"sspbluebox.com"; classtype:trojan-activity; sid:100005619; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"sta-smek.cz"; classtype:trojan-activity; sid:100005620; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"stackdigital.co.uk"; classtype:trojan-activity; sid:100005621; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"staging.apparelpunch.com"; classtype:trojan-activity; sid:100005622; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"staging.mobettertech.com"; classtype:trojan-activity; sid:100005623; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"starcountry.net"; classtype:trojan-activity; sid:100005624; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"starticris.com"; classtype:trojan-activity; sid:100005625; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"static-201-163-99-83.alestra.net.mx"; classtype:trojan-activity; sid:100005626; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"static.3001.net"; classtype:trojan-activity; sid:100005627; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"static.cz01.cn"; classtype:trojan-activity; sid:100005628; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"stayinoceancitymd.com"; classtype:trojan-activity; sid:100005629; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"steelhorns.net"; classtype:trojan-activity; sid:100005630; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"stemartoursandtravels.com"; classtype:trojan-activity; sid:100005631; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"sterlitecamotech.com"; classtype:trojan-activity; sid:100005632; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"store.jeevsutra.com"; classtype:trojan-activity; sid:100005633; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"streamcloudmarketing.com"; classtype:trojan-activity; sid:100005634; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"studiomam.se"; classtype:trojan-activity; sid:100005635; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"submissions.tentcityrecords.net"; classtype:trojan-activity; sid:100005636; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"succeedandshinetraining.com"; classtype:trojan-activity; sid:100005637; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"sumirecp.com"; classtype:trojan-activity; sid:100005638; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"sunpos.in"; classtype:trojan-activity; sid:100005639; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"supplementwater.in"; classtype:trojan-activity; sid:100005640; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"support.clz.kr"; classtype:trojan-activity; sid:100005641; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"supportit.online"; classtype:trojan-activity; sid:100005642; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"suryatp.com"; classtype:trojan-activity; sid:100005643; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"swwbia.com"; classtype:trojan-activity; sid:100005644; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"szsygs.com"; classtype:trojan-activity; sid:100005645; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"t.honker.info"; classtype:trojan-activity; sid:100005646; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"taganrog-bus.ru"; classtype:trojan-activity; sid:100005647; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"taka.com.mx"; classtype:trojan-activity; sid:100005648; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"tanlayseong.com"; classtype:trojan-activity; sid:100005649; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"tantatanta.it"; classtype:trojan-activity; sid:100005650; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"tara.globodyinc.biz"; classtype:trojan-activity; sid:100005651; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"tarravalleyfoods.com.au"; classtype:trojan-activity; sid:100005652; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"taxclubpk.com"; classtype:trojan-activity; sid:100005653; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"tc.snpsresidential.com"; classtype:trojan-activity; sid:100005654; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"teammsup.com"; classtype:trojan-activity; sid:100005655; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"tearv.cn"; classtype:trojan-activity; sid:100005656; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"techybhai.online"; classtype:trojan-activity; sid:100005657; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"teknoarge.com"; classtype:trojan-activity; sid:100005658; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"teleargentina.com"; classtype:trojan-activity; sid:100005659; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"temptmag.com"; classtype:trojan-activity; sid:100005660; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"test.adventser.com"; classtype:trojan-activity; sid:100005661; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"test.fontecsys.net"; classtype:trojan-activity; sid:100005662; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"test.reachhealth.asia"; classtype:trojan-activity; sid:100005663; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"test.thespraytanwarehouse.com"; classtype:trojan-activity; sid:100005664; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"test.typoten.com"; classtype:trojan-activity; sid:100005665; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"test2.marrenconstruction.ie"; classtype:trojan-activity; sid:100005666; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"testing-istudiophoto.davaohorizon.com"; classtype:trojan-activity; sid:100005667; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"testwp.wink.deals"; classtype:trojan-activity; sid:100005668; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"thaayagam.com"; classtype:trojan-activity; sid:100005669; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"thalesfu.com"; classtype:trojan-activity; sid:100005670; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"tharringtonsponsorship.com"; classtype:trojan-activity; sid:100005671; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"thedesertship.com"; classtype:trojan-activity; sid:100005672; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"thegift.live"; classtype:trojan-activity; sid:100005673; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"thehotelshowdev.bitkit.dk"; classtype:trojan-activity; sid:100005674; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"theprint.ninja"; classtype:trojan-activity; sid:100005675; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"thepunchlineexpose.com"; classtype:trojan-activity; sid:100005676; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"therecyclingmachine.com"; classtype:trojan-activity; sid:100005677; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"thevapestore.by"; classtype:trojan-activity; sid:100005678; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"thomasshelban.ru"; classtype:trojan-activity; sid:100005679; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"thosewebbs.com"; classtype:trojan-activity; sid:100005680; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"tianangdep.com"; classtype:trojan-activity; sid:100005681; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"timamollo.co.za"; classtype:trojan-activity; sid:100005682; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"timegonebuy.com"; classtype:trojan-activity; sid:100005683; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"tk.w3.eyeteam.vn"; classtype:trojan-activity; sid:100005684; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"tnk-moflad.com"; classtype:trojan-activity; sid:100005685; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"todoapp.cstdevs.com"; classtype:trojan-activity; sid:100005686; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"tonydong.com"; classtype:trojan-activity; sid:100005687; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"tonyzone.com"; classtype:trojan-activity; sid:100005688; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"tools.reimclub.com"; classtype:trojan-activity; sid:100005689; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"torresquinterocorp.com"; classtype:trojan-activity; sid:100005690; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"towardsun.net"; classtype:trojan-activity; sid:100005691; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"tracker-one.com.au"; classtype:trojan-activity; sid:100005692; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"trade-agro.top"; classtype:trojan-activity; sid:100005693; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"tradeinsights.net"; classtype:trojan-activity; sid:100005694; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"tradingview-brokers.learnforcareer.com"; classtype:trojan-activity; sid:100005695; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"training.globodyinc.biz"; classtype:trojan-activity; sid:100005696; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"transportationonline.club"; classtype:trojan-activity; sid:100005697; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"traveladmin.sourcetaggers.com"; classtype:trojan-activity; sid:100005698; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"travels.cdtscorp.com"; classtype:trojan-activity; sid:100005699; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"treeleaf.sourcetaggers.com"; classtype:trojan-activity; sid:100005700; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"tripthaithai.com"; classtype:trojan-activity; sid:100005701; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"trungtambaohanhbeptu.com"; classtype:trojan-activity; sid:100005702; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"try.justprintbd.com"; classtype:trojan-activity; sid:100005703; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"tupperware.michaelroberge.ca"; classtype:trojan-activity; sid:100005704; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"twinings.grupoformax.net"; classtype:trojan-activity; sid:100005705; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"txingame.com"; classtype:trojan-activity; sid:100005706; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"uaepest.com"; classtype:trojan-activity; sid:100005707; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"ublretailerdemo.cstdevs.com"; classtype:trojan-activity; sid:100005708; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"ukguk71.ru"; classtype:trojan-activity; sid:100005709; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"ultimate-24.de"; classtype:trojan-activity; sid:100005710; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"unicapa.com.br"; classtype:trojan-activity; sid:100005711; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"unicorpbrunei.com"; classtype:trojan-activity; sid:100005712; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"unifashion.app.krazyit.com.au"; classtype:trojan-activity; sid:100005713; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"unisoftcc.com"; classtype:trojan-activity; sid:100005714; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"unitedengineeringco.com"; classtype:trojan-activity; sid:100005715; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"universalplastoind.com"; classtype:trojan-activity; sid:100005716; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"unwittingjaggeddebugging.neumatic.repl.co"; classtype:trojan-activity; sid:100005717; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"upperkillaycc.org.uk"; classtype:trojan-activity; sid:100005718; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"upsnlogistics.com"; classtype:trojan-activity; sid:100005719; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"uyomall.lightzillion.com"; classtype:trojan-activity; sid:100005720; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"v339216.hosted-by-vdsina.ru"; classtype:trojan-activity; sid:100005721; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"vaynhanh247.net"; classtype:trojan-activity; sid:100005722; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"vcrworks.ivyro.net"; classtype:trojan-activity; sid:100005723; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"vectarts.com"; classtype:trojan-activity; sid:100005724; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"vendor.edqart.com"; classtype:trojan-activity; sid:100005725; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"venveo.wordpressdeveloper.info"; classtype:trojan-activity; sid:100005726; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"versatilepvt.com"; classtype:trojan-activity; sid:100005727; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"victorysanitizer.com"; classtype:trojan-activity; sid:100005728; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"vietlime.vn"; classtype:trojan-activity; sid:100005729; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"view.pasarjaya.co.id"; classtype:trojan-activity; sid:100005730; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"villatera.com"; classtype:trojan-activity; sid:100005731; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"vintagegarage.xyz"; classtype:trojan-activity; sid:100005732; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"violinstop.com"; classtype:trojan-activity; sid:100005733; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"vipbeautycenter.id"; classtype:trojan-activity; sid:100005734; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"viphco.ir"; classtype:trojan-activity; sid:100005735; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"virtual.tecnologicojuanjui.edu.pe"; classtype:trojan-activity; sid:100005736; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"virtualedufairnepal.com"; classtype:trojan-activity; sid:100005737; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"visam.info"; classtype:trojan-activity; sid:100005738; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"vivacuscoperu.com"; classtype:trojan-activity; sid:100005739; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"vivationdesign.com"; classtype:trojan-activity; sid:100005740; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"vksales.com"; classtype:trojan-activity; sid:100005741; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"vnamazon.vn"; classtype:trojan-activity; sid:100005742; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"volkscantonalbank.com"; classtype:trojan-activity; sid:100005743; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"vologroup.com.br"; classtype:trojan-activity; sid:100005744; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"vplatform.ae"; classtype:trojan-activity; sid:100005745; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"vpts.co.za"; classtype:trojan-activity; sid:100005746; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"vulkanvegas-de.katchpurcity.com"; classtype:trojan-activity; sid:100005747; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"vulkanvegasonline.katchpurcity.com"; classtype:trojan-activity; sid:100005748; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"w1.zypaint.com"; classtype:trojan-activity; sid:100005749; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"wakanaija.com.ng"; classtype:trojan-activity; sid:100005750; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"walkindrivetoday.com"; classtype:trojan-activity; sid:100005751; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"washatsanjose.com"; classtype:trojan-activity; sid:100005752; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"waterlifefilter.com"; classtype:trojan-activity; sid:100005753; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"wearsweetbomb.com"; classtype:trojan-activity; sid:100005754; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"web.geomegasoft.net"; classtype:trojan-activity; sid:100005755; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"web.innoservwebsites.in"; classtype:trojan-activity; sid:100005756; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"webpro.marketing"; classtype:trojan-activity; sid:100005757; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"webschool.quicksoft.in"; classtype:trojan-activity; sid:100005758; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"weinsteincounseling.com"; classtype:trojan-activity; sid:100005759; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"wet-cleaning.jp"; classtype:trojan-activity; sid:100005760; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"wfinance.com.br"; classtype:trojan-activity; sid:100005761; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"whizcraft.co.uk"; classtype:trojan-activity; sid:100005762; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"wi522012.ferozo.com"; classtype:trojan-activity; sid:100005763; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"wikimall.shop"; classtype:trojan-activity; sid:100005764; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"windows333.info"; classtype:trojan-activity; sid:100005765; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"windows401.info"; classtype:trojan-activity; sid:100005766; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"winonvulkan.ringhio.net"; classtype:trojan-activity; sid:100005767; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"winonvulkan.syrox-kosova.com"; classtype:trojan-activity; sid:100005768; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"winsorfx.com"; classtype:trojan-activity; sid:100005769; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"wishesconcierge.com"; classtype:trojan-activity; sid:100005770; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"witumart.com"; classtype:trojan-activity; sid:100005771; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"wolfgang-brodte.de"; classtype:trojan-activity; sid:100005772; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"wolfram-electric.com"; classtype:trojan-activity; sid:100005773; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"wolle-online.kaufen"; classtype:trojan-activity; sid:100005774; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"woo.mainsaildata.com"; classtype:trojan-activity; sid:100005775; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"wordpress.baishuweb.com"; classtype:trojan-activity; sid:100005776; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"wordpressdes.vanzolini-gte.org.br"; classtype:trojan-activity; sid:100005777; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"worldofjain.com"; classtype:trojan-activity; sid:100005778; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"wp-znojemskabeseda-dev.azurewebsites.net"; classtype:trojan-activity; sid:100005779; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"wp.readhere.in"; classtype:trojan-activity; sid:100005780; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"wp.seletoh.com"; classtype:trojan-activity; sid:100005781; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"wpkms.com"; classtype:trojan-activity; sid:100005782; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"ws5588.f3322.net"; classtype:trojan-activity; sid:100005783; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"wutaideng.wang"; classtype:trojan-activity; sid:100005784; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"ww2.kbs.web.id"; classtype:trojan-activity; sid:100005785; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"wyndhamvet.com.au"; classtype:trojan-activity; sid:100005786; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"x.233sy.cn"; classtype:trojan-activity; sid:100005787; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"x2vn.com"; classtype:trojan-activity; sid:100005788; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"xk1.996is.com"; classtype:trojan-activity; sid:100005789; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"xn--cheggl-videos-fr-gastronomie-g7c.de"; classtype:trojan-activity; sid:100005790; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"xz.8dashi.com"; classtype:trojan-activity; sid:100005791; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"xz888.oss-cn-hangzhou.aliyuncs.com"; classtype:trojan-activity; sid:100005792; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"yafa-coach.co.il"; classtype:trojan-activity; sid:100005793; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"yazilim.2crankara.com"; classtype:trojan-activity; sid:100005794; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"yeichner.com"; classtype:trojan-activity; sid:100005795; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"yestech.com.ng"; classtype:trojan-activity; sid:100005796; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"yfo.yag.mybluehost.me"; classtype:trojan-activity; sid:100005797; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"yieldtech-bio.com"; classtype:trojan-activity; sid:100005798; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"yoire.advts.co"; classtype:trojan-activity; sid:100005799; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"yp.hnggzyjy.cn"; classtype:trojan-activity; sid:100005800; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"ysbaojia.com"; classtype:trojan-activity; sid:100005801; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"ytvnews.info"; classtype:trojan-activity; sid:100005802; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"yuifu.art"; classtype:trojan-activity; sid:100005803; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"yuminqiang.com"; classtype:trojan-activity; sid:100005804; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"yuresco.uz"; classtype:trojan-activity; sid:100005805; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"yzkzixun.com"; classtype:trojan-activity; sid:100005806; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"znzhou.top"; classtype:trojan-activity; sid:100005807; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"zofer.com.br"; classtype:trojan-activity; sid:100005808; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/centring.php"; endswith; nocase; http.host; content:"23noticias.com.ar"; classtype:trojan-activity; sid:100005809; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/waive.php"; endswith; nocase; http.host; content:"23noticias.com.ar"; classtype:trojan-activity; sid:100005810; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/ay/?redacted"; endswith; nocase; http.host; content:"aiizan.art"; classtype:trojan-activity; sid:100005811; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/k/?redacted"; endswith; nocase; http.host; content:"amazingshowerdoor.ca"; classtype:trojan-activity; sid:100005812; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/download/file/request/49sjamdmsnmaai4"; endswith; nocase; http.host; content:"anonym.ninja"; classtype:trojan-activity; sid:100005813; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/5j1ae/apmyyqsc6q3p5y/"; endswith; nocase; http.host; content:"aosafrica.co.za"; classtype:trojan-activity; sid:100005814; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/y/?redacted,"; endswith; nocase; http.host; content:"begrame.com"; classtype:trojan-activity; sid:100005815; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/gagava44/myrepo/raw/6154677a0a1600189ce1b90b9225af15af496d3e/kek/dobb-m.exe"; endswith; nocase; http.host; content:"bitbucket.org"; classtype:trojan-activity; sid:100005816; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/gagava44/myrepo/raw/91af04036f866c1382d936dc6eb807f2548ee7da/kek/last_version.exe"; endswith; nocase; http.host; content:"bitbucket.org"; classtype:trojan-activity; sid:100005817; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/labesoftware/update/downloads/boost-fps.exe"; endswith; nocase; http.host; content:"bitbucket.org"; classtype:trojan-activity; sid:100005818; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/labesoftware/update/downloads/install_plugin_x64_x86.exe"; endswith; nocase; http.host; content:"bitbucket.org"; classtype:trojan-activity; sid:100005819; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/labesoftware/update/downloads/vpn_free.exe"; endswith; nocase; http.host; content:"bitbucket.org"; classtype:trojan-activity; sid:100005820; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/marvandy277/blane218/downloads/svchost.exe"; endswith; nocase; http.host; content:"bitbucket.org"; classtype:trojan-activity; sid:100005821; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/primesoftware-eng/files/downloads/clipe.exe"; endswith; nocase; http.host; content:"bitbucket.org"; classtype:trojan-activity; sid:100005822; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/raven_1/nutella/downloads/build.exe"; endswith; nocase; http.host; content:"bitbucket.org"; classtype:trojan-activity; sid:100005823; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/raven_1/nutella/downloads/hman.exe"; endswith; nocase; http.host; content:"bitbucket.org"; classtype:trojan-activity; sid:100005824; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/path/?redacted"; endswith; nocase; http.host; content:"blissfulnorth.com"; classtype:trojan-activity; sid:100005825; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/cks.jpg"; endswith; nocase; http.host; content:"blueprogress.org"; classtype:trojan-activity; sid:100005826; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/jay.jpg"; endswith; nocase; http.host; content:"blueprogress.org"; classtype:trojan-activity; sid:100005827; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/stan.jpg"; endswith; nocase; http.host; content:"blueprogress.org"; classtype:trojan-activity; sid:100005828; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/n.php?redacted"; endswith; nocase; http.host; content:"cd-yjys.com"; classtype:trojan-activity; sid:100005829; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/w.php?redacted"; endswith; nocase; http.host; content:"cd-yjys.com"; classtype:trojan-activity; sid:100005830; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/hmatrix/data/hack1226.exe"; endswith; nocase; http.host; content:"cd.textfiles.com"; classtype:trojan-activity; sid:100005831; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/attachments/455075949755629578/866366854024921108/file.exe"; endswith; nocase; http.host; content:"cdn.discordapp.com"; classtype:trojan-activity; sid:100005832; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/attachments/780956819165675541/917778742057783306/344f.exe"; endswith; nocase; http.host; content:"cdn.discordapp.com"; classtype:trojan-activity; sid:100005833; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/attachments/794674478109950003/918140335245373440/123go.exe"; endswith; nocase; http.host; content:"cdn.discordapp.com"; classtype:trojan-activity; sid:100005834; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/attachments/795610005516189697/918739901258797077/u2ptmnjoddqrcwq.exe"; endswith; nocase; http.host; content:"cdn.discordapp.com"; classtype:trojan-activity; sid:100005835; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/attachments/795610005516189697/919866180037140580/host.exe"; endswith; nocase; http.host; content:"cdn.discordapp.com"; classtype:trojan-activity; sid:100005836; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/attachments/831546600534704138/845398219281399879/java_scheduler.exe"; endswith; nocase; http.host; content:"cdn.discordapp.com"; classtype:trojan-activity; sid:100005837; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/attachments/864075800058789891/910552642848186388/windowshost.exe"; endswith; nocase; http.host; content:"cdn.discordapp.com"; classtype:trojan-activity; sid:100005838; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/attachments/873097784209866772/918913248177291344/client.exe"; endswith; nocase; http.host; content:"cdn.discordapp.com"; classtype:trojan-activity; sid:100005839; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/attachments/879307333338017812/879307432084533288/milktokengrabber.exe"; endswith; nocase; http.host; content:"cdn.discordapp.com"; classtype:trojan-activity; sid:100005840; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/attachments/895925154864050196/919917618566168626/ahmer34.exe"; endswith; nocase; http.host; content:"cdn.discordapp.com"; classtype:trojan-activity; sid:100005841; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/attachments/901821420747780129/906964034329407518/serial.exe"; endswith; nocase; http.host; content:"cdn.discordapp.com"; classtype:trojan-activity; sid:100005842; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/attachments/903318886634651708/921739113034571806/readme.doc"; endswith; nocase; http.host; content:"cdn.discordapp.com"; classtype:trojan-activity; sid:100005843; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/attachments/906575896410988625/918425860044914708/12345.exe"; endswith; nocase; http.host; content:"cdn.discordapp.com"; classtype:trojan-activity; sid:100005844; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/attachments/906687314837798943/910236587646939226/eluwiknka_woof.exe"; endswith; nocase; http.host; content:"cdn.discordapp.com"; classtype:trojan-activity; sid:100005845; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/attachments/906802087457882123/906974682060849172/vvvv.exe"; endswith; nocase; http.host; content:"cdn.discordapp.com"; classtype:trojan-activity; sid:100005846; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/attachments/910213738685145093/921000864511041556/glgivrgemjyqchristmasnigga.bin"; endswith; nocase; http.host; content:"cdn.discordapp.com"; classtype:trojan-activity; sid:100005847; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/attachments/910213738685145093/921001116378992660/dxbtebuschristmasnigga.bin"; endswith; nocase; http.host; content:"cdn.discordapp.com"; classtype:trojan-activity; sid:100005848; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/attachments/910213738685145093/921001485607764019/qbtmyowgkkmcechristmasnigga.bin"; endswith; nocase; http.host; content:"cdn.discordapp.com"; classtype:trojan-activity; sid:100005849; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/attachments/910215086298247232/920999826638921759/amdwcnwchristmasnigga.bin"; endswith; nocase; http.host; content:"cdn.discordapp.com"; classtype:trojan-activity; sid:100005850; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/attachments/910215086298247232/920999866929414154/llywssywqchristmasnigga.bin"; endswith; nocase; http.host; content:"cdn.discordapp.com"; classtype:trojan-activity; sid:100005851; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/attachments/910215086298247232/920999931244843069/zzjsrqewsilpxnchristmasnigga.bin"; endswith; nocase; http.host; content:"cdn.discordapp.com"; classtype:trojan-activity; sid:100005852; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/attachments/910215086298247232/921000403808686110/axhqpsqavnhvchristmasnigga.bin"; endswith; nocase; http.host; content:"cdn.discordapp.com"; classtype:trojan-activity; sid:100005853; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/attachments/910215086298247232/921000519361777684/fgrhlnxpnlzchristmasnigga.bin"; endswith; nocase; http.host; content:"cdn.discordapp.com"; classtype:trojan-activity; sid:100005854; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/attachments/910249981103968289/921053282120638484/djsmjnqskrfkvchristmasnigga.bin"; endswith; nocase; http.host; content:"cdn.discordapp.com"; classtype:trojan-activity; sid:100005855; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/attachments/910249981103968289/921053593547710554/kwfzgiokumuchristmasnigga.bin"; endswith; nocase; http.host; content:"cdn.discordapp.com"; classtype:trojan-activity; sid:100005856; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/attachments/910249981103968289/921053682844434452/dizocchristmasnigga.bin"; endswith; nocase; http.host; content:"cdn.discordapp.com"; classtype:trojan-activity; sid:100005857; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/attachments/910249981103968289/921058009759752262/kgakrdimchristmasholocaust.bin"; endswith; nocase; http.host; content:"cdn.discordapp.com"; classtype:trojan-activity; sid:100005858; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/attachments/910249981103968289/921058065715978280/tnsydlpqchristmasholocaust.bin"; endswith; nocase; http.host; content:"cdn.discordapp.com"; classtype:trojan-activity; sid:100005859; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/attachments/910249981103968289/921058081897611264/gixvrumobydchristmasholocaust.bin"; endswith; nocase; http.host; content:"cdn.discordapp.com"; classtype:trojan-activity; sid:100005860; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/attachments/910249981103968289/921058118862012487/gqwoxkjchristmasholocaust.bin"; endswith; nocase; http.host; content:"cdn.discordapp.com"; classtype:trojan-activity; sid:100005861; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/attachments/910249981103968289/921058136675213352/rcheprhchristmasholocaust.bin"; endswith; nocase; http.host; content:"cdn.discordapp.com"; classtype:trojan-activity; sid:100005862; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/attachments/910249981103968289/921058315822305340/ujzxsvnnxvjchristmasholocaust.bin"; endswith; nocase; http.host; content:"cdn.discordapp.com"; classtype:trojan-activity; sid:100005863; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/attachments/910249981103968289/921058513042677820/sycanitonzfzkynchristmasholocaust.bin"; endswith; nocase; http.host; content:"cdn.discordapp.com"; classtype:trojan-activity; sid:100005864; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/attachments/910249981103968289/921058538514702406/xozzqfzxzychristmasholocaust.bin"; endswith; nocase; http.host; content:"cdn.discordapp.com"; classtype:trojan-activity; sid:100005865; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/attachments/910249981103968289/921058647260405790/uflbmbyibvfqtchristmasholocaust.bin"; endswith; nocase; http.host; content:"cdn.discordapp.com"; classtype:trojan-activity; sid:100005866; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/attachments/910249981103968289/921058662271828068/fguhdechristmasholocaust.bin"; endswith; nocase; http.host; content:"cdn.discordapp.com"; classtype:trojan-activity; sid:100005867; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/attachments/910249981103968289/921058674233966692/mvoizauyazkdpqchristmasholocaust.bin"; endswith; nocase; http.host; content:"cdn.discordapp.com"; classtype:trojan-activity; sid:100005868; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/attachments/910249981103968289/921058718299340840/ilticchristmasholocaust.bin"; endswith; nocase; http.host; content:"cdn.discordapp.com"; classtype:trojan-activity; sid:100005869; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/attachments/910249981103968289/921058741581930526/wghwkjlqhppcxchristmasholocaust.bin"; endswith; nocase; http.host; content:"cdn.discordapp.com"; classtype:trojan-activity; sid:100005870; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/attachments/910249981103968289/921058751455305728/swyzmnychristmasholocaust.bin"; endswith; nocase; http.host; content:"cdn.discordapp.com"; classtype:trojan-activity; sid:100005871; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/attachments/910249981103968289/921058899673620500/svyahxjcrjpwqkwchristmasholocaust.bin"; endswith; nocase; http.host; content:"cdn.discordapp.com"; classtype:trojan-activity; sid:100005872; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/attachments/910249981103968289/921058908632653844/guftbhvwyntngchristmasholocaust.bin"; endswith; nocase; http.host; content:"cdn.discordapp.com"; classtype:trojan-activity; sid:100005873; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/attachments/910256475912425536/921396300493246464/zlqompshtvuxohhmerrynigga.bin"; endswith; nocase; http.host; content:"cdn.discordapp.com"; classtype:trojan-activity; sid:100005874; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/attachments/910256475912425536/921396344856379443/swxsdbesbnmerrynigga.bin"; endswith; nocase; http.host; content:"cdn.discordapp.com"; classtype:trojan-activity; sid:100005875; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/attachments/910256475912425536/921396772188876860/holpfmerrynigga.bin"; endswith; nocase; http.host; content:"cdn.discordapp.com"; classtype:trojan-activity; sid:100005876; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/attachments/910258356277620789/922512615660458084/tnwyxemaga2022.bin"; endswith; nocase; http.host; content:"cdn.discordapp.com"; classtype:trojan-activity; sid:100005877; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/attachments/910258356277620789/922512665702723584/fdqdhnsslmaga2022.bin"; endswith; nocase; http.host; content:"cdn.discordapp.com"; classtype:trojan-activity; sid:100005878; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/attachments/910258356277620789/922512830559846451/ogjyosdcmaga2022.bin"; endswith; nocase; http.host; content:"cdn.discordapp.com"; classtype:trojan-activity; sid:100005879; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/attachments/910261567856197645/922513091638464602/icydwuxvemaga2022.bin"; endswith; nocase; http.host; content:"cdn.discordapp.com"; classtype:trojan-activity; sid:100005880; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/attachments/910261567856197645/922513559907344434/dhjvaoiwrsfgmaga2022.bin"; endswith; nocase; http.host; content:"cdn.discordapp.com"; classtype:trojan-activity; sid:100005881; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/attachments/911255825308348439/917345130502062080/sudyjdtrxgcwhatsupmotherfuckers.bin"; endswith; nocase; http.host; content:"cdn.discordapp.com"; classtype:trojan-activity; sid:100005882; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/attachments/911755735459848286/920003855721304104/loader.exe"; endswith; nocase; http.host; content:"cdn.discordapp.com"; classtype:trojan-activity; sid:100005883; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/attachments/912722552516902995/923233299529355334/mjauidmihdjesusismyfriend.bin"; endswith; nocase; http.host; content:"cdn.discordapp.com"; classtype:trojan-activity; sid:100005884; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/attachments/913113453990920195/921415588566429706/sheduledgrafic.jpg"; endswith; nocase; http.host; content:"cdn.discordapp.com"; classtype:trojan-activity; sid:100005885; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/attachments/914830201811238985/923509735934795816/drqqoagypjwdafmuhammadismyfriend.bin"; endswith; nocase; http.host; content:"cdn.discordapp.com"; classtype:trojan-activity; sid:100005886; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/attachments/914830201811238985/923509922283524106/xiarjtzbmuhammadismyfriend.bin"; endswith; nocase; http.host; content:"cdn.discordapp.com"; classtype:trojan-activity; sid:100005887; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/attachments/914830201811238985/923510087841107998/kvohfikqzyullwnmuhammadismyfriend.bin"; endswith; nocase; http.host; content:"cdn.discordapp.com"; classtype:trojan-activity; sid:100005888; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/attachments/915194470817992735/921026528500920350/consoleapp2.exe"; endswith; nocase; http.host; content:"cdn.discordapp.com"; classtype:trojan-activity; sid:100005889; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/attachments/915626997240193048/917178395417280552/myfile_2021-12-06_01-06.exe"; endswith; nocase; http.host; content:"cdn.discordapp.com"; classtype:trojan-activity; sid:100005890; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/attachments/916184892923060287/917665569254285322/hadise_gizli_cekim_ifsa.apk"; endswith; nocase; http.host; content:"cdn.discordapp.com"; classtype:trojan-activity; sid:100005891; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/attachments/916704832910426152/920008000222134292/713f2911ec85ecb7.exe"; endswith; nocase; http.host; content:"cdn.discordapp.com"; classtype:trojan-activity; sid:100005892; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/attachments/916729094043996160/919232546338930738/neverlose.exe"; endswith; nocase; http.host; content:"cdn.discordapp.com"; classtype:trojan-activity; sid:100005893; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/attachments/916790875282087979/918108400301252608/476.exe"; endswith; nocase; http.host; content:"cdn.discordapp.com"; classtype:trojan-activity; sid:100005894; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/attachments/917259077657190427/917662765437575168/cobro_juridico_-_dian.pdf.r00"; endswith; nocase; http.host; content:"cdn.discordapp.com"; classtype:trojan-activity; sid:100005895; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/attachments/917372097322422275/920698906445234307/srcnjqbeqnlra.bin"; endswith; nocase; http.host; content:"cdn.discordapp.com"; classtype:trojan-activity; sid:100005896; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/attachments/917374693441417219/920697272533143572/akfclh.bin"; endswith; nocase; http.host; content:"cdn.discordapp.com"; classtype:trojan-activity; sid:100005897; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/attachments/917374693441417219/920697671562461224/qsjorhsxfhjn.bin"; endswith; nocase; http.host; content:"cdn.discordapp.com"; classtype:trojan-activity; sid:100005898; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/attachments/917384896975093793/920619508601851904/nwvjyradneun.bin"; endswith; nocase; http.host; content:"cdn.discordapp.com"; classtype:trojan-activity; sid:100005899; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/attachments/917388416402980928/918100152865148959/tsjgtxmpqqpoffenciveracisturl.bin"; endswith; nocase; http.host; content:"cdn.discordapp.com"; classtype:trojan-activity; sid:100005900; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/attachments/917537519690711080/918115009467400202/cyptotrash.exe"; endswith; nocase; http.host; content:"cdn.discordapp.com"; classtype:trojan-activity; sid:100005901; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/attachments/917583949901991968/917697554957869126/piton.exe"; endswith; nocase; http.host; content:"cdn.discordapp.com"; classtype:trojan-activity; sid:100005902; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/attachments/917583949901991968/917715214290546708/zerrrr.exe"; endswith; nocase; http.host; content:"cdn.discordapp.com"; classtype:trojan-activity; sid:100005903; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/attachments/917583949901991968/917715695943417856/rum83uv5xvilxms.exe"; endswith; nocase; http.host; content:"cdn.discordapp.com"; classtype:trojan-activity; sid:100005904; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/attachments/917583949901991968/917844480571363378/gkm4040_crypted.exe"; endswith; nocase; http.host; content:"cdn.discordapp.com"; classtype:trojan-activity; sid:100005905; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/attachments/917583949901991968/917880657949118544/120721_.exe"; endswith; nocase; http.host; content:"cdn.discordapp.com"; classtype:trojan-activity; sid:100005906; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/attachments/917583949901991968/918171049860931605/gkm4040_crypted2.exe"; endswith; nocase; http.host; content:"cdn.discordapp.com"; classtype:trojan-activity; sid:100005907; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/attachments/917583949901991968/918193529614925834/knots.exe"; endswith; nocase; http.host; content:"cdn.discordapp.com"; classtype:trojan-activity; sid:100005908; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/attachments/917740878146203692/917812681635934258/oversailfiddlehead.exe"; endswith; nocase; http.host; content:"cdn.discordapp.com"; classtype:trojan-activity; sid:100005909; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/attachments/917852235277430879/917886285685878854/aleyna_tilki_ifsa.apk"; endswith; nocase; http.host; content:"cdn.discordapp.com"; classtype:trojan-activity; sid:100005910; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/attachments/917878050962698294/917878133225566268/vpc0uub5qx.apk"; endswith; nocase; http.host; content:"cdn.discordapp.com"; classtype:trojan-activity; sid:100005911; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/attachments/917889770380746856/917889806569201694/android_guncelleme.apk"; endswith; nocase; http.host; content:"cdn.discordapp.com"; classtype:trojan-activity; sid:100005912; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/attachments/918255787577589822/918840731999821855/sys64.exe"; endswith; nocase; http.host; content:"cdn.discordapp.com"; classtype:trojan-activity; sid:100005913; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/attachments/918482570465910826/918580980850229308/ads"; endswith; nocase; http.host; content:"cdn.discordapp.com"; classtype:trojan-activity; sid:100005914; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/attachments/919184589321297923/926354544684859392/porno_video_arsivi.apk"; endswith; nocase; http.host; content:"cdn.discordapp.com"; classtype:trojan-activity; sid:100005915; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/attachments/919326493040054337/919347711935918101/amonguspriv_1.rar"; endswith; nocase; http.host; content:"cdn.discordapp.com"; classtype:trojan-activity; sid:100005916; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/attachments/919564974765010967/919899543108214844/deliveryinfo.jar"; endswith; nocase; http.host; content:"cdn.discordapp.com"; classtype:trojan-activity; sid:100005917; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/attachments/919960898020466752/921175550469492786/vvzz67_build.exe"; endswith; nocase; http.host; content:"cdn.discordapp.com"; classtype:trojan-activity; sid:100005918; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/attachments/920277930368729179/920338301016240200/3689098887---.exe"; endswith; nocase; http.host; content:"cdn.discordapp.com