3970 lines
867 KiB
Plaintext
3970 lines
867 KiB
Plaintext
# Title: Online Malicious URL Snort3 Ruleset
|
|
# Updated: Mon, 05 Apr 2021 12:12:34 UTC
|
|
# Expires: 1 day (update frequency)
|
|
# Homepage: https://gitlab.com/curben/urlhaus-filter
|
|
# License: https://gitlab.com/curben/urlhaus-filter#license
|
|
# Source: https://urlhaus.abuse.ch/api/
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"0-24bpautomentes.hu",nocase; classtype:trojan-activity; sid:100000001; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"0cl.sldov.ru",nocase; classtype:trojan-activity; sid:100000002; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"1.11.234.99",nocase; classtype:trojan-activity; sid:100000003; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"1.186.151.219",nocase; classtype:trojan-activity; sid:100000004; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"1.222.166.69",nocase; classtype:trojan-activity; sid:100000005; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"1.222.196.60",nocase; classtype:trojan-activity; sid:100000006; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"1.245.4.163",nocase; classtype:trojan-activity; sid:100000007; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"1.246.222.107",nocase; classtype:trojan-activity; sid:100000008; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"1.246.222.109",nocase; classtype:trojan-activity; sid:100000009; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"1.246.222.113",nocase; classtype:trojan-activity; sid:100000010; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"1.246.222.127",nocase; classtype:trojan-activity; sid:100000011; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"1.246.222.134",nocase; classtype:trojan-activity; sid:100000012; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"1.246.222.138",nocase; classtype:trojan-activity; sid:100000013; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"1.246.222.14",nocase; classtype:trojan-activity; sid:100000014; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"1.246.222.16",nocase; classtype:trojan-activity; sid:100000015; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"1.246.222.165",nocase; classtype:trojan-activity; sid:100000016; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"1.246.222.20",nocase; classtype:trojan-activity; sid:100000017; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"1.246.222.228",nocase; classtype:trojan-activity; sid:100000018; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"1.246.222.234",nocase; classtype:trojan-activity; sid:100000019; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"1.246.222.237",nocase; classtype:trojan-activity; sid:100000020; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"1.246.222.245",nocase; classtype:trojan-activity; sid:100000021; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"1.246.222.249",nocase; classtype:trojan-activity; sid:100000022; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"1.246.222.25",nocase; classtype:trojan-activity; sid:100000023; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"1.246.222.38",nocase; classtype:trojan-activity; sid:100000024; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"1.246.222.41",nocase; classtype:trojan-activity; sid:100000025; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"1.246.222.43",nocase; classtype:trojan-activity; sid:100000026; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"1.246.222.45",nocase; classtype:trojan-activity; sid:100000027; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"1.246.222.56",nocase; classtype:trojan-activity; sid:100000028; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"1.246.222.63",nocase; classtype:trojan-activity; sid:100000029; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"1.246.222.69",nocase; classtype:trojan-activity; sid:100000030; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"1.246.222.8",nocase; classtype:trojan-activity; sid:100000031; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"1.246.222.80",nocase; classtype:trojan-activity; sid:100000032; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"1.246.222.94",nocase; classtype:trojan-activity; sid:100000033; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"1.246.222.98",nocase; classtype:trojan-activity; sid:100000034; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"1.246.223.10",nocase; classtype:trojan-activity; sid:100000035; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"1.246.223.103",nocase; classtype:trojan-activity; sid:100000036; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"1.246.223.105",nocase; classtype:trojan-activity; sid:100000037; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"1.246.223.126",nocase; classtype:trojan-activity; sid:100000038; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"1.246.223.130",nocase; classtype:trojan-activity; sid:100000039; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"1.246.223.146",nocase; classtype:trojan-activity; sid:100000040; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"1.246.223.148",nocase; classtype:trojan-activity; sid:100000041; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"1.246.223.15",nocase; classtype:trojan-activity; sid:100000042; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"1.246.223.151",nocase; classtype:trojan-activity; sid:100000043; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"1.246.223.22",nocase; classtype:trojan-activity; sid:100000044; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"1.246.223.223",nocase; classtype:trojan-activity; sid:100000045; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"1.246.223.4",nocase; classtype:trojan-activity; sid:100000046; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"1.246.223.48",nocase; classtype:trojan-activity; sid:100000047; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"1.246.223.54",nocase; classtype:trojan-activity; sid:100000048; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"1.246.223.58",nocase; classtype:trojan-activity; sid:100000049; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"1.246.223.59",nocase; classtype:trojan-activity; sid:100000050; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"1.246.223.6",nocase; classtype:trojan-activity; sid:100000051; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"1.246.223.61",nocase; classtype:trojan-activity; sid:100000052; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"1.246.223.71",nocase; classtype:trojan-activity; sid:100000053; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"1.246.223.83",nocase; classtype:trojan-activity; sid:100000054; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"1.246.223.94",nocase; classtype:trojan-activity; sid:100000055; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"1.247.221.141",nocase; classtype:trojan-activity; sid:100000056; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"1.247.221.142",nocase; classtype:trojan-activity; sid:100000057; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"1.250.159.41",nocase; classtype:trojan-activity; sid:100000058; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"1.252.102.28",nocase; classtype:trojan-activity; sid:100000059; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"1.82.104.89",nocase; classtype:trojan-activity; sid:100000060; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"100.12.184.63",nocase; classtype:trojan-activity; sid:100000061; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"100.12.51.122",nocase; classtype:trojan-activity; sid:100000062; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"100.2.131.143",nocase; classtype:trojan-activity; sid:100000063; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"100.8.77.4",nocase; classtype:trojan-activity; sid:100000064; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"1008691.com",nocase; classtype:trojan-activity; sid:100000065; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"101.16.183.179",nocase; classtype:trojan-activity; sid:100000066; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"101.16.98.170",nocase; classtype:trojan-activity; sid:100000067; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"101.229.85.127",nocase; classtype:trojan-activity; sid:100000068; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"101.255.36.154",nocase; classtype:trojan-activity; sid:100000069; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"101.28.105.132",nocase; classtype:trojan-activity; sid:100000070; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"101.28.218.245",nocase; classtype:trojan-activity; sid:100000071; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"101.28.76.34",nocase; classtype:trojan-activity; sid:100000072; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"101.66.81.70",nocase; classtype:trojan-activity; sid:100000073; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"101.73.131.78",nocase; classtype:trojan-activity; sid:100000074; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"101.75.157.99",nocase; classtype:trojan-activity; sid:100000075; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"102.130.115.14",nocase; classtype:trojan-activity; sid:100000076; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"102.141.240.139",nocase; classtype:trojan-activity; sid:100000077; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"103.113.99.79",nocase; classtype:trojan-activity; sid:100000078; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"103.125.218.107",nocase; classtype:trojan-activity; sid:100000079; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"103.136.82.50",nocase; classtype:trojan-activity; sid:100000080; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"103.141.138.118",nocase; classtype:trojan-activity; sid:100000081; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"103.16.145.25",nocase; classtype:trojan-activity; sid:100000082; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"103.204.168.34",nocase; classtype:trojan-activity; sid:100000083; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"103.217.215.21",nocase; classtype:trojan-activity; sid:100000084; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"103.219.152.228",nocase; classtype:trojan-activity; sid:100000085; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"103.224.200.146",nocase; classtype:trojan-activity; sid:100000086; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"103.224.200.40",nocase; classtype:trojan-activity; sid:100000087; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"103.237.21.36",nocase; classtype:trojan-activity; sid:100000088; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"103.238.228.3",nocase; classtype:trojan-activity; sid:100000089; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"103.238.228.4",nocase; classtype:trojan-activity; sid:100000090; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"103.240.249.121",nocase; classtype:trojan-activity; sid:100000091; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"103.4.117.26",nocase; classtype:trojan-activity; sid:100000092; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"103.79.112.254",nocase; classtype:trojan-activity; sid:100000093; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"103.82.98.170",nocase; classtype:trojan-activity; sid:100000094; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"103.84.240.130",nocase; classtype:trojan-activity; sid:100000095; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"103.92.25.90",nocase; classtype:trojan-activity; sid:100000096; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"103.92.25.95",nocase; classtype:trojan-activity; sid:100000097; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"104.168.98.159",nocase; classtype:trojan-activity; sid:100000098; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"104.184.75.123",nocase; classtype:trojan-activity; sid:100000099; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"104.206.93.94",nocase; classtype:trojan-activity; sid:100000100; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"104.33.52.85",nocase; classtype:trojan-activity; sid:100000101; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"104.61.86.37",nocase; classtype:trojan-activity; sid:100000102; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"104.7.141.172",nocase; classtype:trojan-activity; sid:100000103; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"106.1.111.91",nocase; classtype:trojan-activity; sid:100000104; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"106.104.172.178",nocase; classtype:trojan-activity; sid:100000105; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"106.104.193.155",nocase; classtype:trojan-activity; sid:100000106; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"106.105.33.43",nocase; classtype:trojan-activity; sid:100000107; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"107.172.193.132",nocase; classtype:trojan-activity; sid:100000108; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"107.172.249.148",nocase; classtype:trojan-activity; sid:100000109; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"107.173.155.54",nocase; classtype:trojan-activity; sid:100000110; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"107.173.171.143",nocase; classtype:trojan-activity; sid:100000111; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"107.173.219.80",nocase; classtype:trojan-activity; sid:100000112; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"107.174.250.107",nocase; classtype:trojan-activity; sid:100000113; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"107.174.61.139",nocase; classtype:trojan-activity; sid:100000114; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"107.175.197.135",nocase; classtype:trojan-activity; sid:100000115; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"107.175.31.130",nocase; classtype:trojan-activity; sid:100000116; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"107.181.136.96",nocase; classtype:trojan-activity; sid:100000117; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"107.194.242.170",nocase; classtype:trojan-activity; sid:100000118; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"107.219.185.75",nocase; classtype:trojan-activity; sid:100000119; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"107.220.119.25",nocase; classtype:trojan-activity; sid:100000120; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"107.221.96.202",nocase; classtype:trojan-activity; sid:100000121; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"108.190.201.37",nocase; classtype:trojan-activity; sid:100000122; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"108.190.250.48",nocase; classtype:trojan-activity; sid:100000123; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"108.55.199.65",nocase; classtype:trojan-activity; sid:100000124; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"109.124.90.229",nocase; classtype:trojan-activity; sid:100000125; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"109.233.196.232",nocase; classtype:trojan-activity; sid:100000126; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"109.235.7.228",nocase; classtype:trojan-activity; sid:100000127; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"109.86.85.253",nocase; classtype:trojan-activity; sid:100000128; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"109.88.185.119",nocase; classtype:trojan-activity; sid:100000129; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"109.95.200.102",nocase; classtype:trojan-activity; sid:100000130; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"109.95.200.230",nocase; classtype:trojan-activity; sid:100000131; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"109.96.127.90",nocase; classtype:trojan-activity; sid:100000132; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"109.96.57.246",nocase; classtype:trojan-activity; sid:100000133; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"109.99.37.97",nocase; classtype:trojan-activity; sid:100000134; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"110.14.58.190",nocase; classtype:trojan-activity; sid:100000135; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"110.187.229.182",nocase; classtype:trojan-activity; sid:100000136; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"110.228.190.50",nocase; classtype:trojan-activity; sid:100000137; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"110.228.195.46",nocase; classtype:trojan-activity; sid:100000138; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"110.248.124.254",nocase; classtype:trojan-activity; sid:100000139; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"110.248.175.141",nocase; classtype:trojan-activity; sid:100000140; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"110.248.251.194",nocase; classtype:trojan-activity; sid:100000141; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"110.251.10.18",nocase; classtype:trojan-activity; sid:100000142; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"110.253.150.248",nocase; classtype:trojan-activity; sid:100000143; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"110.253.213.198",nocase; classtype:trojan-activity; sid:100000144; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"110.253.51.112",nocase; classtype:trojan-activity; sid:100000145; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"110.255.101.184",nocase; classtype:trojan-activity; sid:100000146; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"110.35.145.127",nocase; classtype:trojan-activity; sid:100000147; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"110.35.208.21",nocase; classtype:trojan-activity; sid:100000148; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"110.35.209.175",nocase; classtype:trojan-activity; sid:100000149; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"110.35.223.92",nocase; classtype:trojan-activity; sid:100000150; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"110.35.225.24",nocase; classtype:trojan-activity; sid:100000151; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"110.35.235.57",nocase; classtype:trojan-activity; sid:100000152; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"110.35.249.21",nocase; classtype:trojan-activity; sid:100000153; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"110.35.4.2",nocase; classtype:trojan-activity; sid:100000154; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"111.119.245.114",nocase; classtype:trojan-activity; sid:100000155; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"111.125.67.125",nocase; classtype:trojan-activity; sid:100000156; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"111.163.50.120",nocase; classtype:trojan-activity; sid:100000157; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"111.170.86.31",nocase; classtype:trojan-activity; sid:100000158; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"111.172.57.20",nocase; classtype:trojan-activity; sid:100000159; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"111.182.235.252",nocase; classtype:trojan-activity; sid:100000160; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"111.185.171.111",nocase; classtype:trojan-activity; sid:100000161; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"111.185.177.85",nocase; classtype:trojan-activity; sid:100000162; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"111.185.23.84",nocase; classtype:trojan-activity; sid:100000163; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"111.185.230.136",nocase; classtype:trojan-activity; sid:100000164; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"111.185.27.9",nocase; classtype:trojan-activity; sid:100000165; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"111.185.49.223",nocase; classtype:trojan-activity; sid:100000166; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"111.38.103.122",nocase; classtype:trojan-activity; sid:100000167; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"111.38.103.66",nocase; classtype:trojan-activity; sid:100000168; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"111.38.104.141",nocase; classtype:trojan-activity; sid:100000169; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"111.38.106.19",nocase; classtype:trojan-activity; sid:100000170; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"111.38.121.222",nocase; classtype:trojan-activity; sid:100000171; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"111.38.121.223",nocase; classtype:trojan-activity; sid:100000172; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"111.38.121.226",nocase; classtype:trojan-activity; sid:100000173; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"111.38.121.228",nocase; classtype:trojan-activity; sid:100000174; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"111.38.26.243",nocase; classtype:trojan-activity; sid:100000175; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"111.38.8.81",nocase; classtype:trojan-activity; sid:100000176; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"111.61.52.53",nocase; classtype:trojan-activity; sid:100000177; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"112.111.108.184",nocase; classtype:trojan-activity; sid:100000178; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"112.147.92.51",nocase; classtype:trojan-activity; sid:100000179; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"112.163.200.217",nocase; classtype:trojan-activity; sid:100000180; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"112.170.124.75",nocase; classtype:trojan-activity; sid:100000181; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"112.170.233.9",nocase; classtype:trojan-activity; sid:100000182; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"112.186.210.211",nocase; classtype:trojan-activity; sid:100000183; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"112.186.96.252",nocase; classtype:trojan-activity; sid:100000184; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"112.187.91.117",nocase; classtype:trojan-activity; sid:100000185; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"112.214.127.42",nocase; classtype:trojan-activity; sid:100000186; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"112.225.187.19",nocase; classtype:trojan-activity; sid:100000187; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"112.225.236.77",nocase; classtype:trojan-activity; sid:100000188; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"112.225.239.126",nocase; classtype:trojan-activity; sid:100000189; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"112.225.43.27",nocase; classtype:trojan-activity; sid:100000190; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"112.226.202.111",nocase; classtype:trojan-activity; sid:100000191; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"112.226.67.193",nocase; classtype:trojan-activity; sid:100000192; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"112.228.180.95",nocase; classtype:trojan-activity; sid:100000193; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"112.228.79.137",nocase; classtype:trojan-activity; sid:100000194; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"112.229.178.109",nocase; classtype:trojan-activity; sid:100000195; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"112.229.188.28",nocase; classtype:trojan-activity; sid:100000196; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"112.230.168.103",nocase; classtype:trojan-activity; sid:100000197; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"112.234.218.202",nocase; classtype:trojan-activity; sid:100000198; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"112.235.188.86",nocase; classtype:trojan-activity; sid:100000199; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"112.236.171.69",nocase; classtype:trojan-activity; sid:100000200; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"112.237.141.241",nocase; classtype:trojan-activity; sid:100000201; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"112.237.144.226",nocase; classtype:trojan-activity; sid:100000202; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"112.237.209.30",nocase; classtype:trojan-activity; sid:100000203; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"112.237.75.157",nocase; classtype:trojan-activity; sid:100000204; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"112.237.99.207",nocase; classtype:trojan-activity; sid:100000205; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"112.238.143.135",nocase; classtype:trojan-activity; sid:100000206; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"112.238.190.207",nocase; classtype:trojan-activity; sid:100000207; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"112.238.227.228",nocase; classtype:trojan-activity; sid:100000208; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"112.238.39.2",nocase; classtype:trojan-activity; sid:100000209; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"112.240.216.17",nocase; classtype:trojan-activity; sid:100000210; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"112.245.12.89",nocase; classtype:trojan-activity; sid:100000211; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"112.245.8.24",nocase; classtype:trojan-activity; sid:100000212; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"112.246.126.58",nocase; classtype:trojan-activity; sid:100000213; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"112.246.162.50",nocase; classtype:trojan-activity; sid:100000214; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"112.246.180.49",nocase; classtype:trojan-activity; sid:100000215; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"112.247.100.14",nocase; classtype:trojan-activity; sid:100000216; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"112.247.16.222",nocase; classtype:trojan-activity; sid:100000217; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"112.247.191.118",nocase; classtype:trojan-activity; sid:100000218; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"112.247.214.146",nocase; classtype:trojan-activity; sid:100000219; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"112.247.240.226",nocase; classtype:trojan-activity; sid:100000220; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"112.247.8.112",nocase; classtype:trojan-activity; sid:100000221; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"112.247.82.122",nocase; classtype:trojan-activity; sid:100000222; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"112.248.148.90",nocase; classtype:trojan-activity; sid:100000223; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"112.248.197.164",nocase; classtype:trojan-activity; sid:100000224; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"112.249.109.217",nocase; classtype:trojan-activity; sid:100000225; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"112.249.118.157",nocase; classtype:trojan-activity; sid:100000226; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"112.250.102.173",nocase; classtype:trojan-activity; sid:100000227; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"112.251.218.210",nocase; classtype:trojan-activity; sid:100000228; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"112.252.136.84",nocase; classtype:trojan-activity; sid:100000229; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"112.252.196.17",nocase; classtype:trojan-activity; sid:100000230; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"112.252.221.244",nocase; classtype:trojan-activity; sid:100000231; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"112.254.208.123",nocase; classtype:trojan-activity; sid:100000232; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"112.254.32.5",nocase; classtype:trojan-activity; sid:100000233; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"112.255.38.10",nocase; classtype:trojan-activity; sid:100000234; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"112.255.6.129",nocase; classtype:trojan-activity; sid:100000235; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"112.255.8.235",nocase; classtype:trojan-activity; sid:100000236; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"112.27.121.163",nocase; classtype:trojan-activity; sid:100000237; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"112.27.124.108",nocase; classtype:trojan-activity; sid:100000238; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"112.27.124.111",nocase; classtype:trojan-activity; sid:100000239; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"112.27.124.117",nocase; classtype:trojan-activity; sid:100000240; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"112.27.124.131",nocase; classtype:trojan-activity; sid:100000241; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"112.27.124.132",nocase; classtype:trojan-activity; sid:100000242; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"112.27.124.133",nocase; classtype:trojan-activity; sid:100000243; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"112.27.124.138",nocase; classtype:trojan-activity; sid:100000244; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"112.27.124.139",nocase; classtype:trojan-activity; sid:100000245; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"112.27.124.143",nocase; classtype:trojan-activity; sid:100000246; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"112.27.124.146",nocase; classtype:trojan-activity; sid:100000247; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"112.27.124.149",nocase; classtype:trojan-activity; sid:100000248; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"112.27.124.150",nocase; classtype:trojan-activity; sid:100000249; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"112.27.124.151",nocase; classtype:trojan-activity; sid:100000250; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"112.27.124.158",nocase; classtype:trojan-activity; sid:100000251; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"112.27.124.162",nocase; classtype:trojan-activity; sid:100000252; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"112.27.124.165",nocase; classtype:trojan-activity; sid:100000253; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"112.27.124.171",nocase; classtype:trojan-activity; sid:100000254; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"112.27.124.174",nocase; classtype:trojan-activity; sid:100000255; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"112.27.124.175",nocase; classtype:trojan-activity; sid:100000256; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"112.27.124.177",nocase; classtype:trojan-activity; sid:100000257; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"112.27.124.179",nocase; classtype:trojan-activity; sid:100000258; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"112.27.124.180",nocase; classtype:trojan-activity; sid:100000259; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"112.27.127.155",nocase; classtype:trojan-activity; sid:100000260; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"112.27.83.23",nocase; classtype:trojan-activity; sid:100000261; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"112.27.85.113",nocase; classtype:trojan-activity; sid:100000262; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"112.27.88.116",nocase; classtype:trojan-activity; sid:100000263; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"112.27.91.212",nocase; classtype:trojan-activity; sid:100000264; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"112.30.1.158",nocase; classtype:trojan-activity; sid:100000265; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"112.30.1.168",nocase; classtype:trojan-activity; sid:100000266; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"112.30.1.177",nocase; classtype:trojan-activity; sid:100000267; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"112.30.1.188",nocase; classtype:trojan-activity; sid:100000268; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"112.30.1.190",nocase; classtype:trojan-activity; sid:100000269; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"112.30.1.211",nocase; classtype:trojan-activity; sid:100000270; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"112.30.1.219",nocase; classtype:trojan-activity; sid:100000271; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"112.30.1.229",nocase; classtype:trojan-activity; sid:100000272; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"112.30.1.230",nocase; classtype:trojan-activity; sid:100000273; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"112.30.1.247",nocase; classtype:trojan-activity; sid:100000274; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"112.30.1.90",nocase; classtype:trojan-activity; sid:100000275; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"112.30.1.91",nocase; classtype:trojan-activity; sid:100000276; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"112.30.110.38",nocase; classtype:trojan-activity; sid:100000277; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"112.30.110.43",nocase; classtype:trojan-activity; sid:100000278; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"112.30.110.48",nocase; classtype:trojan-activity; sid:100000279; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"112.30.38.98",nocase; classtype:trojan-activity; sid:100000280; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"112.30.4.103",nocase; classtype:trojan-activity; sid:100000281; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"112.30.4.118",nocase; classtype:trojan-activity; sid:100000282; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"112.30.4.121",nocase; classtype:trojan-activity; sid:100000283; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"112.30.4.124",nocase; classtype:trojan-activity; sid:100000284; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"112.30.4.136",nocase; classtype:trojan-activity; sid:100000285; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"112.30.4.52",nocase; classtype:trojan-activity; sid:100000286; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"112.30.4.68",nocase; classtype:trojan-activity; sid:100000287; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"112.31.240.239",nocase; classtype:trojan-activity; sid:100000288; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"112.31.87.98",nocase; classtype:trojan-activity; sid:100000289; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"112.53.224.79",nocase; classtype:trojan-activity; sid:100000290; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"112.65.53.175",nocase; classtype:trojan-activity; sid:100000291; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"112.72.153.37",nocase; classtype:trojan-activity; sid:100000292; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"112.72.162.49",nocase; classtype:trojan-activity; sid:100000293; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"112.72.162.53",nocase; classtype:trojan-activity; sid:100000294; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"112.72.175.147",nocase; classtype:trojan-activity; sid:100000295; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"112.72.176.112",nocase; classtype:trojan-activity; sid:100000296; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"112.72.176.84",nocase; classtype:trojan-activity; sid:100000297; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"112.78.45.158",nocase; classtype:trojan-activity; sid:100000298; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"112.80.117.32",nocase; classtype:trojan-activity; sid:100000299; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"112.80.118.16",nocase; classtype:trojan-activity; sid:100000300; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"112.80.127.91",nocase; classtype:trojan-activity; sid:100000301; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"112.80.207.144",nocase; classtype:trojan-activity; sid:100000302; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"112.80.215.101",nocase; classtype:trojan-activity; sid:100000303; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"112.80.218.56",nocase; classtype:trojan-activity; sid:100000304; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"112.82.146.253",nocase; classtype:trojan-activity; sid:100000305; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"112.82.18.255",nocase; classtype:trojan-activity; sid:100000306; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"112.82.224.139",nocase; classtype:trojan-activity; sid:100000307; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"112.93.29.211",nocase; classtype:trojan-activity; sid:100000308; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"113.11.95.254",nocase; classtype:trojan-activity; sid:100000309; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"113.122.238.68",nocase; classtype:trojan-activity; sid:100000310; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"113.161.58.249",nocase; classtype:trojan-activity; sid:100000311; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"113.161.78.185",nocase; classtype:trojan-activity; sid:100000312; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"113.226.42.250",nocase; classtype:trojan-activity; sid:100000313; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"113.227.194.172",nocase; classtype:trojan-activity; sid:100000314; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"113.227.35.229",nocase; classtype:trojan-activity; sid:100000315; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"113.231.211.131",nocase; classtype:trojan-activity; sid:100000316; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"113.232.47.216",nocase; classtype:trojan-activity; sid:100000317; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"113.254.169.251",nocase; classtype:trojan-activity; sid:100000318; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"113.59.128.133",nocase; classtype:trojan-activity; sid:100000319; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"113.59.133.16",nocase; classtype:trojan-activity; sid:100000320; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"113.59.136.39",nocase; classtype:trojan-activity; sid:100000321; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"113.59.144.42",nocase; classtype:trojan-activity; sid:100000322; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"113.59.154.21",nocase; classtype:trojan-activity; sid:100000323; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"113.59.191.47",nocase; classtype:trojan-activity; sid:100000324; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"113.61.204.205",nocase; classtype:trojan-activity; sid:100000325; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"113.88.85.168",nocase; classtype:trojan-activity; sid:100000326; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"113.89.43.185",nocase; classtype:trojan-activity; sid:100000327; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"113.92.223.202",nocase; classtype:trojan-activity; sid:100000328; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"114.111.242.3",nocase; classtype:trojan-activity; sid:100000329; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"114.199.204.37",nocase; classtype:trojan-activity; sid:100000330; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"114.199.253.235",nocase; classtype:trojan-activity; sid:100000331; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"114.224.203.128",nocase; classtype:trojan-activity; sid:100000332; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"114.226.100.56",nocase; classtype:trojan-activity; sid:100000333; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"114.228.205.101",nocase; classtype:trojan-activity; sid:100000334; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"114.229.165.194",nocase; classtype:trojan-activity; sid:100000335; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"114.30.54.64",nocase; classtype:trojan-activity; sid:100000336; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"114.79.172.42",nocase; classtype:trojan-activity; sid:100000337; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"115.165.216.112",nocase; classtype:trojan-activity; sid:100000338; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"115.201.38.185",nocase; classtype:trojan-activity; sid:100000339; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"115.234.213.224",nocase; classtype:trojan-activity; sid:100000340; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"115.42.47.36",nocase; classtype:trojan-activity; sid:100000341; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"115.52.22.238",nocase; classtype:trojan-activity; sid:100000342; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"115.56.131.242",nocase; classtype:trojan-activity; sid:100000343; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"115.56.133.96",nocase; classtype:trojan-activity; sid:100000344; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"115.56.183.76",nocase; classtype:trojan-activity; sid:100000345; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"115.58.132.140",nocase; classtype:trojan-activity; sid:100000346; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"115.61.118.201",nocase; classtype:trojan-activity; sid:100000347; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"115.61.185.250",nocase; classtype:trojan-activity; sid:100000348; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"115.73.3.11",nocase; classtype:trojan-activity; sid:100000349; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"115.92.174.231",nocase; classtype:trojan-activity; sid:100000350; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"116.124.219.2",nocase; classtype:trojan-activity; sid:100000351; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"116.132.151.60",nocase; classtype:trojan-activity; sid:100000352; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"116.2.39.188",nocase; classtype:trojan-activity; sid:100000353; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"116.206.164.46",nocase; classtype:trojan-activity; sid:100000354; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"116.211.100.26",nocase; classtype:trojan-activity; sid:100000355; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"116.73.219.135",nocase; classtype:trojan-activity; sid:100000356; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"117.194.164.246",nocase; classtype:trojan-activity; sid:100000357; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"117.196.69.145",nocase; classtype:trojan-activity; sid:100000358; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"117.196.73.184",nocase; classtype:trojan-activity; sid:100000359; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"117.20.204.138",nocase; classtype:trojan-activity; sid:100000360; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"117.20.204.5",nocase; classtype:trojan-activity; sid:100000361; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"117.20.210.52",nocase; classtype:trojan-activity; sid:100000362; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"117.20.236.14",nocase; classtype:trojan-activity; sid:100000363; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"117.20.243.40",nocase; classtype:trojan-activity; sid:100000364; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"117.20.247.150",nocase; classtype:trojan-activity; sid:100000365; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"117.200.76.54",nocase; classtype:trojan-activity; sid:100000366; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"117.213.41.194",nocase; classtype:trojan-activity; sid:100000367; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"117.222.164.197",nocase; classtype:trojan-activity; sid:100000368; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"117.222.167.74",nocase; classtype:trojan-activity; sid:100000369; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"117.222.173.3",nocase; classtype:trojan-activity; sid:100000370; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"117.241.67.39",nocase; classtype:trojan-activity; sid:100000371; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"117.63.113.146",nocase; classtype:trojan-activity; sid:100000372; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"117.63.195.140",nocase; classtype:trojan-activity; sid:100000373; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"117.63.53.15",nocase; classtype:trojan-activity; sid:100000374; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"117.86.105.110",nocase; classtype:trojan-activity; sid:100000375; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"118.176.104.35",nocase; classtype:trojan-activity; sid:100000376; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"118.176.157.64",nocase; classtype:trojan-activity; sid:100000377; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"118.176.7.132",nocase; classtype:trojan-activity; sid:100000378; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"118.223.32.74",nocase; classtype:trojan-activity; sid:100000379; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"118.223.5.149",nocase; classtype:trojan-activity; sid:100000380; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"118.223.72.141",nocase; classtype:trojan-activity; sid:100000381; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"118.232.12.130",nocase; classtype:trojan-activity; sid:100000382; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"118.232.128.147",nocase; classtype:trojan-activity; sid:100000383; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"118.232.208.215",nocase; classtype:trojan-activity; sid:100000384; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"118.232.209.108",nocase; classtype:trojan-activity; sid:100000385; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"118.232.214.72",nocase; classtype:trojan-activity; sid:100000386; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"118.232.88.146",nocase; classtype:trojan-activity; sid:100000387; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"118.232.96.150",nocase; classtype:trojan-activity; sid:100000388; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"118.232.96.6",nocase; classtype:trojan-activity; sid:100000389; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"118.233.165.213",nocase; classtype:trojan-activity; sid:100000390; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"118.233.221.162",nocase; classtype:trojan-activity; sid:100000391; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"118.233.63.194",nocase; classtype:trojan-activity; sid:100000392; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"118.233.65.93",nocase; classtype:trojan-activity; sid:100000393; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"118.42.125.246",nocase; classtype:trojan-activity; sid:100000394; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"118.43.180.33",nocase; classtype:trojan-activity; sid:100000395; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"118.79.125.92",nocase; classtype:trojan-activity; sid:100000396; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"118.79.50.203",nocase; classtype:trojan-activity; sid:100000397; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"118.79.58.82",nocase; classtype:trojan-activity; sid:100000398; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"118.83.79.43",nocase; classtype:trojan-activity; sid:100000399; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"118.99.179.164",nocase; classtype:trojan-activity; sid:100000400; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"118.99.183.235",nocase; classtype:trojan-activity; sid:100000401; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"118.99.239.217",nocase; classtype:trojan-activity; sid:100000402; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"119.102.179.235",nocase; classtype:trojan-activity; sid:100000403; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"119.108.161.25",nocase; classtype:trojan-activity; sid:100000404; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"119.112.185.232",nocase; classtype:trojan-activity; sid:100000405; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"119.14.143.145",nocase; classtype:trojan-activity; sid:100000406; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"119.147.213.57",nocase; classtype:trojan-activity; sid:100000407; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"119.163.93.191",nocase; classtype:trojan-activity; sid:100000408; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"119.164.18.235",nocase; classtype:trojan-activity; sid:100000409; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"119.164.218.229",nocase; classtype:trojan-activity; sid:100000410; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"119.165.107.93",nocase; classtype:trojan-activity; sid:100000411; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"119.165.197.106",nocase; classtype:trojan-activity; sid:100000412; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"119.165.241.222",nocase; classtype:trojan-activity; sid:100000413; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"119.165.27.77",nocase; classtype:trojan-activity; sid:100000414; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"119.165.68.145",nocase; classtype:trojan-activity; sid:100000415; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"119.166.170.241",nocase; classtype:trojan-activity; sid:100000416; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"119.166.97.6",nocase; classtype:trojan-activity; sid:100000417; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"119.167.26.33",nocase; classtype:trojan-activity; sid:100000418; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"119.177.147.38",nocase; classtype:trojan-activity; sid:100000419; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"119.178.248.123",nocase; classtype:trojan-activity; sid:100000420; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"119.179.170.212",nocase; classtype:trojan-activity; sid:100000421; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"119.179.43.1",nocase; classtype:trojan-activity; sid:100000422; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"119.179.75.8",nocase; classtype:trojan-activity; sid:100000423; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"119.18.38.144",nocase; classtype:trojan-activity; sid:100000424; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"119.180.106.217",nocase; classtype:trojan-activity; sid:100000425; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"119.180.108.227",nocase; classtype:trojan-activity; sid:100000426; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"119.180.108.79",nocase; classtype:trojan-activity; sid:100000427; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"119.180.33.161",nocase; classtype:trojan-activity; sid:100000428; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"119.181.119.21",nocase; classtype:trojan-activity; sid:100000429; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"119.181.124.203",nocase; classtype:trojan-activity; sid:100000430; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"119.182.97.232",nocase; classtype:trojan-activity; sid:100000431; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"119.183.115.103",nocase; classtype:trojan-activity; sid:100000432; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"119.184.14.112",nocase; classtype:trojan-activity; sid:100000433; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"119.184.172.199",nocase; classtype:trojan-activity; sid:100000434; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"119.187.195.161",nocase; classtype:trojan-activity; sid:100000435; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"119.187.245.61",nocase; classtype:trojan-activity; sid:100000436; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"119.189.137.195",nocase; classtype:trojan-activity; sid:100000437; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"119.189.227.244",nocase; classtype:trojan-activity; sid:100000438; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"119.191.150.85",nocase; classtype:trojan-activity; sid:100000439; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"119.191.187.206",nocase; classtype:trojan-activity; sid:100000440; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"119.191.215.221",nocase; classtype:trojan-activity; sid:100000441; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"119.191.240.20",nocase; classtype:trojan-activity; sid:100000442; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"119.191.255.236",nocase; classtype:trojan-activity; sid:100000443; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"119.204.30.144",nocase; classtype:trojan-activity; sid:100000444; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"119.250.129.231",nocase; classtype:trojan-activity; sid:100000445; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"119.251.105.221",nocase; classtype:trojan-activity; sid:100000446; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"119.251.14.251",nocase; classtype:trojan-activity; sid:100000447; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"119.56.131.155",nocase; classtype:trojan-activity; sid:100000448; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"119.56.143.46",nocase; classtype:trojan-activity; sid:100000449; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"119.56.143.71",nocase; classtype:trojan-activity; sid:100000450; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"119.56.144.75",nocase; classtype:trojan-activity; sid:100000451; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"119.56.148.115",nocase; classtype:trojan-activity; sid:100000452; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"119.56.155.57",nocase; classtype:trojan-activity; sid:100000453; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"119.56.175.41",nocase; classtype:trojan-activity; sid:100000454; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"119.56.195.90",nocase; classtype:trojan-activity; sid:100000455; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"119.56.220.170",nocase; classtype:trojan-activity; sid:100000456; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"119.99.232.62",nocase; classtype:trojan-activity; sid:100000457; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"12.132.113.2",nocase; classtype:trojan-activity; sid:100000458; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"12.15.69.83",nocase; classtype:trojan-activity; sid:100000459; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"12.178.187.6",nocase; classtype:trojan-activity; sid:100000460; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"12.178.187.7",nocase; classtype:trojan-activity; sid:100000461; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"12.178.187.8",nocase; classtype:trojan-activity; sid:100000462; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"12.178.187.9",nocase; classtype:trojan-activity; sid:100000463; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"12.207.39.227",nocase; classtype:trojan-activity; sid:100000464; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"12.25.204.189",nocase; classtype:trojan-activity; sid:100000465; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"120.0.255.173",nocase; classtype:trojan-activity; sid:100000466; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"120.12.153.54",nocase; classtype:trojan-activity; sid:100000467; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"120.142.222.22",nocase; classtype:trojan-activity; sid:100000468; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"120.150.213.110",nocase; classtype:trojan-activity; sid:100000469; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"120.151.248.134",nocase; classtype:trojan-activity; sid:100000470; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"120.193.91.180",nocase; classtype:trojan-activity; sid:100000471; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"120.193.91.183",nocase; classtype:trojan-activity; sid:100000472; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"120.193.91.185",nocase; classtype:trojan-activity; sid:100000473; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"120.193.91.186",nocase; classtype:trojan-activity; sid:100000474; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"120.193.91.193",nocase; classtype:trojan-activity; sid:100000475; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"120.193.91.201",nocase; classtype:trojan-activity; sid:100000476; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"120.193.91.204",nocase; classtype:trojan-activity; sid:100000477; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"120.193.91.208",nocase; classtype:trojan-activity; sid:100000478; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"120.193.91.212",nocase; classtype:trojan-activity; sid:100000479; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"120.193.91.215",nocase; classtype:trojan-activity; sid:100000480; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"120.193.91.233",nocase; classtype:trojan-activity; sid:100000481; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"120.209.126.206",nocase; classtype:trojan-activity; sid:100000482; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"120.209.127.187",nocase; classtype:trojan-activity; sid:100000483; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"120.209.99.127",nocase; classtype:trojan-activity; sid:100000484; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"120.210.89.79",nocase; classtype:trojan-activity; sid:100000485; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"120.43.33.202",nocase; classtype:trojan-activity; sid:100000486; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"120.50.66.60",nocase; classtype:trojan-activity; sid:100000487; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"120.50.93.115",nocase; classtype:trojan-activity; sid:100000488; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"120.6.8.11",nocase; classtype:trojan-activity; sid:100000489; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"120.7.75.99",nocase; classtype:trojan-activity; sid:100000490; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"120.85.164.128",nocase; classtype:trojan-activity; sid:100000491; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"121.100.114.164",nocase; classtype:trojan-activity; sid:100000492; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"121.100.96.8",nocase; classtype:trojan-activity; sid:100000493; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"121.121.44.222",nocase; classtype:trojan-activity; sid:100000494; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"121.123.53.25",nocase; classtype:trojan-activity; sid:100000495; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"121.127.155.220",nocase; classtype:trojan-activity; sid:100000496; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"121.141.11.56",nocase; classtype:trojan-activity; sid:100000497; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"121.15.142.137",nocase; classtype:trojan-activity; sid:100000498; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"121.159.22.144",nocase; classtype:trojan-activity; sid:100000499; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"121.170.234.142",nocase; classtype:trojan-activity; sid:100000500; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"121.185.31.2",nocase; classtype:trojan-activity; sid:100000501; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"121.190.36.8",nocase; classtype:trojan-activity; sid:100000502; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"121.20.104.26",nocase; classtype:trojan-activity; sid:100000503; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"121.225.11.163",nocase; classtype:trojan-activity; sid:100000504; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"121.23.57.130",nocase; classtype:trojan-activity; sid:100000505; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"121.231.103.95",nocase; classtype:trojan-activity; sid:100000506; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"121.237.226.202",nocase; classtype:trojan-activity; sid:100000507; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"121.24.116.173",nocase; classtype:trojan-activity; sid:100000508; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"121.254.43.215",nocase; classtype:trojan-activity; sid:100000509; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"121.254.76.17",nocase; classtype:trojan-activity; sid:100000510; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"121.88.99.236",nocase; classtype:trojan-activity; sid:100000511; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"122.100.150.204",nocase; classtype:trojan-activity; sid:100000512; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"122.159.178.39",nocase; classtype:trojan-activity; sid:100000513; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"122.160.147.53",nocase; classtype:trojan-activity; sid:100000514; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"122.176.44.34",nocase; classtype:trojan-activity; sid:100000515; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"122.188.86.225",nocase; classtype:trojan-activity; sid:100000516; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"122.199.66.28",nocase; classtype:trojan-activity; sid:100000517; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"122.199.72.23",nocase; classtype:trojan-activity; sid:100000518; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"122.199.79.27",nocase; classtype:trojan-activity; sid:100000519; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"122.199.83.86",nocase; classtype:trojan-activity; sid:100000520; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"122.202.37.85",nocase; classtype:trojan-activity; sid:100000521; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"122.254.29.37",nocase; classtype:trojan-activity; sid:100000522; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"122.254.33.214",nocase; classtype:trojan-activity; sid:100000523; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"123.0.240.58",nocase; classtype:trojan-activity; sid:100000524; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"123.110.124.244",nocase; classtype:trojan-activity; sid:100000525; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"123.110.170.237",nocase; classtype:trojan-activity; sid:100000526; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"123.110.182.187",nocase; classtype:trojan-activity; sid:100000527; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"123.110.19.248",nocase; classtype:trojan-activity; sid:100000528; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"123.110.200.98",nocase; classtype:trojan-activity; sid:100000529; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"123.110.238.188",nocase; classtype:trojan-activity; sid:100000530; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"123.129.2.28",nocase; classtype:trojan-activity; sid:100000531; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"123.129.84.36",nocase; classtype:trojan-activity; sid:100000532; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"123.130.208.52",nocase; classtype:trojan-activity; sid:100000533; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"123.130.27.19",nocase; classtype:trojan-activity; sid:100000534; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"123.130.37.182",nocase; classtype:trojan-activity; sid:100000535; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"123.131.186.250",nocase; classtype:trojan-activity; sid:100000536; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"123.132.219.147",nocase; classtype:trojan-activity; sid:100000537; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"123.133.98.135",nocase; classtype:trojan-activity; sid:100000538; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"123.134.14.130",nocase; classtype:trojan-activity; sid:100000539; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"123.134.50.186",nocase; classtype:trojan-activity; sid:100000540; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"123.14.199.130",nocase; classtype:trojan-activity; sid:100000541; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"123.154.236.114",nocase; classtype:trojan-activity; sid:100000542; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"123.159.68.119",nocase; classtype:trojan-activity; sid:100000543; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"123.159.8.100",nocase; classtype:trojan-activity; sid:100000544; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"123.183.121.60",nocase; classtype:trojan-activity; sid:100000545; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"123.191.164.92",nocase; classtype:trojan-activity; sid:100000546; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"123.192.101.163",nocase; classtype:trojan-activity; sid:100000547; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"123.192.194.233",nocase; classtype:trojan-activity; sid:100000548; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"123.193.53.237",nocase; classtype:trojan-activity; sid:100000549; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"123.194.235.37",nocase; classtype:trojan-activity; sid:100000550; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"123.194.35.146",nocase; classtype:trojan-activity; sid:100000551; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"123.194.52.79",nocase; classtype:trojan-activity; sid:100000552; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"123.194.60.238",nocase; classtype:trojan-activity; sid:100000553; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"123.195.112.240",nocase; classtype:trojan-activity; sid:100000554; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"123.195.184.191",nocase; classtype:trojan-activity; sid:100000555; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"123.195.98.141",nocase; classtype:trojan-activity; sid:100000556; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"123.212.29.154",nocase; classtype:trojan-activity; sid:100000557; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"123.213.225.130",nocase; classtype:trojan-activity; sid:100000558; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"123.233.130.162",nocase; classtype:trojan-activity; sid:100000559; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"123.233.152.249",nocase; classtype:trojan-activity; sid:100000560; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"123.234.116.110",nocase; classtype:trojan-activity; sid:100000561; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"123.234.184.57",nocase; classtype:trojan-activity; sid:100000562; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"123.240.103.89",nocase; classtype:trojan-activity; sid:100000563; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"123.240.181.57",nocase; classtype:trojan-activity; sid:100000564; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"123.240.79.61",nocase; classtype:trojan-activity; sid:100000565; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"123.241.148.58",nocase; classtype:trojan-activity; sid:100000566; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"123.241.184.124",nocase; classtype:trojan-activity; sid:100000567; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"123.28.217.23",nocase; classtype:trojan-activity; sid:100000568; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"123.4.240.195",nocase; classtype:trojan-activity; sid:100000569; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"123.4.44.113",nocase; classtype:trojan-activity; sid:100000570; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"123.4.82.143",nocase; classtype:trojan-activity; sid:100000571; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"123.5.5.242",nocase; classtype:trojan-activity; sid:100000572; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"124.129.221.150",nocase; classtype:trojan-activity; sid:100000573; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"124.129.76.230",nocase; classtype:trojan-activity; sid:100000574; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"124.130.40.31",nocase; classtype:trojan-activity; sid:100000575; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"124.131.104.82",nocase; classtype:trojan-activity; sid:100000576; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"124.131.151.135",nocase; classtype:trojan-activity; sid:100000577; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"124.131.24.185",nocase; classtype:trojan-activity; sid:100000578; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"124.131.26.243",nocase; classtype:trojan-activity; sid:100000579; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"124.131.54.33",nocase; classtype:trojan-activity; sid:100000580; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"124.132.110.150",nocase; classtype:trojan-activity; sid:100000581; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"124.135.34.49",nocase; classtype:trojan-activity; sid:100000582; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"124.153.136.175",nocase; classtype:trojan-activity; sid:100000583; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"124.153.236.6",nocase; classtype:trojan-activity; sid:100000584; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"124.160.126.238",nocase; classtype:trojan-activity; sid:100000585; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"124.163.65.64",nocase; classtype:trojan-activity; sid:100000586; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"124.163.72.102",nocase; classtype:trojan-activity; sid:100000587; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"124.165.123.7",nocase; classtype:trojan-activity; sid:100000588; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"124.187.111.160",nocase; classtype:trojan-activity; sid:100000589; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"124.199.56.198",nocase; classtype:trojan-activity; sid:100000590; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"124.230.174.233",nocase; classtype:trojan-activity; sid:100000591; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"124.254.251.54",nocase; classtype:trojan-activity; sid:100000592; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"124.5.92.20",nocase; classtype:trojan-activity; sid:100000593; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"124.6.0.4",nocase; classtype:trojan-activity; sid:100000594; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"124.67.89.28",nocase; classtype:trojan-activity; sid:100000595; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"124.7.254.85",nocase; classtype:trojan-activity; sid:100000596; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"124.80.46.73",nocase; classtype:trojan-activity; sid:100000597; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"124.93.94.207",nocase; classtype:trojan-activity; sid:100000598; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"125.128.28.161",nocase; classtype:trojan-activity; sid:100000599; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"125.142.93.34",nocase; classtype:trojan-activity; sid:100000600; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"125.191.113.212",nocase; classtype:trojan-activity; sid:100000601; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"125.38.184.83",nocase; classtype:trojan-activity; sid:100000602; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"125.40.1.235",nocase; classtype:trojan-activity; sid:100000603; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"125.43.53.9",nocase; classtype:trojan-activity; sid:100000604; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"125.44.240.218",nocase; classtype:trojan-activity; sid:100000605; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"125.46.142.96",nocase; classtype:trojan-activity; sid:100000606; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"125.47.203.162",nocase; classtype:trojan-activity; sid:100000607; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"128.116.133.92",nocase; classtype:trojan-activity; sid:100000608; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"130.255.159.133",nocase; classtype:trojan-activity; sid:100000609; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"134.195.139.4",nocase; classtype:trojan-activity; sid:100000610; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"135.148.36.127",nocase; classtype:trojan-activity; sid:100000611; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"138.99.204.224",nocase; classtype:trojan-activity; sid:100000612; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"139.159.226.180",nocase; classtype:trojan-activity; sid:100000613; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"139.170.173.198",nocase; classtype:trojan-activity; sid:100000614; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"139.216.102.151",nocase; classtype:trojan-activity; sid:100000615; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"139.227.46.137",nocase; classtype:trojan-activity; sid:100000616; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"14.102.97.204",nocase; classtype:trojan-activity; sid:100000617; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"14.136.80.242",nocase; classtype:trojan-activity; sid:100000618; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"14.138.8.51",nocase; classtype:trojan-activity; sid:100000619; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"14.160.34.50",nocase; classtype:trojan-activity; sid:100000620; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"14.189.247.118",nocase; classtype:trojan-activity; sid:100000621; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"14.37.222.190",nocase; classtype:trojan-activity; sid:100000622; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"14.45.127.110",nocase; classtype:trojan-activity; sid:100000623; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"14.46.25.17",nocase; classtype:trojan-activity; sid:100000624; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"14.46.98.241",nocase; classtype:trojan-activity; sid:100000625; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"14.55.29.2",nocase; classtype:trojan-activity; sid:100000626; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"141.105.65.94",nocase; classtype:trojan-activity; sid:100000627; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"141.98.134.32",nocase; classtype:trojan-activity; sid:100000628; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"142.11.216.5",nocase; classtype:trojan-activity; sid:100000629; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"142.177.56.127",nocase; classtype:trojan-activity; sid:100000630; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"146.71.79.230",nocase; classtype:trojan-activity; sid:100000631; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"148.69.108.177",nocase; classtype:trojan-activity; sid:100000632; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"149.20.176.179",nocase; classtype:trojan-activity; sid:100000633; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"149.255.15.134",nocase; classtype:trojan-activity; sid:100000634; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"149.255.15.184",nocase; classtype:trojan-activity; sid:100000635; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"149.255.15.99",nocase; classtype:trojan-activity; sid:100000636; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"149.3.124.194",nocase; classtype:trojan-activity; sid:100000637; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"14karatvisions.com",nocase; classtype:trojan-activity; sid:100000638; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"150.116.207.99",nocase; classtype:trojan-activity; sid:100000639; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"151.177.163.87",nocase; classtype:trojan-activity; sid:100000640; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"151.33.230.191",nocase; classtype:trojan-activity; sid:100000641; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"153.101.234.167",nocase; classtype:trojan-activity; sid:100000642; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"153.101.47.145",nocase; classtype:trojan-activity; sid:100000643; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"153.3.152.106",nocase; classtype:trojan-activity; sid:100000644; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"153.34.135.92",nocase; classtype:trojan-activity; sid:100000645; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"153.99.148.37",nocase; classtype:trojan-activity; sid:100000646; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"154.126.178.16",nocase; classtype:trojan-activity; sid:100000647; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"158.101.165.14",nocase; classtype:trojan-activity; sid:100000648; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"158.174.213.128",nocase; classtype:trojan-activity; sid:100000649; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"158.51.125.115",nocase; classtype:trojan-activity; sid:100000650; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"159.224.74.112",nocase; classtype:trojan-activity; sid:100000651; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"162.194.28.60",nocase; classtype:trojan-activity; sid:100000652; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"162.209.98.174",nocase; classtype:trojan-activity; sid:100000653; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"162.246.22.210",nocase; classtype:trojan-activity; sid:100000654; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"163.204.219.120",nocase; classtype:trojan-activity; sid:100000655; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"163.53.206.228",nocase; classtype:trojan-activity; sid:100000656; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"165.90.16.5",nocase; classtype:trojan-activity; sid:100000657; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"170.81.238.178",nocase; classtype:trojan-activity; sid:100000658; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"171.121.255.10",nocase; classtype:trojan-activity; sid:100000659; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"171.123.14.190",nocase; classtype:trojan-activity; sid:100000660; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"171.125.188.197",nocase; classtype:trojan-activity; sid:100000661; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"171.34.114.181",nocase; classtype:trojan-activity; sid:100000662; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"171.34.176.217",nocase; classtype:trojan-activity; sid:100000663; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"171.34.179.178",nocase; classtype:trojan-activity; sid:100000664; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"171.35.162.156",nocase; classtype:trojan-activity; sid:100000665; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"171.35.174.198",nocase; classtype:trojan-activity; sid:100000666; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"171.38.222.18",nocase; classtype:trojan-activity; sid:100000667; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"172.105.36.168",nocase; classtype:trojan-activity; sid:100000668; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"172.114.244.127",nocase; classtype:trojan-activity; sid:100000669; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"172.245.5.185",nocase; classtype:trojan-activity; sid:100000670; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"172.245.5.190",nocase; classtype:trojan-activity; sid:100000671; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"172.245.79.106",nocase; classtype:trojan-activity; sid:100000672; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"172.245.81.19",nocase; classtype:trojan-activity; sid:100000673; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"172.93.194.114",nocase; classtype:trojan-activity; sid:100000674; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"173.167.85.89",nocase; classtype:trojan-activity; sid:100000675; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"173.169.46.85",nocase; classtype:trojan-activity; sid:100000676; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"173.19.58.108",nocase; classtype:trojan-activity; sid:100000677; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"173.233.85.171",nocase; classtype:trojan-activity; sid:100000678; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"173.235.209.70",nocase; classtype:trojan-activity; sid:100000679; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"173.25.113.8",nocase; classtype:trojan-activity; sid:100000680; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"173.52.95.134",nocase; classtype:trojan-activity; sid:100000681; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"173.52.97.25",nocase; classtype:trojan-activity; sid:100000682; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"173.56.119.108",nocase; classtype:trojan-activity; sid:100000683; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"173.56.92.166",nocase; classtype:trojan-activity; sid:100000684; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"173.63.64.213",nocase; classtype:trojan-activity; sid:100000685; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"174.106.33.85",nocase; classtype:trojan-activity; sid:100000686; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"174.61.3.149",nocase; classtype:trojan-activity; sid:100000687; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"174.73.246.193",nocase; classtype:trojan-activity; sid:100000688; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"174.81.78.7",nocase; classtype:trojan-activity; sid:100000689; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"174.83.73.163",nocase; classtype:trojan-activity; sid:100000690; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"175.10.147.167",nocase; classtype:trojan-activity; sid:100000691; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"175.11.193.66",nocase; classtype:trojan-activity; sid:100000692; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"175.11.65.112",nocase; classtype:trojan-activity; sid:100000693; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"175.117.66.74",nocase; classtype:trojan-activity; sid:100000694; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"175.169.13.182",nocase; classtype:trojan-activity; sid:100000695; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"175.201.104.192",nocase; classtype:trojan-activity; sid:100000696; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"175.208.230.8",nocase; classtype:trojan-activity; sid:100000697; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"175.213.25.192",nocase; classtype:trojan-activity; sid:100000698; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"175.42.46.118",nocase; classtype:trojan-activity; sid:100000699; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"175.9.24.110",nocase; classtype:trojan-activity; sid:100000700; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"176.111.174.35",nocase; classtype:trojan-activity; sid:100000701; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"176.111.174.63",nocase; classtype:trojan-activity; sid:100000702; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"176.111.174.66",nocase; classtype:trojan-activity; sid:100000703; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"176.111.174.67",nocase; classtype:trojan-activity; sid:100000704; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"176.113.161.104",nocase; classtype:trojan-activity; sid:100000705; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"176.113.161.113",nocase; classtype:trojan-activity; sid:100000706; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"176.113.161.60",nocase; classtype:trojan-activity; sid:100000707; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"176.113.161.65",nocase; classtype:trojan-activity; sid:100000708; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"176.113.161.66",nocase; classtype:trojan-activity; sid:100000709; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"176.113.161.68",nocase; classtype:trojan-activity; sid:100000710; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"176.113.161.76",nocase; classtype:trojan-activity; sid:100000711; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"176.113.161.84",nocase; classtype:trojan-activity; sid:100000712; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"176.113.161.91",nocase; classtype:trojan-activity; sid:100000713; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"176.113.161.93",nocase; classtype:trojan-activity; sid:100000714; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"176.12.117.70",nocase; classtype:trojan-activity; sid:100000715; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"176.123.4.115",nocase; classtype:trojan-activity; sid:100000716; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"176.123.7.115",nocase; classtype:trojan-activity; sid:100000717; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"176.123.7.127",nocase; classtype:trojan-activity; sid:100000718; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"176.124.7.225",nocase; classtype:trojan-activity; sid:100000719; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"176.221.242.166",nocase; classtype:trojan-activity; sid:100000720; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"176.221.251.238",nocase; classtype:trojan-activity; sid:100000721; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"176.240.84.106",nocase; classtype:trojan-activity; sid:100000722; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"177.11.92.78",nocase; classtype:trojan-activity; sid:100000723; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"177.131.226.235",nocase; classtype:trojan-activity; sid:100000724; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"177.229.64.218",nocase; classtype:trojan-activity; sid:100000725; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"177.54.82.154",nocase; classtype:trojan-activity; sid:100000726; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.124.182.187",nocase; classtype:trojan-activity; sid:100000727; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.141.202.157",nocase; classtype:trojan-activity; sid:100000728; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.150.174.65",nocase; classtype:trojan-activity; sid:100000729; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.151.143.2",nocase; classtype:trojan-activity; sid:100000730; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.165.122.141",nocase; classtype:trojan-activity; sid:100000731; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.1.179",nocase; classtype:trojan-activity; sid:100000732; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.10.109",nocase; classtype:trojan-activity; sid:100000733; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.101.232",nocase; classtype:trojan-activity; sid:100000734; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.101.51",nocase; classtype:trojan-activity; sid:100000735; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.102.108",nocase; classtype:trojan-activity; sid:100000736; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.102.67",nocase; classtype:trojan-activity; sid:100000737; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.104.69",nocase; classtype:trojan-activity; sid:100000738; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.105.95",nocase; classtype:trojan-activity; sid:100000739; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.107.0",nocase; classtype:trojan-activity; sid:100000740; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.108.105",nocase; classtype:trojan-activity; sid:100000741; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.108.87",nocase; classtype:trojan-activity; sid:100000742; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.109.129",nocase; classtype:trojan-activity; sid:100000743; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.11.126",nocase; classtype:trojan-activity; sid:100000744; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.11.252",nocase; classtype:trojan-activity; sid:100000745; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.111.190",nocase; classtype:trojan-activity; sid:100000746; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.112.135",nocase; classtype:trojan-activity; sid:100000747; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.112.147",nocase; classtype:trojan-activity; sid:100000748; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.112.159",nocase; classtype:trojan-activity; sid:100000749; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.112.58",nocase; classtype:trojan-activity; sid:100000750; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.116.101",nocase; classtype:trojan-activity; sid:100000751; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.116.138",nocase; classtype:trojan-activity; sid:100000752; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.116.53",nocase; classtype:trojan-activity; sid:100000753; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.118.112",nocase; classtype:trojan-activity; sid:100000754; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.118.146",nocase; classtype:trojan-activity; sid:100000755; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.119.69",nocase; classtype:trojan-activity; sid:100000756; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.12.191",nocase; classtype:trojan-activity; sid:100000757; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.12.39",nocase; classtype:trojan-activity; sid:100000758; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.12.93",nocase; classtype:trojan-activity; sid:100000759; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.120.154",nocase; classtype:trojan-activity; sid:100000760; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.121.0",nocase; classtype:trojan-activity; sid:100000761; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.121.151",nocase; classtype:trojan-activity; sid:100000762; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.122.170",nocase; classtype:trojan-activity; sid:100000763; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.122.199",nocase; classtype:trojan-activity; sid:100000764; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.122.28",nocase; classtype:trojan-activity; sid:100000765; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.123.1",nocase; classtype:trojan-activity; sid:100000766; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.123.154",nocase; classtype:trojan-activity; sid:100000767; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.123.2",nocase; classtype:trojan-activity; sid:100000768; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.123.248",nocase; classtype:trojan-activity; sid:100000769; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.123.26",nocase; classtype:trojan-activity; sid:100000770; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.123.91",nocase; classtype:trojan-activity; sid:100000771; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.124.155",nocase; classtype:trojan-activity; sid:100000772; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.124.4",nocase; classtype:trojan-activity; sid:100000773; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.125.14",nocase; classtype:trojan-activity; sid:100000774; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.125.160",nocase; classtype:trojan-activity; sid:100000775; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.125.220",nocase; classtype:trojan-activity; sid:100000776; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.125.88",nocase; classtype:trojan-activity; sid:100000777; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.126.129",nocase; classtype:trojan-activity; sid:100000778; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.126.254",nocase; classtype:trojan-activity; sid:100000779; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.126.46",nocase; classtype:trojan-activity; sid:100000780; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.126.58",nocase; classtype:trojan-activity; sid:100000781; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.127.202",nocase; classtype:trojan-activity; sid:100000782; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.127.43",nocase; classtype:trojan-activity; sid:100000783; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.13.227",nocase; classtype:trojan-activity; sid:100000784; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.15.199",nocase; classtype:trojan-activity; sid:100000785; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.18.23",nocase; classtype:trojan-activity; sid:100000786; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.18.75",nocase; classtype:trojan-activity; sid:100000787; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.19.163",nocase; classtype:trojan-activity; sid:100000788; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.20.126",nocase; classtype:trojan-activity; sid:100000789; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.21.149",nocase; classtype:trojan-activity; sid:100000790; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.22.116",nocase; classtype:trojan-activity; sid:100000791; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.23.146",nocase; classtype:trojan-activity; sid:100000792; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.25.177",nocase; classtype:trojan-activity; sid:100000793; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.25.56",nocase; classtype:trojan-activity; sid:100000794; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.26.215",nocase; classtype:trojan-activity; sid:100000795; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.27.112",nocase; classtype:trojan-activity; sid:100000796; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.27.32",nocase; classtype:trojan-activity; sid:100000797; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.27.37",nocase; classtype:trojan-activity; sid:100000798; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.27.46",nocase; classtype:trojan-activity; sid:100000799; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.28.33",nocase; classtype:trojan-activity; sid:100000800; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.3.172",nocase; classtype:trojan-activity; sid:100000801; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.30.133",nocase; classtype:trojan-activity; sid:100000802; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.30.151",nocase; classtype:trojan-activity; sid:100000803; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.32.146",nocase; classtype:trojan-activity; sid:100000804; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.32.220",nocase; classtype:trojan-activity; sid:100000805; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.32.89",nocase; classtype:trojan-activity; sid:100000806; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.33.162",nocase; classtype:trojan-activity; sid:100000807; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.33.7",nocase; classtype:trojan-activity; sid:100000808; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.34.253",nocase; classtype:trojan-activity; sid:100000809; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.35.36",nocase; classtype:trojan-activity; sid:100000810; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.35.83",nocase; classtype:trojan-activity; sid:100000811; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.36.126",nocase; classtype:trojan-activity; sid:100000812; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.36.218",nocase; classtype:trojan-activity; sid:100000813; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.36.57",nocase; classtype:trojan-activity; sid:100000814; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.37.194",nocase; classtype:trojan-activity; sid:100000815; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.38.12",nocase; classtype:trojan-activity; sid:100000816; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.40.149",nocase; classtype:trojan-activity; sid:100000817; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.40.166",nocase; classtype:trojan-activity; sid:100000818; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.40.246",nocase; classtype:trojan-activity; sid:100000819; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.41.135",nocase; classtype:trojan-activity; sid:100000820; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.42.101",nocase; classtype:trojan-activity; sid:100000821; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.43.121",nocase; classtype:trojan-activity; sid:100000822; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.43.223",nocase; classtype:trojan-activity; sid:100000823; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.43.229",nocase; classtype:trojan-activity; sid:100000824; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.43.238",nocase; classtype:trojan-activity; sid:100000825; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.43.244",nocase; classtype:trojan-activity; sid:100000826; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.44.0",nocase; classtype:trojan-activity; sid:100000827; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.45.201",nocase; classtype:trojan-activity; sid:100000828; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.45.205",nocase; classtype:trojan-activity; sid:100000829; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.45.214",nocase; classtype:trojan-activity; sid:100000830; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.45.26",nocase; classtype:trojan-activity; sid:100000831; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.46.41",nocase; classtype:trojan-activity; sid:100000832; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.46.8",nocase; classtype:trojan-activity; sid:100000833; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.47.80",nocase; classtype:trojan-activity; sid:100000834; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.49.201",nocase; classtype:trojan-activity; sid:100000835; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.50.177",nocase; classtype:trojan-activity; sid:100000836; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.50.236",nocase; classtype:trojan-activity; sid:100000837; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.54.5",nocase; classtype:trojan-activity; sid:100000838; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.54.58",nocase; classtype:trojan-activity; sid:100000839; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.55.14",nocase; classtype:trojan-activity; sid:100000840; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.55.29",nocase; classtype:trojan-activity; sid:100000841; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.56.11",nocase; classtype:trojan-activity; sid:100000842; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.57.134",nocase; classtype:trojan-activity; sid:100000843; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.59.155",nocase; classtype:trojan-activity; sid:100000844; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.6.115",nocase; classtype:trojan-activity; sid:100000845; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.6.141",nocase; classtype:trojan-activity; sid:100000846; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.6.182",nocase; classtype:trojan-activity; sid:100000847; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.6.3",nocase; classtype:trojan-activity; sid:100000848; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.60.221",nocase; classtype:trojan-activity; sid:100000849; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.61.234",nocase; classtype:trojan-activity; sid:100000850; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.62.70",nocase; classtype:trojan-activity; sid:100000851; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.62.81",nocase; classtype:trojan-activity; sid:100000852; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.63.21",nocase; classtype:trojan-activity; sid:100000853; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.64.156",nocase; classtype:trojan-activity; sid:100000854; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.67.179",nocase; classtype:trojan-activity; sid:100000855; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.68.116",nocase; classtype:trojan-activity; sid:100000856; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.68.123",nocase; classtype:trojan-activity; sid:100000857; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.68.209",nocase; classtype:trojan-activity; sid:100000858; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.69.128",nocase; classtype:trojan-activity; sid:100000859; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.69.67",nocase; classtype:trojan-activity; sid:100000860; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.7.34",nocase; classtype:trojan-activity; sid:100000861; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.7.79",nocase; classtype:trojan-activity; sid:100000862; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.70.203",nocase; classtype:trojan-activity; sid:100000863; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.70.218",nocase; classtype:trojan-activity; sid:100000864; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.71.69",nocase; classtype:trojan-activity; sid:100000865; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.74.189",nocase; classtype:trojan-activity; sid:100000866; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.74.34",nocase; classtype:trojan-activity; sid:100000867; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.75.181",nocase; classtype:trojan-activity; sid:100000868; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.75.205",nocase; classtype:trojan-activity; sid:100000869; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.75.86",nocase; classtype:trojan-activity; sid:100000870; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.77.47",nocase; classtype:trojan-activity; sid:100000871; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.78.2",nocase; classtype:trojan-activity; sid:100000872; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.80.142",nocase; classtype:trojan-activity; sid:100000873; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.80.89",nocase; classtype:trojan-activity; sid:100000874; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.81.31",nocase; classtype:trojan-activity; sid:100000875; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.82.174",nocase; classtype:trojan-activity; sid:100000876; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.82.21",nocase; classtype:trojan-activity; sid:100000877; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.83.247",nocase; classtype:trojan-activity; sid:100000878; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.83.4",nocase; classtype:trojan-activity; sid:100000879; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.84.2",nocase; classtype:trojan-activity; sid:100000880; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.84.215",nocase; classtype:trojan-activity; sid:100000881; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.86.182",nocase; classtype:trojan-activity; sid:100000882; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.86.47",nocase; classtype:trojan-activity; sid:100000883; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.86.59",nocase; classtype:trojan-activity; sid:100000884; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.87.146",nocase; classtype:trojan-activity; sid:100000885; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.87.42",nocase; classtype:trojan-activity; sid:100000886; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.88.238",nocase; classtype:trojan-activity; sid:100000887; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.89.121",nocase; classtype:trojan-activity; sid:100000888; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.89.217",nocase; classtype:trojan-activity; sid:100000889; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.9.179",nocase; classtype:trojan-activity; sid:100000890; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.9.4",nocase; classtype:trojan-activity; sid:100000891; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.92.1",nocase; classtype:trojan-activity; sid:100000892; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.92.33",nocase; classtype:trojan-activity; sid:100000893; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.93.113",nocase; classtype:trojan-activity; sid:100000894; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.93.234",nocase; classtype:trojan-activity; sid:100000895; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.93.98",nocase; classtype:trojan-activity; sid:100000896; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.94.27",nocase; classtype:trojan-activity; sid:100000897; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.94.32",nocase; classtype:trojan-activity; sid:100000898; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.94.40",nocase; classtype:trojan-activity; sid:100000899; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.95.120",nocase; classtype:trojan-activity; sid:100000900; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.95.139",nocase; classtype:trojan-activity; sid:100000901; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.96.251",nocase; classtype:trojan-activity; sid:100000902; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.99.120",nocase; classtype:trojan-activity; sid:100000903; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.175.99.130",nocase; classtype:trojan-activity; sid:100000904; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.19.183.14",nocase; classtype:trojan-activity; sid:100000905; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.205.101.33",nocase; classtype:trojan-activity; sid:100000906; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.21.164.68",nocase; classtype:trojan-activity; sid:100000907; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.217.8.194",nocase; classtype:trojan-activity; sid:100000908; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.22.117.102",nocase; classtype:trojan-activity; sid:100000909; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.222.252.130",nocase; classtype:trojan-activity; sid:100000910; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.34.183.30",nocase; classtype:trojan-activity; sid:100000911; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.48.235.59",nocase; classtype:trojan-activity; sid:100000912; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"178.95.136.35",nocase; classtype:trojan-activity; sid:100000913; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"179.159.58.134",nocase; classtype:trojan-activity; sid:100000914; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"179.43.157.168",nocase; classtype:trojan-activity; sid:100000915; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"179.60.84.7",nocase; classtype:trojan-activity; sid:100000916; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"179.99.210.161",nocase; classtype:trojan-activity; sid:100000917; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"180.114.60.229",nocase; classtype:trojan-activity; sid:100000918; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"180.122.13.227",nocase; classtype:trojan-activity; sid:100000919; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"180.123.208.250",nocase; classtype:trojan-activity; sid:100000920; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"180.125.44.194",nocase; classtype:trojan-activity; sid:100000921; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"180.157.66.204",nocase; classtype:trojan-activity; sid:100000922; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"180.175.236.209",nocase; classtype:trojan-activity; sid:100000923; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"180.176.105.41",nocase; classtype:trojan-activity; sid:100000924; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"180.176.110.243",nocase; classtype:trojan-activity; sid:100000925; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"180.176.165.230",nocase; classtype:trojan-activity; sid:100000926; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"180.176.214.171",nocase; classtype:trojan-activity; sid:100000927; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"180.176.34.51",nocase; classtype:trojan-activity; sid:100000928; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"180.176.96.248",nocase; classtype:trojan-activity; sid:100000929; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"180.177.104.65",nocase; classtype:trojan-activity; sid:100000930; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"180.177.180.6",nocase; classtype:trojan-activity; sid:100000931; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"180.177.242.73",nocase; classtype:trojan-activity; sid:100000932; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"180.218.5.171",nocase; classtype:trojan-activity; sid:100000933; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"180.248.80.38",nocase; classtype:trojan-activity; sid:100000934; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"180.66.111.36",nocase; classtype:trojan-activity; sid:100000935; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"180.66.53.93",nocase; classtype:trojan-activity; sid:100000936; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"180.94.170.166",nocase; classtype:trojan-activity; sid:100000937; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"181.112.138.154",nocase; classtype:trojan-activity; sid:100000938; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"181.112.218.238",nocase; classtype:trojan-activity; sid:100000939; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"181.112.218.6",nocase; classtype:trojan-activity; sid:100000940; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"181.143.60.163",nocase; classtype:trojan-activity; sid:100000941; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"181.193.107.10",nocase; classtype:trojan-activity; sid:100000942; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"181.199.170.222",nocase; classtype:trojan-activity; sid:100000943; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"181.199.170.230",nocase; classtype:trojan-activity; sid:100000944; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"181.210.45.42",nocase; classtype:trojan-activity; sid:100000945; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"181.215.47.82",nocase; classtype:trojan-activity; sid:100000946; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"181.224.242.131",nocase; classtype:trojan-activity; sid:100000947; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"181.49.236.4",nocase; classtype:trojan-activity; sid:100000948; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"181.49.59.162",nocase; classtype:trojan-activity; sid:100000949; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"182.115.203.216",nocase; classtype:trojan-activity; sid:100000950; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"182.116.60.73",nocase; classtype:trojan-activity; sid:100000951; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"182.116.61.252",nocase; classtype:trojan-activity; sid:100000952; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"182.119.164.128",nocase; classtype:trojan-activity; sid:100000953; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"182.120.16.22",nocase; classtype:trojan-activity; sid:100000954; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"182.120.16.46",nocase; classtype:trojan-activity; sid:100000955; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"182.121.193.100",nocase