"; classtype:trojan-activity; sid:100005919; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/attachments/920378356883673149/920379680538902588/boost_tool.exe"; endswith; nocase; http.host; content:"cdn.discordapp.com"; classtype:trojan-activity; sid:100005920; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/attachments/920392773914472518/920392895327006750/winrar_archive_3.rar"; endswith; nocase; http.host; content:"cdn.discordapp.com"; classtype:trojan-activity; sid:100005921; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/attachments/920761158481375264/921331732605698088/7xi57m2jzl2lozo.exe"; endswith; nocase; http.host; content:"cdn.discordapp.com"; classtype:trojan-activity; sid:100005922; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/attachments/921090897742008343/921091008777830461/rxuwmxgqzqjreyw.exe"; endswith; nocase; http.host; content:"cdn.discordapp.com"; classtype:trojan-activity; sid:100005923; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/attachments/921090897742008343/921091077920944138/none_build_4.exe"; endswith; nocase; http.host; content:"cdn.discordapp.com"; classtype:trojan-activity; sid:100005924; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/attachments/922151964039610380/925036356286156930/system64.exe"; endswith; nocase; http.host; content:"cdn.discordapp.com"; classtype:trojan-activity; sid:100005925; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/attachments/922248885907370034/922428833007816775/xgehylzbrjqoxmasniggas.bin"; endswith; nocase; http.host; content:"cdn.discordapp.com"; classtype:trojan-activity; sid:100005926; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/attachments/922458812584173611/922511777076494376/ylsljtkgkucviumaga2022.bin"; endswith; nocase; http.host; content:"cdn.discordapp.com"; classtype:trojan-activity; sid:100005927; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/attachments/922594541897383969/923136901089730590/wuoyppvmmozjesusismyfriend.bin"; endswith; nocase; http.host; content:"cdn.discordapp.com"; classtype:trojan-activity; sid:100005928; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/attachments/922596830204817432/923136020944396349/rnxeejjesusismyfriend.bin"; endswith; nocase; http.host; content:"cdn.discordapp.com"; classtype:trojan-activity; sid:100005929; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/attachments/922596830204817432/923136024928980992/qkitmgbjesusismyfriend.bin"; endswith; nocase; http.host; content:"cdn.discordapp.com"; classtype:trojan-activity; sid:100005930; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/attachments/922596830204817432/923136071695499314/nvdaarokbvglkujesusismyfriend.bin"; endswith; nocase; http.host; content:"cdn.discordapp.com"; classtype:trojan-activity; sid:100005931; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/attachments/922596830204817432/923136118688473088/hrowefghxximyrjesusismyfriend.bin"; endswith; nocase; http.host; content:"cdn.discordapp.com"; classtype:trojan-activity; sid:100005932; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/attachments/922596830204817432/923136368371200030/mofppfrxwljesusismyfriend.bin"; endswith; nocase; http.host; content:"cdn.discordapp.com"; classtype:trojan-activity; sid:100005933; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/attachments/922600634404966413/923135131361878036/vjrcksejttjesusismyfriend.bin"; endswith; nocase; http.host; content:"cdn.discordapp.com"; classtype:trojan-activity; sid:100005934; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/attachments/922600634404966413/923135139603685456/qmmcqejesusismyfriend.bin"; endswith; nocase; http.host; content:"cdn.discordapp.com"; classtype:trojan-activity; sid:100005935; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/attachments/922600634404966413/923135234365616128/lcvrykajesusismyfriend.bin"; endswith; nocase; http.host; content:"cdn.discordapp.com"; classtype:trojan-activity; sid:100005936; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/attachments/922600634404966413/923135254619906128/rwrysdaoeimkjesusismyfriend.bin"; endswith; nocase; http.host; content:"cdn.discordapp.com"; classtype:trojan-activity; sid:100005937; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/attachments/922600634404966413/923135258373816350/fyhqruffritodfljesusismyfriend.bin"; endswith; nocase; http.host; content:"cdn.discordapp.com"; classtype:trojan-activity; sid:100005938; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/attachments/922600634404966413/923135317513474068/kqnyzcdjnjesusismyfriend.bin"; endswith; nocase; http.host; content:"cdn.discordapp.com"; classtype:trojan-activity; sid:100005939; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/attachments/922603576168165389/923134399833309214/bcniivjesusismyfriend.bin"; endswith; nocase; http.host; content:"cdn.discordapp.com"; classtype:trojan-activity; sid:100005940; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/attachments/922603576168165389/923134411069857872/zdowkgbjzjjesusismyfriend.bin"; endswith; nocase; http.host; content:"cdn.discordapp.com"; classtype:trojan-activity; sid:100005941; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/attachments/922603576168165389/923134415889129472/mlczgjesusismyfriend.bin"; endswith; nocase; http.host; content:"cdn.discordapp.com"; classtype:trojan-activity; sid:100005942; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/attachments/922603576168165389/923134509757644871/puhebefdrwdzdcjesusismyfriend.bin"; endswith; nocase; http.host; content:"cdn.discordapp.com"; classtype:trojan-activity; sid:100005943; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/attachments/922603576168165389/923134680520343592/anrjvjtgwgqejesusismyfriend.bin"; endswith; nocase; http.host; content:"cdn.discordapp.com"; classtype:trojan-activity; sid:100005944; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/attachments/922941056193036402/925158606326882334/retrik.exe"; endswith; nocase; http.host; content:"cdn.discordapp.com"; classtype:trojan-activity; sid:100005945; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/attachments/923919335590862858/927178257936302080/myngtsfile.exe"; endswith; nocase; http.host; content:"cdn.discordapp.com"; classtype:trojan-activity; sid:100005946; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/attachments/923987121155493922/925428620091097108/opwr.exe"; endswith; nocase; http.host; content:"cdn.discordapp.com"; classtype:trojan-activity; sid:100005947; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/attachments/924091772592861316/925162012999299082/service64.exe"; endswith; nocase; http.host; content:"cdn.discordapp.com"; classtype:trojan-activity; sid:100005948; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/attachments/925221715993301032/925409389609881610/lol.exe"; endswith; nocase; http.host; content:"cdn.discordapp.com"; classtype:trojan-activity; sid:100005949; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/attachments/925500682503610488/925500733909000263/bild.exe"; endswith; nocase; http.host; content:"cdn.discordapp.com"; classtype:trojan-activity; sid:100005950; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/attachments/926726093610840115/926726096450371635/mm.exe"; endswith; nocase; http.host; content:"cdn.discordapp.com"; classtype:trojan-activity; sid:100005951; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/tnote-web/bsfile/ckimg/2021/4/17/6eb374b32f94435381bd3f41b0ab7661.exe"; endswith; nocase; http.host; content:"cdn.tmooc.cn"; classtype:trojan-activity; sid:100005952; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/razor/rzr-winner_intro.zip"; endswith; nocase; http.host; content:"chiptune.com"; classtype:trojan-activity; sid:100005953; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/e/?redacted"; endswith; nocase; http.host; content:"cleberajuda.org"; classtype:trojan-activity; sid:100005954; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/meteoradminz/hidden-tear/zip/master"; endswith; nocase; http.host; content:"codeload.github.com"; classtype:trojan-activity; sid:100005955; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/mr-r3b00t/rdp_backdoor/zip/refs/heads/main"; endswith; nocase; http.host; content:"codeload.github.com"; classtype:trojan-activity; sid:100005956; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/tmp/protected-cek9qz4zvk2n65e-c5d84gi5/security-cloud/kypqw-52kkq0n9ywj9oa/"; endswith; nocase; http.host; content:"colfincas.com"; classtype:trojan-activity; sid:100005957; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/w/?redacted"; endswith; nocase; http.host; content:"cottonbiz.com"; classtype:trojan-activity; sid:100005958; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/metaphoric.php"; endswith; nocase; http.host; content:"demo.energianmittaus.fi"; classtype:trojan-activity; sid:100005959; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/yonker.php"; endswith; nocase; http.host; content:"demo.energianmittaus.fi"; classtype:trojan-activity; sid:100005960; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/dos/nemesy13.zip"; endswith; nocase; http.host; content:"dl.packetstormsecurity.net"; classtype:trojan-activity; sid:100005961; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/mononymization/u9/"; endswith; nocase; http.host; content:"dmvmedicalconcierge.com"; classtype:trojan-activity; sid:100005962; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/uc?export=download&id=11wrd1k3cum3xwrrk7ry9emoxvjihpxt5&revid=0bwr0ytfwg4ymmfnormy4ret5uulxym9uri9na2p4oe1xzxlnpq"; endswith; nocase; http.host; content:"docs.google.com"; classtype:trojan-activity; sid:100005963; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/uc?export=download&id=140vkyfrfhbqkukc2hnw-gsvi5wjw6iyi"; endswith; nocase; http.host; content:"docs.google.com"; classtype:trojan-activity; sid:100005964; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/uc?export=download&id=1ctmywlj5wouiug1wgizy3ke7yj1u0yor&revid=0b_t0-zked1mgagxwmxcwywq5q0q1uk1uoxcwaup6l2ovmtdjpq"; endswith; nocase; http.host; content:"docs.google.com"; classtype:trojan-activity; sid:100005965; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/uc?export=download&id=1dcskexskninafqjsvcdvurd8sn0y3z2m&revid=0b32-vhr9_ogcmnjutlfrrke4l213smg0ajdrr0yvavfsnnrvpq"; endswith; nocase; http.host; content:"docs.google.com"; classtype:trojan-activity; sid:100005966; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/uc?export=download&id=1gpjdoys0jisgixkzzi79qrvuun0m2ufd&revid=0bwzj95xpgx6-shdtthq5ztfkajlnv3ntvvzqy0u5k0vvqtrvpq"; endswith; nocase; http.host; content:"docs.google.com"; classtype:trojan-activity; sid:100005967; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/uc?export=download&id=1gv_nk9llqw4fxudo-khja7nuuj1kevvw&revid=0b7zefp-g6n7vm0zhowo4be9pvus4mmh0ymxvd3r6zlu3ylznpq"; endswith; nocase; http.host; content:"docs.google.com"; classtype:trojan-activity; sid:100005968; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/uc?export=download&id=1h_dyp_d5lst4akyf2qezxl7j1scvbtvs&revid=0b5thckui5i0mdk5moelbnm9vuhnydvjnvwpyq01vrg5xvwhrpq"; endswith; nocase; http.host; content:"docs.google.com"; classtype:trojan-activity; sid:100005969; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/uc?export=download&id=1hdvmpsulsdwmfbduwezpkhyqscvaujpz&revid=0bxuz33-vsvvttjk1tutwb25oynbmuwjqsytdmtqybxvayvrzpq"; endswith; nocase; http.host; content:"docs.google.com"; classtype:trojan-activity; sid:100005970; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/uc?export=download&id=1jpl-uouydm5hypqm67uokyddrblbpxvw&revid=0b7zpiprmoc5ubhpwclq0cxdyte5vwtrbymnidznhtgm3bzvrpq"; endswith; nocase; http.host; content:"docs.google.com"; classtype:trojan-activity; sid:100005971; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/uc?export=download&id=1lrsmsenpabz1ihnqwve1zahmbbrjvy0k&revid=0bwxkravv4isdrzmrqulpqwfbnk44s3louvlqtm85tzbdvjzzpq"; endswith; nocase; http.host; content:"docs.google.com"; classtype:trojan-activity; sid:100005972; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/uc?export=download&id=1m8jszvq-ztfrul7vgsb6q-n3ftgnkbdj&revid=0bxrhybf9__wnmgjlnmxmunzznlu0v204azc4edmzcep6a0hzpq"; endswith; nocase; http.host; content:"docs.google.com"; classtype:trojan-activity; sid:100005973; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/uc?export=download&id=1sbd1rnw8luztjmsh6gdlzupvyupbopa0&revid=0b3yyjts_woklr2vnyxvqohlidxbxn1l2wwjntxfnwvi5v0h3pq"; endswith; nocase; http.host; content:"docs.google.com"; classtype:trojan-activity; sid:100005974; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/uc?export=download&id=1tilqozot07vylvdmmsfs7ia452jwhktj&revid=0b7gsmqzks4xkcdjcwhuvatj2qvlvchnmnnovu2ldzstek2jzpq"; endswith; nocase; http.host; content:"docs.google.com"; classtype:trojan-activity; sid:100005975; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/uc?export=download&id=1ygn4gkmy9musdp_lgnpyjjh6rskt39vp&revid=0b8rbgp2bpeofmk5ta3n3mgjtefbzdevwtk5wwhpjd3yruejjpq"; endswith; nocase; http.host; content:"docs.google.com"; classtype:trojan-activity; sid:100005976; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/uc?export=download&id=1zxejnkdwqezrbgani5vjk2y2nhmpkg0z&revid=0b-bo0wgwxcblsui1mehkbhrlu01rwxnyrxzxanbdendmbndnpq"; endswith; nocase; http.host; content:"docs.google.com"; classtype:trojan-activity; sid:100005977; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/frm0reseen/prntscrnofamzorderid.jpg.exe"; endswith; nocase; http.host; content:"drive.google.com.it-barcelona.com"; classtype:trojan-activity; sid:100005978; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/uc?export=download&id=12ma_yvbmprts6e_vkfnmwikrnwsarqbw"; endswith; nocase; http.host; content:"drive.google.com"; classtype:trojan-activity; sid:100005979; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/uc?export=download&id=18o7mqyspgh9dsbvrwixbnnddt-fpbljr"; endswith; nocase; http.host; content:"drive.google.com"; classtype:trojan-activity; sid:100005980; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/uc?export=download&id=18zfspcrlbavz_ooolsobhnpa264xyytm"; endswith; nocase; http.host; content:"drive.google.com"; classtype:trojan-activity; sid:100005981; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/uc?export=download&id=1_kme2jlo4rwuoi0skp0ejlnqrjpi0zha"; endswith; nocase; http.host; content:"drive.google.com"; classtype:trojan-activity; sid:100005982; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/uc?export=download&id=1alq8r5tnr6wwiftqa3l6d9fymv7y0g9m"; endswith; nocase; http.host; content:"drive.google.com"; classtype:trojan-activity; sid:100005983; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/uc?export=download&id=1b6t1mjnjcvndcy-mdqq0neqrbocqyju4"; endswith; nocase; http.host; content:"drive.google.com"; classtype:trojan-activity; sid:100005984; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/uc?export=download&id=1etpmpb2shvuny5dxj5awfpxklxqpbzgx"; endswith; nocase; http.host; content:"drive.google.com"; classtype:trojan-activity; sid:100005985; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/uc?export=download&id=1fa2j7bhbrbrijrqqw6ls0zqsqphkez5z"; endswith; nocase; http.host; content:"drive.google.com"; classtype:trojan-activity; sid:100005986; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/uc?export=download&id=1igs5o27dptipoo8iqgpvjqpzytr0bekk"; endswith; nocase; http.host; content:"drive.google.com"; classtype:trojan-activity; sid:100005987; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/uc?export=download&id=1ma38y_tmkwp6spyu_omub2ntyzolb0qj"; endswith; nocase; http.host; content:"drive.google.com"; classtype:trojan-activity; sid:100005988; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/uc?export=download&id=1n8_s6gijerearczwh74blkygodig64eo"; endswith; nocase; http.host; content:"drive.google.com"; classtype:trojan-activity; sid:100005989; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/uc?export=download&id=1nw1gmzg6lwtuhs0tte969xcfpp9_dc5q"; endswith; nocase; http.host; content:"drive.google.com"; classtype:trojan-activity; sid:100005990; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/uc?export=download&id=1o9jg3oqyewncoptigwscdbtfmvtfqygj"; endswith; nocase; http.host; content:"drive.google.com"; classtype:trojan-activity; sid:100005991; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/uc?export=download&id=1pr2l1wfpwhfzln-sq93bb9xwfqtrwezu"; endswith; nocase; http.host; content:"drive.google.com"; classtype:trojan-activity; sid:100005992; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/uc?export=download&id=1quzouzjuncjhkgnferfx06dg7icwxy2d"; endswith; nocase; http.host; content:"drive.google.com"; classtype:trojan-activity; sid:100005993; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/uc?export=download&id=1tnnhctucoeyrnqdkpizy9gm6w5ha0_tb"; endswith; nocase; http.host; content:"drive.google.com"; classtype:trojan-activity; sid:100005994; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/uc?export=download&id=1uygnpwzzyzn2rodsrimg0-sloxy_letg"; endswith; nocase; http.host; content:"drive.google.com"; classtype:trojan-activity; sid:100005995; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/uc?export=download&id=1xicgfa9vh3abye-hhz4aq5t9pnpsxlgt"; endswith; nocase; http.host; content:"drive.google.com"; classtype:trojan-activity; sid:100005996; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/uc?export=download&id=1yfqtugahqhqrulwugdekeavffktsl8ci"; endswith; nocase; http.host; content:"drive.google.com"; classtype:trojan-activity; sid:100005997; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/uc?export=download&id=1z7qhwcozjwehksdhw-yuivac2jzwjqia"; endswith; nocase; http.host; content:"drive.google.com"; classtype:trojan-activity; sid:100005998; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/uc?id=1a7jwdzayvxw_d3cgv_n7tjf4sty3ufor&export=download"; endswith; nocase; http.host; content:"drive.google.com"; classtype:trojan-activity; sid:100005999; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/uc?id=1iwdxnkdbwf-d2ck37ud7w47vewqpxvym&export=download"; endswith; nocase; http.host; content:"drive.google.com"; classtype:trojan-activity; sid:100006000; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/uc?id=1y59mvv5dlrjfcdnlz3gmfskjj2vqerz1&export=download"; endswith; nocase; http.host; content:"drive.google.com"; classtype:trojan-activity; sid:100006001; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/downloads/emclick.zip"; endswith; nocase; http.host; content:"e-mudhra.com"; classtype:trojan-activity; sid:100006002; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/wp-admin/n/"; endswith; nocase; http.host; content:"earnmoneylending.com"; classtype:trojan-activity; sid:100006003; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/pki-validation/oehg/"; endswith; nocase; http.host; content:"eaton.edu.my"; classtype:trojan-activity; sid:100006004; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/attachments/universal-bios-backup-toolkit-2-0-zip.36679/"; endswith; nocase; http.host; content:"electro-tech-online.com"; classtype:trojan-activity; sid:100006005; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/0lrch9.php?redacted"; endswith; nocase; http.host; content:"fanupload.app"; classtype:trojan-activity; sid:100006006; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/z93dg4.php?redacted"; endswith; nocase; http.host; content:"fanupload.app"; classtype:trojan-activity; sid:100006007; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/iwfr9kkj.zip"; endswith; nocase; http.host; content:"futbolpr.com"; classtype:trojan-activity; sid:100006008; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/p/?redacted"; endswith; nocase; http.host; content:"gaucimagri.com"; classtype:trojan-activity; sid:100006009; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/d/?redacted"; endswith; nocase; http.host; content:"giacongson.com.vn"; classtype:trojan-activity; sid:100006010; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/daanujs/daanujs/blob/main/rasomware2.0.exe?raw=true"; endswith; nocase; http.host; content:"github.com"; classtype:trojan-activity; sid:100006011; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/mr-r3b00t/rdp_backdoor/archive/refs/heads/main.zip"; endswith; nocase; http.host; content:"github.com"; classtype:trojan-activity; sid:100006012; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/prolivbebra/dasads/-/raw/main/vertigosprince_crypted__5_.exe"; endswith; nocase; http.host; content:"gitlab.com"; classtype:trojan-activity; sid:100006013; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/slavadurak23/opkppofqwkf/-/raw/main/ahahahaha.exe"; endswith; nocase; http.host; content:"gitlab.com"; classtype:trojan-activity; sid:100006014; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/globaldeeds.org/qyj6kdd69/"; endswith; nocase; http.host; content:"globaldeeds.com"; classtype:trojan-activity; sid:100006015; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/f/?redacted"; endswith; nocase; http.host; content:"grdeus.net"; classtype:trojan-activity; sid:100006016; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/i/?redacted"; endswith; nocase; http.host; content:"grdeus.net"; classtype:trojan-activity; sid:100006017; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/s/?redacted"; endswith; nocase; http.host; content:"grdeus.net"; classtype:trojan-activity; sid:100006018; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/p/?redacted"; endswith; nocase; http.host; content:"gudangkarpetsurabaya.com"; classtype:trojan-activity; sid:100006019; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/a.php?redacted"; endswith; nocase; http.host; content:"hihisea.com"; classtype:trojan-activity; sid:100006020; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/9gp6/dhddrobrjhsiiw7a/"; endswith; nocase; http.host; content:"karee.asia"; classtype:trojan-activity; sid:100006021; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/wp-admin/images/l8vatjj/"; endswith; nocase; http.host; content:"kihonhair.com.br"; classtype:trojan-activity; sid:100006022; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/down/affiliate/kuaizip_setup_10029.exe"; endswith; nocase; http.host; content:"kuaizip.com"; classtype:trojan-activity; sid:100006023; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/file/66v0m70xswjq7xo/9.doc/file"; endswith; nocase; http.host; content:"mediafire.com"; classtype:trojan-activity; sid:100006024; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/file/95ggilwnqccbq6l/20.doc/file"; endswith; nocase; http.host; content:"mediafire.com"; classtype:trojan-activity; sid:100006025; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/file/acvetx32mcyvszp/3.doc/file"; endswith; nocase; http.host; content:"mediafire.com"; classtype:trojan-activity; sid:100006026; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/file/chz7hwxww3pf86n/2.doc/file"; endswith; nocase; http.host; content:"mediafire.com"; classtype:trojan-activity; sid:100006027; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