; classtype:trojan-activity; sid:100000956; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"182.160.98.250",nocase; classtype:trojan-activity; sid:100000957; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"182.233.0.252",nocase; classtype:trojan-activity; sid:100000958; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"182.235.252.31",nocase; classtype:trojan-activity; sid:100000959; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"182.53.197.62",nocase; classtype:trojan-activity; sid:100000960; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"183.105.104.83",nocase; classtype:trojan-activity; sid:100000961; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"183.105.225.154",nocase; classtype:trojan-activity; sid:100000962; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"183.109.169.45",nocase; classtype:trojan-activity; sid:100000963; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"183.188.50.93",nocase; classtype:trojan-activity; sid:100000964; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"183.83.29.191",nocase; classtype:trojan-activity; sid:100000965; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"183.92.207.147",nocase; classtype:trojan-activity; sid:100000966; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"184.164.185.41",nocase; classtype:trojan-activity; sid:100000967; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"184.175.115.10",nocase; classtype:trojan-activity; sid:100000968; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"184.74.149.230",nocase; classtype:trojan-activity; sid:100000969; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"185.106.209.68",nocase; classtype:trojan-activity; sid:100000970; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"185.107.3.8",nocase; classtype:trojan-activity; sid:100000971; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"185.117.2.107",nocase; classtype:trojan-activity; sid:100000972; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"185.172.110.235",nocase; classtype:trojan-activity; sid:100000973; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"185.174.101.41",nocase; classtype:trojan-activity; sid:100000974; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"185.181.10.234",nocase; classtype:trojan-activity; sid:100000975; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"185.215.113.112",nocase; classtype:trojan-activity; sid:100000976; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"185.215.113.54",nocase; classtype:trojan-activity; sid:100000977; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"185.215.113.77",nocase; classtype:trojan-activity; sid:100000978; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"185.215.113.93",nocase; classtype:trojan-activity; sid:100000979; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"185.221.3.244",nocase; classtype:trojan-activity; sid:100000980; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"185.222.58.152",nocase; classtype:trojan-activity; sid:100000981; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"185.228.141.74",nocase; classtype:trojan-activity; sid:100000982; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"185.233.186.151",nocase; classtype:trojan-activity; sid:100000983; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"185.245.96.94",nocase; classtype:trojan-activity; sid:100000984; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"185.26.113.95",nocase; classtype:trojan-activity; sid:100000985; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"185.34.16.231",nocase; classtype:trojan-activity; sid:100000986; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"185.38.142.236",nocase; classtype:trojan-activity; sid:100000987; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"185.43.19.151",nocase; classtype:trojan-activity; sid:100000988; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"185.55.1.182",nocase; classtype:trojan-activity; sid:100000989; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"185.68.230.207",nocase; classtype:trojan-activity; sid:100000990; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"185.81.157.186",nocase; classtype:trojan-activity; sid:100000991; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"185.82.217.185",nocase; classtype:trojan-activity; sid:100000992; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"185.82.217.213",nocase; classtype:trojan-activity; sid:100000993; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"185.82.219.160",nocase; classtype:trojan-activity; sid:100000994; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"185.82.219.161",nocase; classtype:trojan-activity; sid:100000995; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"185.82.219.219",nocase; classtype:trojan-activity; sid:100000996; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"185.82.219.80",nocase; classtype:trojan-activity; sid:100000997; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"186.151.144.85",nocase; classtype:trojan-activity; sid:100000998; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"186.179.219.164",nocase; classtype:trojan-activity; sid:100000999; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"186.179.243.112",nocase; classtype:trojan-activity; sid:100001000; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"186.179.243.77",nocase; classtype:trojan-activity; sid:100001001; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"186.179.243.91",nocase; classtype:trojan-activity; sid:100001002; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"186.179.253.150",nocase; classtype:trojan-activity; sid:100001003; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"186.225.120.173",nocase; classtype:trojan-activity; sid:100001004; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"186.232.44.86",nocase; classtype:trojan-activity; sid:100001005; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"186.28.60.184",nocase; classtype:trojan-activity; sid:100001006; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"186.34.4.40",nocase; classtype:trojan-activity; sid:100001007; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"186.73.188.132",nocase; classtype:trojan-activity; sid:100001008; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"187.188.124.229",nocase; classtype:trojan-activity; sid:100001009; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"187.212.200.162",nocase; classtype:trojan-activity; sid:100001010; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"188.10.21.14",nocase; classtype:trojan-activity; sid:100001011; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"188.10.231.246",nocase; classtype:trojan-activity; sid:100001012; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"188.13.179.87",nocase; classtype:trojan-activity; sid:100001013; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"188.138.200.32",nocase; classtype:trojan-activity; sid:100001014; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"188.143.220.152",nocase; classtype:trojan-activity; sid:100001015; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"188.152.41.141",nocase; classtype:trojan-activity; sid:100001016; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"188.169.167.249",nocase; classtype:trojan-activity; sid:100001017; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"188.169.178.50",nocase; classtype:trojan-activity; sid:100001018; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"188.169.179.127",nocase; classtype:trojan-activity; sid:100001019; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"188.169.179.151",nocase; classtype:trojan-activity; sid:100001020; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"188.169.30.11",nocase; classtype:trojan-activity; sid:100001021; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"188.169.30.30",nocase; classtype:trojan-activity; sid:100001022; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"188.169.36.163",nocase; classtype:trojan-activity; sid:100001023; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"188.242.242.144",nocase; classtype:trojan-activity; sid:100001024; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"188.81.100.83",nocase; classtype:trojan-activity; sid:100001025; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"188.83.202.25",nocase; classtype:trojan-activity; sid:100001026; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"189.222.157.241",nocase; classtype:trojan-activity; sid:100001027; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"190.0.42.106",nocase; classtype:trojan-activity; sid:100001028; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"190.109.178.139",nocase; classtype:trojan-activity; sid:100001029; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"190.110.161.252",nocase; classtype:trojan-activity; sid:100001030; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"190.111.151.164",nocase; classtype:trojan-activity; sid:100001031; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"190.119.207.58",nocase; classtype:trojan-activity; sid:100001032; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"190.12.99.194",nocase; classtype:trojan-activity; sid:100001033; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"190.122.112.160",nocase; classtype:trojan-activity; sid:100001034; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"190.122.112.3",nocase; classtype:trojan-activity; sid:100001035; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"190.122.112.37",nocase; classtype:trojan-activity; sid:100001036; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"190.122.112.41",nocase; classtype:trojan-activity; sid:100001037; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"190.122.112.42",nocase; classtype:trojan-activity; sid:100001038; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"190.130.15.212",nocase; classtype:trojan-activity; sid:100001039; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"190.130.20.14",nocase; classtype:trojan-activity; sid:100001040; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"190.147.16.184",nocase; classtype:trojan-activity; sid:100001041; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"190.159.240.9",nocase; classtype:trojan-activity; sid:100001042; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"190.187.55.150",nocase; classtype:trojan-activity; sid:100001043; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"190.210.214.130",nocase; classtype:trojan-activity; sid:100001044; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"190.213.177.39",nocase; classtype:trojan-activity; sid:100001045; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"190.213.226.63",nocase; classtype:trojan-activity; sid:100001046; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"190.213.49.207",nocase; classtype:trojan-activity; sid:100001047; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"190.214.24.194",nocase; classtype:trojan-activity; sid:100001048; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"190.216.140.123",nocase; classtype:trojan-activity; sid:100001049; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"190.65.206.162",nocase; classtype:trojan-activity; sid:100001050; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"190.73.12.149",nocase; classtype:trojan-activity; sid:100001051; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"190.92.4.231",nocase; classtype:trojan-activity; sid:100001052; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"190.98.37.135",nocase; classtype:trojan-activity; sid:100001053; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"190.98.37.200",nocase; classtype:trojan-activity; sid:100001054; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"190.98.41.33",nocase; classtype:trojan-activity; sid:100001055; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"191.254.225.48",nocase; classtype:trojan-activity; sid:100001056; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"191.255.248.220",nocase; classtype:trojan-activity; sid:100001057; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"192.153.57.94",nocase; classtype:trojan-activity; sid:100001058; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"192.210.175.130",nocase; classtype:trojan-activity; sid:100001059; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"192.227.185.106",nocase; classtype:trojan-activity; sid:100001060; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"192.227.209.27",nocase; classtype:trojan-activity; sid:100001061; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"192.227.220.55",nocase; classtype:trojan-activity; sid:100001062; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"192.227.228.67",nocase; classtype:trojan-activity; sid:100001063; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"192.227.230.72",nocase; classtype:trojan-activity; sid:100001064; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"192.227.230.74",nocase; classtype:trojan-activity; sid:100001065; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"192.227.230.76",nocase; classtype:trojan-activity; sid:100001066; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"192.3.152.166",nocase; classtype:trojan-activity; sid:100001067; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"192.3.73.205",nocase; classtype:trojan-activity; sid:100001068; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"192.99.240.77",nocase; classtype:trojan-activity; sid:100001069; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"193.142.146.25",nocase; classtype:trojan-activity; sid:100001070; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"193.228.135.144",nocase; classtype:trojan-activity; sid:100001071; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"194.113.107.243",nocase; classtype:trojan-activity; sid:100001072; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"194.147.142.230",nocase; classtype:trojan-activity; sid:100001073; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"194.15.36.167",nocase; classtype:trojan-activity; sid:100001074; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"194.152.35.139",nocase; classtype:trojan-activity; sid:100001075; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"194.38.20.199",nocase; classtype:trojan-activity; sid:100001076; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"195.139.126.51",nocase; classtype:trojan-activity; sid:100001077; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"195.162.70.104",nocase; classtype:trojan-activity; sid:100001078; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"195.228.231.218",nocase; classtype:trojan-activity; sid:100001079; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"195.24.94.187",nocase; classtype:trojan-activity; sid:100001080; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"195.58.39.180",nocase; classtype:trojan-activity; sid:100001081; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"196.202.26.182",nocase; classtype:trojan-activity; sid:100001082; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"196.218.48.82",nocase; classtype:trojan-activity; sid:100001083; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"196.221.148.90",nocase; classtype:trojan-activity; sid:100001084; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"196.221.166.203",nocase; classtype:trojan-activity; sid:100001085; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"197.50.27.115",nocase; classtype:trojan-activity; sid:100001086; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"198.23.133.218",nocase; classtype:trojan-activity; sid:100001087; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"198.23.174.104",nocase; classtype:trojan-activity; sid:100001088; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"198.23.207.121",nocase; classtype:trojan-activity; sid:100001089; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"198.23.213.57",nocase; classtype:trojan-activity; sid:100001090; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"198.23.251.105",nocase; classtype:trojan-activity; sid:100001091; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"198.23.251.121",nocase; classtype:trojan-activity; sid:100001092; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"198.46.132.132",nocase; classtype:trojan-activity; sid:100001093; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"198.46.201.76",nocase; classtype:trojan-activity; sid:100001094; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"199.188.101.109",nocase; classtype:trojan-activity; sid:100001095; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"1am.co.nz",nocase; classtype:trojan-activity; sid:100001096; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"2.229.89.119",nocase; classtype:trojan-activity; sid:100001097; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"2.239.22.188",nocase; classtype:trojan-activity; sid:100001098; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"2.37.149.230",nocase; classtype:trojan-activity; sid:100001099; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"2.37.203.65",nocase; classtype:trojan-activity; sid:100001100; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"2.45.111.158",nocase; classtype:trojan-activity; sid:100001101; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"2.45.4.24",nocase; classtype:trojan-activity; sid:100001102; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"2.55.125.182",nocase; classtype:trojan-activity; sid:100001103; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"2.55.92.184",nocase; classtype:trojan-activity; sid:100001104; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"2.56.8.80",nocase; classtype:trojan-activity; sid:100001105; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"2.83.152.16",nocase; classtype:trojan-activity; sid:100001106; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"20.185.42.197",nocase; classtype:trojan-activity; sid:100001107; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"200.105.167.98",nocase; classtype:trojan-activity; sid:100001108; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"200.194.4.24",nocase; classtype:trojan-activity; sid:100001109; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"200.2.161.171",nocase; classtype:trojan-activity; sid:100001110; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"200.30.132.50",nocase; classtype:trojan-activity; sid:100001111; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"201.142.147.89",nocase; classtype:trojan-activity; sid:100001112; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"201.170.46.2",nocase; classtype:trojan-activity; sid:100001113; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"201.184.163.170",nocase; classtype:trojan-activity; sid:100001114; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"201.187.102.73",nocase; classtype:trojan-activity; sid:100001115; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"201.200.254.86",nocase; classtype:trojan-activity; sid:100001116; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"201.203.221.20",nocase; classtype:trojan-activity; sid:100001117; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"201.203.27.37",nocase; classtype:trojan-activity; sid:100001118; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"202.107.233.41",nocase; classtype:trojan-activity; sid:100001119; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"202.150.176.100",nocase; classtype:trojan-activity; sid:100001120; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"202.166.217.54",nocase; classtype:trojan-activity; sid:100001121; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"202.175.103.10",nocase; classtype:trojan-activity; sid:100001122; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"202.29.95.12",nocase; classtype:trojan-activity; sid:100001123; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"202.4.124.58",nocase; classtype:trojan-activity; sid:100001124; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"202.51.176.114",nocase; classtype:trojan-activity; sid:100001125; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"202.51.191.174",nocase; classtype:trojan-activity; sid:100001126; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"202.74.236.9",nocase; classtype:trojan-activity; sid:100001127; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"203.109.201.243",nocase; classtype:trojan-activity; sid:100001128; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"203.159.80.129",nocase; classtype:trojan-activity; sid:100001129; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"203.159.80.164",nocase; classtype:trojan-activity; sid:100001130; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"203.159.80.228",nocase; classtype:trojan-activity; sid:100001131; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"203.170.123.78",nocase; classtype:trojan-activity; sid:100001132; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"203.189.156.107",nocase; classtype:trojan-activity; sid:100001133; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"203.204.232.18",nocase; classtype:trojan-activity; sid:100001134; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"203.229.21.56",nocase; classtype:trojan-activity; sid:100001135; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"203.236.190.28",nocase; classtype:trojan-activity; sid:100001136; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"203.238.86.202",nocase; classtype:trojan-activity; sid:100001137; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"203.70.166.107",nocase; classtype:trojan-activity; sid:100001138; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"203.77.80.159",nocase; classtype:trojan-activity; sid:100001139; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"203.80.119.166",nocase; classtype:trojan-activity; sid:100001140; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"203.80.171.138",nocase; classtype:trojan-activity; sid:100001141; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"203.82.36.34",nocase; classtype:trojan-activity; sid:100001142; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"203.93.6.28",nocase; classtype:trojan-activity; sid:100001143; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"204.195.116.171",nocase; classtype:trojan-activity; sid:100001144; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"206.248.137.132",nocase; classtype:trojan-activity; sid:100001145; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"206.47.41.166",nocase; classtype:trojan-activity; sid:100001146; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"207.180.228.101",nocase; classtype:trojan-activity; sid:100001147; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"208.163.58.18",nocase; classtype:trojan-activity; sid:100001148; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"208.75.27.157",nocase; classtype:trojan-activity; sid:100001149; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"209.141.40.190",nocase; classtype:trojan-activity; sid:100001150; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"210.124.149.19",nocase; classtype:trojan-activity; sid:100001151; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"210.180.17.140",nocase; classtype:trojan-activity; sid:100001152; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"210.216.152.122",nocase; classtype:trojan-activity; sid:100001153; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"210.216.153.142",nocase; classtype:trojan-activity; sid:100001154; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"210.57.237.70",nocase; classtype:trojan-activity; sid:100001155; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"210.57.245.109",nocase; classtype:trojan-activity; sid:100001156; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"210.68.242.114",nocase; classtype:trojan-activity; sid:100001157; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"211.116.220.37",nocase; classtype:trojan-activity; sid:100001158; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"211.187.132.204",nocase; classtype:trojan-activity; sid:100001159; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"211.187.75.220",nocase; classtype:trojan-activity; sid:100001160; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"211.203.111.207",nocase; classtype:trojan-activity; sid:100001161; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"211.204.215.157",nocase; classtype:trojan-activity; sid:100001162; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"211.210.66.179",nocase; classtype:trojan-activity; sid:100001163; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"211.210.93.93",nocase; classtype:trojan-activity; sid:100001164; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"211.216.66.105",nocase; classtype:trojan-activity; sid:100001165; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"211.237.114.96",nocase; classtype:trojan-activity; sid:100001166; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"211.237.120.13",nocase; classtype:trojan-activity; sid:100001167; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"211.237.246.137",nocase; classtype:trojan-activity; sid:100001168; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"211.238.83.238",nocase; classtype:trojan-activity; sid:100001169; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"211.247.5.96",nocase; classtype:trojan-activity; sid:100001170; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"211.32.122.110",nocase; classtype:trojan-activity; sid:100001171; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"211.93.191.153",nocase; classtype:trojan-activity; sid:100001172; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"212.122.86.105",nocase; classtype:trojan-activity; sid:100001173; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"212.143.227.22",nocase; classtype:trojan-activity; sid:100001174; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"212.46.197.114",nocase; classtype:trojan-activity; sid:100001175; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"212.56.197.230",nocase; classtype:trojan-activity; sid:100001176; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"213.123.206.197",nocase; classtype:trojan-activity; sid:100001177; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"213.135.178.253",nocase; classtype:trojan-activity; sid:100001178; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"213.14.173.117",nocase; classtype:trojan-activity; sid:100001179; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"213.149.182.113",nocase; classtype:trojan-activity; sid:100001180; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"213.149.190.193",nocase; classtype:trojan-activity; sid:100001181; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"213.163.104.99",nocase; classtype:trojan-activity; sid:100001182; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"213.163.113.135",nocase; classtype:trojan-activity; sid:100001183; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"213.163.113.20",nocase; classtype:trojan-activity; sid:100001184; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"213.163.113.237",nocase; classtype:trojan-activity; sid:100001185; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"213.163.113.6",nocase; classtype:trojan-activity; sid:100001186; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"213.163.114.165",nocase; classtype:trojan-activity; sid:100001187; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"213.163.117.151",nocase; classtype:trojan-activity; sid:100001188; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"213.163.118.238",nocase; classtype:trojan-activity; sid:100001189; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"213.163.119.236",nocase; classtype:trojan-activity; sid:100001190; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"213.163.126.7",nocase; classtype:trojan-activity; sid:100001191; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"213.189.178.163",nocase; classtype:trojan-activity; sid:100001192; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"213.240.218.15",nocase; classtype:trojan-activity; sid:100001193; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"213.249.156.189",nocase; classtype:trojan-activity; sid:100001194; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"213.27.8.6",nocase; classtype:trojan-activity; sid:100001195; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"213.92.254.52",nocase; classtype:trojan-activity; sid:100001196; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"213.92.255.36",nocase; classtype:trojan-activity; sid:100001197; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"213.92.255.84",nocase; classtype:trojan-activity; sid:100001198; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"216.158.238.236",nocase; classtype:trojan-activity; sid:100001199; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"216.170.240.98",nocase; classtype:trojan-activity; sid:100001200; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"216.183.54.169",nocase; classtype:trojan-activity; sid:100001201; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"216.36.12.98",nocase; classtype:trojan-activity; sid:100001202; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"217.11.75.162",nocase; classtype:trojan-activity; sid:100001203; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"217.127.133.214",nocase; classtype:trojan-activity; sid:100001204; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"218.12.181.110",nocase; classtype:trojan-activity; sid:100001205; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"218.2.40.34",nocase; classtype:trojan-activity; sid:100001206; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"218.234.165.18",nocase; classtype:trojan-activity; sid:100001207; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"218.238.246.3",nocase; classtype:trojan-activity; sid:100001208; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"218.35.207.119",nocase; classtype:trojan-activity; sid:100001209; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"218.35.227.133",nocase; classtype:trojan-activity; sid:100001210; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"218.35.68.35",nocase; classtype:trojan-activity; sid:100001211; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"218.35.81.81",nocase; classtype:trojan-activity; sid:100001212; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"218.56.93.129",nocase; classtype:trojan-activity; sid:100001213; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"218.59.116.203",nocase; classtype:trojan-activity; sid:100001214; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"218.79.103.159",nocase; classtype:trojan-activity; sid:100001215; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"218.93.102.63",nocase; classtype:trojan-activity; sid:100001216; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"218.93.102.75",nocase; classtype:trojan-activity; sid:100001217; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"219.154.232.16",nocase; classtype:trojan-activity; sid:100001218; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"219.155.29.165",nocase; classtype:trojan-activity; sid:100001219; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"219.157.139.165",nocase; classtype:trojan-activity; sid:100001220; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"219.157.150.91",nocase; classtype:trojan-activity; sid:100001221; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"219.157.202.92",nocase; classtype:trojan-activity; sid:100001222; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"219.157.214.235",nocase; classtype:trojan-activity; sid:100001223; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"219.157.237.144",nocase; classtype:trojan-activity; sid:100001224; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"219.241.6.180",nocase; classtype:trojan-activity; sid:100001225; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"219.68.1.148",nocase; classtype:trojan-activity; sid:100001226; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"219.68.1.84",nocase; classtype:trojan-activity; sid:100001227; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"219.68.163.7",nocase; classtype:trojan-activity; sid:100001228; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"219.68.171.144",nocase; classtype:trojan-activity; sid:100001229; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"219.68.245.63",nocase; classtype:trojan-activity; sid:100001230; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"219.68.5.140",nocase; classtype:trojan-activity; sid:100001231; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"219.69.71.186",nocase; classtype:trojan-activity; sid:100001232; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"219.70.238.66",nocase; classtype:trojan-activity; sid:100001233; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"219.80.217.209",nocase; classtype:trojan-activity; sid:100001234; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"219.84.106.91",nocase; classtype:trojan-activity; sid:100001235; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"219.85.145.194",nocase; classtype:trojan-activity; sid:100001236; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"21robo.com",nocase; classtype:trojan-activity; sid:100001237; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"220.118.168.155",nocase; classtype:trojan-activity; sid:100001238; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"220.126.237.74",nocase; classtype:trojan-activity; sid:100001239; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"220.200.22.163",nocase; classtype:trojan-activity; sid:100001240; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"220.71.239.115",nocase; classtype:trojan-activity; sid:100001241; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"220.90.159.188",nocase; classtype:trojan-activity; sid:100001242; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"221.0.133.84",nocase; classtype:trojan-activity; sid:100001243; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"221.124.78.15",nocase; classtype:trojan-activity; sid:100001244; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"221.15.91.27",nocase; classtype:trojan-activity; sid:100001245; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"221.157.191.178",nocase; classtype:trojan-activity; sid:100001246; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"221.202.232.230",nocase; classtype:trojan-activity; sid:100001247; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"221.214.130.147",nocase; classtype:trojan-activity; sid:100001248; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"221.214.251.109",nocase; classtype:trojan-activity; sid:100001249; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"221.215.116.167",nocase; classtype:trojan-activity; sid:100001250; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"221.215.172.207",nocase; classtype:trojan-activity; sid:100001251; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"221.215.184.31",nocase; classtype:trojan-activity; sid:100001252; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"221.215.252.64",nocase; classtype:trojan-activity; sid:100001253; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"221.215.8.64",nocase; classtype:trojan-activity; sid:100001254; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"221.235.137.36",nocase; classtype:trojan-activity; sid:100001255; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"221.3.112.125",nocase; classtype:trojan-activity; sid:100001256; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"221.3.43.223",nocase; classtype:trojan-activity; sid:100001257; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"221.3.68.16",nocase; classtype:trojan-activity; sid:100001258; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"222.108.17.64",nocase; classtype:trojan-activity; sid:100001259; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"222.118.248.149",nocase; classtype:trojan-activity; sid:100001260; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"222.119.65.145",nocase; classtype:trojan-activity; sid:100001261; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"222.132.125.138",nocase; classtype:trojan-activity; sid:100001262; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"222.133.103.120",nocase; classtype:trojan-activity; sid:100001263; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"222.135.9.5",nocase; classtype:trojan-activity; sid:100001264; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"222.137.148.130",nocase; classtype:trojan-activity; sid:100001265; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"222.139.222.153",nocase; classtype:trojan-activity; sid:100001266; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"222.140.17.245",nocase; classtype:trojan-activity; sid:100001267; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"222.179.215.189",nocase; classtype:trojan-activity; sid:100001268; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"222.185.116.233",nocase; classtype:trojan-activity; sid:100001269; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"222.187.9.178",nocase; classtype:trojan-activity; sid:100001270; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"222.211.72.66",nocase; classtype:trojan-activity; sid:100001271; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"222.236.85.220",nocase; classtype:trojan-activity; sid:100001272; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"222.238.230.7",nocase; classtype:trojan-activity; sid:100001273; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"222.239.83.232",nocase; classtype:trojan-activity; sid:100001274; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"222.248.64.253",nocase; classtype:trojan-activity; sid:100001275; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"222.92.9.126",nocase; classtype:trojan-activity; sid:100001276; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"222.95.190.20",nocase; classtype:trojan-activity; sid:100001277; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"222.99.171.192",nocase; classtype:trojan-activity; sid:100001278; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"223.131.201.82",nocase; classtype:trojan-activity; sid:100001279; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"223.166.117.210",nocase; classtype:trojan-activity; sid:100001280; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"223.167.118.17",nocase; classtype:trojan-activity; sid:100001281; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"223.212.225.68",nocase; classtype:trojan-activity; sid:100001282; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"223.212.234.84",nocase; classtype:trojan-activity; sid:100001283; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"223.212.5.29",nocase; classtype:trojan-activity; sid:100001284; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"223.212.73.175",nocase; classtype:trojan-activity; sid:100001285; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"23.115.118.232",nocase; classtype:trojan-activity; sid:100001286; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"23.125.186.135",nocase; classtype:trojan-activity; sid:100001287; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"23.126.120.25",nocase; classtype:trojan-activity; sid:100001288; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"23.228.143.58",nocase; classtype:trojan-activity; sid:100001289; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"23.24.213.121",nocase; classtype:trojan-activity; sid:100001290; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"23.243.149.13",nocase; classtype:trojan-activity; sid:100001291; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"23.243.21.167",nocase; classtype:trojan-activity; sid:100001292; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"23.95.89.21",nocase; classtype:trojan-activity; sid:100001293; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"24.103.74.180",nocase; classtype:trojan-activity; sid:100001294; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"24.11.141.134",nocase; classtype:trojan-activity; sid:100001295; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"24.119.158.74",nocase; classtype:trojan-activity; sid:100001296; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"24.137.147.95",nocase; classtype:trojan-activity; sid:100001297; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"24.137.233.132",nocase; classtype:trojan-activity; sid:100001298; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"24.152.235.88",nocase; classtype:trojan-activity; sid:100001299; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"24.158.25.98",nocase; classtype:trojan-activity; sid:100001300; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"24.176.206.12",nocase; classtype:trojan-activity; sid:100001301; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"24.184.1.41",nocase; classtype:trojan-activity; sid:100001302; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"24.192.191.109",nocase; classtype:trojan-activity; sid:100001303; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"24.225.114.161",nocase; classtype:trojan-activity; sid:100001304; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"24.227.190.78",nocase; classtype:trojan-activity; sid:100001305; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"24.35.245.52",nocase; classtype:trojan-activity; sid:100001306; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"24.39.181.18",nocase; classtype:trojan-activity; sid:100001307; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"24.39.34.242",nocase; classtype:trojan-activity; sid:100001308; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"24.42.229.143",nocase; classtype:trojan-activity; sid:100001309; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"24.45.4.1",nocase; classtype:trojan-activity; sid:100001310; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"24.51.91.113",nocase; classtype:trojan-activity; sid:100001311; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"24.53.163.10",nocase; classtype:trojan-activity; sid:100001312; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"24.53.163.9",nocase; classtype:trojan-activity; sid:100001313; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"24.89.140.190",nocase; classtype:trojan-activity; sid:100001314; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"27.1.245.16",nocase; classtype:trojan-activity; sid:100001315; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"27.1.245.7",nocase; classtype:trojan-activity; sid:100001316; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"27.105.106.201",nocase; classtype:trojan-activity; sid:100001317; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"27.105.152.107",nocase; classtype:trojan-activity; sid:100001318; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"27.116.84.57",nocase; classtype:trojan-activity; sid:100001319; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"27.14.211.219",nocase; classtype:trojan-activity; sid:100001320; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"27.14.81.201",nocase; classtype:trojan-activity; sid:100001321; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"27.141.218.17",nocase; classtype:trojan-activity; sid:100001322; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"27.147.29.52",nocase; classtype:trojan-activity; sid:100001323; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"27.147.40.128",nocase; classtype:trojan-activity; sid:100001324; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"27.184.251.135",nocase; classtype:trojan-activity; sid:100001325; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"27.193.217.210",nocase; classtype:trojan-activity; sid:100001326; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"27.194.149.142",nocase; classtype:trojan-activity; sid:100001327; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"27.194.159.98",nocase; classtype:trojan-activity; sid:100001328; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"27.194.192.66",nocase; classtype:trojan-activity; sid:100001329; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"27.194.210.20",nocase; classtype:trojan-activity; sid:100001330; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"27.197.23.215",nocase; classtype:trojan-activity; sid:100001331; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"27.199.232.65",nocase; classtype:trojan-activity; sid:100001332; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"27.199.34.48",nocase; classtype:trojan-activity; sid:100001333; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"27.200.110.211",nocase; classtype:trojan-activity; sid:100001334; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"27.200.140.229",nocase; classtype:trojan-activity; sid:100001335; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"27.200.32.146",nocase; classtype:trojan-activity; sid:100001336; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"27.201.183.149",nocase; classtype:trojan-activity; sid:100001337; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"27.202.182.201",nocase; classtype:trojan-activity; sid:100001338; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"27.203.102.12",nocase; classtype:trojan-activity; sid:100001339; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"27.203.116.86",nocase; classtype:trojan-activity; sid:100001340; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"27.203.154.105",nocase; classtype:trojan-activity; sid:100001341; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"27.203.165.138",nocase; classtype:trojan-activity; sid:100001342; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"27.203.185.42",nocase; classtype:trojan-activity; sid:100001343; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"27.203.255.42",nocase; classtype:trojan-activity; sid:100001344; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"27.203.28.115",nocase; classtype:trojan-activity; sid:100001345; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"27.203.4.188",nocase; classtype:trojan-activity; sid:100001346; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"27.203.47.104",nocase; classtype:trojan-activity; sid:100001347; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"27.203.68.144",nocase; classtype:trojan-activity; sid:100001348; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"27.203.87.75",nocase; classtype:trojan-activity; sid:100001349; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"27.203.94.134",nocase; classtype:trojan-activity; sid:100001350; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"27.204.253.74",nocase; classtype:trojan-activity; sid:100001351; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"27.205.178.110",nocase; classtype:trojan-activity; sid:100001352; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"27.206.136.101",nocase; classtype:trojan-activity; sid:100001353; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"27.206.154.122",nocase; classtype:trojan-activity; sid:100001354; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"27.206.80.209",nocase; classtype:trojan-activity; sid:100001355; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"27.207.155.31",nocase; classtype:trojan-activity; sid:100001356; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"27.207.170.203",nocase; classtype:trojan-activity; sid:100001357; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"27.208.119.27",nocase; classtype:trojan-activity; sid:100001358; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"27.208.164.18",nocase; classtype:trojan-activity; sid:100001359; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"27.208.237.105",nocase; classtype:trojan-activity; sid:100001360; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"27.208.247.130",nocase; classtype:trojan-activity; sid:100001361; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"27.208.25.59",nocase; classtype:trojan-activity; sid:100001362; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"27.208.34.2",nocase; classtype:trojan-activity; sid:100001363; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"27.209.208.122",nocase; classtype:trojan-activity; sid:100001364; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"27.209.231.15",nocase; classtype:trojan-activity; sid:100001365; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"27.210.107.125",nocase; classtype:trojan-activity; sid:100001366; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"27.210.234.28",nocase; classtype:trojan-activity; sid:100001367; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"27.210.236.134",nocase; classtype:trojan-activity; sid:100001368; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"27.210.32.122",nocase; classtype:trojan-activity; sid:100001369; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"27.210.63.243",nocase; classtype:trojan-activity; sid:100001370; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"27.213.104.201",nocase; classtype:trojan-activity; sid:100001371; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"27.213.109.105",nocase; classtype:trojan-activity; sid:100001372; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"27.213.110.189",nocase; classtype:trojan-activity; sid:100001373; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"27.213.175.208",nocase; classtype:trojan-activity; sid:100001374; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"27.213.255.202",nocase; classtype:trojan-activity; sid:100001375; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"27.213.66.112",nocase; classtype:trojan-activity; sid:100001376; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"27.213.84.74",nocase; classtype:trojan-activity; sid:100001377; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"27.214.37.129",nocase; classtype:trojan-activity; sid:100001378; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"27.215.139.242",nocase; classtype:trojan-activity; sid:100001379; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"27.215.190.172",nocase; classtype:trojan-activity; sid:100001380; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"27.215.212.209",nocase; classtype:trojan-activity; sid:100001381; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"27.215.253.149",nocase; classtype:trojan-activity; sid:100001382; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"27.215.71.243",nocase; classtype:trojan-activity; sid:100001383; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"27.215.98.242",nocase; classtype:trojan-activity; sid:100001384; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"27.216.117.54",nocase; classtype:trojan-activity; sid:100001385; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"27.216.128.156",nocase; classtype:trojan-activity; sid:100001386; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"27.216.131.66",nocase; classtype:trojan-activity; sid:100001387; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"27.216.144.66",nocase; classtype:trojan-activity; sid:100001388; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"27.216.197.193",nocase; classtype:trojan-activity; sid:100001389; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"27.216.225.28",nocase; classtype:trojan-activity; sid:100001390; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"27.216.227.95",nocase; classtype:trojan-activity; sid:100001391; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"27.216.234.98",nocase; classtype:trojan-activity; sid:100001392; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"27.217.133.53",nocase; classtype:trojan-activity; sid:100001393; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"27.217.191.58",nocase; classtype:trojan-activity; sid:100001394; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"27.218.146.115",nocase; classtype:trojan-activity; sid:100001395; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"27.218.248.121",nocase; classtype:trojan-activity; sid:100001396; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"27.219.132.71",nocase; classtype:trojan-activity; sid:100001397; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"27.219.151.83",nocase; classtype:trojan-activity; sid:100001398; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"27.219.160.112",nocase; classtype:trojan-activity; sid:100001399; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"27.219.176.72",nocase; classtype:trojan-activity; sid:100001400; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"27.219.83.244",nocase; classtype:trojan-activity; sid:100001401; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"27.220.20.66",nocase; classtype:trojan-activity; sid:100001402; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"27.220.249.0",nocase; classtype:trojan-activity; sid:100001403; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"27.220.85.168",nocase; classtype:trojan-activity; sid:100001404; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"27.221.239.223",nocase; classtype:trojan-activity; sid:100001405; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"27.222.241.223",nocase; classtype:trojan-activity; sid:100001406; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"27.222.76.80",nocase; classtype:trojan-activity; sid:100001407; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"27.223.242.164",nocase; classtype:trojan-activity; sid:100001408; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"27.24.28.134",nocase; classtype:trojan-activity; sid:100001409; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"27.35.129.198",nocase; classtype:trojan-activity; sid:100001410; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"27.35.154.13",nocase; classtype:trojan-activity; sid:100001411; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"27.35.171.36",nocase; classtype:trojan-activity; sid:100001412; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"27.35.212.124",nocase; classtype:trojan-activity; sid:100001413; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"27.35.58.5",nocase; classtype:trojan-activity; sid:100001414; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"27.40.122.248",nocase; classtype:trojan-activity; sid:100001415; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"27.46.46.209",nocase; classtype:trojan-activity; sid:100001416; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"31.0.98.131",nocase; classtype:trojan-activity; sid:100001417; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"31.11.51.57",nocase; classtype:trojan-activity; sid:100001418; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"31.13.23.180",nocase; classtype:trojan-activity; sid:100001419; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"31.146.115.147",nocase; classtype:trojan-activity; sid:100001420; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"31.168.124.130",nocase; classtype:trojan-activity; sid:100001421; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"31.168.179.83",nocase; classtype:trojan-activity; sid:100001422; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"31.168.184.59",nocase; classtype:trojan-activity; sid:100001423; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"31.168.191.243",nocase; classtype:trojan-activity; sid:100001424; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"31.168.194.67",nocase; classtype:trojan-activity; sid:100001425; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"31.168.216.132",nocase; classtype:trojan-activity; sid:100001426; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"31.168.219.28",nocase; classtype:trojan-activity; sid:100001427; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"31.168.24.115",nocase; classtype:trojan-activity; sid:100001428; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"31.168.30.65",nocase; classtype:trojan-activity; sid:100001429; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"31.168.63.203",nocase; classtype:trojan-activity; sid:100001430; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"31.168.65.233",nocase; classtype:trojan-activity; sid:100001431; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"31.168.79.66",nocase; classtype:trojan-activity; sid:100001432; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"31.168.94.16",nocase; classtype:trojan-activity; sid:100001433; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"31.179.201.26",nocase; classtype:trojan-activity; sid:100001434; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"31.195.84.250",nocase; classtype:trojan-activity; sid:100001435; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"31.210.20.177",nocase; classtype:trojan-activity; sid:100001436; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"31.210.20.69",nocase; classtype:trojan-activity; sid:100001437; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"31.28.7.159",nocase; classtype:trojan-activity; sid:100001438; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"31.30.119.23",nocase; classtype:trojan-activity; sid:100001439; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"32.208.157.193",nocase; classtype:trojan-activity; sid:100001440; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"32792.prolocksmithwinterpark.com",nocase; classtype:trojan-activity; sid:100001441; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"35.184.169.169",nocase; classtype:trojan-activity; sid:100001442; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"36.108.231.218",nocase; classtype:trojan-activity; sid:100001443; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"36.248.83.98",nocase; classtype:trojan-activity; sid:100001444; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"36.249.49.142",nocase; classtype:trojan-activity; sid:100001445; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"36.250.203.246",nocase; classtype:trojan-activity; sid:100001446; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"36.251.157.225",nocase; classtype:trojan-activity; sid:100001447; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"36.251.18.18",nocase; classtype:trojan-activity; sid:100001448; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"36.251.51.244",nocase; classtype:trojan-activity; sid:100001449; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"36.255.90.219",nocase; classtype:trojan-activity; sid:100001450; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"36.33.128.58",nocase; classtype:trojan-activity; sid:100001451; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"36.33.160.167",nocase; classtype:trojan-activity; sid:100001452; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"36.34.150.236",nocase; classtype:trojan-activity; sid:100001453; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"36.66.105.159",nocase; classtype:trojan-activity; sid:100001454; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"36.66.133.125",nocase; classtype:trojan-activity; sid:100001455; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"36.66.139.36",nocase; classtype:trojan-activity; sid:100001456; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"36.89.18.133",nocase; classtype:trojan-activity; sid:100001457; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"36.91.89.187",nocase; classtype:trojan-activity; sid:100001458; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"360.lcy2zzx.pw",nocase; classtype:trojan-activity; sid:100001459; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"360down7.miiyun.cn",nocase; classtype:trojan-activity; sid:100001460; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"37.222.98.51",nocase; classtype:trojan-activity; sid:100001461; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"37.233.60.68",nocase; classtype:trojan-activity; sid:100001462; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"37.34.179.221",nocase; classtype:trojan-activity; sid:100001463; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"37.34.180.172",nocase; classtype:trojan-activity; sid:100001464; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"37.44.238.35",nocase; classtype:trojan-activity; sid:100001465; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"37.54.14.36",nocase; classtype:trojan-activity; sid:100001466; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"37.54.14.52",nocase; classtype:trojan-activity; sid:100001467; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"38.77.14.237",nocase; classtype:trojan-activity; sid:100001468; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"39.113.245.254",nocase; classtype:trojan-activity; sid:100001469; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"39.113.98.136",nocase; classtype:trojan-activity; sid:100001470; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"39.117.31.162",nocase; classtype:trojan-activity; sid:100001471; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"39.162.104.119",nocase; classtype:trojan-activity; sid:100001472; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"39.65.196.34",nocase; classtype:trojan-activity; sid:100001473; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"39.65.59.160",nocase; classtype:trojan-activity; sid:100001474; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"39.66.44.109",nocase; classtype:trojan-activity; sid:100001475; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"39.67.104.83",nocase; classtype:trojan-activity; sid:100001476; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"39.67.125.186",nocase; classtype:trojan-activity; sid:100001477; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"39.67.146.60",nocase; classtype:trojan-activity; sid:100001478; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"39.67.206.228",nocase; classtype:trojan-activity; sid:100001479; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"39.68.171.125",nocase; classtype:trojan-activity; sid:100001480; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"39.68.249.255",nocase; classtype:trojan-activity; sid:100001481; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"39.68.60.61",nocase; classtype:trojan-activity; sid:100001482; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"39.72.167.202",nocase; classtype:trojan-activity; sid:100001483; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"39.72.67.64",nocase; classtype:trojan-activity; sid:100001484; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"39.73.10.198",nocase; classtype:trojan-activity; sid:100001485; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"39.73.163.231",nocase; classtype:trojan-activity; sid:100001486; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"39.73.168.234",nocase; classtype:trojan-activity; sid:100001487; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"39.73.203.225",nocase; classtype:trojan-activity; sid:100001488; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"39.73.237.84",nocase; classtype:trojan-activity; sid:100001489; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"39.76.194.65",nocase; classtype:trojan-activity; sid:100001490; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"39.76.235.122",nocase; classtype:trojan-activity; sid:100001491; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"39.76.78.251",nocase; classtype:trojan-activity; sid:100001492; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"39.77.113.201",nocase; classtype:trojan-activity; sid:100001493; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"39.77.114.45",nocase; classtype:trojan-activity; sid:100001494; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"39.77.150.203",nocase; classtype:trojan-activity; sid:100001495; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"39.77.209.209",nocase; classtype:trojan-activity; sid:100001496; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"39.77.48.213",nocase; classtype:trojan-activity; sid:100001497; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"39.77.63.152",nocase; classtype:trojan-activity; sid:100001498; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"39.77.94.189",nocase; classtype:trojan-activity; sid:100001499; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"39.79.163.188",nocase; classtype:trojan-activity; sid:100001500; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"39.79.166.31",nocase; classtype:trojan-activity; sid:100001501; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"39.79.218.46",nocase; classtype:trojan-activity; sid:100001502; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"39.79.80.199",nocase; classtype:trojan-activity; sid:100001503; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"39.79.91.244",nocase; classtype:trojan-activity; sid:100001504; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"39.79.93.171",nocase; classtype:trojan-activity; sid:100001505; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"39.80.127.214",nocase; classtype:trojan-activity; sid:100001506; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"39.80.18.140",nocase; classtype:trojan-activity; sid:100001507; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"39.80.191.137",nocase; classtype:trojan-activity; sid:100001508; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"39.80.205.255",nocase; classtype:trojan-activity; sid:100001509; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"39.80.24.54",nocase; classtype:trojan-activity; sid:100001510; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"39.80.36.151",nocase; classtype:trojan-activity; sid:100001511; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"39.80.37.182",nocase; classtype:trojan-activity; sid:100001512; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"39.81.251.0",nocase; classtype:trojan-activity; sid:100001513; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"39.81.27.15",nocase; classtype:trojan-activity; sid:100001514; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"39.81.29.231",nocase; classtype:trojan-activity; sid:100001515; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"39.81.70.88",nocase; classtype:trojan-activity; sid:100001516; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"39.83.94.11",nocase; classtype:trojan-activity; sid:100001517; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"39.84.115.152",nocase; classtype:trojan-activity; sid:100001518; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"39.85.54.4",nocase; classtype:trojan-activity; sid:100001519; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"39.86.211.20",nocase; classtype:trojan-activity; sid:100001520; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"39.86.234.187",nocase; classtype:trojan-activity; sid:100001521; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"39.86.78.244",nocase; classtype:trojan-activity; sid:100001522; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"39.87.63.58",nocase; classtype:trojan-activity; sid:100001523; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"39.87.93.109",nocase; classtype:trojan-activity; sid:100001524; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"39.88.143.176",nocase; classtype:trojan-activity; sid:100001525; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"39.88.155.96",nocase; classtype:trojan-activity; sid:100001526; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"39.88.233.131",nocase; classtype:trojan-activity; sid:100001527; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"39.88.67.238",nocase; classtype:trojan-activity; sid:100001528; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"39.88.72.9",nocase; classtype:trojan-activity; sid:100001529; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"39.89.145.11",nocase; classtype:trojan-activity; sid:100001530; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"39.89.146.198",nocase; classtype:trojan-activity; sid:100001531; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"39.89.146.36",nocase; classtype:trojan-activity; sid:100001532; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"39.89.63.23",nocase; classtype:trojan-activity; sid:100001533; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"39.90.176.191",nocase; classtype:trojan-activity; sid:100001534; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"39.90.86.212",nocase; classtype:trojan-activity; sid:100001535; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"40.88.2.151",nocase; classtype:trojan-activity; sid:100001536; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"41.139.209.46",nocase; classtype:trojan-activity; sid:100001537; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"41.165.130.43",nocase; classtype:trojan-activity; sid:100001538; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"41.190.63.174",nocase; classtype:trojan-activity; sid:100001539; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"41.193.192.100",nocase; classtype:trojan-activity; sid:100001540; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"41.219.185.171",nocase; classtype:trojan-activity; sid:100001541; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"41.226.60.115",nocase; classtype:trojan-activity; sid:100001542; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"41.72.203.82",nocase; classtype:trojan-activity; sid:100001543; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"41.86.18.201",nocase; classtype:trojan-activity; sid:100001544; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"41.86.21.23",nocase; classtype:trojan-activity; sid:100001545; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"41.86.21.38",nocase; classtype:trojan-activity; sid:100001546; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"41.86.21.62",nocase; classtype:trojan-activity; sid:100001547; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"41.86.5.198",nocase; classtype:trojan-activity; sid:100001548; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"42.202.101.199",nocase; classtype:trojan-activity; sid:100001549; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"42.225.223.54",nocase; classtype:trojan-activity; sid:100001550; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"42.225.229.97",nocase; classtype:trojan-activity; sid:100001551; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"42.230.88.29",nocase; classtype:trojan-activity; sid:100001552; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"42.56.15.227",nocase; classtype:trojan-activity; sid:100001553; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"42.61.99.155",nocase; classtype:trojan-activity; sid:100001554; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"42.84.37.198",nocase; classtype:trojan-activity; sid:100001555; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"43.241.106.183",nocase; classtype:trojan-activity; sid:100001556; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"43.241.106.234",nocase; classtype:trojan-activity; sid:100001557; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"43.252.8.94",nocase; classtype:trojan-activity; sid:100001558; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"45.133.1.242",nocase; classtype:trojan-activity; sid:100001559; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"45.133.203.192",nocase; classtype:trojan-activity; sid:100001560; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"45.135.134.228",nocase; classtype:trojan-activity; sid:100001561; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"45.14.149.178",nocase; classtype:trojan-activity; sid:100001562; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"45.14.149.182",nocase; classtype:trojan-activity; sid:100001563; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"45.14.149.204",nocase; classtype:trojan-activity; sid:100001564; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"45.140.147.224",nocase; classtype:trojan-activity; sid:100001565; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"45.141.84.182",nocase; classtype:trojan-activity; sid:100001566; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"45.141.84.184",nocase; classtype:trojan-activity; sid:100001567; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"45.144.225.118",nocase; classtype:trojan-activity; sid:100001568; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"45.144.225.135",nocase; classtype:trojan-activity; sid:100001569; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"45.144.225.139",nocase; classtype:trojan-activity; sid:100001570; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"45.144.225.213",nocase; classtype:trojan-activity; sid:100001571; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"45.144.225.242",nocase; classtype:trojan-activity; sid:100001572; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"45.144.225.27",nocase; classtype:trojan-activity; sid:100001573; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"45.144.225.65",nocase; classtype:trojan-activity; sid:100001574; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"45.148.10.47",nocase; classtype:trojan-activity; sid:100001575; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"45.148.10.94",nocase; classtype:trojan-activity; sid:100001576; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"45.164.140.130",nocase; classtype:trojan-activity; sid:100001577; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"45.165.215.19",nocase; classtype:trojan-activity; sid:100001578; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"45.176.108.22",nocase; classtype:trojan-activity; sid:100001579; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"45.176.110.99",nocase; classtype:trojan-activity; sid:100001580; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"45.22.209.58",nocase; classtype:trojan-activity; sid:100001581; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"45.23.22.186",nocase; classtype:trojan-activity; sid:100001582; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"45.248.194.48",nocase; classtype:trojan-activity; sid:100001583; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"45.27.253.137",nocase; classtype:trojan-activity; sid:100001584; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"45.51.104.59",nocase; classtype:trojan-activity; sid:100001585; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"45.6.24.251",nocase; classtype:trojan-activity; sid:100001586; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"45.81.235.31",nocase; classtype:trojan-activity; sid:100001587; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"45.85.90.131",nocase; classtype:trojan-activity; sid:100001588; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"45.85.90.203",nocase; classtype:trojan-activity; sid:100001589; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"45.9.148.37",nocase; classtype:trojan-activity; sid:100001590; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"45.92.108.125",nocase; classtype:trojan-activity; sid:100001591; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"45.92.108.35",nocase; classtype:trojan-activity; sid:100001592; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"45.95.169.153",nocase; classtype:trojan-activity; sid:100001593; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"46.117.42.29",nocase; classtype:trojan-activity; sid:100001594; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"46.172.75.231",nocase; classtype:trojan-activity; sid:100001595; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"46.182.173.246",nocase; classtype:trojan-activity; sid:100001596; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"46.20.63.218",nocase; classtype:trojan-activity; sid:100001597; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"46.214.27.4",nocase; classtype:trojan-activity; sid:100001598; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"46.236.65.83",nocase; classtype:trojan-activity; sid:100001599; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"46.24.130.254",nocase; classtype:trojan-activity; sid:100001600; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"46.241.120.165",nocase; classtype:trojan-activity; sid:100001601; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"46.243.179.115",nocase; classtype:trojan-activity; sid:100001602; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"46.249.33.79",nocase; classtype:trojan-activity; sid:100001603; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"46.25.242.211",nocase; classtype:trojan-activity; sid:100001604; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"46.42.118.86",nocase; classtype:trojan-activity; sid:100001605; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"46.42.86.128",nocase; classtype:trojan-activity; sid:100001606; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"46.97.76.242",nocase; classtype:trojan-activity; sid:100001607; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"47.103.219.77",nocase; classtype:trojan-activity; sid:100001608; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"47.145.152.26",nocase; classtype:trojan-activity; sid:100001609; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"47.151.23.172",nocase; classtype:trojan-activity; sid:100001610; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"47.157.97.71",nocase; classtype:trojan-activity; sid:100001611; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"47.16.131.51",nocase; classtype:trojan-activity; sid:100001612; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"47.21.202.98",nocase; classtype:trojan-activity; sid:100001613; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"47.46.231.38",nocase; classtype:trojan-activity; sid:100001614; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"49.119.187.230",nocase; classtype:trojan-activity; sid:100001615; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"49.142.162.113",nocase; classtype:trojan-activity; sid:100001616; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"49.142.87.36",nocase; classtype:trojan-activity; sid:100001617; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"49.143.43.93",nocase; classtype:trojan-activity; sid:100001618; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"49.156.35.166",nocase; classtype:trojan-activity; sid:100001619; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"49.158.201.200",nocase; classtype:trojan-activity; sid:100001620; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"49.159.20.121",nocase; classtype:trojan-activity; sid:100001621; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"49.159.21.3",nocase; classtype:trojan-activity; sid:100001622; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"49.174.182.99",nocase; classtype:trojan-activity; sid:100001623; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"49.213.170.49",nocase; classtype:trojan-activity; sid:100001624; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"49.213.178.183",nocase; classtype:trojan-activity; sid:100001625; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"49.213.179.129",nocase; classtype:trojan-activity; sid:100001626; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"5.180.130.30",nocase; classtype:trojan-activity; sid:100001627; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"5.188.62.111",nocase; classtype:trojan-activity; sid:100001628; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"5.189.204.29",nocase; classtype:trojan-activity; sid:100001629; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"5.2.70.50",nocase; classtype:trojan-activity; sid:100001630; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"5.53.146.179",nocase; classtype:trojan-activity; sid:100001631; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"5.79.75.210",nocase; classtype:trojan-activity; sid:100001632; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"5.95.226.154",nocase; classtype:trojan-activity; sid:100001633; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"50.115.174.102",nocase; classtype:trojan-activity; sid:100001634; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"50.115.174.106",nocase; classtype:trojan-activity; sid:100001635; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"50.121.91.255",nocase; classtype:trojan-activity; sid:100001636; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"50.252.47.29",nocase; classtype:trojan-activity; sid:100001637; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"54.36.114.136",nocase; classtype:trojan-activity; sid:100001638; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"54.36.180.122",nocase; classtype:trojan-activity; sid:100001639; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"58.114.246.26",nocase; classtype:trojan-activity; sid:100001640; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"58.115.162.92",nocase; classtype:trojan-activity; sid:100001641; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"58.115.174.4",nocase; classtype:trojan-activity; sid:100001642; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"58.125.191.4",nocase; classtype:trojan-activity; sid:100001643; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"58.126.247.118",nocase; classtype:trojan-activity; sid:100001644; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"58.141.122.109",nocase; classtype:trojan-activity; sid:100001645; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"58.142.166.120",nocase; classtype:trojan-activity; sid:100001646; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"58.142.200.124",nocase; classtype:trojan-activity; sid:100001647; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"58.143.189.75",nocase; classtype:trojan-activity; sid:100001648; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"58.218.67.253",nocase; classtype:trojan-activity; sid:100001649; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"58.22.212.107",nocase; classtype:trojan-activity; sid:100001650; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"58.226.129.29",nocase; classtype:trojan-activity; sid:100001651; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"58.229.194.122",nocase; classtype:trojan-activity; sid:100001652; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"58.230.89.42",nocase; classtype:trojan-activity; sid:100001653; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"58.238.42.192",nocase; classtype:trojan-activity; sid:100001654; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"58.240.147.97",nocase; classtype:trojan-activity; sid:100001655; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"58.241.78.55",nocase; classtype:trojan-activity; sid:100001656; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"58.243.126.133",nocase; classtype:trojan-activity; sid:100001657; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"58.243.208.225",nocase; classtype:trojan-activity; sid:100001658; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"58.248.150.61",nocase; classtype:trojan-activity; sid:100001659; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"58.249.8.36",nocase; classtype:trojan-activity; sid:100001660; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"58.255.12.206",nocase; classtype:trojan-activity; sid:100001661; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"58.255.48.128",nocase; classtype:trojan-activity; sid:100001662; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"58.72.165.153",nocase; classtype:trojan-activity; sid:100001663; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"58.72.165.39",nocase; classtype:trojan-activity; sid:100001664; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"58.76.151.51",nocase; classtype:trojan-activity; sid:100001665; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"58.97.206.33",nocase; classtype:trojan-activity; sid:100001666; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"59.0.211.161",nocase; classtype:trojan-activity; sid:100001667; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"59.102.168.189",nocase; classtype:trojan-activity; sid:100001668; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"59.151.202.3",nocase; classtype:trojan-activity; sid:100001669; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"59.151.214.4",nocase; classtype:trojan-activity; sid:100001670; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"59.151.237.51",nocase; classtype:trojan-activity; sid:100001671; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"59.173.193.208",nocase; classtype:trojan-activity; sid:100001672; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"59.23.114.97",nocase; classtype:trojan-activity; sid:100001673; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"59.58.117.226",nocase; classtype:trojan-activity; sid:100001674; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"59.88.137.74",nocase; classtype:trojan-activity; sid:100001675; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"59.97.168.173",nocase; classtype:trojan-activity; sid:100001676; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"59.97.168.54",nocase; classtype:trojan-activity; sid:100001677; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"59.99.139.65",nocase; classtype:trojan-activity; sid:100001678; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"59.99.40.90",nocase; classtype:trojan-activity; sid:100001679; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"60.10.91.242",nocase; classtype:trojan-activity; sid:100001680; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"60.13.61.12",nocase; classtype:trojan-activity; sid:100001681; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"60.164.130.220",nocase; classtype:trojan-activity; sid:100001682; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"60.175.124.27",nocase; classtype:trojan-activity; sid:100001683; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"60.20.217.142",nocase; classtype:trojan-activity; sid:100001684; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"60.208.135.42",nocase; classtype:trojan-activity; sid:100001685; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"60.209.122.57",nocase; classtype:trojan-activity; sid:100001686; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"60.209.186.185",nocase; classtype:trojan-activity; sid:100001687; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"60.209.216.23",nocase; classtype:trojan-activity; sid:100001688; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"60.209.233.94",nocase; classtype:trojan-activity; sid:100001689; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"60.211.6.112",nocase; classtype:trojan-activity; sid:100001690; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"60.212.100.83",nocase; classtype:trojan-activity; sid:100001691; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"60.212.111.39",nocase; classtype:trojan-activity; sid:100001692; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"60.212.202.218",nocase; classtype:trojan-activity; sid:100001693; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"60.212.206.246",nocase; classtype:trojan-activity; sid:100001694; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"60.212.218.31",nocase; classtype:trojan-activity; sid:100001695; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"60.212.220.167",nocase; classtype:trojan-activity; sid:100001696; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"60.212.254.178",nocase; classtype:trojan-activity; sid:100001697; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"60.213.83.55",nocase; classtype:trojan-activity; sid:100001698; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"60.215.195.111",nocase; classtype:trojan-activity; sid:100001699; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"60.217.177.196",nocase; classtype:trojan-activity; sid:100001700; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"60.217.86.208",nocase; classtype:trojan-activity; sid:100001701; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"60.223.84.102",nocase; classtype:trojan-activity; sid:100001702; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"60.253.4.72",nocase; classtype:trojan-activity; sid:100001703; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"60.253.44.99",nocase; classtype:trojan-activity; sid:100001704; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"60.253.51.127",nocase; classtype:trojan-activity; sid:100001705; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"60.253.60.174",nocase; classtype:trojan-activity; sid:100001706; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"60.253.8.81",nocase; classtype:trojan-activity; sid:100001707; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"60.26.104.150",nocase; classtype:trojan-activity; sid:100001708; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"60.7.10.121",nocase; classtype:trojan-activity; sid:100001709; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"60.7.8.43",nocase; classtype:trojan-activity; sid:100001710; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"61.164.96.98",nocase; classtype:trojan-activity; sid:100001711; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"61.179.91.194",nocase; classtype:trojan-activity; sid:100001712; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"61.247.224.66",nocase; classtype:trojan-activity; sid:100001713; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"61.41.230.161",nocase; classtype:trojan-activity; sid:100001714; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"61.52.199.47",nocase; classtype:trojan-activity; sid:100001715; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"61.52.9.166",nocase; classtype:trojan-activity; sid:100001716; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"61.52.99.161",nocase; classtype:trojan-activity; sid:100001717; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"61.54.103.56",nocase; classtype:trojan-activity; sid:100001718; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"61.56.180.67",nocase; classtype:trojan-activity; sid:100001719; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"61.56.181.7",nocase; classtype:trojan-activity; sid:100001720; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"61.57.96.116",nocase; classtype:trojan-activity; sid:100001721; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"61.58.170.60",nocase; classtype:trojan-activity; sid:100001722; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"61.58.73.220",nocase; classtype:trojan-activity; sid:100001723; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"61.61.218.23",nocase; classtype:trojan-activity; sid:100001724; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"61.65.172.121",nocase; classtype:trojan-activity; sid:100001725; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"61.70.0.22",nocase; classtype:trojan-activity; sid:100001726; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"61.70.104.46",nocase; classtype:trojan-activity; sid:100001727; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"61.70.110.59",nocase; classtype:trojan-activity; sid:100001728; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"61.70.132.195",nocase; classtype:trojan-activity; sid:100001729; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"61.70.255.60",nocase; classtype:trojan-activity; sid:100001730; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"61.70.45.130",nocase; classtype:trojan-activity; sid:100001731; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"61.98.144.75",nocase; classtype:trojan-activity; sid:100001732; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"62.1.98.131",nocase; classtype:trojan-activity; sid:100001733; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"62.141.73.58",nocase; classtype:trojan-activity; sid:100001734; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"62.219.131.205",nocase; classtype:trojan-activity; sid:100001735; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"62.219.143.46",nocase; classtype:trojan-activity; sid:100001736; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"62.219.227.31",nocase; classtype:trojan-activity; sid:100001737; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"62.31.126.33",nocase; classtype:trojan-activity; sid:100001738; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"62.38.149.66",nocase; classtype:trojan-activity; sid:100001739; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"62.38.222.98",nocase; classtype:trojan-activity; sid:100001740; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"62.43.207.148",nocase; classtype:trojan-activity; sid:100001741; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"62.90.165.236",nocase; classtype:trojan-activity; sid:100001742; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"63.245.122.93",nocase; classtype:trojan-activity; sid:100001743; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"65.125.128.196",nocase; classtype:trojan-activity; sid:100001744; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"65.21.58.252",nocase; classtype:trojan-activity; sid:100001745; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"65.26.155.131",nocase; classtype:trojan-activity; sid:100001746; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"65.35.61.255",nocase; classtype:trojan-activity; sid:100001747; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"66.229.214.115",nocase; classtype:trojan-activity; sid:100001748; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"66.57.55.210",nocase; classtype:trojan-activity; sid:100001749; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"66.74.7.197",nocase; classtype:trojan-activity; sid:100001750; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"66.97.181.196",nocase; classtype:trojan-activity; sid:100001751; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"67.245.151.203",nocase; classtype:trojan-activity; sid:100001752; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"67.8.138.101",nocase; classtype:trojan-activity; sid:100001753; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"67.83.49.234",nocase; classtype:trojan-activity; sid:100001754; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"67.84.138.165",nocase; classtype:trojan-activity; sid:100001755; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"68.148.103.248",nocase; classtype:trojan-activity; sid:100001756; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"68.174.182.226",nocase; classtype:trojan-activity; sid:100001757; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"68.175.107.153",nocase; classtype:trojan-activity; sid:100001758; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"68.188.144.143",nocase; classtype:trojan-activity; sid:100001759; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"68.204.88.29",nocase; classtype:trojan-activity; sid:100001760; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"68.205.106.84",nocase; classtype:trojan-activity; sid:100001761; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"68.205.119.241",nocase; classtype:trojan-activity; sid:100001762; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"68.78.33.33",nocase; classtype:trojan-activity; sid:100001763; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"69.115.37.205",nocase; classtype:trojan-activity; sid:100001764; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"69.120.237.255",nocase; classtype:trojan-activity; sid:100001765; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"69.123.245.151",nocase; classtype:trojan-activity; sid:100001766; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"69.124.231.110",nocase; classtype:trojan-activity; sid:100001767; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"69.127.214.47",nocase; classtype:trojan-activity; sid:100001768; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"69.146.232.34",nocase; classtype:trojan-activity; sid:100001769; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"69.165.173.49",nocase; classtype:trojan-activity; sid:100001770; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"69.196.158.227",nocase; classtype:trojan-activity; sid:100001771; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"69.222.157.166",nocase; classtype:trojan-activity; sid:100001772; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"69.229.0.133",nocase; classtype:trojan-activity; sid:100001773; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"69.63.73.234",nocase; classtype:trojan-activity; sid:100001774; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"69.75.115.194",nocase; classtype:trojan-activity; sid:100001775; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"69.75.227.186",nocase; classtype:trojan-activity; sid:100001776; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"69.76.240.206",nocase; classtype:trojan-activity; sid:100001777; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"70.115.31.30",nocase; classtype:trojan-activity; sid:100001778; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"70.118.240.88",nocase; classtype:trojan-activity; sid:100001779; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"70.167.10.180",nocase; classtype:trojan-activity; sid:100001780; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"70.236.190.250",nocase; classtype:trojan-activity; sid:100001781; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"70.25.5.105",nocase; classtype:trojan-activity; sid:100001782; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"70.93.129.118",nocase; classtype:trojan-activity; sid:100001783; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"71.127.148.69",nocase; classtype:trojan-activity; sid:100001784; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"71.146.190.91",nocase; classtype:trojan-activity; sid:100001785; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"71.204.63.239",nocase; classtype:trojan-activity; sid:100001786; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"71.29.48.164",nocase; classtype:trojan-activity; sid:100001787; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"71.34.191.213",nocase; classtype:trojan-activity; sid:100001788; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"71.40.234.166",nocase; classtype:trojan-activity; sid:100001789; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"71.43.106.142",nocase; classtype:trojan-activity; sid:100001790; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"71.43.2.122",nocase; classtype:trojan-activity; sid:100001791; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"71.43.235.106",nocase; classtype:trojan-activity; sid:100001792; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"71.47.133.58",nocase; classtype:trojan-activity; sid:100001793; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"71.71.60.69",nocase; classtype:trojan-activity; sid:100001794; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"71.85.106.211",nocase; classtype:trojan-activity; sid:100001795; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"72.17.22.30",nocase; classtype:trojan-activity; sid:100001796; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"72.189.180.98",nocase; classtype:trojan-activity; sid:100001797; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"72.202.249.109",nocase; classtype:trojan-activity; sid:100001798; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"72.214.69.226",nocase; classtype:trojan-activity; sid:100001799; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"72.229.230.118",nocase; classtype:trojan-activity; sid:100001800; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"72.29.45.165",nocase; classtype:trojan-activity; sid:100001801; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"72.31.40.122",nocase; classtype:trojan-activity; sid:100001802; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"73.204.216.103",nocase; classtype:trojan-activity; sid:100001803; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"73.70.164.42",nocase; classtype:trojan-activity; sid:100001804; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"74.101.1.159",nocase; classtype:trojan-activity; sid:100001805; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"74.108.224.112",nocase; classtype:trojan-activity; sid:100001806; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"74.195.115.176",nocase; classtype:trojan-activity; sid:100001807; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"74.199.84.77",nocase; classtype:trojan-activity; sid:100001808; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"74.64.139.223",nocase; classtype:trojan-activity; sid:100001809; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"74.75.165.81",nocase; classtype:trojan-activity; sid:100001810; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"75.127.141.52",nocase; classtype:trojan-activity; sid:100001811; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"75.83.102.27",nocase; classtype:trojan-activity; sid:100001812; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"75.99.213.61",nocase; classtype:trojan-activity; sid:100001813; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"76.170.11.82",nocase; classtype:trojan-activity; sid:100001814; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"76.178.22.145",nocase; classtype:trojan-activity; sid:100001815; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"76.217.92.231",nocase; classtype:trojan-activity; sid:100001816; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"76.250.199.133",nocase; classtype:trojan-activity; sid:100001817; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"76.254.129.227",nocase; classtype:trojan-activity; sid:100001818; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"76.84.134.33",nocase; classtype:trojan-activity; sid:100001819; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"76.95.12.137",nocase; classtype:trojan-activity; sid:100001820; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"77.111.182.31",nocase; classtype:trojan-activity; sid:100001821; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"77.237.25.210",nocase; classtype:trojan-activity; sid:100001822; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"77.71.50.153",nocase; classtype:trojan-activity; sid:100001823; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"77.71.52.220",nocase; classtype:trojan-activity; sid:100001824; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"77.89.203.238",nocase; classtype:trojan-activity; sid:100001825; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"77st.net",nocase; classtype:trojan-activity; sid:100001826; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"78.145.224.45",nocase; classtype:trojan-activity; sid:100001827; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"78.186.155.18",nocase; classtype:trojan-activity; sid:100001828; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"78.187.141.144",nocase; classtype:trojan-activity; sid:100001829; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"78.187.240.125",nocase; classtype:trojan-activity; sid:100001830; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"78.187.41.200",nocase; classtype:trojan-activity; sid:100001831; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"78.188.168.64",nocase; classtype:trojan-activity; sid:100001832; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"78.188.188.141",nocase; classtype:trojan-activity; sid:100001833; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"78.189.104.157",nocase; classtype:trojan-activity; sid:100001834; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"78.23.172.81",nocase; classtype:trojan-activity; sid:100001835; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"78.8.225.77",nocase; classtype:trojan-activity; sid:100001836; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"79.11.195.121",nocase; classtype:trojan-activity; sid:100001837; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"79.13.49.221",nocase; classtype:trojan-activity; sid:100001838; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"79.130.253.13",nocase; classtype:trojan-activity; sid:100001839; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"79.147.123.48",nocase; classtype:trojan-activity; sid:100001840; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"79.175.42.244",nocase; classtype:trojan-activity; sid:100001841; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"79.21.84.63",nocase; classtype:trojan-activity; sid:100001842; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"79.7.170.58",nocase; classtype:trojan-activity; sid:100001843; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"79.79.58.94",nocase; classtype:trojan-activity; sid:100001844; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"79.8.70.162",nocase; classtype:trojan-activity; sid:100001845; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"79.9.88.185",nocase; classtype:trojan-activity; sid:100001846; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"80.107.89.207",nocase; classtype:trojan-activity; sid:100001847; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"80.19.101.218",nocase; classtype:trojan-activity; sid:100001848; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"80.211.181.77",nocase; classtype:trojan-activity; sid:100001849; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"80.217.12.7",nocase; classtype:trojan-activity; sid:100001850; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"80.99.128.61",nocase; classtype:trojan-activity; sid:100001851; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"81.136.146.213",nocase; classtype:trojan-activity; sid:100001852; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"81.165.44.109",nocase; classtype:trojan-activity; sid:100001853; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"81.191.40.58",nocase; classtype:trojan-activity; sid:100001854; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"81.213.141.184",nocase; classtype:trojan-activity; sid:100001855; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"81.215.199.29",nocase; classtype:trojan-activity; sid:100001856; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"81.218.187.113",nocase; classtype:trojan-activity; sid:100001857; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"81.218.195.216",nocase; classtype:trojan-activity; sid:100001858; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"81.237.128.200",nocase; classtype:trojan-activity; sid:100001859; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"81.244.219.41",nocase; classtype:trojan-activity; sid:100001860; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"81.246.225.203",nocase; classtype:trojan-activity; sid:100001861; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"81.92.36.96",nocase; classtype:trojan-activity; sid:100001862; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"82.103.108.72",nocase; classtype:trojan-activity; sid:100001863; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"82.135.196.130",nocase; classtype:trojan-activity; sid:100001864; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"82.166.212.178",nocase; classtype:trojan-activity; sid:100001865; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"82.166.85.112",nocase; classtype:trojan-activity; sid:100001866; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"82.207.61.194",nocase; classtype:trojan-activity; sid:100001867; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"82.209.250.155",nocase; classtype:trojan-activity; sid:100001868; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"82.211.156.38",nocase; classtype:trojan-activity; sid:100001869; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"82.59.31.181",nocase; classtype:trojan-activity; sid:100001870; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"82.62.110.252",nocase; classtype:trojan-activity; sid:100001871; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"82.62.53.77",nocase; classtype:trojan-activity; sid:100001872; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"82.80.138.72",nocase; classtype:trojan-activity; sid:100001873; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"82.80.139.92",nocase; classtype:trojan-activity; sid:100001874; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"82.80.154.214",nocase; classtype:trojan-activity; sid:100001875; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"82.80.187.109",nocase; classtype:trojan-activity; sid:100001876; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"82.81.100.54",nocase; classtype:trojan-activity; sid:100001877; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"82.81.106.65",nocase; classtype:trojan-activity; sid:100001878; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"82.81.108.172",nocase; classtype:trojan-activity; sid:100001879; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"82.81.131.158",nocase; classtype:trojan-activity; sid:100001880; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"82.81.19.42",nocase; classtype:trojan-activity; sid:100001881; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"82.81.197.254",nocase; classtype:trojan-activity; sid:100001882; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"82.81.215.149",nocase; classtype:trojan-activity; sid:100001883; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"82.81.234.195",nocase; classtype:trojan-activity; sid:100001884; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"82.81.246.96",nocase; classtype:trojan-activity; sid:100001885; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"82.81.28.57",nocase; classtype:trojan-activity; sid:100001886; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"82.81.4.57",nocase; classtype:trojan-activity; sid:100001887; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"82.81.55.84",nocase; classtype:trojan-activity; sid:100001888; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"82.81.73.245",nocase; classtype:trojan-activity; sid:100001889; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"82.81.98.51",nocase; classtype:trojan-activity; sid:100001890; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"83.165.237.163",nocase; classtype:trojan-activity; sid:100001891; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"83.234.147.99",nocase; classtype:trojan-activity; sid:100001892; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"83.234.218.42",nocase; classtype:trojan-activity; sid:100001893; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"83.242.253.154",nocase; classtype:trojan-activity; sid:100001894; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"83.252.9.37",nocase; classtype:trojan-activity; sid:100001895; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"84.210.219.213",nocase; classtype:trojan-activity; sid:100001896; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"84.212.219.127",nocase; classtype:trojan-activity; sid:100001897; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"84.228.50.118",nocase; classtype:trojan-activity; sid:100001898; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"84.228.95.204",nocase; classtype:trojan-activity; sid:100001899; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"84.238.24.35",nocase; classtype:trojan-activity; sid:100001900; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"84.247.83.74",nocase; classtype:trojan-activity; sid:100001901; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"84.254.39.129",nocase; classtype:trojan-activity; sid:100001902; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"84.33.111.227",nocase; classtype:trojan-activity; sid:100001903; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"84.39.248.2",nocase; classtype:trojan-activity; sid:100001904; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"84.40.127.242",nocase; classtype:trojan-activity; sid:100001905; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"84.42.20.217",nocase; classtype:trojan-activity; sid:100001906; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