/file/csn7w5ayankpwte/5.doc/file"; endswith; nocase; http.host; content:"mediafire.com"; classtype:trojan-activity; sid:100006028; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/file/mzhvyapctwn59sk/fac0912.tgz"; endswith; nocase; http.host; content:"mediafire.com"; classtype:trojan-activity; sid:100006029; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/file/o7mbmqzedgahqhw/30.doc/file"; endswith; nocase; http.host; content:"mediafire.com"; classtype:trojan-activity; sid:100006030; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/file/ptisxpgwuivaqxi/25.doc/file"; endswith; nocase; http.host; content:"mediafire.com"; classtype:trojan-activity; sid:100006031; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/file/treg1h3gvsoiu90/justf2312.tgz/file"; endswith; nocase; http.host; content:"mediafire.com"; classtype:trojan-activity; sid:100006032; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/file/znppbz73odugi1v/8.doc/file"; endswith; nocase; http.host; content:"mediafire.com"; classtype:trojan-activity; sid:100006033; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/k/big5/1giof6/"; endswith; nocase; http.host; content:"minpic.de"; classtype:trojan-activity; sid:100006034; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/yws/api/personal/file/web3a243b322cf83ca7cae587a92916bac7?method=download&inline=true&sharekey=649ac0bb5d5b13d15cbf50b2609e193a"; endswith; nocase; http.host; content:"note.youdao.com"; classtype:trojan-activity; sid:100006035; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/5/olyl03/"; endswith; nocase; http.host; content:"oliva.co.id"; classtype:trojan-activity; sid:100006036; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/a/hxvn2ukpuidawwb/"; endswith; nocase; http.host; content:"oliva.co.id"; classtype:trojan-activity; sid:100006037; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/z/wwxkm/"; endswith; nocase; http.host; content:"oliva.co.id"; classtype:trojan-activity; sid:100006038; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/wp-content/ntteskah"; endswith; nocase; http.host; content:"onebet.co.ug"; classtype:trojan-activity; sid:100006039; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/wp-content/ntteskah/"; endswith; nocase; http.host; content:"onebet.co.ug"; classtype:trojan-activity; sid:100006040; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/500279229/c4d1ce167d49df4f2206a5fe210b189f/winlocker.exe"; endswith; nocase; http.host; content:"padlet-uploads.storage.googleapis.com"; classtype:trojan-activity; sid:100006041; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/500279229/dfd16dbfc5b6c3ac5e3468e0929d1973/karlocker_exe.exe"; endswith; nocase; http.host; content:"padlet-uploads.storage.googleapis.com"; classtype:trojan-activity; sid:100006042; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/500279229/ebc8ef7d87c522e51b4dc3429f48d2db/systemcrasher_bydaniel.exe"; endswith; nocase; http.host; content:"padlet-uploads.storage.googleapis.com"; classtype:trojan-activity; sid:100006043; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/q/dk/"; endswith; nocase; http.host; content:"panp.top"; classtype:trojan-activity; sid:100006044; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/q/vwlymloylqqwusx2l/"; endswith; nocase; http.host; content:"panp.top"; classtype:trojan-activity; sid:100006045; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/wp-content/3eq4vikvwt/"; endswith; nocase; http.host; content:"pasionportufuturo.pe"; classtype:trojan-activity; sid:100006046; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/wp-content/a9ludq6ptfqg"; endswith; nocase; http.host; content:"pasionportufuturo.pe"; classtype:trojan-activity; sid:100006047; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/wp-content/a9ludq6ptfqg/"; endswith; nocase; http.host; content:"pasionportufuturo.pe"; classtype:trojan-activity; sid:100006048; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/wp-content/axzhsh/"; endswith; nocase; http.host; content:"pasionportufuturo.pe"; classtype:trojan-activity; sid:100006049; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/wp-content/grhcx5zzgydfrjic0dounzty7d/"; endswith; nocase; http.host; content:"pasionportufuturo.pe"; classtype:trojan-activity; sid:100006050; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/wp-content/hh72"; endswith; nocase; http.host; content:"pasionportufuturo.pe"; classtype:trojan-activity; sid:100006051; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/wp-content/hh72/"; endswith; nocase; http.host; content:"pasionportufuturo.pe"; classtype:trojan-activity; sid:100006052; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/wp-content/r/"; endswith; nocase; http.host; content:"pasionportufuturo.pe"; classtype:trojan-activity; sid:100006053; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/wp-content/xubs/"; endswith; nocase; http.host; content:"pasionportufuturo.pe"; classtype:trojan-activity; sid:100006054; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/wp-content/xubs///"; endswith; nocase; http.host; content:"pasionportufuturo.pe"; classtype:trojan-activity; sid:100006055; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/r/m6czr/0"; endswith; nocase; http.host; content:"paste.ee"; classtype:trojan-activity; sid:100006056; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/r/vepbm/0"; endswith; nocase; http.host; content:"paste.ee"; classtype:trojan-activity; sid:100006057; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/raw/1une7l1w"; endswith; nocase; http.host; content:"pastebin.com"; classtype:trojan-activity; sid:100006058; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/raw/36upqnpl"; endswith; nocase; http.host; content:"pastebin.com"; classtype:trojan-activity; sid:100006059; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/raw/3j1aqk1z"; endswith; nocase; http.host; content:"pastebin.com"; classtype:trojan-activity; sid:100006060; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/raw/3pkqiyes"; endswith; nocase; http.host; content:"pastebin.com"; classtype:trojan-activity; sid:100006061; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/raw/4dpuy8jx"; endswith; nocase; http.host; content:"pastebin.com"; classtype:trojan-activity; sid:100006062; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/raw/4fvypptf"; endswith; nocase; http.host; content:"pastebin.com"; classtype:trojan-activity; sid:100006063; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/raw/4fwgxkzb"; endswith; nocase; http.host; content:"pastebin.com"; classtype:trojan-activity; sid:100006064; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/raw/5y98ssd2"; endswith; nocase; http.host; content:"pastebin.com"; classtype:trojan-activity; sid:100006065; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/raw/69r32i3v"; endswith; nocase; http.host; content:"pastebin.com"; classtype:trojan-activity; sid:100006066; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/raw/6ut0pbxt"; endswith; nocase; http.host; content:"pastebin.com"; classtype:trojan-activity; sid:100006067; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/raw/77jhk0iw"; endswith; nocase; http.host; content:"pastebin.com"; classtype:trojan-activity; sid:100006068; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/raw/7yrtvh0j"; endswith; nocase; http.host; content:"pastebin.com"; classtype:trojan-activity; sid:100006069; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/raw/89hkc7wb"; endswith; nocase; http.host; content:"pastebin.com"; classtype:trojan-activity; sid:100006070; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/raw/9puh0rk7"; endswith; nocase; http.host; content:"pastebin.com"; classtype:trojan-activity; sid:100006071; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/raw/apzw415p"; endswith; nocase; http.host; content:"pastebin.com"; classtype:trojan-activity; sid:100006072; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/raw/bjsheert"; endswith; nocase; http.host; content:"pastebin.com"; classtype:trojan-activity; sid:100006073; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/raw/bp3pwxrx"; endswith; nocase; http.host; content:"pastebin.com"; classtype:trojan-activity; sid:100006074; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/raw/bqbjuj1z"; endswith; nocase; http.host; content:"pastebin.com"; classtype:trojan-activity; sid:100006075; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/raw/bqhbezhr"; endswith; nocase; http.host; content:"pastebin.com"; classtype:trojan-activity; sid:100006076; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/raw/bufrc7cj"; endswith; nocase; http.host; content:"pastebin.com"; classtype:trojan-activity; sid:100006077; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/raw/bvwfncew"; endswith; nocase; http.host; content:"pastebin.com"; classtype:trojan-activity; sid:100006078; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/raw/cahrike6"; endswith; nocase; http.host; content:"pastebin.com"; classtype:trojan-activity; sid:100006079; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/raw/cktyvfqt"; endswith; nocase; http.host; content:"pastebin.com"; classtype:trojan-activity; sid:100006080; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/raw/cl49lhsm"; endswith; nocase; http.host; content:"pastebin.com"; classtype:trojan-activity; sid:100006081; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/raw/ct99tglf"; endswith; nocase; http.host; content:"pastebin.com"; classtype:trojan-activity; sid:100006082; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/raw/ctrqt3vp"; endswith; nocase; http.host; content:"pastebin.com"; classtype:trojan-activity; sid:100006083; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/raw/czxtzgf6"; endswith; nocase; http.host; content:"pastebin.com"; classtype:trojan-activity; sid:100006084; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/raw/dvpxtrur"; endswith; nocase; http.host; content:"pastebin.com"; classtype:trojan-activity; sid:100006085; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/raw/emy1xgpz"; endswith; nocase; http.host; content:"pastebin.com"; classtype:trojan-activity; sid:100006086; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/raw/fiydpwxj"; endswith; nocase; http.host; content:"pastebin.com"; classtype:trojan-activity; sid:100006087; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/raw/fwwstz49"; endswith; nocase; http.host; content:"pastebin.com"; classtype:trojan-activity; sid:100006088; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/raw/g9ks17jy"; endswith; nocase; http.host; content:"pastebin.com"; classtype:trojan-activity; sid:100006089; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/raw/gjmqqf9u"; endswith; nocase; http.host; content:"pastebin.com"; classtype:trojan-activity; sid:100006090; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/raw/gkj9jeek"; endswith; nocase; http.host; content:"pastebin.com"; classtype:trojan-activity; sid:100006091; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/raw/gs3l8dwc"; endswith; nocase; http.host; content:"pastebin.com"; classtype:trojan-activity; sid:100006092; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/raw/gudcxzqi"; endswith; nocase; http.host; content:"pastebin.com"; classtype:trojan-activity; sid:100006093; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/raw/i6g1hcn0"; endswith; nocase; http.host; content:"pastebin.com"; classtype:trojan-activity; sid:100006094; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/raw/j829zaxe"; endswith; nocase; http.host; content:"pastebin.com"; classtype:trojan-activity; sid:100006095; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/raw/krybpcas"; endswith; nocase; http.host; content:"pastebin.com"; classtype:trojan-activity; sid:100006096; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/raw/mlttpa1p"; endswith; nocase; http.host; content:"pastebin.com"; classtype:trojan-activity; sid:100006097; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/raw/mqnucjlp"; endswith; nocase; http.host; content:"pastebin.com"; classtype:trojan-activity; sid:100006098; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/raw/myefegtf"; endswith; nocase; http.host; content:"pastebin.com"; classtype:trojan-activity; sid:100006099; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/raw/nk5teq0r"; endswith; nocase; http.host; content:"pastebin.com"; classtype:trojan-activity; sid:100006100; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/raw/p3s11jpc"; endswith; nocase; http.host; content:"pastebin.com"; classtype:trojan-activity; sid:100006101; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/raw/ph9jefkj"; endswith; nocase; http.host; content:"pastebin.com"; classtype:trojan-activity; sid:100006102; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/raw/pxuj2cr6"; endswith; nocase; http.host; content:"pastebin.com"; classtype:trojan-activity; sid:100006103; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/raw/qb4fa1mg"; endswith; nocase; http.host; content:"pastebin.com"; classtype:trojan-activity; sid:100006104; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/raw/qcu4ppva"; endswith; nocase; http.host; content:"pastebin.com"; classtype:trojan-activity; sid:100006105; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/raw/qjigyejs"; endswith; nocase; http.host; content:"pastebin.com"; classtype:trojan-activity; sid:100006106; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/raw/qr5zkmnu"; endswith; nocase; http.host; content:"pastebin.com"; classtype:trojan-activity; sid:100006107; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/raw/rzbzhqgh"; endswith; nocase; http.host; content:"pastebin.com"; classtype:trojan-activity; sid:100006108; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/raw/s7znv8xf"; endswith; nocase; http.host; content:"pastebin.com"; classtype:trojan-activity; sid:100006109; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/raw/sbww1sxl"; endswith; nocase; http.host; content:"pastebin.com"; classtype:trojan-activity; sid:100006110; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/raw/sjzmdpp1"; endswith; nocase; http.host; content:"pastebin.com"; classtype:trojan-activity; sid:100006111; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/raw/th9kcrs1"; endswith; nocase; http.host; content:"pastebin.com"; classtype:trojan-activity; sid:100006112; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/raw/tivw1tj0"; endswith; nocase; http.host; content:"pastebin.com"; classtype:trojan-activity; sid:100006113; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/raw/tlfarpp4"; endswith; nocase; http.host; content:"pastebin.com"; classtype:trojan-activity; sid:100006114; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/raw/tmiethvj"; endswith; nocase; http.host; content:"pastebin.com"; classtype:trojan-activity; sid:100006115; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/raw/tzetmw43"; endswith; nocase; http.host; content:"pastebin.com"; classtype:trojan-activity; sid:100006116; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/raw/u59eearf"; endswith; nocase; http.host; content:"pastebin.com"; classtype:trojan-activity; sid:100006117; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/raw/udqsatcz"; endswith; nocase; http.host; content:"pastebin.com"; classtype:trojan-activity; sid:100006118; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/raw/ue0cfwm7"; endswith; nocase; http.host; content:"pastebin.com"; classtype:trojan-activity; sid:100006119; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/raw/ukdkvfd8"; endswith; nocase; http.host; content:"pastebin.com"; classtype:trojan-activity; sid:100006120; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/raw/uqh6fu8r"; endswith; nocase; http.host; content:"pastebin.com"; classtype:trojan-activity; sid:100006121; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/raw/v0hsft3y"; endswith; nocase; http.host; content:"pastebin.com"; classtype:trojan-activity; sid:100006122; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/raw/vg7m1ser"; endswith; nocase; http.host; content:"pastebin.com"; classtype:trojan-activity; sid:100006123; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/raw/vz0sldw3"; endswith; nocase; http.host; content:"pastebin.com"; classtype:trojan-activity; sid:100006124; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/raw/w97es7cw"; endswith; nocase; http.host; content:"pastebin.com"; classtype:trojan-activity; sid:100006125; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/raw/ws7ggjlt"; endswith; nocase; http.host; content:"pastebin.com"; classtype:trojan-activity; sid:100006126; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/raw/wwrpn4er"; endswith; nocase; http.host; content:"pastebin.com"; classtype:trojan-activity; sid:100006127; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/raw/wxuqqw2i"; endswith; nocase; http.host; content:"pastebin.com"; classtype:trojan-activity; sid:100006128; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/raw/xcvbukkb"; endswith; nocase; http.host; content:"pastebin.com"; classtype:trojan-activity; sid:100006129; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/raw/xxjcr1f2"; endswith; nocase; http.host; content:"pastebin.com"; classtype:trojan-activity; sid:100006130; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/raw/y39hpqsy"; endswith; nocase; http.host; content:"pastebin.com"; classtype:trojan-activity; sid:100006131; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/raw/ypjfshky"; endswith; nocase; http.host; content:"pastebin.com"; classtype:trojan-activity; sid:100006132; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/raw/yqvsvlvq"; endswith; nocase; http.host; content:"pastebin.com"; classtype:trojan-activity; sid:100006133; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/raw/yytzkinx"; endswith; nocase; http.host; content:"pastebin.com"; classtype:trojan-activity; sid:100006134; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/raw/zxsp2w7h"; endswith; nocase; http.host; content:"pastebin.com"; classtype:trojan-activity; sid:100006135; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/wp-admin/llc/mwcacs65xienqdp/"; endswith; nocase; http.host; content:"pierreconsulting.info"; classtype:trojan-activity; sid:100006136; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/arntsonl/calc_security_poc/master/dll/calc.dll"; endswith; nocase; http.host; content:"raw.githubusercontent.com"; classtype:trojan-activity; sid:100006137; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/bero1985/berotinypascal/e34bd4164f4b7c27e7cf667dffd9274d33d6dfbe/bin/btpc.exe"; endswith; nocase; http.host; content:"raw.githubusercontent.com"; classtype:trojan-activity; sid:100006138; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/evil-coder66/defendercontrol/main/defendercontrol.exe"; endswith; nocase; http.host; content:"raw.githubusercontent.com"; classtype:trojan-activity; sid:100006139; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/fuzzbunch/fuzzbunch/master/payloads/doublepulsar-1.3.1.exe"; endswith; nocase; http.host; content:"raw.githubusercontent.com"; classtype:trojan-activity; sid:100006140; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/realtek25556/rhti2/gh-pages/90hfnvo69vk2ot.bmp"; endswith; nocase; http.host; content:"raw.githubusercontent.com"; classtype:trojan-activity; sid:100006141; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/swagkarna/bypass-tamper-protection/main/nsudo.exe"; endswith; nocase; http.host; content:"raw.githubusercontent.com"; classtype:trojan-activity; sid:100006142; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/xanaxgang/yea-i-do-them-drugz/main/mnr/prig.txt"; endswith; nocase; http.host; content:"raw.githubusercontent.com"; classtype:trojan-activity; sid:100006143; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/xanaxgang/yea-i-do-them-drugz/main/mnr/xm.txt"; endswith; nocase; http.host; content:"raw.githubusercontent.com"; classtype:trojan-activity; sid:100006144; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/i/?redacted"; endswith; nocase; http.host; content:"sauvonslesanimaux.com"; classtype:trojan-activity; sid:100006145; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/site/stormqk/dn/stormagent.apk?attredirects=0"; endswith; nocase; http.host; content:"sites.google.com"; classtype:trojan-activity; sid:100006146; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/snap/zgf/3q4/f1i/qswonvo.zip"; endswith; nocase; http.host; content:"slotciputra.com"; classtype:trojan-activity; sid:100006147; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/inst77player/inst77player_1.0.0.1.exe"; endswith; nocase; http.host; content:"softdl.360tpcdn.com"; classtype:trojan-activity; sid:100006148; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/wp-includes/o0ddfiyur/"; endswith; nocase; http.host; content:"studiokrishnaproduction.com"; classtype:trojan-activity; sid:100006149; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/lfi9iu.rar"; endswith; nocase; http.host; content:"tobecoaching.co.uk"; classtype:trojan-activity; sid:100006150; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/j/?redacted"; endswith; nocase; http.host; content:"untukamu.co.id"; classtype:trojan-activity; sid:100006151; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/explorer.exe"; endswith; nocase; http.host; content:"waskitaprecast.co.id"; classtype:trojan-activity; sid:100006152; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/microsoft.exe"; endswith; nocase; http.host; content:"waskitaprecast.co.id"; classtype:trojan-activity; sid:100006153; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/issues/136_140/flt_shovemydiscoupyourarse.exe"; endswith; nocase; http.host; content:"websound.ru"; classtype:trojan-activity; sid:100006154; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/issues/136_140/kb%5efr_ouverture.exe"; endswith; nocase; http.host; content:"websound.ru"; classtype:trojan-activity; sid:100006155; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/issues/136_140/kb^fr_ouverture.exe"; endswith; nocase; http.host; content:"websound.ru"; classtype:trojan-activity; sid:100006156; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/issues/146_150/bc_memories_from_the_mcp.exe"; endswith; nocase; http.host; content:"websound.ru"; classtype:trojan-activity; sid:100006157; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/issues/151_155/tidex_-_short_stuff.exe"; endswith; nocase; http.host; content:"websound.ru"; classtype:trojan-activity; sid:100006158; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/i/?redacted"; endswith; nocase; http.host; content:"xmartrdp.com"; classtype:trojan-activity; sid:100006159; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; flow:established,from_client; http.method; content:"GET"; http.uri; content:"/34c0b59dac7e43201a6f/7429732531944867573"; endswith; nocase; http.host; content:"zalo-file-doc5.zdn.vn"; classtype:trojan-activity; sid:100006160; rev:1;)
|