"8402d53c-17e9-4250-8011-20f28f5d404f.certbooster.com",nocase; classtype:trojan-activity; sid:100001907; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"85.105.11.216",nocase; classtype:trojan-activity; sid:100001908; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"85.105.123.251",nocase; classtype:trojan-activity; sid:100001909; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"85.105.135.187",nocase; classtype:trojan-activity; sid:100001910; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"85.105.180.33",nocase; classtype:trojan-activity; sid:100001911; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"85.105.224.141",nocase; classtype:trojan-activity; sid:100001912; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"85.105.241.2",nocase; classtype:trojan-activity; sid:100001913; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"85.214.149.236",nocase; classtype:trojan-activity; sid:100001914; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"85.64.181.50",nocase; classtype:trojan-activity; sid:100001915; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"85.64.203.204",nocase; classtype:trojan-activity; sid:100001916; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"85.74.215.180",nocase; classtype:trojan-activity; sid:100001917; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"85.97.130.227",nocase; classtype:trojan-activity; sid:100001918; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"86.35.43.220",nocase; classtype:trojan-activity; sid:100001919; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"87.172.19.130",nocase; classtype:trojan-activity; sid:100001920; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"87.61.89.40",nocase; classtype:trojan-activity; sid:100001921; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"88.119.171.253",nocase; classtype:trojan-activity; sid:100001922; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"88.2.208.71",nocase; classtype:trojan-activity; sid:100001923; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"88.2.219.179",nocase; classtype:trojan-activity; sid:100001924; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"88.218.17.149",nocase; classtype:trojan-activity; sid:100001925; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"88.225.222.128",nocase; classtype:trojan-activity; sid:100001926; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"88.247.96.19",nocase; classtype:trojan-activity; sid:100001927; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"88.248.136.231",nocase; classtype:trojan-activity; sid:100001928; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"88.248.51.139",nocase; classtype:trojan-activity; sid:100001929; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"88.249.244.180",nocase; classtype:trojan-activity; sid:100001930; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"88.250.204.12",nocase; classtype:trojan-activity; sid:100001931; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"88.250.226.26",nocase; classtype:trojan-activity; sid:100001932; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"88.250.254.90",nocase; classtype:trojan-activity; sid:100001933; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"89.122.183.130",nocase; classtype:trojan-activity; sid:100001934; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"89.136.197.170",nocase; classtype:trojan-activity; sid:100001935; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"89.22.152.244",nocase; classtype:trojan-activity; sid:100001936; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"89.29.213.33",nocase; classtype:trojan-activity; sid:100001937; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"89.40.85.166",nocase; classtype:trojan-activity; sid:100001938; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"8poieq.bn.files.1drv.com",nocase; classtype:trojan-activity; sid:100001939; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"90.152.144.139",nocase; classtype:trojan-activity; sid:100001940; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"91.132.197.39",nocase; classtype:trojan-activity; sid:100001941; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"91.138.215.5",nocase; classtype:trojan-activity; sid:100001942; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"91.177.139.132",nocase; classtype:trojan-activity; sid:100001943; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"91.187.103.32",nocase; classtype:trojan-activity; sid:100001944; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"91.205.173.252",nocase; classtype:trojan-activity; sid:100001945; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"91.212.150.241",nocase; classtype:trojan-activity; sid:100001946; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"91.214.124.141",nocase; classtype:trojan-activity; sid:100001947; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"91.217.104.185",nocase; classtype:trojan-activity; sid:100001948; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"91.233.112.188",nocase; classtype:trojan-activity; sid:100001949; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"91.234.60.94",nocase; classtype:trojan-activity; sid:100001950; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"91.239.168.83",nocase; classtype:trojan-activity; sid:100001951; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"91.244.169.139",nocase; classtype:trojan-activity; sid:100001952; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"91.92.16.244",nocase; classtype:trojan-activity; sid:100001953; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"92.114.191.82",nocase; classtype:trojan-activity; sid:100001954; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"92.241.78.114",nocase; classtype:trojan-activity; sid:100001955; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"92.27.246.202",nocase; classtype:trojan-activity; sid:100001956; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"92.83.62.139",nocase; classtype:trojan-activity; sid:100001957; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"92.85.18.138",nocase; classtype:trojan-activity; sid:100001958; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"93.159.169.190",nocase; classtype:trojan-activity; sid:100001959; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"93.190.93.41",nocase; classtype:trojan-activity; sid:100001960; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"93.21.224.154",nocase; classtype:trojan-activity; sid:100001961; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"93.39.115.176",nocase; classtype:trojan-activity; sid:100001962; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"93.39.79.41",nocase; classtype:trojan-activity; sid:100001963; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"93.41.137.16",nocase; classtype:trojan-activity; sid:100001964; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"93.41.182.249",nocase; classtype:trojan-activity; sid:100001965; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"93.41.206.56",nocase; classtype:trojan-activity; sid:100001966; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"93.57.43.233",nocase; classtype:trojan-activity; sid:100001967; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"93.73.99.102",nocase; classtype:trojan-activity; sid:100001968; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"94.136.69.199",nocase; classtype:trojan-activity; sid:100001969; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"94.143.53.34",nocase; classtype:trojan-activity; sid:100001970; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"94.154.17.170",nocase; classtype:trojan-activity; sid:100001971; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"94.200.16.22",nocase; classtype:trojan-activity; sid:100001972; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"94.224.83.208",nocase; classtype:trojan-activity; sid:100001973; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"94.53.120.109",nocase; classtype:trojan-activity; sid:100001974; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"94.85.0.3",nocase; classtype:trojan-activity; sid:100001975; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"95.132.129.250",nocase; classtype:trojan-activity; sid:100001976; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"95.154.20.231",nocase; classtype:trojan-activity; sid:100001977; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"95.158.19.130",nocase; classtype:trojan-activity; sid:100001978; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"95.170.113.227",nocase; classtype:trojan-activity; sid:100001979; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"95.170.201.34",nocase; classtype:trojan-activity; sid:100001980; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"95.60.146.134",nocase; classtype:trojan-activity; sid:100001981; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"95.66.196.63",nocase; classtype:trojan-activity; sid:100001982; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"95.9.120.40",nocase; classtype:trojan-activity; sid:100001983; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"96.239.73.246",nocase; classtype:trojan-activity; sid:100001984; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"97.68.140.254",nocase; classtype:trojan-activity; sid:100001985; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"97.96.199.75",nocase; classtype:trojan-activity; sid:100001986; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"98.0.210.218",nocase; classtype:trojan-activity; sid:100001987; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"98.113.239.207",nocase; classtype:trojan-activity; sid:100001988; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"98.116.72.119",nocase; classtype:trojan-activity; sid:100001989; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"98.128.147.115",nocase; classtype:trojan-activity; sid:100001990; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"98.178.242.44",nocase; classtype:trojan-activity; sid:100001991; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"98.30.24.54",nocase; classtype:trojan-activity; sid:100001992; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"99.150.245.203",nocase; classtype:trojan-activity; sid:100001993; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"99.33.195.164",nocase; classtype:trojan-activity; sid:100001994; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"aatreefelling.co.za",nocase; classtype:trojan-activity; sid:100001995; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"abad.tv",nocase; classtype:trojan-activity; sid:100001996; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"abcd.bg",nocase; classtype:trojan-activity; sid:100001997; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"abissnet.net",nocase; classtype:trojan-activity; sid:100001998; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"aboveandbelow.com.au",nocase; classtype:trojan-activity; sid:100001999; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"absoftechworld.com",nocase; classtype:trojan-activity; sid:100002000; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"absupplies.co.uk",nocase; classtype:trojan-activity; sid:100002001; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"abyssos.eu",nocase; classtype:trojan-activity; sid:100002002; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"acbick.com",nocase; classtype:trojan-activity; sid:100002003; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"accesslinksgroup.com",nocase; classtype:trojan-activity; sid:100002004; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"aceeprc.com.aceeprc.com",nocase; classtype:trojan-activity; sid:100002005; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"acellr.co.uk",nocase; classtype:trojan-activity; sid:100002006; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"acteon.com.ar",nocase; classtype:trojan-activity; sid:100002007; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"activecost.com.au",nocase; classtype:trojan-activity; sid:100002008; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"addahealingmusic.com",nocase; classtype:trojan-activity; sid:100002009; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"adithimedia.com",nocase; classtype:trojan-activity; sid:100002010; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"adithimedia.memengers.com",nocase; classtype:trojan-activity; sid:100002011; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"admin.erapor.smk-alasror.net",nocase; classtype:trojan-activity; sid:100002012; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"admin.gentbcn.org",nocase; classtype:trojan-activity; sid:100002013; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"admin.grandoceanvilla.com",nocase; classtype:trojan-activity; sid:100002014; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"admission.kmctartskuttippuram.org",nocase; classtype:trojan-activity; sid:100002015; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"adventureexplorer.in",nocase; classtype:trojan-activity; sid:100002016; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"aeropilates.cl",nocase; classtype:trojan-activity; sid:100002017; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"afnan-amc.com",nocase; classtype:trojan-activity; sid:100002018; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"afoninblog.com",nocase; classtype:trojan-activity; sid:100002019; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"afrimedspecialist.com",nocase; classtype:trojan-activity; sid:100002020; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"agemn.co.za",nocase; classtype:trojan-activity; sid:100002021; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"agenciadigitalwdys.com",nocase; classtype:trojan-activity; sid:100002022; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"agenda.gmelloinformatica.com.br",nocase; classtype:trojan-activity; sid:100002023; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"agentt.ac.ug",nocase; classtype:trojan-activity; sid:100002024; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"agile8studio.com",nocase; classtype:trojan-activity; sid:100002025; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"aiecons.com",nocase; classtype:trojan-activity; sid:100002026; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"aimnaukri.com",nocase; classtype:trojan-activity; sid:100002027; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"aiqtest.com",nocase; classtype:trojan-activity; sid:100002028; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"aitorocio.com",nocase; classtype:trojan-activity; sid:100002029; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"ajpharmaholding.com",nocase; classtype:trojan-activity; sid:100002030; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"ajstudiollc.com",nocase; classtype:trojan-activity; sid:100002031; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"akdvidyalaya.com",nocase; classtype:trojan-activity; sid:100002032; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"al-wahd.com",nocase; classtype:trojan-activity; sid:100002033; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"alasdemariposas.org",nocase; classtype:trojan-activity; sid:100002034; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"alberts.diamondrelationscrm.us",nocase; classtype:trojan-activity; sid:100002035; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"alemelektronik.com",nocase; classtype:trojan-activity; sid:100002036; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"alena1971.es",nocase; classtype:trojan-activity; sid:100002037; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"alexdubai.com.aldiabsteel.com",nocase; classtype:trojan-activity; sid:100002038; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"alka.institute",nocase; classtype:trojan-activity; sid:100002039; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"allforcreative.com.au",nocase; classtype:trojan-activity; sid:100002040; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"alltheway.travel",nocase; classtype:trojan-activity; sid:100002041; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"alpaylar.com.tr",nocase; classtype:trojan-activity; sid:100002042; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"am-concepts.ca",nocase; classtype:trojan-activity; sid:100002043; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"amamontajes.com",nocase; classtype:trojan-activity; sid:100002044; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"amarresdeamorymaestroshechiceros.com",nocase; classtype:trojan-activity; sid:100002045; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"amarteargentina.com.ar",nocase; classtype:trojan-activity; sid:100002046; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"amos524.org",nocase; classtype:trojan-activity; sid:100002047; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"ams.alvinasschools.org.ng",nocase; classtype:trojan-activity; sid:100002048; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"anadelgbt.org",nocase; classtype:trojan-activity; sid:100002049; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"anantam.net.in",nocase; classtype:trojan-activity; sid:100002050; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"andreelapeyre.com",nocase; classtype:trojan-activity; sid:100002051; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"andremaraisbeleggings.co.za",nocase; classtype:trojan-activity; sid:100002052; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"andres.ac.ug",nocase; classtype:trojan-activity; sid:100002053; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"andres.ug",nocase; classtype:trojan-activity; sid:100002054; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"andreshconcejal.solucioneslink.com",nocase; classtype:trojan-activity; sid:100002055; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"angelazgheibld.com",nocase; classtype:trojan-activity; sid:100002056; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"angelsdetour.com",nocase; classtype:trojan-activity; sid:100002057; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"angloteste.bigprime.com.br",nocase; classtype:trojan-activity; sid:100002058; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"anhung1102.vn",nocase; classtype:trojan-activity; sid:100002059; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"anurontv.com",nocase; classtype:trojan-activity; sid:100002060; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"anysbergbiltong.co.za",nocase; classtype:trojan-activity; sid:100002061; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"api-ms.cobainaja.id",nocase; classtype:trojan-activity; sid:100002062; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"api.cstdevs.com",nocase; classtype:trojan-activity; sid:100002063; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"api.quocbao.biz",nocase; classtype:trojan-activity; sid:100002064; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"apoolcondo.com",nocase; classtype:trojan-activity; sid:100002065; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"app.adsensearticle.com",nocase; classtype:trojan-activity; sid:100002066; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"app.explicitsurveys.co.uk",nocase; classtype:trojan-activity; sid:100002067; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"app.prerana.info",nocase; classtype:trojan-activity; sid:100002068; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"apps.saintsoporte.com",nocase; classtype:trojan-activity; sid:100002069; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"aps-scribe.com",nocase; classtype:trojan-activity; sid:100002070; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"artedibujoyarquitectura.com",nocase; classtype:trojan-activity; sid:100002071; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"arwenyapi.com",nocase; classtype:trojan-activity; sid:100002072; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"ask-regard.call-save.biz",nocase; classtype:trojan-activity; sid:100002073; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"atfile.com",nocase; classtype:trojan-activity; sid:100002074; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"athenacapsg.com",nocase; classtype:trojan-activity; sid:100002075; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"atlanticsteelprocessing.com",nocase; classtype:trojan-activity; sid:100002076; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"atlasconcreteworks.com",nocase; classtype:trojan-activity; sid:100002077; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"attach.66rpg.com",nocase; classtype:trojan-activity; sid:100002078; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"atteuqpotentialunlimited.com",nocase; classtype:trojan-activity; sid:100002079; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"augustair.com",nocase; classtype:trojan-activity; sid:100002080; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"aulist.com",nocase; classtype:trojan-activity; sid:100002081; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"automaticrefreshments.com",nocase; classtype:trojan-activity; sid:100002082; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"avadhanagames.com",nocase; classtype:trojan-activity; sid:100002083; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"ayahuascasp.com.br",nocase; classtype:trojan-activity; sid:100002084; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"ayamallah.com",nocase; classtype:trojan-activity; sid:100002085; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"aycconsultoriaempresarial.com",nocase; classtype:trojan-activity; sid:100002086; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"azmeasurement.com",nocase; classtype:trojan-activity; sid:100002087; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"b2b.toptanakaryakit.com.tr",nocase; classtype:trojan-activity; sid:100002088; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"backgrounds.pk",nocase; classtype:trojan-activity; sid:100002089; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"badeggdesign.com",nocase; classtype:trojan-activity; sid:100002090; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"ballina.andrewmaughan.com",nocase; classtype:trojan-activity; sid:100002091; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"bangkok-orchids.com",nocase; classtype:trojan-activity; sid:100002092; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"bangladeshunbound.com",nocase; classtype:trojan-activity; sid:100002093; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"bary.sz4h.com",nocase; classtype:trojan-activity; sid:100002094; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"bash.givemexyz.in",nocase; classtype:trojan-activity; sid:100002095; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"bausch.kr-atlas.monaxikoslykos@zytrox.tk",nocase; classtype:trojan-activity; sid:100002096; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"bavhome.com",nocase; classtype:trojan-activity; sid:100002097; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"bbia.co.uk",nocase; classtype:trojan-activity; sid:100002098; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"bcmt.elin.co.za",nocase; classtype:trojan-activity; sid:100002099; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"bcrg.co.za",nocase; classtype:trojan-activity; sid:100002100; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"bdnextrend.xyz",nocase; classtype:trojan-activity; sid:100002101; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"beanx88.xyz",nocase; classtype:trojan-activity; sid:100002102; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"bearcatpumps.com.cn",nocase; classtype:trojan-activity; sid:100002103; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"beautincollagen.rs",nocase; classtype:trojan-activity; sid:100002104; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"bekape.co.id",nocase; classtype:trojan-activity; sid:100002105; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"beor360.com",nocase; classtype:trojan-activity; sid:100002106; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"bespokeweddings.ie",nocase; classtype:trojan-activity; sid:100002107; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"bestcarenepal.com",nocase; classtype:trojan-activity; sid:100002108; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"betone.co.kr",nocase; classtype:trojan-activity; sid:100002109; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"betycopaints.com",nocase; classtype:trojan-activity; sid:100002110; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"beveragesmiami.solucioneslink.com",nocase; classtype:trojan-activity; sid:100002111; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"bigmikesupplies.co.za",nocase; classtype:trojan-activity; sid:100002112; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"bilbosaquet.ug",nocase; classtype:trojan-activity; sid:100002113; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"bilhen.co.za",nocase; classtype:trojan-activity; sid:100002114; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"billing.rahitechnosoft.com",nocase; classtype:trojan-activity; sid:100002115; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"binoy.stalphonsamissionva.org",nocase; classtype:trojan-activity; sid:100002116; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"biometrico.gpotecnosystems.com",nocase; classtype:trojan-activity; sid:100002117; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"bioskey.com",nocase; classtype:trojan-activity; sid:100002118; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"birdi.elin.co.za",nocase; classtype:trojan-activity; sid:100002119; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"birminghamlink.org",nocase; classtype:trojan-activity; sid:100002120; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"bizztradingbot.nl",nocase; classtype:trojan-activity; sid:100002121; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"bl4n3.zadns.co.za",nocase; classtype:trojan-activity; sid:100002122; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"blog.callensaxen.com",nocase; classtype:trojan-activity; sid:100002123; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"blog.difusodesign.com",nocase; classtype:trojan-activity; sid:100002124; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"blog.oyinblogs.com",nocase; classtype:trojan-activity; sid:100002125; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"blog.takbelit.com",nocase; classtype:trojan-activity; sid:100002126; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"bmlifestyle.co.uk",nocase; classtype:trojan-activity; sid:100002127; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"boatpecas.com.br",nocase; classtype:trojan-activity; sid:100002128; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"bodenstein.co.za",nocase; classtype:trojan-activity; sid:100002129; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"booksearch.com",nocase; classtype:trojan-activity; sid:100002130; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"bophelocare.co.za",nocase; classtype:trojan-activity; sid:100002131; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"bounces.mi-fs.com",nocase; classtype:trojan-activity; sid:100002132; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"boutiqueofferte.com",nocase; classtype:trojan-activity; sid:100002133; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"bpo.correct.go.th",nocase; classtype:trojan-activity; sid:100002134; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"bradleyinstitute.co.za",nocase; classtype:trojan-activity; sid:100002135; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"brandtrust.com.pk",nocase; classtype:trojan-activity; sid:100002136; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"brendanquine.com",nocase; classtype:trojan-activity; sid:100002137; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"brideofmessiah.com",nocase; classtype:trojan-activity; sid:100002138; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"brightaffiliatesales.org",nocase; classtype:trojan-activity; sid:100002139; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"brightmega.com",nocase; classtype:trojan-activity; sid:100002140; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"brightstarshop.com",nocase; classtype:trojan-activity; sid:100002141; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"browardinsurancemiami.solucioneslink.com",nocase; classtype:trojan-activity; sid:100002142; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"bt2.elin.co.za",nocase; classtype:trojan-activity; sid:100002143; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"btdapi.robotake.com",nocase; classtype:trojan-activity; sid:100002144; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"buigiaphat.com.vn",nocase; classtype:trojan-activity; sid:100002145; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"bulkyfoodja.com",nocase; classtype:trojan-activity; sid:100002146; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"bullseyemedia.in",nocase; classtype:trojan-activity; sid:100002147; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"busandvanrentalmalaysia.com",nocase; classtype:trojan-activity; sid:100002148; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"buscascolegios.diit.cl",nocase; classtype:trojan-activity; sid:100002149; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"business.softberg.ro",nocase; classtype:trojan-activity; sid:100002150; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"business2.softberg.ro",nocase; classtype:trojan-activity; sid:100002151; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"bydspa.cl",nocase; classtype:trojan-activity; sid:100002152; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"c.oooooooooo.ga",nocase; classtype:trojan-activity; sid:100002153; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"c0140529.ferozo.com",nocase; classtype:trojan-activity; sid:100002154; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"caballo.com.au",nocase; classtype:trojan-activity; sid:100002155; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"cacaoprojects.com",nocase; classtype:trojan-activity; sid:100002156; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"calgaryautorepairservice.com",nocase; classtype:trojan-activity; sid:100002157; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"callbury.in",nocase; classtype:trojan-activity; sid:100002158; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"camminachetipassa.it",nocase; classtype:trojan-activity; sid:100002159; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"capitalgroup-kw.com",nocase; classtype:trojan-activity; sid:100002160; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"capoeiraventrelivre.com",nocase; classtype:trojan-activity; sid:100002161; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"cashyinvestment.org",nocase; classtype:trojan-activity; sid:100002162; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"catchperch.com",nocase; classtype:trojan-activity; sid:100002163; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"catchpoolshetlands.co.uk",nocase; classtype:trojan-activity; sid:100002164; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"cazyacustomfurniture.com",nocase; classtype:trojan-activity; sid:100002165; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"cbn.hypervoizd.com",nocase; classtype:trojan-activity; sid:100002166; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"ccauthority.net",nocase; classtype:trojan-activity; sid:100002167; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"cdaonline.com.ar",nocase; classtype:trojan-activity; sid:100002168; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"cdn-10049480.file.myqcloud.com",nocase; classtype:trojan-activity; sid:100002169; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"cec.asso.ac-amiens.fr",nocase; classtype:trojan-activity; sid:100002170; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"cecra.cl",nocase; classtype:trojan-activity; sid:100002171; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"cellas.sk",nocase; classtype:trojan-activity; sid:100002172; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"cendekiabinaaksara.com",nocase; classtype:trojan-activity; sid:100002173; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"cfs5.tistory.com",nocase; classtype:trojan-activity; sid:100002174; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"ch.rmu.ac.th",nocase; classtype:trojan-activity; sid:100002175; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"chance5.xyz",nocase; classtype:trojan-activity; sid:100002176; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"changematterscounselling.com",nocase; classtype:trojan-activity; sid:100002177; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"chardhamdodham.com",nocase; classtype:trojan-activity; sid:100002178; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"check.askwordpressguru.com",nocase; classtype:trojan-activity; sid:100002179; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"chezalice.co.za",nocase; classtype:trojan-activity; sid:100002180; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"childselect.com",nocase; classtype:trojan-activity; sid:100002181; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"chinhdropfile.myvnc.com",nocase; classtype:trojan-activity; sid:100002182; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"chinhdropfile80.myvnc.com",nocase; classtype:trojan-activity; sid:100002183; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"cible-energy.com",nocase; classtype:trojan-activity; sid:100002184; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"cifeer.net",nocase; classtype:trojan-activity; sid:100002185; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"cirugiadenarizbucaramanga.com",nocase; classtype:trojan-activity; sid:100002186; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"citiconstructioncorp.com",nocase; classtype:trojan-activity; sid:100002187; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"citihits.lk",nocase; classtype:trojan-activity; sid:100002188; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"citssolutions.co.za",nocase; classtype:trojan-activity; sid:100002189; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"citycapproperty.ru",nocase; classtype:trojan-activity; sid:100002190; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"cityglobalgospel.com",nocase; classtype:trojan-activity; sid:100002191; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"civi.istmejia.com",nocase; classtype:trojan-activity; sid:100002192; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"cleanbydesignllc.com",nocase; classtype:trojan-activity; sid:100002193; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"cloud.fc.co.mz",nocase; classtype:trojan-activity; sid:100002194; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"cm-arquitetos.com",nocase; classtype:trojan-activity; sid:100002195; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"codsambal.com",nocase; classtype:trojan-activity; sid:100002196; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"colempaques.info",nocase; classtype:trojan-activity; sid:100002197; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"colinde.pricesne.com",nocase; classtype:trojan-activity; sid:100002198; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"colorpak.pl",nocase; classtype:trojan-activity; sid:100002199; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"community.reimclub.com",nocase; classtype:trojan-activity; sid:100002200; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"comosairdoburaco.com.br",nocase; classtype:trojan-activity; sid:100002201; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"competancy.indigoconsult.net",nocase; classtype:trojan-activity; sid:100002202; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"conceptimagine.ro",nocase; classtype:trojan-activity; sid:100002203; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"config.cqhbkjzx.com",nocase; classtype:trojan-activity; sid:100002204; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"connectcapital.com.br",nocase; classtype:trojan-activity; sid:100002205; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"constructoralyon.com",nocase; classtype:trojan-activity; sid:100002206; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"consulateins.solucioneslink.com",nocase; classtype:trojan-activity; sid:100002207; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"contributeindustry.com",nocase; classtype:trojan-activity; sid:100002208; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"controleautomacao.com.br",nocase; classtype:trojan-activity; sid:100002209; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"copelandscapes.com",nocase; classtype:trojan-activity; sid:100002210; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"coulsongraphics.com",nocase; classtype:trojan-activity; sid:100002211; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"count.mail.163.com.impactmedfoundation.com",nocase; classtype:trojan-activity; sid:100002212; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"covid19.cyberschool.or.id",nocase; classtype:trojan-activity; sid:100002213; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"cpanel.shivay.net",nocase; classtype:trojan-activity; sid:100002214; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"cr-sq.com",nocase; classtype:trojan-activity; sid:100002215; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"craftech.nxtnet.ga",nocase; classtype:trojan-activity; sid:100002216; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"craftnesia.id",nocase; classtype:trojan-activity; sid:100002217; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"crearechile.cl",nocase; classtype:trojan-activity; sid:100002218; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"creationskateboards.com",nocase; classtype:trojan-activity; sid:100002219; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"crecerco.com",nocase; classtype:trojan-activity; sid:100002220; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"crittersbythebay.com",nocase; classtype:trojan-activity; sid:100002221; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"crm.notariavieitoyvelamazan.com",nocase; classtype:trojan-activity; sid:100002222; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"crmfarko.manivelasst.com",nocase; classtype:trojan-activity; sid:100002223; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"crmroche.manivelasst.com",nocase; classtype:trojan-activity; sid:100002224; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"crscorretordeimoveis.com.br",nocase; classtype:trojan-activity; sid:100002225; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"cse-engineer.com",nocase; classtype:trojan-activity; sid:100002226; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"csnserver.com",nocase; classtype:trojan-activity; sid:100002227; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"ctracknxt.in",nocase; classtype:trojan-activity; sid:100002228; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"cubescargoexpress.com",nocase; classtype:trojan-activity; sid:100002229; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"curasoles.co.za",nocase; classtype:trojan-activity; sid:100002230; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"currantmedia.com",nocase; classtype:trojan-activity; sid:100002231; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"cwa.mx",nocase; classtype:trojan-activity; sid:100002232; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"cyclomove.com",nocase; classtype:trojan-activity; sid:100002233; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"cynkon.kairoscs.net",nocase; classtype:trojan-activity; sid:100002234; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"czsl.91756.cn",nocase; classtype:trojan-activity; sid:100002235; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"d.powerofwish.com",nocase; classtype:trojan-activity; sid:100002236; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"d9.99ddd.com",nocase; classtype:trojan-activity; sid:100002237; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"da.alibuf.com",nocase; classtype:trojan-activity; sid:100002238; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"dagiionline.com",nocase; classtype:trojan-activity; sid:100002239; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"damagedessentialtelecommunications.testmail4.repl.co",nocase; classtype:trojan-activity; sid:100002240; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"danaevara.com",nocase; classtype:trojan-activity; sid:100002241; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"dartoonpictures.com",nocase; classtype:trojan-activity; sid:100002242; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"data.cdevelop.org",nocase; classtype:trojan-activity; sid:100002243; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"data.over-blog-kiwi.com",nocase; classtype:trojan-activity; sid:100002244; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"datapolish.com",nocase; classtype:trojan-activity; sid:100002245; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"dating.khokhas.co.za",nocase; classtype:trojan-activity; sid:100002246; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"datsom.vn",nocase; classtype:trojan-activity; sid:100002247; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"davethompson.me.uk",nocase; classtype:trojan-activity; sid:100002248; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"davidmcguinness.info",nocase; classtype:trojan-activity; sid:100002249; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"dayspringdaisies.com",nocase; classtype:trojan-activity; sid:100002250; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"dd.qiyuea.cn",nocase; classtype:trojan-activity; sid:100002251; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"de.gsearch.com.de",nocase; classtype:trojan-activity; sid:100002252; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"decifrar.com.br",nocase; classtype:trojan-activity; sid:100002253; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"deigratia2.elin.co.za",nocase; classtype:trojan-activity; sid:100002254; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"dekovizyon.com",nocase; classtype:trojan-activity; sid:100002255; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"demo-cliente.mindcreative.com.br",nocase; classtype:trojan-activity; sid:100002256; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"demo.glassforcars.com.au",nocase; classtype:trojan-activity; sid:100002257; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"demo6.hiites.com",nocase; classtype:trojan-activity; sid:100002258; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"dent-estet.com",nocase; classtype:trojan-activity; sid:100002259; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"dental.xiaoxiao.media",nocase; classtype:trojan-activity; sid:100002260; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"dentalalliance.se",nocase; classtype:trojan-activity; sid:100002261; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"desertlandtrd.com",nocase; classtype:trojan-activity; sid:100002262; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"designerliving.co.za",nocase; classtype:trojan-activity; sid:100002263; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"desiringhands.com",nocase; classtype:trojan-activity; sid:100002264; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"despertaresi.com.br",nocase; classtype:trojan-activity; sid:100002265; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"destinymc.co.za",nocase; classtype:trojan-activity; sid:100002266; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"detorre.es",nocase; classtype:trojan-activity; sid:100002267; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"dev.sebpo.net",nocase; classtype:trojan-activity; sid:100002268; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"dev.watch-store.eu",nocase; classtype:trojan-activity; sid:100002269; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"dezcom.com",nocase; classtype:trojan-activity; sid:100002270; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"dfcf.91756.cn",nocase; classtype:trojan-activity; sid:100002271; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"diamantenegro.mi-fs.com",nocase; classtype:trojan-activity; sid:100002272; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"dienmayminhhung.com",nocase; classtype:trojan-activity; sid:100002273; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"digilib.dianhusada.ac.id",nocase; classtype:trojan-activity; sid:100002274; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"digisails.org",nocase; classtype:trojan-activity; sid:100002275; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"disinfection-cleaning.co.za",nocase; classtype:trojan-activity; sid:100002276; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"djking.f3322.net",nocase; classtype:trojan-activity; sid:100002277; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"dl.1003b.56a.com",nocase; classtype:trojan-activity; sid:100002278; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"dl.198424.com",nocase; classtype:trojan-activity; sid:100002279; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"dl.installcdn-aws.com",nocase; classtype:trojan-activity; sid:100002280; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"dl.packetstormsecurity.net",nocase; classtype:trojan-activity; sid:100002281; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"dl.rina-roleplay.com",nocase; classtype:trojan-activity; sid:100002282; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"dnn.alibuf.com",nocase; classtype:trojan-activity; sid:100002283; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"dns.alibuf.com",nocase; classtype:trojan-activity; sid:100002284; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"dockerupdate.anondns.net",nocase; classtype:trojan-activity; sid:100002285; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"docman.orientalservices.in",nocase; classtype:trojan-activity; sid:100002286; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"dodsonimaging.com",nocase; classtype:trojan-activity; sid:100002287; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"doitunlimited.com",nocase; classtype:trojan-activity; sid:100002288; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"dokan.blueberrytec.com",nocase; classtype:trojan-activity; sid:100002289; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"dom-chel74.ru",nocase; classtype:trojan-activity; sid:100002290; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"dom.daf.free.fr",nocase; classtype:trojan-activity; sid:100002291; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"doncedyhall.com",nocase; classtype:trojan-activity; sid:100002292; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"donghobinhminh.com",nocase; classtype:trojan-activity; sid:100002293; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"dongphuctop.com",nocase; classtype:trojan-activity; sid:100002294; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"donwnloasecury.ath.cx",nocase; classtype:trojan-activity; sid:100002295; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"dosame.com",nocase; classtype:trojan-activity; sid:100002296; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"dosman.pl",nocase; classtype:trojan-activity; sid:100002297; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"dovberger.com",nocase; classtype:trojan-activity; sid:100002298; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"down.pcclear.com",nocase; classtype:trojan-activity; sid:100002299; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"down.udashi.com",nocase; classtype:trojan-activity; sid:100002300; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"down.webbora.com",nocase; classtype:trojan-activity; sid:100002301; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"down1.arpun.com",nocase; classtype:trojan-activity; sid:100002302; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"download.caihong.com",nocase; classtype:trojan-activity; sid:100002303; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"download.doumaibiji.cn",nocase; classtype:trojan-activity; sid:100002304; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"download.exrnybuf.cn",nocase; classtype:trojan-activity; sid:100002305; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"download.kaobeitu.com",nocase; classtype:trojan-activity; sid:100002306; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"download.pdf00.cn",nocase; classtype:trojan-activity; sid:100002307; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"download.rising.com.cn",nocase; classtype:trojan-activity; sid:100002308; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"download.skycn.com",nocase; classtype:trojan-activity; sid:100002309; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"download.zjsyawqj.cn",nocase; classtype:trojan-activity; sid:100002310; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"dragonsknot.com",nocase; classtype:trojan-activity; sid:100002311; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"drbaby.com.sa",nocase; classtype:trojan-activity; sid:100002312; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"dream.pics",nocase; classtype:trojan-activity; sid:100002313; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"drgroup.co.za",nocase; classtype:trojan-activity; sid:100002314; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"drools-moved.46999.n3.nabble.com",nocase; classtype:trojan-activity; sid:100002315; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"drsha.innovativesolutions.mobi",nocase; classtype:trojan-activity; sid:100002316; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"dsspainting.com",nocase; classtype:trojan-activity; sid:100002317; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"du-wizards.com",nocase; classtype:trojan-activity; sid:100002318; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"duque.guantanameratravel.com",nocase; classtype:trojan-activity; sid:100002319; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"dutapp.wisolve.co.za",nocase; classtype:trojan-activity; sid:100002320; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"duvalcharter.dekitout.com",nocase; classtype:trojan-activity; sid:100002321; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"dw2.co.id",nocase; classtype:trojan-activity; sid:100002322; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"dx.qqyewu.com",nocase; classtype:trojan-activity; sid:100002323; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"dzinestudio87.co.uk",nocase; classtype:trojan-activity; sid:100002324; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"e-commerce.saleensuporte.com.br",nocase; classtype:trojan-activity; sid:100002325; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"e.sldov.ru",nocase; classtype:trojan-activity; sid:100002326; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"eandgdesign.com.ng",nocase; classtype:trojan-activity; sid:100002327; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"eastsheen-glaziers.co.uk",nocase; classtype:trojan-activity; sid:100002328; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"ebruyatkin.com",nocase; classtype:trojan-activity; sid:100002329; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"edu.saicraftsman.com",nocase; classtype:trojan-activity; sid:100002330; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"eedo.ee",nocase; classtype:trojan-activity; sid:100002331; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"efficientegroup.com",nocase; classtype:trojan-activity; sid:100002332; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"elbauldenora.com",nocase; classtype:trojan-activity; sid:100002333; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"emaids.co.za",nocase; classtype:trojan-activity; sid:100002334; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"emaz.pk",nocase; classtype:trojan-activity; sid:100002335; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"emlak.ygtsoft.com",nocase; classtype:trojan-activity; sid:100002336; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"en.baoend.com",nocase; classtype:trojan-activity; sid:100002337; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"enc-tech.com",nocase; classtype:trojan-activity; sid:100002338; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"endurotanzania.co.tz",nocase; classtype:trojan-activity; sid:100002339; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"ennovate.elin.co.za",nocase; classtype:trojan-activity; sid:100002340; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"enriquecendocomconsorcio.com.br",nocase; classtype:trojan-activity; sid:100002341; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"equimination.ee",nocase; classtype:trojan-activity; sid:100002342; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"erp.nanotechproautocare.com",nocase; classtype:trojan-activity; sid:100002343; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"erp.zilymax.com",nocase; classtype:trojan-activity; sid:100002344; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"escola.probommar.org.br",nocase; classtype:trojan-activity; sid:100002345; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"esnconsultants.com",nocase; classtype:trojan-activity; sid:100002346; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"essentia.org.br",nocase; classtype:trojan-activity; sid:100002347; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"eubanks7.com",nocase; classtype:trojan-activity; sid:100002348; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"europeanzonexxi.com",nocase; classtype:trojan-activity; sid:100002349; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"evidencemarketing.ca",nocase; classtype:trojan-activity; sid:100002350; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"exilum.com",nocase; classtype:trojan-activity; sid:100002351; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"exitoalfaomega.co",nocase; classtype:trojan-activity; sid:100002352; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"extrovertoffers.com",nocase; classtype:trojan-activity; sid:100002353; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"f1sol.com",nocase; classtype:trojan-activity; sid:100002354; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"fahrzeugdrive.com",nocase; classtype:trojan-activity; sid:100002355; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"familydentist.site",nocase; classtype:trojan-activity; sid:100002356; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"faveraprojects.com",nocase; classtype:trojan-activity; sid:100002357; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"fc.co.mz",nocase; classtype:trojan-activity; sid:100002358; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"felicienne.nl",nocase; classtype:trojan-activity; sid:100002359; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"files.martellexpress.us",nocase; classtype:trojan-activity; sid:100002360; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"files6.uludagbilisim.com",nocase; classtype:trojan-activity; sid:100002361; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"final.makkahkmcc.com",nocase; classtype:trojan-activity; sid:100002362; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"fineartgallerym.com",nocase; classtype:trojan-activity; sid:100002363; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"fisconline.bar",nocase; classtype:trojan-activity; sid:100002364; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"fix-america-now.org",nocase; classtype:trojan-activity; sid:100002365; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"fixauto.illumetechnology.com",nocase; classtype:trojan-activity; sid:100002366; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"fixturegovernment.com",nocase; classtype:trojan-activity; sid:100002367; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"fkd.derpcity.ru",nocase; classtype:trojan-activity; sid:100002368; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"flexypay.dsquaregroup.com",nocase; classtype:trojan-activity; sid:100002369; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"flintspin.com",nocase; classtype:trojan-activity; sid:100002370; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"flyingbuddhadesign.com",nocase; classtype:trojan-activity; sid:100002371; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"fmjplastering.co.uk",nocase; classtype:trojan-activity; sid:100002372; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"fms.buladde.or.ug",nocase; classtype:trojan-activity; sid:100002373; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"follower.instantcashback.in",nocase; classtype:trojan-activity; sid:100002374; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"foothills.com.br",nocase; classtype:trojan-activity; sid:100002375; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"footweardirect.elin.co.za",nocase; classtype:trojan-activity; sid:100002376; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"forum.mdb.nu",nocase; classtype:trojan-activity; sid:100002377; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"fotoobjetivo.com",nocase; classtype:trojan-activity; sid:100002378; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"foundationrepairhoustontx.net",nocase; classtype:trojan-activity; sid:100002379; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"foxeps.com.br",nocase; classtype:trojan-activity; sid:100002380; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"fraud.bpcbankingtech.com",nocase; classtype:trojan-activity; sid:100002381; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"freecnetdownload.com",nocase; classtype:trojan-activity; sid:100002382; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"freisites.com.br",nocase; classtype:trojan-activity; sid:100002383; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"ftp.n3twork30cm.ml",nocase; classtype:trojan-activity; sid:100002384; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"fullelectronica.com.ar",nocase; classtype:trojan-activity; sid:100002385; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"funletters.net",nocase; classtype:trojan-activity; sid:100002386; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"fusionfiresolutions.com",nocase; classtype:trojan-activity; sid:100002387; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"futbolpr.com",nocase; classtype:trojan-activity; sid:100002388; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"futuregraphics.com.ar",nocase; classtype:trojan-activity; sid:100002389; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"g.pinmonkey.xyz",nocase; classtype:trojan-activity; sid:100002390; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"gametwogame.com",nocase; classtype:trojan-activity; sid:100002391; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"garciadogshow.com",nocase; classtype:trojan-activity; sid:100002392; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"garenanow.myvnc.com",nocase; classtype:trojan-activity; sid:100002393; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"garenanow4.myvnc.com",nocase; classtype:trojan-activity; sid:100002394; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"gastoudergonny.nl",nocase; classtype:trojan-activity; sid:100002395; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"gbbulls.co.uk",nocase; classtype:trojan-activity; sid:100002396; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"gcpc.co.id.chronoscurtain.com",nocase; classtype:trojan-activity; sid:100002397; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"generaldeviales.com",nocase; classtype:trojan-activity; sid:100002398; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"gfmodd1.webselffiles01.com",nocase; classtype:trojan-activity; sid:100002399; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"gfold1.webselffiles01.com",nocase; classtype:trojan-activity; sid:100002400; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"ghettohub.co.za",nocase; classtype:trojan-activity; sid:100002401; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"ghislain.dartois.pagesperso-orange.fr",nocase; classtype:trojan-activity; sid:100002402; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"giadungg7.com",nocase; classtype:trojan-activity; sid:100002403; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"giddos.ga",nocase; classtype:trojan-activity; sid:100002404; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"giteletropical.com",nocase; classtype:trojan-activity; sid:100002405; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"glowinmedia.co.ke",nocase; classtype:trojan-activity; sid:100002406; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"gmsebpl.com",nocase; classtype:trojan-activity; sid:100002407; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"gmtransformationacademy.com",nocase; classtype:trojan-activity; sid:100002408; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"gmvadmission.org",nocase; classtype:trojan-activity; sid:100002409; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"gnimelf.net",nocase; classtype:trojan-activity; sid:100002410; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"gnscrew.ro",nocase; classtype:trojan-activity; sid:100002411; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"gold.investforex.id",nocase; classtype:trojan-activity; sid:100002412; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"goldcake.co.id",nocase; classtype:trojan-activity; sid:100002413; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"goldcoastoffice365.com",nocase; classtype:trojan-activity; sid:100002414; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"goldcoastoffice365.com.au",nocase; classtype:trojan-activity; sid:100002415; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"golden-memories-funerals.yourpageserver.com",nocase; classtype:trojan-activity; sid:100002416; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"goldenasiacapital.com",nocase; classtype:trojan-activity; sid:100002417; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"gorecycle.fahadjutt.com",nocase; classtype:trojan-activity; sid:100002418; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"gpotecnosystems.com",nocase; classtype:trojan-activity; sid:100002419; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"gracejukes.com",nocase; classtype:trojan-activity; sid:100002420; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"grupoinmare.com",nocase; classtype:trojan-activity; sid:100002421; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"gruposelt.000webhostapp.com",nocase; classtype:trojan-activity; sid:100002422; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"gs.monerorx.com",nocase; classtype:trojan-activity; sid:100002423; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"guide-to-cell-phones.com",nocase; classtype:trojan-activity; sid:100002424; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"gulfac-house.com",nocase; classtype:trojan-activity; sid:100002425; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"gvpcdpgc.edu.in",nocase; classtype:trojan-activity; sid:100002426; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"habbotips.free.fr",nocase; classtype:trojan-activity; sid:100002427; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"hagebakken.no",nocase; classtype:trojan-activity; sid:100002428; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"hamptonpartyoffive.com",nocase; classtype:trojan-activity; sid:100002429; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"hashmati.com",nocase; classtype:trojan-activity; sid:100002430; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"hassanproduct.com",nocase; classtype:trojan-activity; sid:100002431; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"hchfug.org",nocase; classtype:trojan-activity; sid:100002432; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"hd11315.com",nocase; classtype:trojan-activity; sid:100002433; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"hdkamera2003.hu",nocase; classtype:trojan-activity; sid:100002434; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"hds.sz4h.com",nocase; classtype:trojan-activity; sid:100002435; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"heavymaq.cl",nocase; classtype:trojan-activity; sid:100002436; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"hellogorgeous.com.au",nocase; classtype:trojan-activity; sid:100002437; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"help.hizuko.com",nocase; classtype:trojan-activity; sid:100002438; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"herchinfitout.com.sg",nocase; classtype:trojan-activity; sid:100002439; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"hhaward.org",nocase; classtype:trojan-activity; sid:100002440; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"highlandroadcoc.com",nocase; classtype:trojan-activity; sid:100002441; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"highlandslasvegas.atakdev.com",nocase; classtype:trojan-activity; sid:100002442; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"hindi.factsriver.com",nocase; classtype:trojan-activity; sid:100002443; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"hiptool.net",nocase; classtype:trojan-activity; sid:100002444; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"hitpe.com",nocase; classtype:trojan-activity; sid:100002445; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"hlmd.in",nocase; classtype:trojan-activity; sid:100002446; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"hmpmall.co.kr",nocase; classtype:trojan-activity; sid:100002447; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"hoagietesting10.com",nocase; classtype:trojan-activity; sid:100002448; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"hoayeuthuong-my.sharepoint.com",nocase; classtype:trojan-activity; sid:100002449; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"homefindersolutions.com",nocase; classtype:trojan-activity; sid:100002450; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"hongluosi.com",nocase; classtype:trojan-activity; sid:100002451; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"hookedupboatclub.com",nocase; classtype:trojan-activity; sid:100002452; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"hostingparacolombia.com",nocase; classtype:trojan-activity; sid:100002453; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"hostzaa.com",nocase; classtype:trojan-activity; sid:100002454; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"houstonshutters.site",nocase; classtype:trojan-activity; sid:100002455; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"hr2019.vrcom7.com",nocase; classtype:trojan-activity; sid:100002456; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"hseda.com",nocase; classtype:trojan-activity; sid:100002457; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"hsmwebapp.com",nocase; classtype:trojan-activity; sid:100002458; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"htownbars.com",nocase; classtype:trojan-activity; sid:100002459; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"hubtech.co.za",nocase; classtype:trojan-activity; sid:100002460; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"huellacero.cl",nocase; classtype:trojan-activity; sid:100002461; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"hunggiang.vn",nocase; classtype:trojan-activity; sid:100002462; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"husamiyahschool.com",nocase; classtype:trojan-activity; sid:100002463; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"iabmixx2020.rayadigital.online",nocase; classtype:trojan-activity; sid:100002464; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"iam313.com",nocase; classtype:trojan-activity; sid:100002465; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"iammdshanto.com",nocase; classtype:trojan-activity; sid:100002466; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"icon.shatangmu.cn",nocase; classtype:trojan-activity; sid:100002467; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"idilsoft.com",nocase; classtype:trojan-activity; sid:100002468; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"idj.no",nocase; classtype:trojan-activity; sid:100002469; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"idvindia.com",nocase; classtype:trojan-activity; sid:100002470; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"ikexpert.com",nocase; classtype:trojan-activity; sid:100002471; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"ilrafrica.com",nocase; classtype:trojan-activity; sid:100002472; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"images.jermiau.com",nocase; classtype:trojan-activity; sid:100002473; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"imbueautoworx.co.za",nocase; classtype:trojan-activity; sid:100002474; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"in-tune2016.com",nocase; classtype:trojan-activity; sid:100002475; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"incrediblepixels.com",nocase; classtype:trojan-activity; sid:100002476; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"incredicole.com",nocase; classtype:trojan-activity; sid:100002477; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"indrasbikaner.com",nocase; classtype:trojan-activity; sid:100002478; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"infair.vn",nocase; classtype:trojan-activity; sid:100002479; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"infovator.com",nocase; classtype:trojan-activity; sid:100002480; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"initialnetworks.com",nocase; classtype:trojan-activity; sid:100002481; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"inodesthetotaldesigners.com",nocase; classtype:trojan-activity; sid:100002482; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"inrajahmundry.co.in",nocase; classtype:trojan-activity; sid:100002483; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"insignificantfinecore.testmail4.repl.co",nocase; classtype:trojan-activity; sid:100002484; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"instantindialoan.com",nocase; classtype:trojan-activity; sid:100002485; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"insupportofchildren.co.uk",nocase; classtype:trojan-activity; sid:100002486; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"intellectsmart.in",nocase; classtype:trojan-activity; sid:100002487; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"intersel-idf.org",nocase; classtype:trojan-activity; sid:100002488; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"intuitiveideas.com.my",nocase; classtype:trojan-activity; sid:100002489; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"inversiones.arrayanfinanciero.cl",nocase; classtype:trojan-activity; sid:100002490; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"invest.xpcorporative.com.br",nocase; classtype:trojan-activity; sid:100002491; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"investinae.com",nocase; classtype:trojan-activity; sid:100002492; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"ioabc.wif.com.br",nocase; classtype:trojan-activity; sid:100002493; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"ipmes.ma",nocase; classtype:trojan-activity; sid:100002494; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"iremart.es",nocase; classtype:trojan-activity; sid:100002495; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"iris101.co.uk",nocase; classtype:trojan-activity; sid:100002496; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"isaac.mikhailmotoringschool.com",nocase; classtype:trojan-activity; sid:100002497; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"iscamenabe.com",nocase; classtype:trojan-activity; sid:100002498; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"isiphephelocon.co.za",nocase; classtype:trojan-activity; sid:100002499; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"iso-dubai.net",nocase; classtype:trojan-activity; sid:100002500; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"israrulhaq.me",nocase; classtype:trojan-activity; sid:100002501; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"isrorg.com",nocase; classtype:trojan-activity; sid:100002502; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"isso.ps",nocase; classtype:trojan-activity; sid:100002503; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"ist-security.com",nocase; classtype:trojan-activity; sid:100002504; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"it123.ru",nocase; classtype:trojan-activity; sid:100002505; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"italiandirezione.casa",nocase; classtype:trojan-activity; sid:100002506; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"itc-demo.softgig.co.ke",nocase; classtype:trojan-activity; sid:100002507; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"itmotasaciones.com",nocase; classtype:trojan-activity; sid:100002508; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"jacktech.jackindia.com",nocase; classtype:trojan-activity; sid:100002509; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"jamiekaylive.com",nocase; classtype:trojan-activity; sid:100002510; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"jamshed.pk",nocase; classtype:trojan-activity; sid:100002511; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"jansen-heesch.nl",nocase; classtype:trojan-activity; sid:100002512; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"jathra.co.uk",nocase; classtype:trojan-activity; sid:100002513; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"jay.diamondrelationscrm.us",nocase; classtype:trojan-activity; sid:100002514; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"jebs.net.au",nocase; classtype:trojan-activity; sid:100002515; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"jeffdahlke.com",nocase; classtype:trojan-activity; sid:100002516; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"jennwolfemtb.com",nocase; classtype:trojan-activity; sid:100002517; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"jhayesconsulting.com",nocase; classtype:trojan-activity; sid:100002518; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"jiaoyuzixun.cn",nocase; classtype:trojan-activity; sid:100002519; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"jing-da.com.tw",nocase; classtype:trojan-activity; sid:100002520; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"jmtc.91756.cn",nocase; classtype:trojan-activity; sid:100002521; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"jnanbharati.com",nocase; classtype:trojan-activity; sid:100002522; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"jobs.thebeessolution.com",nocase; classtype:trojan-activity; sid:100002523; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"joelbonissilver.com",nocase; classtype:trojan-activity; sid:100002524; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"join.cl8movement.co.za",nocase; classtype:trojan-activity; sid:100002525; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"josegene.com",nocase; classtype:trojan-activity; sid:100002526; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"jpwoodfordco.com",nocase; classtype:trojan-activity; sid:100002527; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"jumpmanualjacobhiller.com",nocase; classtype:trojan-activity; sid:100002528; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"jupiter.toxsl.in",nocase; classtype:trojan-activity; sid:100002529; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"justinscott.com.au",nocase; classtype:trojan-activity; sid:100002530; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"kabinarf.ru",nocase; classtype:trojan-activity; sid:100002531; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"kadigital.co.uk",nocase; classtype:trojan-activity; sid:100002532; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"kaizenjanitorial.com",nocase; classtype:trojan-activity; sid:100002533; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"kalawatihomes.com",nocase; classtype:trojan-activity; sid:100002534; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"kalogirosfinance.com",nocase; classtype:trojan-activity; sid:100002535; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"kaptaanchapal.com",nocase; classtype:trojan-activity; sid:100002536; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"karer.by",nocase; classtype:trojan-activity; sid:100002537; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"katanvetov.co.il",nocase; classtype:trojan-activity; sid:100002538; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"kensingtondriving.com",nocase; classtype:trojan-activity; sid:100002539; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"ketofitnessexpert.com",nocase; classtype:trojan-activity; sid:100002540; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"kevinjewelry.com.co",nocase; classtype:trojan-activity; sid:100002541; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"keywatch.yourpageserver.com",nocase; classtype:trojan-activity; sid:100002542; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"kingssa.co.za",nocase; classtype:trojan-activity; sid:100002543; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"kjcpromo.com",nocase; classtype:trojan-activity; sid:100002544; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"kleinendeli.co.za",nocase; classtype:trojan-activity; sid:100002545; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"korrectconceptservices.com",nocase; classtype:trojan-activity; sid:100002546; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"krisbadminton.com",nocase; classtype:trojan-activity; sid:100002547; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"kubatoglubaklava.com.tr",nocase; classtype:trojan-activity; sid:100002548; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"kumaralok.in",nocase; classtype:trojan-activity; sid:100002549; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"kwanfromhongkong.com",nocase; classtype:trojan-activity; sid:100002550; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"kz.sldov.ru",nocase; classtype:trojan-activity; sid:100002551; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"lacasadelosalebrijes.com",nocase; classtype:trojan-activity; sid:100002552; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"lameguard.ru",nocase; classtype:trojan-activity; sid:100002553; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"laodongnhat.vn",nocase; classtype:trojan-activity; sid:100002554; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"laravel.pointersoftwares.com.br",nocase; classtype:trojan-activity; sid:100002555; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"lasermobilesounds.co.uk",nocase; classtype:trojan-activity; sid:100002556; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"laura9630fr.com",nocase; classtype:trojan-activity; sid:100002557; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"lauratomismith.com",nocase; classtype:trojan-activity; sid:100002558; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"lautarosanmiguel.com",nocase; classtype:trojan-activity; sid:100002559; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"lawforall.edu.lk",nocase; classtype:trojan-activity; sid:100002560; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"lawschoolideas.xyz",nocase; classtype:trojan-activity; sid:100002561; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"lceventos.net",nocase; classtype:trojan-activity; sid:100002562; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"ld.mediaget.com",nocase; classtype:trojan-activity; sid:100002563; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"ldgcorp.com",nocase; classtype:trojan-activity; sid:100002564; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"learning.real-academy.net",nocase; classtype:trojan-activity; sid:100002565; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"leasiacherise.com",nocase; classtype:trojan-activity; sid:100002566; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"leczkregoslup.acelero.pl",nocase; classtype:trojan-activity; sid:100002567; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"legend.nu",nocase; classtype:trojan-activity; sid:100002568; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"leluibuffet.com.br",nocase; classtype:trojan-activity; sid:100002569; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"lestesteux.ca",nocase; classtype:trojan-activity; sid:100002570; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"libantravel.pl",nocase; classtype:trojan-activity; sid:100002571; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"library.arihantmbainstitute.ac.in",nocase; classtype:trojan-activity; sid:100002572; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"library.uib.ac.id",nocase; classtype:trojan-activity; sid:100002573; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"lidoraggiodisole.it",nocase; classtype:trojan-activity; sid:100002574; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"lifebeam.elin.co.za",nocase; classtype:trojan-activity; sid:100002575; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"lindnerelektroanlagen.de",nocase; classtype:trojan-activity; sid:100002576; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"linkintec.cn",nocase; classtype:trojan-activity; sid:100002577; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"liquidaz.casa",nocase; classtype:trojan-activity; sid:100002578; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"livetrack.in",nocase; classtype:trojan-activity; sid:100002579; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"lm.stagingarea.co.za",nocase; classtype:trojan-activity; sid:100002580; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"lmaancha.co.il",nocase; classtype:trojan-activity; sid:100002581; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"lms.cstdevs.com",nocase; classtype:trojan-activity; sid:100002582; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"lms.login2.in",nocase; classtype:trojan-activity; sid:100002583; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"location-voitures.ma",nocase; classtype:trojan-activity; sid:100002584; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"login.trezor.com.stockfootagesindia.com",nocase; classtype:trojan-activity; sid:100002585; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"logotypfabriken.se",nocase; classtype:trojan-activity; sid:100002586; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"lotix.de",nocase; classtype:trojan-activity; sid:100002587; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"lotusanddragonfly.com",nocase; classtype:trojan-activity; sid:100002588; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"lp.definerisco.com",nocase; classtype:trojan-activity; sid:100002589; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"lp.difusodesign.com",nocase; classtype:trojan-activity; sid:100002590; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"lp.quama.pe",nocase; classtype:trojan-activity; sid:100002591; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"ltc.typoten.com",nocase; classtype:trojan-activity; sid:100002592; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"luckybrownie.com",nocase; classtype:trojan-activity; sid:100002593; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"luminouspneuma.com",nocase; classtype:trojan-activity; sid:100002594; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"m-technics.kz",nocase; classtype:trojan-activity; sid:100002595; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"m.estudiomoros.com.ar",nocase; classtype:trojan-activity; sid:100002596; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"madicon.co.za",nocase; classtype:trojan-activity; sid:100002597; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"magianegramagiablancayamarres.com",nocase; classtype:trojan-activity; sid:100002598; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"maharaniworld.com",nocase; classtype:trojan-activity; sid:100002599; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"mail.bs-eiendomme.co.za",nocase; classtype:trojan-activity; sid:100002600; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"mail.golimoapp.com",nocase; classtype:trojan-activity; sid:100002601; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"mail.jeffsono.org",nocase; classtype:trojan-activity; sid:100002602; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"maksi.feb.unib.ac.id",nocase; classtype:trojan-activity; sid:100002603; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"malaya.tv",nocase; classtype:trojan-activity; sid:100002604; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"malwarecoding.github.io",nocase; classtype:trojan-activity; sid:100002605; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"managed.oss-cn-beijing.aliyuncs.com",nocase; classtype:trojan-activity; sid:100002606; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"managemysalon.in",nocase; classtype:trojan-activity; sid:100002607; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"manantialesdelnorte.uy",nocase; classtype:trojan-activity; sid:100002608; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"mangalyaa.lk",nocase; classtype:trojan-activity; sid:100002609; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"manhtien.net",nocase; classtype:trojan-activity; sid:100002610; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"marcapinyo.ru",nocase; classtype:trojan-activity; sid:100002611; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"mario-sunjic.com",nocase; classtype:trojan-activity; sid:100002612; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"mariobrown.net",nocase; classtype:trojan-activity; sid:100002613; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"mariotessarollo.com",nocase; classtype:trojan-activity; sid:100002614; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"marketinfosales.com",nocase; classtype:trojan-activity; sid:100002615; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"marketing.enexusgroup.com.au",nocase; classtype:trojan-activity; sid:100002616; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"marksidfgs.ug",nocase; classtype:trojan-activity; sid:100002617; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"masjidhabeebiyarazviya.mysunni.com",nocase; classtype:trojan-activity; sid:100002618; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"mastersofclientretention.com.au",nocase; classtype:trojan-activity; sid:100002619; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"masterthedaybook.com",nocase; classtype:trojan-activity; sid:100002620; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"materialescantu.com",nocase; classtype:trojan-activity; sid:100002621; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"matruchhaya.co.in",nocase; classtype:trojan-activity; sid:100002622; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"maxiquim.cl",nocase; classtype:trojan-activity; sid:100002623; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"maxtox.com.pk",nocase; classtype:trojan-activity; sid:100002624; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"mbgrm.com",nocase; classtype:trojan-activity; sid:100002625; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"mbjtimes.com",nocase; classtype:trojan-activity; sid:100002626; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"mbsolutions.ge",nocase; classtype:trojan-activity; sid:100002627; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"mbx.com.au",nocase; classtype:trojan-activity; sid:100002628; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"mdasa.elin.co.za",nocase; classtype:trojan-activity; sid:100002629; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"medevlb.org",nocase; classtype:trojan-activity; sid:100002630; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"media-server.skyinternet.com.pk",nocase; classtype:trojan-activity; sid:100002631; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"mediawaysnews.com",nocase; classtype:trojan-activity; sid:100002632; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"medistaffconsulting.com",nocase; classtype:trojan-activity; sid:100002633; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"meeweb.com",nocase; classtype:trojan-activity; sid:100002634; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"megagynreformas.com.br",nocase; classtype:trojan-activity; sid:100002635; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"megamart.afnan-amc.com",nocase; classtype:trojan-activity; sid:100002636; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"mehainteriors.com",nocase; classtype:trojan-activity; sid:100002637; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"mercabits.com",nocase; classtype:trojan-activity; sid:100002638; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"merkathink.com",nocase; classtype:trojan-activity; sid:100002639; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"mertlog.com",nocase; classtype:trojan-activity; sid:100002640; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"metaflip.io",nocase; classtype:trojan-activity; sid:100002641; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"metalin-cr.com",nocase; classtype:trojan-activity; sid:100002642; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"mettaanand.org",nocase; classtype:trojan-activity; sid:100002643; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"meuoculosnanet.com.br",nocase; classtype:trojan-activity; sid:100002644; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"mfevr.com",nocase; classtype:trojan-activity; sid:100002645; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"mhkdhotbot.myvnc.com",nocase; classtype:trojan-activity; sid:100002646; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"mhkdhotbot80.myvnc.com",nocase; classtype:trojan-activity; sid:100002647; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"micalle.com.au",nocase; classtype:trojan-activity; sid:100002648; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"michaelphilip.com",nocase; classtype:trojan-activity; sid:100002649; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"michimal2.000webhostapp.com",nocase; classtype:trojan-activity; sid:100002650; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"microblading.mirliandias.com.br",nocase; classtype:trojan-activity; sid:100002651; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"microcomm-group.com",nocase; classtype:trojan-activity; sid:100002652; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"mikhailmotoringschool.com",nocase; classtype:trojan-activity; sid:100002653; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"mills-skyla30ec.com",nocase; classtype:trojan-activity; sid:100002654; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"mingguanwms.com",nocase; classtype:trojan-activity; sid:100002655; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"minuevavida.org",nocase; classtype:trojan-activity; sid:100002656; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"mirror.mypage.sk",nocase; classtype:trojan-activity; sid:100002657; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"mis.nbcc.ac.th",nocase; classtype:trojan-activity; sid:100002658; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"misterson.com",nocase; classtype:trojan-activity; sid:100002659; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"mkontakt.az",nocase; classtype:trojan-activity; sid:100002660; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"mmdx.com",nocase; classtype:trojan-activity; sid:100002661; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"mmogollon.com.mx",nocase; classtype:trojan-activity; sid:100002662; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"mncarteam.com",nocase; classtype:trojan-activity; sid:100002663; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"modelhouseturkey.com",nocase; classtype:trojan-activity; sid:100002664; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"modernmanna.org",nocase; classtype:trojan-activity; sid:100002665; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"monetization.business",nocase; classtype:trojan-activity; sid:100002666; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"moninediy.com",nocase; classtype:trojan-activity; sid:100002667; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"mopai.sg",nocase; classtype:trojan-activity; sid:100002668; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"moreirawag.ac.ug",nocase; classtype:trojan-activity; sid:100002669; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"motorcomunicacion.com",nocase; classtype:trojan-activity; sid:100002670; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"moumitas.com",nocase; classtype:trojan-activity; sid:100002671; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"msacontabil.com.br",nocase; classtype:trojan-activity; sid:100002672; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"mtspsmjeli.sch.id",nocase; classtype:trojan-activity; sid:100002673; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"mumgee.co.za",nocase; classtype:trojan-activity; sid:100002674; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"mundotecnologiasolar.com",nocase; classtype:trojan-activity; sid:100002675; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"muzimbiti.xigubo.co.mz",nocase; classtype:trojan-activity; sid:100002676; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"mxpiqw.am.files.1drv.com",nocase; classtype:trojan-activity; sid:100002677; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"mydatebook.in",nocase; classtype:trojan-activity; sid:100002678; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"mymlql.com",nocase; classtype:trojan-activity; sid:100002679; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"myritz.vettickal.com",nocase; classtype:trojan-activity; sid:100002680; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"mysalons.in",nocase; classtype:trojan-activity; sid:100002681; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"myscape.in",nocase; classtype:trojan-activity; sid:100002682; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"mysura.it",nocase; classtype:trojan-activity; sid:100002683; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"naeemacademy.com",nocase; classtype:trojan-activity; sid:100002684; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"namnyak.co.ke",nocase; classtype:trojan-activity; sid:100002685; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"nap.mgsservers.com",nocase; classtype:trojan-activity; sid:100002686; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"narcissisto.com",nocase; classtype:trojan-activity; sid:100002687; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"navayurveda.in",nocase; classtype:trojan-activity; sid:100002688; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"nec-i.com",nocase; classtype:trojan-activity; sid:100002689; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"nedkellymyanmar.com",nocase; classtype:trojan-activity; sid:100002690; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"nelitrianggraeni.000webhostapp.com",nocase; classtype:trojan-activity; sid:100002691; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"nerve.untergrund.net",nocase; classtype:trojan-activity; sid:100002692; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"nettube.com.br",nocase; classtype:trojan-activity; sid:100002693; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"networkwheels.co.za",nocase; classtype:trojan-activity; sid:100002694; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"neuroenergy.fahadjutt.com",nocase; classtype:trojan-activity; sid:100002695; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"neuromedic.com.br",nocase; classtype:trojan-activity; sid:100002696; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"newfuture.fr",nocase; classtype:trojan-activity; sid:100002697; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"newinfinitysynergy.com",nocase; classtype:trojan-activity; sid:100002698; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"newtreedesign.co.uk",nocase; classtype:trojan-activity; sid:100002699; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"newvisionopticallab.com",nocase; classtype:trojan-activity; sid:100002700; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"newxing.com",nocase; classtype:trojan-activity; sid:100002701; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"nextdigitalday.ru",nocase; classtype:trojan-activity; sid:100002702; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"ngdaycare.co.za",nocase; classtype:trojan-activity; sid:100002703; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"nguyenkekhuyen.com",nocase; classtype:trojan-activity; sid:100002704; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"nhorangtreem.com",nocase; classtype:trojan-activity; sid:100002705; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"nicolas.ug",nocase; classtype:trojan-activity; sid:100002706; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"nidhi.iexist.in",nocase; classtype:trojan-activity; sid:100002707; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"nikanpolimer.ir",nocase; classtype:trojan-activity; sid:100002708; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"nilehouse.co.ug",nocase; classtype:trojan-activity; sid:100002709; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"nilinkeji.com",nocase; classtype:trojan-activity; sid:100002710; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"nimboohomes.com",nocase; classtype:trojan-activity; sid:100002711; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"njtiledesigncenter.com",nocase; classtype:trojan-activity; sid:100002712; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"nobius.org",nocase; classtype:trojan-activity; sid:100002713; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"nocalnoodle.elin.co.za",nocase; classtype:trojan-activity; sid:100002714; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"nomadicbees.com",nocase; classtype:trojan-activity; sid:100002715; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"notamuzikaletleri.com",nocase; classtype:trojan-activity; sid:100002716; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"ns1.the-widyantos.com",nocase; classtype:trojan-activity; sid:100002717; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"nsb.org.uk",nocase; classtype:trojan-activity; sid:100002718; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"nurmarkaz.org",nocase; classtype:trojan-activity; sid:100002719; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"nxtnet.ga",nocase; classtype:trojan-activity; sid:100002720; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"nyasabigbullets.com",nocase; classtype:trojan-activity; sid:100002721; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"nyeh2o.com.au",nocase; classtype:trojan-activity; sid:100002722; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"oakleyandfriends.co.uk",nocase; classtype:trojan-activity; sid:100002723; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"oecteam.com",nocase; classtype:trojan-activity; sid:100002724; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"ohe.ie",nocase; classtype:trojan-activity; sid:100002725; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"ohsewgorgeous.co.uk",nocase; classtype:trojan-activity; sid:100002726; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"oknoplastik.sk",nocase; classtype:trojan-activity; sid:100002727; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"oleholeh.memangbeda.website",nocase; classtype:trojan-activity; sid:100002728; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"omaia.org",nocase; classtype:trojan-activity; sid:100002729; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"omaromatic.com",nocase; classtype:trojan-activity; sid:100002730; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"omega.az",nocase; classtype:trojan-activity; sid:100002731; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"oms.pappai.com",nocase; classtype:trojan-activity; sid:100002732; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"omscoc.pappai.com",nocase; classtype:trojan-activity; sid:100002733; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedigitalcard.granvizionnecorp.com",nocase; classtype:trojan-activity; sid:100002734; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.listifyapp.co",nocase; classtype:trojan-activity; sid:100002735; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"online.creedglobal.in",nocase; classtype:trojan-activity; sid:100002736; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"open.warehousesaas.co.uk",nocase; classtype:trojan-activity; sid:100002737; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"opentoronto.org",nocase; classtype:trojan-activity; sid:100002738; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"opolis.io",nocase; classtype:trojan-activity; sid:100002739; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"optimus.com.sg",nocase; classtype:trojan-activity; sid:100002740; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"order.bizpeed.com",nocase; classtype:trojan-activity; sid:100002741; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"orientgatewayltd.com",nocase; classtype:trojan-activity; sid:100002742; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"orion445.com",nocase; classtype:trojan-activity; sid:100002743; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"oserve.pk",nocase; classtype:trojan-activity; sid:100002744; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"ot.weenets.com",nocase; classtype:trojan-activity; sid:100002745; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"otolithenrichment.fahadjutt.com",nocase; classtype:trojan-activity; sid:100002746; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"outletdosaquecedores.com.br",nocase; classtype:trojan-activity; sid:100002747; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"ozemag.com",nocase; classtype:trojan-activity; sid:100002748; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"p1.lingpao8.com",nocase; classtype:trojan-activity; sid:100002749; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"p3.zbjimg.com",nocase; classtype:trojan-activity; sid:100002750; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"p6.zbjimg.com",nocase; classtype:trojan-activity; sid:100002751; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"pablobrothel.com.ar",nocase; classtype:trojan-activity; sid:100002752; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"pacificgroup.ws",nocase; classtype:trojan-activity; sid:100002753; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"pacwebdesigns.com",nocase; classtype:trojan-activity; sid:100002754; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"pagos.krayem.com.mx",nocase; classtype:trojan-activity; sid:100002755; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"palbas.cl",nocase; classtype:trojan-activity; sid:100002756; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"palochusvet.szm.com",nocase; classtype:trojan-activity; sid:100002757; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"parallel.rockvideos.at",nocase; classtype:trojan-activity; sid:100002758; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"parejasfelices.mi-fs.com",nocase; classtype:trojan-activity; sid:100002759; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"parkhussion.com",nocase; classtype:trojan-activity; sid:100002760; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"partsapp.com.br",nocase; classtype:trojan-activity; sid:100002761; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"pastorpaulocosta.com",nocase; classtype:trojan-activity; sid:100002762; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"patch2.51lg.com",nocase; classtype:trojan-activity; sid:100002763; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"patch2.99ddd.com",nocase; classtype:trojan-activity; sid:100002764; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"patch3.99ddd.com",nocase; classtype:trojan-activity; sid:100002765; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"paths.elin.co.za",nocase; classtype:trojan-activity; sid:100002766; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"patriotsupremehemp.com",nocase; classtype:trojan-activity; sid:100002767; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"paulmercier.biz",nocase; classtype:trojan-activity; sid:100002768; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"payerrealty.com",nocase; classtype:trojan-activity; sid:100002769; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"payments.atifsiddiqui.me",nocase; classtype:trojan-activity; sid:100002770; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"pcsoori.com",nocase; classtype:trojan-activity; sid:100002771; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"pd.oceaniarp.net",nocase; classtype:trojan-activity; sid:100002772; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"pemdodo.com",nocase; classtype:trojan-activity; sid:100002773; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"perfumeriamontes.es",nocase; classtype:trojan-activity; sid:100002774; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"periodiche.bar",nocase; classtype:trojan-activity; sid:100002775; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"perpus.onlineman7-jombang.sch.id",nocase; classtype:trojan-activity; sid:100002776; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"perpustekim.untirta.ac.id",nocase; classtype:trojan-activity; sid:100002777; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"pestoclean.co.uk",nocase; classtype:trojan-activity; sid:100002778; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"petercollie.com",nocase; classtype:trojan-activity; sid:100002779; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"ph4s.ru",nocase; classtype:trojan-activity; sid:100002780; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"phasdesign.com",nocase; classtype:trojan-activity; sid:100002781; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"phenhuong.sanpham.online",nocase; classtype:trojan-activity; sid:100002782; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"phittc.com",nocase; classtype:trojan-activity; sid:100002783; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"photo360.kubooking.com",nocase; classtype:trojan-activity; sid:100002784; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"pink99.com",nocase; classtype:trojan-activity; sid:100002785; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"plasfan.ind.br",nocase; classtype:trojan-activity; sid:100002786; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"platinumherbal.com",nocase; classtype:trojan-activity; sid:100002787; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"playground2.grupoaliadasca.com",nocase; classtype:trojan-activity; sid:100002788; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"pmglance.startwriteup.com",nocase; classtype:trojan-activity; sid:100002789; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"pointactionsg.com",nocase; classtype:trojan-activity; sid:100002790; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"pokojewewladyslawowie.pl",nocase; classtype:trojan-activity; sid:100002791; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"pole.com.vc",nocase; classtype:trojan-activity; sid:100002792; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"pool.phxdir.com",nocase; classtype:trojan-activity; sid:100002793; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"pooltablemoversdenver.net",nocase; classtype:trojan-activity; sid:100002794; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"portal.premiumpunch.com",nocase; classtype:trojan-activity; sid:100002795; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"posmicrosystems.com",nocase; classtype:trojan-activity; sid:100002796; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"poulman.panagiotopoulos-tours.gr",nocase; classtype:trojan-activity; sid:100002797; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"ppdb.smk-ciptaskill.sch.id",nocase; classtype:trojan-activity; sid:100002798; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"prestasicash.com.ar",nocase; classtype:trojan-activity; sid:100002799; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"prestigehomeautomation.net",nocase; classtype:trojan-activity; sid:100002800; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"preview2.behalen.com",nocase; classtype:trojan-activity; sid:100002801; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"prishaartcreations.com",nocase; classtype:trojan-activity; sid:100002802; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"prismaxis.com",nocase; classtype:trojan-activity; sid:100002803; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"production.sparshims.com",nocase; classtype:trojan-activity; sid:100002804; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"programaoperadoronline.com.br",nocase; classtype:trojan-activity; sid:100002805; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"project.exquitec.com",nocase; classtype:trojan-activity; sid:100002806; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"promotoradescomplica.com.br",nocase; classtype:trojan-activity; sid:100002807; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"promoversdubai.com",nocase; classtype:trojan-activity; sid:100002808; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"propertiq.elin.co.za",nocase; classtype:trojan-activity; sid:100002809; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"propertiq2.elin.co.za",nocase; classtype:trojan-activity; sid:100002810; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"prosoc.nl",nocase; classtype:trojan-activity; sid:100002811; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"prosupport.cl",nocase; classtype:trojan-activity; sid:100002812; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"prosyarmakassar.com",nocase; classtype:trojan-activity; sid:100002813; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"provence.elin.co.za",nocase; classtype:trojan-activity; sid:100002814; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"prox.realunix.cc",nocase; classtype:trojan-activity; sid:100002815; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"prueba.danielluza.com",nocase; classtype:trojan-activity; sid:100002816; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"pujashoppe.in",nocase; classtype:trojan-activity; sid:100002817; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"punchdialogues.com",nocase; classtype:trojan-activity; sid:100002818; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"punjabdevelopersassociation.com.pk",nocase; classtype:trojan-activity; sid:100002819; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"pvcprinting.co.uk",nocase; classtype:trojan-activity; sid:100002820; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"qadir.tickfa.ir",nocase; classtype:trojan-activity; sid:100002821; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"qatarglobalconsulting.com",nocase; classtype:trojan-activity; sid:100002822; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"qmsled.com",nocase; classtype:trojan-activity; sid:100002823; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"quartier-midi.be",nocase; classtype:trojan-activity; sid:100002824; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"querocar.com",nocase; classtype:trojan-activity; sid:100002825; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"rachmat-assuhaimi.my.id",nocase; classtype:trojan-activity; sid:100002826; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"radioafifense.deploys.live",nocase; classtype:trojan-activity; sid:100002827; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"rainbowisp.info",nocase; classtype:trojan-activity; sid:100002828; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"rajeshtailang.com",nocase; classtype:trojan-activity; sid:100002829; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"rakeshkhatri.in",nocase; classtype:trojan-activity; sid:100002830; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"raodigitalmedia.com",nocase; classtype:trojan-activity; sid:100002831; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"raquelhelena.com.br",nocase; classtype:trojan-activity; sid:100002832; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"rarlabarchiver.ac",nocase; classtype:trojan-activity; sid:100002833; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"rasadbar.ir",nocase; classtype:trojan-activity; sid:100002834; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"rashika.ascarvalho.co.za",nocase; classtype:trojan-activity; sid:100002835; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"ratemyfenancialadvisor.com",nocase; classtype:trojan-activity; sid:100002836; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"ravenproductionsltd.com",nocase; classtype:trojan-activity; sid:100002837; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"rc.ixiaoyang.cn",nocase; classtype:trojan-activity; sid:100002838; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"rcmesilva.charbelsales.com.br",nocase; classtype:trojan-activity; sid:100002839; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"reacredit.com.br",nocase; classtype:trojan-activity; sid:100002840; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"readymmade.com",nocase; classtype:trojan-activity; sid:100002841; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"recyclethesurplus.com",nocase; classtype:trojan-activity; sid:100002842; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"redbats.co.in",nocase; classtype:trojan-activity; sid:100002843; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"redboxmultimedia.com",nocase; classtype:trojan-activity; sid:100002844; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"redchillicrackers.com",nocase; classtype:trojan-activity; sid:100002845; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"reifenquick.de",nocase; classtype:trojan-activity; sid:100002846; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"renehavis.com.ua",nocase; classtype:trojan-activity; sid:100002847; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"repatriacioncolombia.com",nocase; classtype:trojan-activity; sid:100002848; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"res.uf1.cn",nocase; classtype:trojan-activity; sid:100002849; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"reseller.digimitra.in",nocase; classtype:trojan-activity; sid:100002850; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"reseller.itechbrasil.com",nocase; classtype:trojan-activity; sid:100002851; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"resuco.net",nocase; classtype:trojan-activity; sid:100002852; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"rezkabum.ru",nocase; classtype:trojan-activity; sid:100002853; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"rhema.com.sg",nocase; classtype:trojan-activity; sid:100002854; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"rhinoclothes.com",nocase; classtype:trojan-activity; sid:100002855; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"richmondminerals.co.zm",nocase; classtype:trojan-activity; sid:100002856; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"rinaefoundation.org.za",nocase; classtype:trojan-activity; sid:100002857; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"rinkaisystem-ht.com",nocase; classtype:trojan-activity; sid:100002858; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"riverfox.co.za",nocase; classtype:trojan-activity; sid:100002859; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"rkcable.co.in",nocase; classtype:trojan-activity; sid:100002860; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"rkverify.securestudies.com",nocase; classtype:trojan-activity; sid:100002861; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"robertmcardle.com",nocase; classtype:trojan-activity; sid:100002862; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"robertsinclair.net",nocase; classtype:trojan-activity; sid:100002863; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"romanianpoints.com",nocase; classtype:trojan-activity; sid:100002864; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"ronnietucker.co.uk",nocase; classtype:trojan-activity; sid:100002865; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"roomsvc.servegate.kr",nocase; classtype:trojan-activity; sid:100002866; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"roshnijewellery.com",nocase; classtype:trojan-activity; sid:100002867; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"rsgym.net",nocase; classtype:trojan-activity; sid:100002868; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"rubazar.pro",nocase; classtype:trojan-activity; sid:100002869; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"rubycityvietnam.com",nocase; classtype:trojan-activity; sid:100002870; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"ruisgood.ru",nocase; classtype:trojan-activity; sid:100002871; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"ruwadalkuwait.com",nocase; classtype:trojan-activity; sid:100002872; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"rydchile.cl",nocase; classtype:trojan-activity; sid:100002873; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"s.51shijuan.com",nocase; classtype:trojan-activity; sid:100002874; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"s.thechinesemuslim.com",nocase; classtype:trojan-activity; sid:100002875; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"sac2.11xii.com",nocase; classtype:trojan-activity; sid:100002876; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"sacredscentsonline.com",nocase; classtype:trojan-activity; sid:100002877; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"sadmahfuneralservices.co.za",nocase; classtype:trojan-activity; sid:100002878; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"safcol-colors.com",nocase; classtype:trojan-activity; sid:100002879; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"safehubsecurity.ca",nocase; classtype:trojan-activity; sid:100002880; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"safety.nanotechproautocare.com",nocase; classtype:trojan-activity; sid:100002881; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"sahathaikasetpan.com",nocase; classtype:trojan-activity; sid:100002882; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"sainzim.co.za",nocase; classtype:trojan-activity; sid:100002883; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"saisoftwareinc.com",nocase; classtype:trojan-activity; sid:100002884; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"salecorner.yourpageserver.com",nocase; classtype:trojan-activity; sid:100002885; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"salonsaifa.com",nocase; classtype:trojan-activity; sid:100002886; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"samriddhijyotish.com",nocase; classtype:trojan-activity; sid:100002887; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"sandovalgraphics.com",nocase; classtype:trojan-activity; sid:100002888; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"santyago.org",nocase; classtype:trojan-activity; sid:100002889; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"sasystemsuk.com",nocase; classtype:trojan-activity; sid:100002890; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"scarfaceindustries.com",nocase; classtype:trojan-activity; sid:100002891; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"scglobal.co.th",nocase; classtype:trojan-activity; sid:100002892; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"schalke04rss.de",nocase; classtype:trojan-activity; sid:100002893; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"scheff.com",nocase; classtype:trojan-activity; sid:100002894; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"schoolbustracker.softgig.co.ke",nocase; classtype:trojan-activity; sid:100002895; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"sculetus.nl",nocase; classtype:trojan-activity; sid:100002896; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"secure-doc-reader.com",nocase; classtype:trojan-activity; sid:100002897; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"segalsmetals.elin.co.za",nocase; classtype:trojan-activity; sid:100002898; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"sellmyphonela.com",nocase; classtype:trojan-activity; sid:100002899; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"selltechtoday.com",nocase; classtype:trojan-activity; sid:100002900; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"senbiaojita.com",nocase; classtype:trojan-activity; sid:100002901; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"sentierodelviandante.ml",nocase; classtype:trojan-activity; sid:100002902; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"serendibsourcing.com",nocase; classtype:trojan-activity; sid:100002903; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"sericaasia.com",nocase; classtype:trojan-activity; sid:100002904; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"servicemhkd.myvnc.com",nocase; classtype:trojan-activity; sid:100002905; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"servicemhkd80.myvnc.com",nocase; classtype:trojan-activity; sid:100002906; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"sexologistpakistan.net",nocase; classtype:trojan-activity; sid:100002907; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"seyranikenger.com.tr",nocase; classtype:trojan-activity; sid:100002908; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"sgessy.com.br",nocase; classtype:trojan-activity; sid:100002909; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"shaheentbfoundation.com",nocase; classtype:trojan-activity; sid:100002910; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"shahikhana.cstdevs.com",nocase; classtype:trojan-activity; sid:100002911; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"shahu66.com",nocase; classtype:trojan-activity; sid:100002912; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"sharkrigs.com",nocase; classtype:trojan-activity; sid:100002913; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"sharpelevators.in",nocase; classtype:trojan-activity; sid:100002914; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"shembefoundation.com",nocase; classtype:trojan-activity; sid:100002915; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"shivakunwar.com.np",nocase; classtype:trojan-activity; sid:100002916; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"shoblasaathitrust.org",nocase; classtype:trojan-activity; sid:100002917; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"shooka-co.com",nocase; classtype:trojan-activity; sid:100002918; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"shop.goldspot.agency",nocase; classtype:trojan-activity; sid:100002919; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"shopsofe.com",nocase; classtype:trojan-activity; sid:100002920; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"sibernetix.fr",nocase; classtype:trojan-activity; sid:100002921; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"sige.brisainformatica.com.br",nocase; classtype:trojan-activity; sid:100002922; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"signatureads.co.in",nocase; classtype:trojan-activity; sid:100002923; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"siili.net",nocase; classtype:trojan-activity; sid:100002924; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"simoneporzi.it",nocase; classtype:trojan-activity; sid:100002925; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"simorsint.com",nocase; classtype:trojan-activity; sid:100002926; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"simplithy.co.uk",nocase; classtype:trojan-activity; sid:100002927; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"sindicato1ucm.cl",nocase; classtype:trojan-activity; sid:100002928; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"sindpol.tiejuris.com.br",nocase; classtype:trojan-activity; sid:100002929; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"sipahielektrik.com",nocase; classtype:trojan-activity; sid:100002930; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"sistelligent.com",nocase; classtype:trojan-activity; sid:100002931; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"skare.net",nocase; classtype:trojan-activity; sid:100002932; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"skyscan.com",nocase; classtype:trojan-activity; sid:100002933; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"smarthouseforum.ru",nocase; classtype:trojan-activity; sid:100002934; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"smartzedu.com",nocase; classtype:trojan-activity; sid:100002935; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"smokesolutionindia.com",nocase; classtype:trojan-activity; sid:100002936; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"smritiphotography.in",nocase; classtype:trojan-activity; sid:100002937; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"sobariko.com",nocase; classtype:trojan-activity; sid:100002938; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"sobethuacademy.com",nocase; classtype:trojan-activity; sid:100002939; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"soft.110route.com",nocase; classtype:trojan-activity; sid:100002940; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"soft.officelabo.net",nocase; classtype:trojan-activity; sid:100002941; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"softanis.net",nocase; classtype:trojan-activity; sid:100002942; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"sogecoenergy.com",nocase; classtype:trojan-activity; sid:100002943; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"sohs.conceptechs.info",nocase; classtype:trojan-activity; sid:100002944; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"solar.amazingtribe.lk",nocase; classtype:trojan-activity; sid:100002945; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"somcorbera.cat",nocase; classtype:trojan-activity; sid:100002946; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"somir.com.mx",nocase; classtype:trojan-activity; sid:100002947; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"soralapps.com",nocase; classtype:trojan-activity; sid:100002948; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"space.proactint.org",nocase; classtype:trojan-activity; sid:100002949; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"spaceframe.mobi.space-frame.co.za",nocase; classtype:trojan-activity; sid:100002950; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"special-key.cf",nocase; classtype:trojan-activity; sid:100002951; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"spent.com.pl",nocase; classtype:trojan-activity; sid:100002952; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"spetsesyachtcharter.gr",nocase; classtype:trojan-activity; sid:100002953; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"spiritualroot.org",nocase; classtype:trojan-activity; sid:100002954; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"spititourism.com",nocase; classtype:trojan-activity; sid:100002955; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"spittinfire.com",nocase; classtype:trojan-activity; sid:100002956; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"sports-net.de",nocase; classtype:trojan-activity; sid:100002957; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"sreenivasapaintingworks.com",nocase; classtype:trojan-activity; sid:100002958; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"sriglobalit.com",nocase; classtype:trojan-activity; sid:100002959; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"srvmanos.no-ip.info",nocase; classtype:trojan-activity; sid:100002960; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"ss.monita.co.id",nocase; classtype:trojan-activity; sid:100002961; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"st.devcodin.com",nocase; classtype:trojan-activity; sid:100002962; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"staging.apparelpunch.com",nocase; classtype:trojan-activity; sid:100002963; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"starcountry.net",nocase; classtype:trojan-activity; sid:100002964; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"static.3001.net",nocase; classtype:trojan-activity; sid:100002965; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"stiau.iuc.ac",nocase; classtype:trojan-activity; sid:100002966; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"stiepancasetia.ac.id",nocase; classtype:trojan-activity; sid:100002967; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"store.ericalgarin.com",nocase; classtype:trojan-activity; sid:100002968; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"stott-thompson.co.uk",nocase; classtype:trojan-activity; sid:100002969; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"stratexec.co.za",nocase; classtype:trojan-activity; sid:100002970; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"streetdemo.yourpageserver.com",nocase; classtype:trojan-activity; sid:100002971; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"suboldesign.com",nocase; classtype:trojan-activity; sid:100002972; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"sumerians.org",nocase; classtype:trojan-activity; sid:100002973; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"sunaryem.com.tr",nocase; classtype:trojan-activity; sid:100002974; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"sunbrero.com.au",nocase; classtype:trojan-activity; sid:100002975; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"sunmarkholidays.com",nocase; classtype:trojan-activity; sid:100002976; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"supermercadostia.com",nocase; classtype:trojan-activity; sid:100002977; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"support-4-free.com",nocase; classtype:trojan-activity; sid:100002978; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"support.clz.kr",nocase; classtype:trojan-activity; sid:100002979; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"supportit.online",nocase; classtype:trojan-activity; sid:100002980; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"sw.yourpageserver.com",nocase; classtype:trojan-activity; sid:100002981; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"sweaty.dk",nocase; classtype:trojan-activity; sid:100002982; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"sweet-diet.com",nocase; classtype:trojan-activity; sid:100002983; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"swiftlogisticseg.com",nocase; classtype:trojan-activity; sid:100002984; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"swwbia.com",nocase; classtype:trojan-activity; sid:100002985; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"syracusecoffee.com",nocase; classtype:trojan-activity; sid:100002986; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"sytraders.co",nocase; classtype:trojan-activity; sid:100002987; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"t.honker.info",nocase; classtype:trojan-activity; sid:100002988; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"t.netcatkit.com",nocase; classtype:trojan-activity; sid:100002989; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"tacticohosting.com",nocase; classtype:trojan-activity; sid:100002990; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"tadoo.ca",nocase; classtype:trojan-activity; sid:100002991; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"tafsantoursandtravels.com",nocase; classtype:trojan-activity; sid:100002992; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"tajushariya.com",nocase; classtype:trojan-activity; sid:100002993; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"tallyinvoicecustomization.com",nocase; classtype:trojan-activity; sid:100002994; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"taltus.co.uk",nocase; classtype:trojan-activity; sid:100002995; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"tapalkoedacoffee.com",nocase; classtype:trojan-activity; sid:100002996; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"tarravalleyfoods.com.au",nocase; classtype:trojan-activity; sid:100002997; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"taurus.ug",nocase; classtype:trojan-activity; sid:100002998; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"tavo.cl",nocase; classtype:trojan-activity; sid:100002999; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"taxicabsrilanka.com",nocase; classtype:trojan-activity; sid:100003000; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"tc.snpsresidential.com",nocase; classtype:trojan-activity; sid:100003001; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"tcy.198424.com",nocase; classtype:trojan-activity; sid:100003002; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"tdsp.yngw518.com",nocase; classtype:trojan-activity; sid:100003003; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"techgms.com",nocase; classtype:trojan-activity; sid:100003004; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"teduae.com",nocase; classtype:trojan-activity; sid:100003005; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"teleargentina.com",nocase; classtype:trojan-activity; sid:100003006; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"telescopelms.com",nocase; classtype:trojan-activity; sid:100003007; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"temptmag.com",nocase; classtype:trojan-activity; sid:100003008; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"tencoconsulting.com",nocase; classtype:trojan-activity; sid:100003009; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"teneth.co.za",nocase; classtype:trojan-activity; sid:100003010; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"tentandoserfitness.000webhostapp.com",nocase; classtype:trojan-activity; sid:100003011; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"tessrobins.com",nocase; classtype:trojan-activity; sid:100003012; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"test.adventser.com",nocase; classtype:trojan-activity; sid:100003013; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"test.letraele.es",nocase; classtype:trojan-activity; sid:100003014; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"test.lubrico.in",nocase; classtype:trojan-activity; sid:100003015; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"test.typoten.com",nocase; classtype:trojan-activity; sid:100003016; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"test.wanepghana.org",nocase; classtype:trojan-activity; sid:100003017; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"test1.asistencia247.com",nocase; classtype:trojan-activity; sid:100003018; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"test1.milenial.id",nocase; classtype:trojan-activity; sid:100003019; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"test1.tenplusone.my",nocase; classtype:trojan-activity; sid:100003020; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"test2.basis-web.com",nocase; classtype:trojan-activity; sid:100003021; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"test2.marrenconstruction.ie",nocase; classtype:trojan-activity; sid:100003022; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"testing.clickitsolutionsmw.com",nocase; classtype:trojan-activity; sid:100003023; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"testing.thinkingcorp.in",nocase; classtype:trojan-activity; sid:100003024; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"testnew.yourpageserver.com",nocase; classtype:trojan-activity; sid:100003025; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"testuat.itmoregistry.com",nocase; classtype:trojan-activity; sid:100003026; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"teteaffiche.stephanebillon.com",nocase; classtype:trojan-activity; sid:100003027; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"tewoerd.eu",nocase; classtype:trojan-activity; sid:100003028; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"textile.softberg.ro",nocase; classtype:trojan-activity; sid:100003029; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"tharringtonsponsorship.com",nocase; classtype:trojan-activity; sid:100003030; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"theatretalkies.in",nocase; classtype:trojan-activity; sid:100003031; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"thecleaningladiespdx.com",nocase; classtype:trojan-activity; sid:100003032; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"thecreativecafe.co.uk",nocase; classtype:trojan-activity; sid:100003033; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"thedesertship.com",nocase; classtype:trojan-activity; sid:100003034; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"thediasporianexperience.com",nocase; classtype:trojan-activity; sid:100003035; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"thefirmlawgroup.com.au",nocase; classtype:trojan-activity; sid:100003036; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"thefuturelife.in",nocase; classtype:trojan-activity; sid:100003037; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"thehighlightinterior.com",nocase; classtype:trojan-activity; sid:100003038; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"thekassia.co.uk",nocase; classtype:trojan-activity; sid:100003039; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"themansionkasauli.com",nocase; classtype:trojan-activity; sid:100003040; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"theprofinn.com",nocase; classtype:trojan-activity; sid:100003041; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"thesummitpc.net",nocase; classtype:trojan-activity; sid:100003042; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"theurbantutors.com",nocase; classtype:trojan-activity; sid:100003043; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"thirdstringcalifornia.com",nocase; classtype:trojan-activity; sid:100003044; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"thosewebbs.com",nocase; classtype:trojan-activity; sid:100003045; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"thriveink.com",nocase; classtype:trojan-activity; sid:100003046; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"tianangdep.com",nocase; classtype:trojan-activity; sid:100003047; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"tickfoods.tickme.lk",nocase; classtype:trojan-activity; sid:100003048; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"tienda.ventadigital.com.ar",nocase; classtype:trojan-activity; sid:100003049; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"timamollo.co.za",nocase; classtype:trojan-activity; sid:100003050; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"timegonebuy.com",nocase; classtype:trojan-activity; sid:100003051; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"tksb.net",nocase; classtype:trojan-activity; sid:100003052; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"tlcc.com.gt",nocase; classtype:trojan-activity; sid:100003053; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"todoapp.cstdevs.com",nocase; classtype:trojan-activity; sid:100003054; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"tonydong.com",nocase; classtype:trojan-activity; sid:100003055; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"tonystram.com",nocase; classtype:trojan-activity; sid:100003056; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"tonyzone.com",nocase; classtype:trojan-activity; sid:100003057; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"tooba.tenplusone.my",nocase; classtype:trojan-activity; sid:100003058; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"tools.reimclub.com",nocase; classtype:trojan-activity; sid:100003059; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"topcell9.com",nocase; classtype:trojan-activity; sid:100003060; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"toplevel.com.br",nocase; classtype:trojan-activity; sid:100003061; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"topmask.co.za",nocase; classtype:trojan-activity; sid:100003062; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"torresquinterocorp.com",nocase; classtype:trojan-activity; sid:100003063; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"toyotacollege.ac.th",nocase; classtype:trojan-activity; sid:100003064; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"tpef.lsoftdemo.com",nocase; classtype:trojan-activity; sid:100003065; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"tpke.hu",nocase; classtype:trojan-activity; sid:100003066; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"translaterjemah.com",nocase; classtype:trojan-activity; sid:100003067; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"travelwithmanta.co.za",nocase; classtype:trojan-activity; sid:100003068; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"trendyshoes.co.za",nocase; classtype:trojan-activity; sid:100003069; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"trezors.io.mahlongwa.com",nocase; classtype:trojan-activity; sid:100003070; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"trimestre.bar",nocase; classtype:trojan-activity; sid:100003071; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"triplonet.com.br",nocase; classtype:trojan-activity; sid:100003072; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"troki.com.co",nocase; classtype:trojan-activity; sid:100003073; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"tropics.codeleek.net",nocase; classtype:trojan-activity; sid:100003074; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"trudelfavreau.com",nocase; classtype:trojan-activity; sid:100003075; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"tsd.jxwan.com",nocase; classtype:trojan-activity; sid:100003076; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"tulli.info",nocase; classtype:trojan-activity; sid:100003077; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"tupperware.michaelroberge.ca",nocase; classtype:trojan-activity; sid:100003078; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"turanggaresources.com",nocase; classtype:trojan-activity; sid:100003079; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"uat.indianfilmzone.com",nocase; classtype:trojan-activity; sid:100003080; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"ublretailerdemo.cstdevs.com",nocase; classtype:trojan-activity; sid:100003081; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"uc-56.ru",nocase; classtype:trojan-activity; sid:100003082; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"uisusa.uisusa.com",nocase; classtype:trojan-activity; sid:100003083; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"ultimate-24.de",nocase; classtype:trojan-activity; sid:100003084; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"umwelt-kirchhof.de",nocase; classtype:trojan-activity; sid:100003085; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"unicorpbrunei.com",nocase; classtype:trojan-activity; sid:100003086; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"uniengrisb.com",nocase; classtype:trojan-activity; sid:100003087; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"unityindiversity.in",nocase; classtype:trojan-activity; sid:100003088; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"unyazitelecom.com",nocase; classtype:trojan-activity; sid:100003089; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"upcbpta.com",nocase; classtype:trojan-activity; sid:100003090; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"urbantrapfest.cl",nocase; classtype:trojan-activity; sid:100003091; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"usamyforever.azureedge.net",nocase; classtype:trojan-activity; sid:100003092; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"used-jeans.fr",nocase; classtype:trojan-activity; sid:100003093; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"useformoney.000webhostapp.com",nocase; classtype:trojan-activity; sid:100003094; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"usmadetshirts.com",nocase; classtype:trojan-activity; sid:100003095; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"uss.ac.th",nocase; classtype:trojan-activity; sid:100003096; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"uzzepay.com.br",nocase; classtype:trojan-activity; sid:100003097; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"vanzare.cabanabrazi2.ro",nocase; classtype:trojan-activity; sid:100003098; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"vbcargo.hu",nocase; classtype:trojan-activity; sid:100003099; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"vcah.co.uk",nocase; classtype:trojan-activity; sid:100003100; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"vectarts.com",nocase; classtype:trojan-activity; sid:100003101; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"vegadelcasero.cl",nocase; classtype:trojan-activity; sid:100003102; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"velma-harber30ku.com",nocase; classtype:trojan-activity; sid:100003103; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"vendas.lidiacarmeli.com.br",nocase; classtype:trojan-activity; sid:100003104; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"versualstudio.com",nocase; classtype:trojan-activity; sid:100003105; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"veterinariadrpopui.com",nocase; classtype:trojan-activity; sid:100003106; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"vfocus.net",nocase; classtype:trojan-activity; sid:100003107; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"vienen.gblix.srv.br",nocase; classtype:trojan-activity; sid:100003108; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"vilaart.rs",nocase; classtype:trojan-activity; sid:100003109; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"villamarand.com",nocase; classtype:trojan-activity; sid:100003110; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"villatera.com",nocase; classtype:trojan-activity; sid:100003111; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"violinstop.com",nocase; classtype:trojan-activity; sid:100003112; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"virtuleverage.com",nocase; classtype:trojan-activity; sid:100003113; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"visions.alnisamart.com",nocase; classtype:trojan-activity; sid:100003114; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"visualhome.cl",nocase; classtype:trojan-activity; sid:100003115; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"vitoriamodaintima.com.br",nocase; classtype:trojan-activity; sid:100003116; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"vivationdesign.com",nocase; classtype:trojan-activity; sid:100003117; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"viveirodoiscorregos.com.br",nocase; classtype:trojan-activity; sid:100003118; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"vksales.com",nocase; classtype:trojan-activity; sid:100003119; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"vocalterra.com",nocase; classtype:trojan-activity; sid:100003120; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"vokasi.ub.ac.id",nocase; classtype:trojan-activity; sid:100003121; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"vologroup.com.br",nocase; classtype:trojan-activity; sid:100003122; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"voteyouramerica.dekitout.com",nocase; classtype:trojan-activity; sid:100003123; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"vpinversiones.cl",nocase; classtype:trojan-activity; sid:100003124; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"vpts.co.za",nocase; classtype:trojan-activity; sid:100003125; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"vstsample.com",nocase; classtype:trojan-activity; sid:100003126; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"vtube.fadlymotivator.com",nocase; classtype:trojan-activity; sid:100003127; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"vvsskmodinationalschool.com",nocase; classtype:trojan-activity; sid:100003128; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"w0hsyejhnbcvzaxi8euyr6tgeya5vml09jysgav27.ydns.eu",nocase; classtype:trojan-activity; sid:100003129; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"wanepliberia.org",nocase; classtype:trojan-activity; sid:100003130; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"wanepniger.org",nocase; classtype:trojan-activity; sid:100003131; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"weareactum.com",nocase; classtype:trojan-activity; sid:100003132; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"web.eng.ubu.ac.th",nocase; classtype:trojan-activity; sid:100003133; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"web.geomegasoft.net",nocase; classtype:trojan-activity; sid:100003134; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"web.newinnovationtechnology.com",nocase; classtype:trojan-activity; sid:100003135; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"web.smarts-works.com",nocase; classtype:trojan-activity; sid:100003136; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"web.thebeessolution.com",nocase; classtype:trojan-activity; sid:100003137; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"webgis.perumdasolo.com",nocase; classtype:trojan-activity; sid:100003138; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"webmailwindstreamnetmessagesecureapp1rqr.ga",nocase; classtype:trojan-activity; sid:100003139; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"webpresario.com",nocase; classtype:trojan-activity; sid:100003140; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"weinsteincounseling.com",nocase; classtype:trojan-activity; sid:100003141; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"wfinance.com.br",nocase; classtype:trojan-activity; sid:100003142; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"whcms.yourpageserver.com",nocase; classtype:trojan-activity; sid:100003143; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"whiteresponse.com",nocase; classtype:trojan-activity; sid:100003144; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"wi522012.ferozo.com",nocase; classtype:trojan-activity; sid:100003145; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"wikalen.co.za",nocase; classtype:trojan-activity; sid:100003146; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"wildnights.co.uk",nocase; classtype:trojan-activity; sid:100003147; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"wildtrust.mediadevstaging.com",nocase; classtype:trojan-activity; sid:100003148; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"willow-nettica.com",nocase; classtype:trojan-activity; sid:100003149; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"wimbamusica.com",nocase; classtype:trojan-activity; sid:100003150; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"windcomtechnologies.com",nocase; classtype:trojan-activity; sid:100003151; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"winnercircle.it",nocase; classtype:trojan-activity; sid:100003152; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"wishesconcierge.com",nocase; classtype:trojan-activity; sid:100003153; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"woezon.agency",nocase; classtype:trojan-activity; sid:100003154; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"wolfgang-brodte.de",nocase; classtype:trojan-activity; sid:100003155; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"wonderhawaii.com",nocase; classtype:trojan-activity; sid:100003156; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"woodsytech.com",nocase; classtype:trojan-activity; sid:100003157; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"wordpress.saleensuporte.com.br",nocase; classtype:trojan-activity; sid:100003158; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"workingsolutionsrome.org",nocase; classtype:trojan-activity; sid:100003159; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"wozata.000webhostapp.com",nocase; classtype:trojan-activity; sid:100003160; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"wp.readhere.in",nocase; classtype:trojan-activity; sid:100003161; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"wpdemo.101clients.com.au",nocase; classtype:trojan-activity; sid:100003162; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"writtendeer.com",nocase; classtype:trojan-activity; sid:100003163; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"ws5588.f3322.net",nocase; classtype:trojan-activity; sid:100003164; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"wsdyrmtcntlfarmtwsvb.dns.army",nocase; classtype:trojan-activity; sid:100003165; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"wyklej.pl",nocase; classtype:trojan-activity; sid:100003166; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"x-iting.de",nocase; classtype:trojan-activity; sid:100003167; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"x2vn.com",nocase; classtype:trojan-activity; sid:100003168; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"xia.beihaixue.com",nocase; classtype:trojan-activity; sid:100003169; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"xixaoclothing.com",nocase; classtype:trojan-activity; sid:100003170; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"xk.996is.com",nocase; classtype:trojan-activity; sid:100003171; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"xn--80akinnkiib6h.xn--90ais",nocase; classtype:trojan-activity; sid:100003172; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"xn--polimerbizmimarlk-rvc.com",nocase; classtype:trojan-activity; sid:100003173; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"ybom.urbanolab.com",nocase; classtype:trojan-activity; sid:100003174; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"yeichner.com",nocase; classtype:trojan-activity; sid:100003175; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"ylfpremium.com",nocase; classtype:trojan-activity; sid:100003176; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"yoast.yourpageserver.com",nocase; classtype:trojan-activity; sid:100003177; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"yourclub1.com",nocase; classtype:trojan-activity; sid:100003178; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"yp.hnggzyjy.cn",nocase; classtype:trojan-activity; sid:100003179; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"yskadvisors.com",nocase; classtype:trojan-activity; sid:100003180; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"yummyyogaudaipur.com",nocase; classtype:trojan-activity; sid:100003181; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"yzkzixun.com",nocase; classtype:trojan-activity; sid:100003182; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"zmedcoach.com",nocase; classtype:trojan-activity; sid:100003183; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"zytrox.tk",nocase; classtype:trojan-activity; sid:100003184; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"zz.690tx.com",nocase; classtype:trojan-activity; sid:100003185; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"2.indexsinas.me:811",nocase; http_uri; content:"/64.exe",nocase; classtype:trojan-activity; sid:100003186; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"2.indexsinas.me:811",nocase; http_uri; content:"/86.exe",nocase; classtype:trojan-activity; sid:100003187; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"2.indexsinas.me:811",nocase; http_uri; content:"/c64.exe",nocase; classtype:trojan-activity; sid:100003188; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"amumufree.weebly.com",nocase; http_uri; content:"/uploads/8/1/2/9/81294208/growtopiastaff_setup1.61.exe",nocase; classtype:trojan-activity; sid:100003189; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"analogx.com",nocase; http_uri; content:"/files/proxyi.exe",nocase; classtype:trojan-activity; sid:100003190; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"bitbucket.org",nocase; http_uri; content:"/abernathyjorge711/y6788/downloads/bubblebrowserext1.0.exe",nocase; classtype:trojan-activity; sid:100003191; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"bitbucket.org",nocase; http_uri; content:"/dvdfv/anjj/downloads/jami.exe",nocase; classtype:trojan-activity; sid:100003192; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"bitbucket.org",nocase; http_uri; content:"/jpavelski/chpock/downloads/4.exe",nocase; classtype:trojan-activity; sid:100003193; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"bitbucket.org",nocase; http_uri; content:"/jpavelski/chpock/downloads/6.exe",nocase; classtype:trojan-activity; sid:100003194; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"bitbucket.org",nocase; http_uri; content:"/labesoftware/update/downloads/boost-fps.exe",nocase; classtype:trojan-activity; sid:100003195; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"bitbucket.org",nocase; http_uri; content:"/labesoftware/update/downloads/install_plugin_x64_x86.exe",nocase; classtype:trojan-activity; sid:100003196; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"bitbucket.org",nocase; http_uri; content:"/labesoftware/update/downloads/vpn_free.exe",nocase; classtype:trojan-activity; sid:100003197; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"bitbucket.org",nocase; http_uri; content:"/mminminminmin05/testtest/downloads/clr.exe",nocase; classtype:trojan-activity; sid:100003198; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"bitbucket.org",nocase; http_uri; content:"/mminminminmin05/testtest/downloads/updatev.exe",nocase; classtype:trojan-activity; sid:100003199; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"bitbucket.org",nocase; http_uri; content:"/mminminminmin05/testtest/downloads/work.exe",nocase; classtype:trojan-activity; sid:100003200; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"bitbucket.org",nocase; http_uri; content:"/player2012/rumpa1/downloads/component.exe",nocase; classtype:trojan-activity; sid:100003201; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"bitbucket.org",nocase; http_uri; content:"/player2012/rumpa1/downloads/nordvpnsetup.exe",nocase; classtype:trojan-activity; sid:100003202; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"bitbucket.org",nocase; http_uri; content:"/player2012/rumpa1/downloads/regsvc.exe",nocase; classtype:trojan-activity; sid:100003203; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"bitbucket.org",nocase; http_uri; content:"/skygaming/updates/downloads/update.exe",nocase; classtype:trojan-activity; sid:100003204; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"bitbucket.org",nocase; http_uri; content:"/tanake5518/fi/downloads/001.txt",nocase; classtype:trojan-activity; sid:100003205; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"bitbucket.org",nocase; http_uri; content:"/tanake5518/fi/downloads/1488.txt",nocase; classtype:trojan-activity; sid:100003206; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"bitbucket.org",nocase; http_uri; content:"/tanake5518/fi/downloads/1_cr.txt",nocase; classtype:trojan-activity; sid:100003207; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"bitbucket.org",nocase; http_uri; content:"/tanake5518/fi/downloads/1cr.txt",nocase; classtype:trojan-activity; sid:100003208; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"bitbucket.org",nocase; http_uri; content:"/tanake5518/fi/downloads/1fc2d.txt",nocase; classtype:trojan-activity; sid:100003209; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"bitbucket.org",nocase; http_uri; content:"/tanake5518/fi/downloads/26a5.txt",nocase; classtype:trojan-activity; sid:100003210; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"bitbucket.org",nocase; http_uri; content:"/tanake5518/fi/downloads/6e7_2021-01-19_18-04.txt",nocase; classtype:trojan-activity; sid:100003211; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"bitbucket.org",nocase; http_uri; content:"/tanake5518/fi/downloads/abjects.txt",nocase; classtype:trojan-activity; sid:100003212; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"bitbucket.org",nocase; http_uri; content:"/tanake5518/fi/downloads/attached.txt",nocase; classtype:trojan-activity; sid:100003213; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"bitbucket.org",nocase; http_uri; content:"/tanake5518/fi/downloads/b7f2c.exe",nocase; classtype:trojan-activity; sid:100003214; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"bitbucket.org",nocase; http_uri; content:"/tanake5518/fi/downloads/battletext.txt",nocase; classtype:trojan-activity; sid:100003215; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"bitbucket.org",nocase; http_uri; content:"/tanake5518/fi/downloads/bkghj_nowin.exe",nocase; classtype:trojan-activity; sid:100003216; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"bitbucket.org",nocase; http_uri; content:"/tanake5518/fi/downloads/bsdasdasd333.exe",nocase; classtype:trojan-activity; sid:100003217; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"bitbucket.org",nocase; http_uri; content:"/tanake5518/fi/downloads/build.txt",nocase; classtype:trojan-activity; sid:100003218; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"bitbucket.org",nocase; http_uri; content:"/tanake5518/fi/downloads/build_makros.exe",nocase; classtype:trojan-activity; sid:100003219; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"bitbucket.org",nocase; http_uri; content:"/tanake5518/fi/downloads/build_silent.txt",nocase; classtype:trojan-activity; sid:100003220; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"bitbucket.org",nocase; http_uri; content:"/tanake5518/fi/downloads/build_sup.txt",nocase; classtype:trojan-activity; sid:100003221; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"bitbucket.org",nocase; http_uri; content:"/tanake5518/fi/downloads/buildcmobiler.exe",nocase; classtype:trojan-activity; sid:100003222; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"bitbucket.org",nocase; http_uri; content:"/tanake5518/fi/downloads/buildcmobiler.txt",nocase; classtype:trojan-activity; sid:100003223; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"bitbucket.org",nocase; http_uri; content:"/tanake5518/fi/downloads/buildcr.txt",nocase; classtype:trojan-activity; sid:100003224; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"bitbucket.org",nocase; http_uri; content:"/tanake5518/fi/downloads/buildss.txt",nocase; classtype:trojan-activity; sid:100003225; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"bitbucket.org",nocase; http_uri; content:"/tanake5518/fi/downloads/clientnik.txt",nocase; classtype:trojan-activity; sid:100003226; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"bitbucket.org",nocase; http_uri; content:"/tanake5518/fi/downloads/clientrevers.txt",nocase; classtype:trojan-activity; sid:100003227; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"bitbucket.org",nocase; http_uri; content:"/tanake5518/fi/downloads/dcrat.exe",nocase; classtype:trojan-activity; sid:100003228; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"bitbucket.org",nocase; http_uri; content:"/tanake5518/fi/downloads/dllservices.exe",nocase; classtype:trojan-activity; sid:100003229; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"bitbucket.org",nocase; http_uri; content:"/tanake5518/fi/downloads/dllservices2.exe",nocase; classtype:trojan-activity; sid:100003230; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"bitbucket.org",nocase; http_uri; content:"/tanake5518/fi/downloads/exe_morris.mcdermott.exe",nocase; classtype:trojan-activity; sid:100003231; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"bitbucket.org",nocase; http_uri; content:"/tanake5518/fi/downloads/hans.txt",nocase; classtype:trojan-activity; sid:100003232; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"bitbucket.org",nocase; http_uri; content:"/tanake5518/fi/downloads/hulu.txt",nocase; classtype:trojan-activity; sid:100003233; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"bitbucket.org",nocase; http_uri; content:"/tanake5518/fi/downloads/intelfive.txt",nocase; classtype:trojan-activity; sid:100003234; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"bitbucket.org",nocase; http_uri; content:"/tanake5518/fi/downloads/intelfour.txt",nocase; classtype:trojan-activity; sid:100003235; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"bitbucket.org",nocase; http_uri; content:"/tanake5518/fi/downloads/intelone.txt",nocase; classtype:trojan-activity; sid:100003236; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"bitbucket.org",nocase; http_uri; content:"/tanake5518/fi/downloads/intelthree.txt",nocase; classtype:trojan-activity; sid:100003237; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"bitbucket.org",nocase; http_uri; content:"/tanake5518/fi/downloads/inteltwo.txt",nocase; classtype:trojan-activity; sid:100003238; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"bitbucket.org",nocase; http_uri; content:"/tanake5518/fi/downloads/jjuufksfn.exe",nocase; classtype:trojan-activity; sid:100003239; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"bitbucket.org",nocase; http_uri; content:"/tanake5518/fi/downloads/kleiman.exe",nocase; classtype:trojan-activity; sid:100003240; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"bitbucket.org",nocase; http_uri; content:"/tanake5518/fi/downloads/lucky_fixed.exe",nocase; classtype:trojan-activity; sid:100003241; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"bitbucket.org",nocase; http_uri; content:"/tanake5518/fi/downloads/notepadplus.txt",nocase; classtype:trojan-activity; sid:100003242; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"bitbucket.org",nocase; http_uri; content:"/tanake5518/fi/downloads/osiris_qqkz_nauto.exe",nocase; classtype:trojan-activity; sid:100003243; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"bitbucket.org",nocase; http_uri; content:"/tanake5518/fi/downloads/out.exe",nocase; classtype:trojan-activity; sid:100003244; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"bitbucket.org",nocase; http_uri; content:"/tanake5518/fi/downloads/out.txt",nocase; classtype:trojan-activity; sid:100003245; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"bitbucket.org",nocase; http_uri; content:"/tanake5518/fi/downloads/pacbe_bin.txt",nocase; classtype:trojan-activity; sid:100003246; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"bitbucket.org",nocase; http_uri; content:"/tanake5518/fi/downloads/putty.txt",nocase; classtype:trojan-activity; sid:100003247; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"bitbucket.org",nocase; http_uri; content:"/tanake5518/fi/downloads/rockethcd.txt",nocase; classtype:trojan-activity; sid:100003248; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"bitbucket.org",nocase; http_uri; content:"/tanake5518/fi/downloads/scvhost900.exe",nocase; classtype:trojan-activity; sid:100003249; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"bitbucket.org",nocase; http_uri; content:"/tanake5518/fi/downloads/sessionwin.exe",nocase; classtype:trojan-activity; sid:100003250; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"bitbucket.org",nocase; http_uri; content:"/tanake5518/fi/downloads/siliculose.txt",nocase; classtype:trojan-activity; sid:100003251; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"bitbucket.org",nocase; http_uri; content:"/tanake5518/fi/downloads/statemobi.txt",nocase; classtype:trojan-activity; sid:100003252; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"bitbucket.org",nocase; http_uri; content:"/tanake5518/fi/downloads/stealers.exe",nocase; classtype:trojan-activity; sid:100003253; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"bitbucket.org",nocase; http_uri; content:"/tanake5518/fi/downloads/stealers2.exe",nocase; classtype:trojan-activity; sid:100003254; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"bitbucket.org",nocase; http_uri; content:"/tanake5518/fi/downloads/stgedo.exe",nocase; classtype:trojan-activity; sid:100003255; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"bitbucket.org",nocase; http_uri; content:"/tanake5518/fi/downloads/svcperf.txt",nocase; classtype:trojan-activity; sid:100003256; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"bitbucket.org",nocase; http_uri; content:"/tanake5518/fi/downloads/symptomaticshon5.exe",nocase; classtype:trojan-activity; sid:100003257; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"bitbucket.org",nocase; http_uri; content:"/tanake5518/fi/downloads/taurjok.txt",nocase; classtype:trojan-activity; sid:100003258; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"bitbucket.org",nocase; http_uri; content:"/tanake5518/fi/downloads/taurusbabac.exe",nocase; classtype:trojan-activity; sid:100003259; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"bitbucket.org",nocase; http_uri; content:"/tanake5518/fi/downloads/telekiller.exe",nocase; classtype:trojan-activity; sid:100003260; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"bitbucket.org",nocase; http_uri; content:"/tanake5518/fi/downloads/updateanddr.txt",nocase; classtype:trojan-activity; sid:100003261; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"bitbucket.org",nocase; http_uri; content:"/tanake5518/fi/downloads/updateandr.txt",nocase; classtype:trojan-activity; sid:100003262; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"bitbucket.org",nocase; http_uri; content:"/tanake5518/fi/downloads/vhajeja.txt",nocase; classtype:trojan-activity; sid:100003263; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"bitbucket.org",nocase; http_uri; content:"/tanake5518/fi/downloads/word.txt",nocase; classtype:trojan-activity; sid:100003264; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"bitbucket.org",nocase; http_uri; content:"/tanake5518/fi/downloads/www.txt",nocase; classtype:trojan-activity; sid:100003265; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"bitbucket.org",nocase; http_uri; content:"/tanake5518/fi/downloads/xlsd.txt",nocase; classtype:trojan-activity; sid:100003266; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"bitbucket.org",nocase; http_uri; content:"/teaserex/tease/downloads/b_kfmhkk172.bin",nocase; classtype:trojan-activity; sid:100003267; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"bitbucket.org",nocase; http_uri; content:"/teaserex/tease/downloads/macro_xmprohiq27.bin",nocase; classtype:trojan-activity; sid:100003268; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"cd.textfiles.com",nocase; http_uri; content:"/hmatrix/data/hack1226.exe",nocase; classtype:trojan-activity; sid:100003269; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"cdn.discordapp.com",nocase; http_uri; content:"/attachments/775238059083038744/821062129347067924/wxhyhyciuesjdefkxcqddvfbjqrofjq",nocase; classtype:trojan-activity; sid:100003270; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"cdn.discordapp.com",nocase; http_uri; content:"/attachments/816070119281131570/816070273254162442/all.txt",nocase; classtype:trojan-activity; sid:100003271; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"cdn.discordapp.com",nocase; http_uri; content:"/attachments/825372018244583454/826848185246023750/loaddd.exe",nocase; classtype:trojan-activity; sid:100003272; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"cdn.discordapp.com",nocase; http_uri; content:"/attachments/825372018244583454/826848348342059008/zeppelin.exe",nocase; classtype:trojan-activity; sid:100003273; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"cdn.discordapp.com",nocase; http_uri; content:"/attachments/825372018244583454/826848405258633277/build.exe",nocase; classtype:trojan-activity; sid:100003274; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"cdn.discordapp.com",nocase; http_uri; content:"/attachments/826198252025675816/826537386485612574/china.png",nocase; classtype:trojan-activity; sid:100003275; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"cdn.discordapp.com",nocase; http_uri; content:"/attachments/826376903400751108/826431600383361065/remcmcmcm_mjvbsmlrc45.bin",nocase; classtype:trojan-activity; sid:100003276; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"cdn.discordapp.com",nocase; http_uri; content:"/attachments/826416818390040589/826540039764705360/7525b875713675d4ff0018cf084f493a4e4977de_2021-03-30_22-25.exe",nocase; classtype:trojan-activity; sid:100003277; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"chiptune.com",nocase; http_uri; content:"/razor/rzr-winner_intro.zip",nocase; classtype:trojan-activity; sid:100003278; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"cloudme.com",nocase; http_uri; content:"/v1/ws2/:suengpen/:buyerlist.js/buyerlist.js.xz",nocase; classtype:trojan-activity; sid:100003279; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"cloudme.com",nocase; http_uri; content:"/v1/ws2/:suengpen/:buyerlist1/buyerlist1.rar",nocase; classtype:trojan-activity; sid:100003280; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"codeload.github.com",nocase; http_uri; content:"/meteoradminz/hidden-tear/zip/master",nocase; classtype:trojan-activity; sid:100003281; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"colfincas.com",nocase; http_uri; content:"/tmp/protected-cek9qz4zvk2n65e-c5d84gi5/security-cloud/kypqw-52kkq0n9ywj9oa/",nocase; classtype:trojan-activity; sid:100003282; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"deepfreedom.org",nocase; http_uri; content:"/qz0h69.pdf",nocase; classtype:trojan-activity; sid:100003283; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"docs.google.com",nocase; http_uri; content:"/uc?export=download&id=1ktcghnmcwws43wzscphukbfnwtuaxidx&revid=0b8z0b7_i5sirk2xrtehmstg0vxvit3b4n3lmbdrdrjrodndrpq",nocase; classtype:trojan-activity; sid:100003284; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"drive.google.com.it-barcelona.com",nocase; http_uri; content:"/frm0reseen/prntscrnofamzorderid.jpg.exe",nocase; classtype:trojan-activity; sid:100003285; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"drive.google.com",nocase; http_uri; content:"/uc?export=download&id=0byfg0_4xbjgnwvuyev9ltuh4rmm",nocase; classtype:trojan-activity; sid:100003286; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"drive.google.com",nocase; http_uri; content:"/uc?export=download&id=12khl-unz2np4q54b2jgpwlsh6cuz0pss",nocase; classtype:trojan-activity; sid:100003287; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"drive.google.com",nocase; http_uri; content:"/uc?export=download&id=13sfskplrox3d7uantwjj_trs6ciwvqa1",nocase; classtype:trojan-activity; sid:100003288; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"drive.google.com",nocase; http_uri; content:"/uc?export=download&id=13vodfxml9fg8kcnexuafh64dzmnqv8ch",nocase; classtype:trojan-activity; sid:100003289; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"drive.google.com",nocase; http_uri; content:"/uc?export=download&id=152yoztzpbx_bbpxepfackfklg8c1eao6",nocase; classtype:trojan-activity; sid:100003290; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"drive.google.com",nocase; http_uri; content:"/uc?export=download&id=167imxqgc8ehepa1gisxa6q6ifcjxceox",nocase; classtype:trojan-activity; sid:100003291; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"drive.google.com",nocase; http_uri; content:"/uc?export=download&id=194lqzukzvt-jtdxmihcvhd0yk1sxoybk",nocase; classtype:trojan-activity; sid:100003292; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"drive.google.com",nocase; http_uri; content:"/uc?export=download&id=1a-herfdxr6xamxeabcdao0mqw9bimrig",nocase; classtype:trojan-activity; sid:100003293; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"drive.google.com",nocase; http_uri; content:"/uc?export=download&id=1aphk_vq7gtn368zxpd5bg5rv8nk0bnhn",nocase; classtype:trojan-activity; sid:100003294; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"drive.google.com",nocase; http_uri; content:"/uc?export=download&id=1br5iufkkmmfeipqo3ecviqykbcdgcnio",nocase; classtype:trojan-activity; sid:100003295; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"drive.google.com",nocase; http_uri; content:"/uc?export=download&id=1byj1kld84im01lyhb239rds4kvoyaxkv",nocase; classtype:trojan-activity; sid:100003296; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"drive.google.com",nocase; http_uri; content:"/uc?export=download&id=1cos43rmscrescxk3u40qjuqbwr-pydsn",nocase; classtype:trojan-activity; sid:100003297; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"drive.google.com",nocase; http_uri; content:"/uc?export=download&id=1cvicrmlbj2ak666h6wsaaqegjpflnben",nocase; classtype:trojan-activity; sid:100003298; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"drive.google.com",nocase; http_uri; content:"/uc?export=download&id=1dhoxtwbb2ycn8q06gi3p-ao_llldff0e",nocase; classtype:trojan-activity; sid:100003299; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"drive.google.com",nocase; http_uri; content:"/uc?export=download&id=1dnm3wtjf6ud5fv6zop9cvbr4rs2of1-n",nocase; classtype:trojan-activity; sid:100003300; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"drive.google.com",nocase; http_uri; content:"/uc?export=download&id=1dqin1sdd6rbah3sggzsxzeqgrkmhjnqm",nocase; classtype:trojan-activity; sid:100003301; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"drive.google.com",nocase; http_uri; content:"/uc?export=download&id=1eqnvgn0qkunp7t6crk8oj7_e7rh5qxwi",nocase; classtype:trojan-activity; sid:100003302; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"drive.google.com",nocase; http_uri; content:"/uc?export=download&id=1fensc6gc0fww0gbevsrnwwnlajypzdvv",nocase; classtype:trojan-activity; sid:100003303; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"drive.google.com",nocase; http_uri; content:"/uc?export=download&id=1htinwtfrw1wc3_ma8odztnq0qpnic2q6",nocase; classtype:trojan-activity; sid:100003304; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"drive.google.com",nocase; http_uri; content:"/uc?export=download&id=1ieolbiw9ao8m8umyi7owwqlt-_-7byei",nocase; classtype:trojan-activity; sid:100003305; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"drive.google.com",nocase; http_uri; content:"/uc?export=download&id=1in-rhdrss2qsjqj8xffb1hbwi9znp4je",nocase; classtype:trojan-activity; sid:100003306; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"drive.google.com",nocase; http_uri; content:"/uc?export=download&id=1ix4yfvtfik605yavvm7wyo0bk4ch93fr",nocase; classtype:trojan-activity; sid:100003307; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"drive.google.com",nocase; http_uri; content:"/uc?export=download&id=1jkov2g5s1xkcq4bfb3uvmd6inhadatrg",nocase; classtype:trojan-activity; sid:100003308; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"drive.google.com",nocase; http_uri; content:"/uc?export=download&id=1jnarxelz8gtbkg5pa_s0rc8kv3ejkepn",nocase; classtype:trojan-activity; sid:100003309; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"drive.google.com",nocase; http_uri; content:"/uc?export=download&id=1kjcylye1dbmhystyyotz-3pagktkhlhq",nocase; classtype:trojan-activity; sid:100003310; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"drive.google.com",nocase; http_uri; content:"/uc?export=download&id=1lsv4sko083sywwjndgqnsh_6sgqodqtu",nocase; classtype:trojan-activity; sid:100003311; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"drive.google.com",nocase; http_uri; content:"/uc?export=download&id=1mwgdd3lxuuk-bnsrm1rpclom0cmx7wob",nocase; classtype:trojan-activity; sid:100003312; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"drive.google.com",nocase; http_uri; content:"/uc?export=download&id=1n8o4hbvi7o9ks9jqhofny7okposfaz4y",nocase; classtype:trojan-activity; sid:100003313; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"drive.google.com",nocase; http_uri; content:"/uc?export=download&id=1nio_cdsggt4zv1kdrpubrfpd0pzsyffd",nocase; classtype:trojan-activity; sid:100003314; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"drive.google.com",nocase; http_uri; content:"/uc?export=download&id=1nmf6kty3xsoygjxjhb-bsafvlfy-0lt2",nocase; classtype:trojan-activity; sid:100003315; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"drive.google.com",nocase; http_uri; content:"/uc?export=download&id=1oabvvnazifkxktvt-izbcdqpb7dm6nrw",nocase; classtype:trojan-activity; sid:100003316; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"drive.google.com",nocase; http_uri; content:"/uc?export=download&id=1p5fvqkxzwoiu_uauzbmrxpklsetculad",nocase; classtype:trojan-activity; sid:100003317; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"drive.google.com",nocase; http_uri; content:"/uc?export=download&id=1ph-lri07dohowhmuczrrvjwrtsvmnu9s",nocase; classtype:trojan-activity; sid:100003318; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"drive.google.com",nocase; http_uri; content:"/uc?export=download&id=1prxtn1juykhcr_9ilw-vtirv5anyeoej",nocase; classtype:trojan-activity; sid:100003319; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"drive.google.com",nocase; http_uri; content:"/uc?export=download&id=1q1dwckludrpqijtrpw14_60d5nu7n97t",nocase; classtype:trojan-activity; sid:100003320; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"drive.google.com",nocase; http_uri; content:"/uc?export=download&id=1r9f9irwhutxozsbp2h9erd_a7fa2pwko",nocase; classtype:trojan-activity; sid:100003321; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"drive.google.com",nocase; http_uri; content:"/uc?export=download&id=1s221a6wpx6i7nfrztnhh9priojtybuxq",nocase; classtype:trojan-activity; sid:100003322; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"drive.google.com",nocase; http_uri; content:"/uc?export=download&id=1sjvkrinuscxqmbkdeusxaezazbiagnv3",nocase; classtype:trojan-activity; sid:100003323; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"drive.google.com",nocase; http_uri; content:"/uc?export=download&id=1so1trfuzt5-giahetghfhmd-_ot3rq35",nocase; classtype:trojan-activity; sid:100003324; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"drive.google.com",nocase; http_uri; content:"/uc?export=download&id=1t1bd_itjnhsmozdl9was0gouehujm1fn",nocase; classtype:trojan-activity; sid:100003325; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"drive.google.com",nocase; http_uri; content:"/uc?export=download&id=1tsmbsikhechaqedk6nktlfzasus_tghw",nocase; classtype:trojan-activity; sid:100003326; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"drive.google.com",nocase; http_uri; content:"/uc?export=download&id=1uowridpynurgqlgqjbtgramigo2a9v76",nocase; classtype:trojan-activity; sid:100003327; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"drive.google.com",nocase; http_uri; content:"/uc?export=download&id=1uvtmu3-hcryp3rskqnpkiodcjuchtz55",nocase; classtype:trojan-activity; sid:100003328; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"drive.google.com",nocase; http_uri; content:"/uc?export=download&id=1vevblftithattyguwyjot1p0wptg7l5t",nocase; classtype:trojan-activity; sid:100003329; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"drive.google.com",nocase; http_uri; content:"/uc?export=download&id=1vjq92eqivh01yxmal20whl2es3ld6nxb",nocase; classtype:trojan-activity; sid:100003330; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"drive.google.com",nocase; http_uri; content:"/uc?export=download&id=1xfwgl7xdqzqjccteivad-snxb_8yim1e",nocase; classtype:trojan-activity; sid:100003331; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"drive.google.com",nocase; http_uri; content:"/uc?export=download&id=1xqmjyd-syoy31suhjuqzlg4rblxq9ohi",nocase; classtype:trojan-activity; sid:100003332; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"drive.google.com",nocase; http_uri; content:"/uc?export=download&id=1xt-g7waixr7glvz_rdxglblidv6qgu58",nocase; classtype:trojan-activity; sid:100003333; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"drive.google.com",nocase; http_uri; content:"/uc?export=download&id=1yawygcfjs9inzoiwagqfcn3utaywxmwi",nocase; classtype:trojan-activity; sid:100003334; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"drive.google.com",nocase; http_uri; content:"/uc?export=download&id=1yhflwpk3yeyrdhlhanctlind-5j24iwv",nocase; classtype:trojan-activity; sid:100003335; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"drive.google.com",nocase; http_uri; content:"/uc?export=download&id=1yqpuxjbnjokc5fjgt-8xzuybr97rtvg2",nocase; classtype:trojan-activity; sid:100003336; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"drive.google.com",nocase; http_uri; content:"/uc?export=download&id=1ywkgalidldb32pio6ywmbyvdk7oar3yy",nocase; classtype:trojan-activity; sid:100003337; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"drive.google.com",nocase; http_uri; content:"/uc?export=download&id=1zbclvhabervgfryoyqklo4_oe6icd8sr",nocase; classtype:trojan-activity; sid:100003338; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"drive.google.com",nocase; http_uri; content:"/uc?id=148pt6v0nlg8yoim7w6in7dpixkzaacbg&export=download&authuser=0",nocase; classtype:trojan-activity; sid:100003339; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"drpamelageorge.com",nocase; http_uri; content:"/wp-includes/1zilg/",nocase; classtype:trojan-activity; sid:100003340; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"drpamelageorge.com",nocase; http_uri; content:"/wp-includes/qcgfmfvh/",nocase; classtype:trojan-activity; sid:100003341; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"e-mudhra.com",nocase; http_uri; content:"/downloads/emclick.zip",nocase; classtype:trojan-activity; sid:100003342; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"evertkok.nl",nocase; http_uri; content:"/informatica/informatica-actief/hoofdstuk1/extrasoftware/getallen.exe",nocase; classtype:trojan-activity; sid:100003343; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"expeditionquest.com",nocase; http_uri; content:"/register/phpcaptcha/images/19dnqhg1p/sbhvtqlysxhxn/",nocase; classtype:trojan-activity; sid:100003344; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"expeditionquest.com",nocase; http_uri; content:"/register/phpcaptcha/images/35egphpl5uzpvdmz9bncmvon3p/",nocase; classtype:trojan-activity; sid:100003345; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"expeditionquest.com",nocase; http_uri; content:"/x/",nocase; classtype:trojan-activity; sid:100003346; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"exxonabnie.ir",nocase; http_uri; content:"/orbi-slow-glero/ggkuv5jkrmkn1kgyelyvka973qrxnwf/",nocase; classtype:trojan-activity; sid:100003347; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"exxonabnie.ir",nocase; http_uri; content:"/orbi-slow-glero/ggkuv5jkrmkn1kgyelyvka973qrxnwf//",nocase; classtype:trojan-activity; sid:100003348; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"exxonabnie.ir",nocase; http_uri; content:"/orbi-slow-glero/ggkuv5jkrmkn1kgyelyvka973qrxnwf///",nocase; classtype:trojan-activity; sid:100003349; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"exxonabnie.ir",nocase; http_uri; content:"/orbi-slow-glero/ggkuv5jkrmkn1kgyelyvka973qrxnwf////",nocase; classtype:trojan-activity; sid:100003350; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"file.elecfans.com",nocase; http_uri; content:"/web1/m00/8f/36/o4ybafy-2m2aarfzaahkaiik5pi122.exe",nocase; classtype:trojan-activity; sid:100003351; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"files.constantcontact.com",nocase; http_uri; content:"/4cb7cebd101/e5fb4174-ab23-48e8-bf05-e80ec5fa2169.xls",nocase; classtype:trojan-activity; sid:100003352; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"files.constantcontact.com",nocase; http_uri; content:"/ee304de9001/7e533e73-e272-4a44-9d9e-138cab64bf19.docx",nocase; classtype:trojan-activity; sid:100003353; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"gist.githubusercontent.com",nocase; http_uri; content:"/zibri/19f9838ffd12349bb2c6c3afddc9388f/raw/01977fd3c7e036c3a38f062f626fd189ba1e1aa3/uefivar.exe",nocase; classtype:trojan-activity; sid:100003354; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"hqdecig.com",nocase; http_uri; content:"/cgi-bin/sni8w3fssb44iavmzss2nv0od6eiixlq6/",nocase; classtype:trojan-activity; sid:100003355; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"hsecaravans.co.uk",nocase; http_uri; content:"/wp-admin/suy/",nocase; classtype:trojan-activity; sid:100003356; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"ia801802.us.archive.org",nocase; http_uri; content:"/19/items/startup_20210219/startup.txt",nocase; classtype:trojan-activity; sid:100003357; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"ie-best.net",nocase; http_uri; content:"/online-timer-kvhxz/ilxl/",nocase; classtype:trojan-activity; sid:100003358; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"indonesias.me:9998",nocase; http_uri; content:"/64.exe",nocase; classtype:trojan-activity; sid:100003359; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"indonesias.me:9998",nocase; http_uri; content:"/c64.exe",nocase; classtype:trojan-activity; sid:100003360; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"jcedu.org",nocase; http_uri; content:"/ebook/cs17.exe",nocase; classtype:trojan-activity; sid:100003361; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"jointings.org",nocase; http_uri; content:"/eng/wp-content/plugins/featurific-for-wordpress/1",nocase; classtype:trojan-activity; sid:100003362; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"jointings.org",nocase; http_uri; content:"/eng/wp-content/plugins/featurific-for-wordpress/2",nocase; classtype:trojan-activity; sid:100003363; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"jointings.org",nocase; http_uri; content:"/eng/wp-content/plugins/featurific-for-wordpress/3",nocase; classtype:trojan-activity; sid:100003364; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"karmakoincodes.weebly.com",nocase; http_uri; content:"/uploads/3/2/8/8/3288864/karma_koin_codes.exe",nocase; classtype:trojan-activity; sid:100003365; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"kotakwarna.co.id",nocase; http_uri; content:"/dg/etrac/nf4emwz/",nocase; classtype:trojan-activity; sid:100003366; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"ksh.hu",nocase; http_uri; content:"/docs/adatgyujtesek/elektra/csv_to_xml.exe",nocase; classtype:trojan-activity; sid:100003367; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"kuaizip.com",nocase; http_uri; content:"/down/affiliate/kuaizip_setup_10029.exe",nocase; classtype:trojan-activity; sid:100003368; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"linuxforensicsbook.com.s3.amazonaws.com",nocase; http_uri; content:"/linuxforensicscode.zip",nocase; classtype:trojan-activity; sid:100003369; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"marcostrombetta.com.br",nocase; http_uri; content:"/ds/1802.gif",nocase; classtype:trojan-activity; sid:100003370; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"medianews.ge",nocase; http_uri; content:"/_manager/templates/actions/c4toling.zip",nocase; classtype:trojan-activity; sid:100003371; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"minpic.de",nocase; http_uri; content:"/k/big5/1giof6/",nocase; classtype:trojan-activity; sid:100003372; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"morrobaydrugandgift.com",nocase; http_uri; content:"/wp-contentbak/t9m/",nocase; classtype:trojan-activity; sid:100003373; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"my.cloudme.com",nocase; http_uri; content:"/v1/ws2/:gianni1962/:ie6setup/ie6setup.exe",nocase; classtype:trojan-activity; sid:100003374; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"nch.com.au",nocase; http_uri; content:"/components/aacenc.exe",nocase; classtype:trojan-activity; sid:100003375; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"nch.com.au",nocase; http_uri; content:"/components/doxillionsetup.exe",nocase; classtype:trojan-activity; sid:100003376; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"newyarlfm.weebly.com",nocase; http_uri; content:"/uploads/4/1/6/6/4166984/keygen.exe",nocase; classtype:trojan-activity; sid:100003377; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"nhipcauytevietnhat.com",nocase; http_uri; content:"/efficiency-all-iuehb/bjug3jyhuyilwhcqs3ykssaqqw7tpyvmypb91wtzdbluio1ekope5vrbbcx8zhdar9yt/",nocase; classtype:trojan-activity; sid:100003378; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"note.youdao.com",nocase; http_uri; content:"/yws/api/personal/file/web3a243b322cf83ca7cae587a92916bac7?method=download&inline=true&sharekey=649ac0bb5d5b13d15cbf50b2609e193a",nocase; classtype:trojan-activity; sid:100003379; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"oldschoolvalue.s3.amazonaws.com",nocase; http_uri; content:"/spreadsheets/osv_stock_valuation-sample-dummy.exe",nocase; classtype:trojan-activity; sid:100003380; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?&resid=81445407a9f44d37!197&authkey=apuz15kftzlrysa",nocase; classtype:trojan-activity; sid:100003381; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?&resid=81445407a9f44d37!198&authkey=ags5rgb15_esaqq",nocase; classtype:trojan-activity; sid:100003382; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?&resid=b4c15a27928f663b!229&authkey=aiarm61fwmd_npe",nocase; classtype:trojan-activity; sid:100003383; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?&resid=b4c15a27928f663b!230&authkey=ancu1eabetiubzg",nocase; classtype:trojan-activity; sid:100003384; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?&resid=b4c15a27928f663b!231&authkey=ai9h3sk_luxran0",nocase; classtype:trojan-activity; sid:100003385; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?&resid=c127f9e0fb7cbbea!214&authkey=aat73nvghhjdr9g",nocase; classtype:trojan-activity; sid:100003386; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?authkey=!aase4ma0-vo_cls&cid=4df11eda676a355f&resid=4df11eda676a355f!140",nocase; classtype:trojan-activity; sid:100003387; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?authkey=!akd6uxvljtlvpxu&cid=4df11eda676a355f&resid=4df11eda676a355f!130",nocase; classtype:trojan-activity; sid:100003388; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?authkey=!aomvnemlpgwfuie&cid=4df11eda676a355f&resid=4df11eda676a355f!135",nocase; classtype:trojan-activity; sid:100003389; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?authkey=adf5p_kn8rjf29y&cid=34224e3e49966a27&resid=34224e3e49966a27%211732",nocase; classtype:trojan-activity; sid:100003390; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=013413cfbbbcfae4&resid=13413cfbbbcfae4%211656&authkey=ai9wpcp_k9okgk4",nocase; classtype:trojan-activity; sid:100003391; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=0153c2a7092ee91c&resid=153c2a7092ee91c!111&authkey=aemrwamaaaiyyjc",nocase; classtype:trojan-activity; sid:100003392; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=0153c2a7092ee91c&resid=153c2a7092ee91c%21111&authkey=aemrwamaaaiyyjc",nocase; classtype:trojan-activity; sid:100003393; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=0175cdbe2d2944c5&resid=175cdbe2d2944c5%21107&authkey=al6uptubjmmugo0",nocase; classtype:trojan-activity; sid:100003394; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=01f191d863b4d5a4&resid=1f191d863b4d5a4!157&authkey=aagcsm7chqez6uu",nocase; classtype:trojan-activity; sid:100003395; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=01f191d863b4d5a4&resid=1f191d863b4d5a4!158&authkey=amsoii5nr6pomhc",nocase; classtype:trojan-activity; sid:100003396; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=01f191d863b4d5a4&resid=1f191d863b4d5a4%21157&authkey=aagcsm7chqez6uu",nocase; classtype:trojan-activity; sid:100003397; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=01f191d863b4d5a4&resid=1f191d863b4d5a4%21158&authkey=amsoii5nr6pomhc",nocase; classtype:trojan-activity; sid:100003398; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=02e98840a4c9fd6c&resid=2e98840a4c9fd6c%211177&authkey=am0i98nwgvzgqvq",nocase; classtype:trojan-activity; sid:100003399; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=02e98840a4c9fd6c&resid=2e98840a4c9fd6c%211183&authkey=anv33trmzmi5cko",nocase; classtype:trojan-activity; sid:100003400; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=0319bb40eba80dcc&resid=319bb40eba80dcc%21110&authkey=ag8bs48lq9n-piw",nocase; classtype:trojan-activity; sid:100003401; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=0412fba39d6c52de&resid=412fba39d6c52de%2122008&authkey=amn2bgbswxwgpma",nocase; classtype:trojan-activity; sid:100003402; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=045adcdfe91be4f5&resid=45adcdfe91be4f5%21318&authkey=aa6lutarluhyj48",nocase; classtype:trojan-activity; sid:100003403; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=0489c74de4facb30&resid=489c74de4facb30!109&authkey=ajo32arrzl_vwdq",nocase; classtype:trojan-activity; sid:100003404; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=062a585e433edce3&resid=62a585e433edce3%211618&authkey=ahzfppat_uettfg",nocase; classtype:trojan-activity; sid:100003405; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=087f57dcf1bd61bc&resid=87f57dcf1bd61bc!113&authkey=ap0wsc-rsiegllw",nocase; classtype:trojan-activity; sid:100003406; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=09eebe7829f6351d&resid=9eebe7829f6351d%21827&authkey=amysfuvfuc5jezq",nocase; classtype:trojan-activity; sid:100003407; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=0cc3238b46a1ac6d&resid=cc3238b46a1ac6d%21184&authkey=ackbiiarirejcam",nocase; classtype:trojan-activity; sid:100003408; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=0d59c202e35694c2&resid=d59c202e35694c2!273&authkey=ae2m69e5nu3rrea",nocase; classtype:trojan-activity; sid:100003409; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=0d59c202e35694c2&resid=d59c202e35694c2!274&authkey=acqg0akutoxdpgo",nocase; classtype:trojan-activity; sid:100003410; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=0d59c202e35694c2&resid=d59c202e35694c2%21273&authkey=ae2m69e5nu3rrea",nocase; classtype:trojan-activity; sid:100003411; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=0d59c202e35694c2&resid=d59c202e35694c2%21274&authkey=acqg0akutoxdpgo",nocase; classtype:trojan-activity; sid:100003412; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=0d7729ca9a2b7fa0&resid=d7729ca9a2b7fa0!1667&authkey=an8otd7jzc7xgho",nocase; classtype:trojan-activity; sid:100003413; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=0d7729ca9a2b7fa0&resid=d7729ca9a2b7fa0%211667&authkey=an8otd7jzc7xgho",nocase; classtype:trojan-activity; sid:100003414; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=0da4ace18aa7d1e2&resid=da4ace18aa7d1e2%21131&authkey=adjn1y5pp4a10_c",nocase; classtype:trojan-activity; sid:100003415; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=0f0a5aadc4c3c242&resid=f0a5aadc4c3c242!309&authkey=alfe36drai1zmwc",nocase; classtype:trojan-activity; sid:100003416; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=0f0a5aadc4c3c242&resid=f0a5aadc4c3c242%21309&authkey=alfe36drai1zmwc",nocase; classtype:trojan-activity; sid:100003417; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=0f51d04c9d556964&resid=f51d04c9d556964%21123&authkey=aco5hiwppfq8vrw",nocase; classtype:trojan-activity; sid:100003418; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=0f51d04c9d556964&resid=f51d04c9d556964%21124&authkey=ai6sfa2z-kqf6x0",nocase; classtype:trojan-activity; sid:100003419; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=125290ca4dc682c9&resid=125290ca4dc682c9%21452&authkey=afdp5rurqhdqa2a",nocase; classtype:trojan-activity; sid:100003420; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=13b301f1cb48f8cd&resid=13b301f1cb48f8cd%21106&authkey=aiae3olcs4lulz4",nocase; classtype:trojan-activity; sid:100003421; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=14f52af71b98dbc5&resid=14f52af71b98dbc5%212449&authkey=anfs_n5cs1noojo",nocase; classtype:trojan-activity; sid:100003422; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=165468846f076ee7&resid=165468846f076ee7!118&authkey=antash3ig98aqte",nocase; classtype:trojan-activity; sid:100003423; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=165468846f076ee7&resid=165468846f076ee7%21118&authkey=antash3ig98aqte",nocase; classtype:trojan-activity; sid:100003424; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=16b1c02dce9ea41f&resid=16b1c02dce9ea41f!286&authkey=almwisomhv3c0zc",nocase; classtype:trojan-activity; sid:100003425; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=16b1c02dce9ea41f&resid=16b1c02dce9ea41f%21286&authkey=almwisomhv3c0zc",nocase; classtype:trojan-activity; sid:100003426; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=174a158b69387a7e&resid=174a158b69387a7e!348&authkey=ahnjoxa4ufoxa54",nocase; classtype:trojan-activity; sid:100003427; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=174a158b69387a7e&resid=174a158b69387a7e%21348&authkey=ahnjoxa4ufoxa54",nocase; classtype:trojan-activity; sid:100003428; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=18418adacefed6e2&resid=18418adacefed6e2!126&authkey=ad4yflrisq6d82g",nocase; classtype:trojan-activity; sid:100003429; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=18418adacefed6e2&resid=18418adacefed6e2!129&authkey=apqoonsrce0ari4",nocase; classtype:trojan-activity; sid:100003430; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=18418adacefed6e2&resid=18418adacefed6e2%21126&authkey=ad4yflrisq6d82g",nocase; classtype:trojan-activity; sid:100003431; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=18418adacefed6e2&resid=18418adacefed6e2%21129&authkey=apqoonsrce0ari4",nocase; classtype:trojan-activity; sid:100003432; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=196e83840ef8c152&resid=196e83840ef8c152%21107&authkey=ah2lhjyd0ukjcve",nocase; classtype:trojan-activity; sid:100003433; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=1a162e8fcaaef5fa&resid=1a162e8fcaaef5fa%215495&authkey=aic7rmj1cm3rt2w",nocase; classtype:trojan-activity; sid:100003434; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=1c14977b48a91558&resid=1c14977b48a91558!8182&authkey=aautw8tvzxr5v3a",nocase; classtype:trojan-activity; sid:100003435; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=1c14977b48a91558&resid=1c14977b48a91558%218182&authkey=aautw8tvzxr5v3a",nocase; classtype:trojan-activity; sid:100003436; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=1cbd82dd55d70086&resid=1cbd82dd55d70086%212526&authkey=aogaboensav3jrg",nocase; classtype:trojan-activity; sid:100003437; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=1dbdf62bc3c2b05b&resid=1dbdf62bc3c2b05b!134&authkey=ape6bhxn7c89z60",nocase; classtype:trojan-activity; sid:100003438; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=1f48501ee4e8735a&resid=1f48501ee4e8735a%215268&authkey=advgihzjzelvkdg",nocase; classtype:trojan-activity; sid:100003439; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=208dce306fa91736&resid=208dce306fa91736%21184&authkey=ae6l_lmeqbcwqs4",nocase; classtype:trojan-activity; sid:100003440; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=208dce306fa91736&resid=208dce306fa91736%21185&authkey=abpinbsiqu9kj0c",nocase; classtype:trojan-activity; sid:100003441; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=24ef9e675b079af9&resid=24ef9e675b079af9%21154&authkey=alkjikpdfxvm8po",nocase; classtype:trojan-activity; sid:100003442; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=24ef9e675b079af9&resid=24ef9e675b079af9%21155&authkey=afu-yax_gxxddoe",nocase; classtype:trojan-activity; sid:100003443; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=24ef9e675b079af9&resid=24ef9e675b079af9%21156&authkey=alqvv8nixrvsqrk",nocase; classtype:trojan-activity; sid:100003444; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=265daf943be0d06f&resid=265daf943be0d06f!191&authkey=ajvumpkzpla_nca",nocase; classtype:trojan-activity; sid:100003445; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=265daf943be0d06f&resid=265daf943be0d06f%21191&authkey=ajvumpkzpla_nca",nocase; classtype:trojan-activity; sid:100003446; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=26bbd7d5ad88dd29&resid=26bbd7d5ad88dd29%21115&authkey=acipfa3gbiqqcvu",nocase; classtype:trojan-activity; sid:100003447; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=26f87316a7e32bb5&resid=26f87316a7e32bb5%21106&authkey=aepqo5hlkxn1t1k",nocase; classtype:trojan-activity; sid:100003448; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=2831401bbac0235e&resid=2831401bbac0235e%211037&authkey=aagnkp6l76yhrlo",nocase; classtype:trojan-activity; sid:100003449; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=2968c371f5450503&resid=2968c371f5450503!122&authkey=aaqhhxbnwfwrz28",nocase; classtype:trojan-activity; sid:100003450; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=2968c371f5450503&resid=2968c371f5450503%21122&authkey=aaqhhxbnwfwrz28",nocase; classtype:trojan-activity; sid:100003451; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=2c1abc526306a6e1&resid=2c1abc526306a6e1%21106&authkey=adjthwhvjkbioc0",nocase; classtype:trojan-activity; sid:100003452; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=2c38c37ed8430789&resid=2c38c37ed8430789%21109&authkey=aopcxq3owfiv620",nocase; classtype:trojan-activity; sid:100003453; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=2c38c37ed8430789&resid=2c38c37ed8430789%21114&authkey=ajzoj0ujggsnxlo",nocase; classtype:trojan-activity; sid:100003454; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=2c38c37ed8430789&resid=2c38c37ed8430789%21115&authkey=aglznnsx71tbe9e",nocase; classtype:trojan-activity; sid:100003455; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=2cbd310015bc2d37&resid=2cbd310015bc2d37!183&authkey=akon9i9zzhusiuk",nocase; classtype:trojan-activity; sid:100003456; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=2cbd310015bc2d37&resid=2cbd310015bc2d37%21183&authkey=akon9i9zzhusiuk",nocase; classtype:trojan-activity; sid:100003457; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=2f4d6884e933cb1a&resid=2f4d6884e933cb1a!116&authkey=!abwledjhfsqwap4",nocase; classtype:trojan-activity; sid:100003458; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=2f4d6884e933cb1a&resid=2f4d6884e933cb1a!121&authkey=!aa0qbuuss-wb13w",nocase; classtype:trojan-activity; sid:100003459; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=2f947402293c14c1&resid=2f947402293c14c1!119&authkey=apmakx2cqb9rimu",nocase; classtype:trojan-activity; sid:100003460; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=2f947402293c14c1&resid=2f947402293c14c1%21118&authkey=acrl2iiem-zjer8",nocase; classtype:trojan-activity; sid:100003461; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=2f947402293c14c1&resid=2f947402293c14c1%21119&authkey=apmakx2cqb9rimu",nocase; classtype:trojan-activity; sid:100003462; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=2ffaa48ef4bec51a&resid=2ffaa48ef4bec51a%21107&authkey=aiohrvrc3uuo_cw",nocase; classtype:trojan-activity; sid:100003463; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=3004cdd743a543f5&resid=3004cdd743a543f5%21170&authkey=ao8vz-4rkwuiyn8",nocase; classtype:trojan-activity; sid:100003464; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=3112e77688f09693&resid=3112e77688f09693!320&authkey=aooujzuf408dclw",nocase; classtype:trojan-activity; sid:100003465; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=3112e77688f09693&resid=3112e77688f09693!321&authkey=almpxnbtsbzauna",nocase; classtype:trojan-activity; sid:100003466; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=3112e77688f09693&resid=3112e77688f09693%21320&authkey=aooujzuf408dclw",nocase; classtype:trojan-activity; sid:100003467; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=3112e77688f09693&resid=3112e77688f09693%21321&authkey=almpxnbtsbzauna",nocase; classtype:trojan-activity; sid:100003468; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=3164ddeba70d2263&resid=3164ddeba70d2263%21106&authkey=afkvqrm4zoor8qq",nocase; classtype:trojan-activity; sid:100003469; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=31771958ea3373a1&resid=31771958ea3373a1%21108&authkey=aiofxduo9rdb_-o",nocase; classtype:trojan-activity; sid:100003470; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=3258f281cd827eb1&resid=3258f281cd827eb1!223&authkey=aajr842bzum0yg8",nocase; classtype:trojan-activity; sid:100003471; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=3258f281cd827eb1&resid=3258f281cd827eb1%21223&authkey=aajr842bzum0yg8",nocase; classtype:trojan-activity; sid:100003472; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=34207675f7506d94&resid=34207675f7506d94%21137&authkey=angxnhqpe2x5koc",nocase; classtype:trojan-activity; sid:100003473; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=3447601ab357f8c1&resid=3447601ab357f8c1!114&authkey=aitwerxd-t2cxl0",nocase; classtype:trojan-activity; sid:100003474; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=34ddb7fad56e5c0f&resid=34ddb7fad56e5c0f%21419&authkey=ah0olx87c2izsk8",nocase; classtype:trojan-activity; sid:100003475; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=34ddb7fad56e5c0f&resid=34ddb7fad56e5c0f%21419&authkey=ah0olx87c2izsk8,standard,n/a,n/a,urlhaus",nocase; classtype:trojan-activity; sid:100003476; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=3541c4a292f61866&resid=3541c4a292f61866!107&authkey=af08d9zk1yestqa",nocase; classtype:trojan-activity; sid:100003477; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=3541c4a292f61866&resid=3541c4a292f61866%21107&authkey=af08d9zk1yestqa",nocase; classtype:trojan-activity; sid:100003478; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=3674d56d2003f59c&resid=3674d56d2003f59c!139&authkey=ap4bbakgkikau-a",nocase; classtype:trojan-activity; sid:100003479; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=3674d56d2003f59c&resid=3674d56d2003f59c%21139&authkey=ap4bbakgkikau-a",nocase; classtype:trojan-activity; sid:100003480; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=3892a0364cb5da65&resid=3892a0364cb5da65!152&authkey=am09sv26njxzyn0",nocase; classtype:trojan-activity; sid:100003481; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=3892a0364cb5da65&resid=3892a0364cb5da65!153&authkey=ajs0jkoeqkqjrze",nocase; classtype:trojan-activity; sid:100003482; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=3892a0364cb5da65&resid=3892a0364cb5da65%21152&authkey=am09sv26njxzyn0",nocase; classtype:trojan-activity; sid:100003483; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=3892a0364cb5da65&resid=3892a0364cb5da65%21153&authkey=ajs0jkoeqkqjrze",nocase; classtype:trojan-activity; sid:100003484; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=3a1715e2cb964f25&resid=3a1715e2cb964f25%213713&authkey=aortxmfnibnoqkk",nocase; classtype:trojan-activity; sid:100003485; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=3afef9312d3573c0&resid=3afef9312d3573c0!119&authkey=adkqcwv8_3k86z4",nocase; classtype:trojan-activity; sid:100003486; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=3afef9312d3573c0&resid=3afef9312d3573c0%21119&authkey=adkqcwv8_3k86z4",nocase; classtype:trojan-activity; sid:100003487; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=3bcd34d8ac2d7789&resid=3bcd34d8ac2d7789%21432&authkey=aa_npsupyqb2kge",nocase; classtype:trojan-activity; sid:100003488; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=3bcd34d8ac2d7789&resid=3bcd34d8ac2d7789%21435&authkey=admsjhgpkbtcqzs",nocase; classtype:trojan-activity; sid:100003489; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=3ee68228c34c236d&resid=3ee68228c34c236d%21129&authkey=apll6hu3-xetzxu",nocase; classtype:trojan-activity; sid:100003490; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=3f2905efa1c7ac3f&resid=3f2905efa1c7ac3f!154&authkey=aasj15d0g_p2pog",nocase; classtype:trojan-activity; sid:100003491; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=3f2905efa1c7ac3f&resid=3f2905efa1c7ac3f%21154&authkey=aasj15d0g_p2pog",nocase; classtype:trojan-activity; sid:100003492; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=4000200b3fb8c24f&resid=4000200b3fb8c24f!134&authkey=aaipzy8nllirlky",nocase; classtype:trojan-activity; sid:100003493; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=4000200b3fb8c24f&resid=4000200b3fb8c24f%21134&authkey=aaipzy8nllirlky",nocase; classtype:trojan-activity; sid:100003494; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=4266fcac716657a2&resid=4266fcac716657a2!106&authkey=aoigmqhuw6vqijm",nocase; classtype:trojan-activity; sid:100003495; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=4266fcac716657a2&resid=4266fcac716657a2%21106&authkey=aoigmqhuw6vqijm",nocase; classtype:trojan-activity; sid:100003496; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=44d422e98133708b&resid=44d422e98133708b%21108&authkey=akr9cesktucbqik",nocase; classtype:trojan-activity; sid:100003497; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=44d422e98133708b&resid=44d422e98133708b%21109&authkey=adzxmpjk-etbkjq",nocase; classtype:trojan-activity; sid:100003498; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=45f0213456d899c0&resid=45f0213456d899c0%211133&authkey=alwgkm79xod8hpy",nocase; classtype:trojan-activity; sid:100003499; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=46de06f83c43e1aa&resid=46de06f83c43e1aa%21141&authkey=aazwaw2xjms24o0",nocase; classtype:trojan-activity; sid:100003500; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=470febb155be50fa&resid=470febb155be50fa!450&authkey=ahw0j-cme0jg6pw",nocase; classtype:trojan-activity; sid:100003501; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=470febb155be50fa&resid=470febb155be50fa%21450&authkey=ahw0j-cme0jg6pw",nocase; classtype:trojan-activity; sid:100003502; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=48ada4e22fff3e13&resid=48ada4e22fff3e13%21421&authkey=acd1sidm8c5fk0y",nocase; classtype:trojan-activity; sid:100003503; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=48ed7695f8804d66&resid=48ed7695f8804d66!13805&authkey=ae-zbfo2uwln_gg",nocase; classtype:trojan-activity; sid:100003504; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=48ed7695f8804d66&resid=48ed7695f8804d66!13806&authkey=aakiq-ymrjjodns",nocase; classtype:trojan-activity; sid:100003505; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=48ed7695f8804d66&resid=48ed7695f8804d66%2113805&authkey=ae-zbfo2uwln_gg",nocase; classtype:trojan-activity; sid:100003506; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=48ed7695f8804d66&resid=48ed7695f8804d66%2113806&authkey=aakiq-ymrjjodns",nocase; classtype:trojan-activity; sid:100003507; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=4b676ea3ff139b93&resid=4b676ea3ff139b93!133&authkey=amfix63glytflgo",nocase; classtype:trojan-activity; sid:100003508; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=4d4d07581d39b63d&resid=4d4d07581d39b63d%21127&authkey=ablg20r-aat_ob4",nocase; classtype:trojan-activity; sid:100003509; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=4df11eda676a355f&resid=4df11eda676a355f!130&authkey=!akd6uxvljtlvpxu",nocase; classtype:trojan-activity; sid:100003510; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=4e45a2988ed9335b&resid=4e45a2988ed9335b!108&authkey=anbjpqxg-iwr4g8",nocase; classtype:trojan-activity; sid:100003511; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=4e45a2988ed9335b&resid=4e45a2988ed9335b%21108&authkey=anbjpqxg-iwr4g8",nocase; classtype:trojan-activity; sid:100003512; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=4e57dde6c5c6b372&resid=4e57dde6c5c6b372%21337&authkey=ahhqrhiv2ei4xjc",nocase; classtype:trojan-activity; sid:100003513; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=4e57dde6c5c6b372&resid=4e57dde6c5c6b372%21344&authkey=aatlbjfo3tjnx2y",nocase; classtype:trojan-activity; sid:100003514; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=5012a067b5dec1df&resid=5012a067b5dec1df%21105&authkey=ajkwu0e9dzantl8",nocase; classtype:trojan-activity; sid:100003515; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=5012a067b5dec1df&resid=5012a067b5dec1df%21107&authkey=apd9um4_12-kpe0",nocase; classtype:trojan-activity; sid:100003516; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=5012a067b5dec1df&resid=5012a067b5dec1df%21116&authkey=anbj_rrcgyturjc",nocase; classtype:trojan-activity; sid:100003517; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=5012a067b5dec1df&resid=5012a067b5dec1df%21119&authkey=amrs3-3hsvcmtfs",nocase; classtype:trojan-activity; sid:100003518; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=5012a067b5dec1df&resid=5012a067b5dec1df%21158&authkey=aodderdrnvhruts",nocase; classtype:trojan-activity; sid:100003519; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=5012a067b5dec1df&resid=5012a067b5dec1df%21161&authkey=agdsfxdnre82jjc",nocase; classtype:trojan-activity; sid:100003520; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=5012a067b5dec1df&resid=5012a067b5dec1df%21192&authkey=agn2xvrvup-xvtg",nocase; classtype:trojan-activity; sid:100003521; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=5012a067b5dec1df&resid=5012a067b5dec1df%21206&authkey=ai1r52mhtbdnm2y",nocase; classtype:trojan-activity; sid:100003522; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=5012a067b5dec1df&resid=5012a067b5dec1df%21247&authkey=ae6weny1fa4pday",nocase; classtype:trojan-activity; sid:100003523; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=5012a067b5dec1df&resid=5012a067b5dec1df%21252&authkey=aphl0oi4r6lrty0",nocase; classtype:trojan-activity; sid:100003524; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=5012a067b5dec1df&resid=5012a067b5dec1df%21257&authkey=afnyvqwcghnyoas",nocase; classtype:trojan-activity; sid:100003525; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=5012a067b5dec1df&resid=5012a067b5dec1df%21265&authkey=abxqdhlwiurjvve",nocase; classtype:trojan-activity; sid:100003526; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=5012a067b5dec1df&resid=5012a067b5dec1df%21271&authkey=ae5qwlr5ceeptmy",nocase; classtype:trojan-activity; sid:100003527; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=5012a067b5dec1df&resid=5012a067b5dec1df%21272&authkey=ahrqeoaynibwt14",nocase; classtype:trojan-activity; sid:100003528; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=5012a067b5dec1df&resid=5012a067b5dec1df%21275&authkey=af_sgsaxsmaxg7i",nocase; classtype:trojan-activity; sid:100003529; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=5012a067b5dec1df&resid=5012a067b5dec1df%21289&authkey=angyngbqixtrjaa",nocase; classtype:trojan-activity; sid:100003530; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=5012a067b5dec1df&resid=5012a067b5dec1df%21293&authkey=acvh08asxosbwfu",nocase; classtype:trojan-activity; sid:100003531; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=5012a067b5dec1df&resid=5012a067b5dec1df%21299&authkey=amicxuotubpok2c",nocase; classtype:trojan-activity; sid:100003532; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=5012a067b5dec1df&resid=5012a067b5dec1df%21306&authkey=ahpivoukyerzcjy",nocase; classtype:trojan-activity; sid:100003533; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=5012a067b5dec1df&resid=5012a067b5dec1df%21314&authkey=aex2uv2-eiofr8q",nocase; classtype:trojan-activity; sid:100003534; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=5012a067b5dec1df&resid=5012a067b5dec1df%21332&authkey=ad0jmjxgbaebvbm",nocase; classtype:trojan-activity; sid:100003535; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=5012a067b5dec1df&resid=5012a067b5dec1df%21335&authkey=ah0vupcfbdfa6g4",nocase; classtype:trojan-activity; sid:100003536; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=5012a067b5dec1df&resid=5012a067b5dec1df%21357&authkey=ap8sswuqjjjexho",nocase; classtype:trojan-activity; sid:100003537; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=5012a067b5dec1df&resid=5012a067b5dec1df%21366&authkey=aoblpmbmx7o_v18",nocase; classtype:trojan-activity; sid:100003538; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=5012a067b5dec1df&resid=5012a067b5dec1df%21379&authkey=air-bsjj46et47q",nocase; classtype:trojan-activity; sid:100003539; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=5012a067b5dec1df&resid=5012a067b5dec1df%21389&authkey=aduenohuq_rbyhm",nocase; classtype:trojan-activity; sid:100003540; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=5012a067b5dec1df&resid=5012a067b5dec1df%21391&authkey=aa15sw51njbn_na",nocase; classtype:trojan-activity; sid:100003541; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=5012a067b5dec1df&resid=5012a067b5dec1df%21392&authkey=abp0heeg6ybn0lk",nocase; classtype:trojan-activity; sid:100003542; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=5012a067b5dec1df&resid=5012a067b5dec1df%21393&authkey=aa1pmur8sy8xtwe",nocase; classtype:trojan-activity; sid:100003543; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=501b63131ab62dd6&resid=501b63131ab62dd6%212718&authkey=aie0v1d-cusuabi",nocase; classtype:trojan-activity; sid:100003544; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=501b63131ab62dd6&resid=501b63131ab62dd6%212725&authkey=aanrz9et3bym3lc",nocase; classtype:trojan-activity; sid:100003545; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=501b63131ab62dd6&resid=501b63131ab62dd6%212728&authkey=ahsmbkltfrwgqjc",nocase; classtype:trojan-activity; sid:100003546; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=505be76830f4dc4c&resid=505be76830f4dc4c!395&authkey=alwvub_yhtogjxw",nocase; classtype:trojan-activity; sid:100003547; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=505be76830f4dc4c&resid=505be76830f4dc4c!398&authkey=abaa_tjd7ohh4so",nocase; classtype:trojan-activity; sid:100003548; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=505be76830f4dc4c&resid=505be76830f4dc4c!406&authkey=aarnp48wumgu6tq",nocase; classtype:trojan-activity; sid:100003549; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=505be76830f4dc4c&resid=505be76830f4dc4c!415&authkey=aglzsd6-g0nzj7s",nocase; classtype:trojan-activity; sid:100003550; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=505be76830f4dc4c&resid=505be76830f4dc4c!420&authkey=akk5droung_ecww",nocase; classtype:trojan-activity; sid:100003551; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=505be76830f4dc4c&resid=505be76830f4dc4c!440&authkey=ai7-dpr11wnzyq8",nocase; classtype:trojan-activity; sid:100003552; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=505be76830f4dc4c&resid=505be76830f4dc4c%21395&authkey=alwvub_yhtogjxw",nocase; classtype:trojan-activity; sid:100003553; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=505be76830f4dc4c&resid=505be76830f4dc4c%21398&authkey=abaa_tjd7ohh4so",nocase; classtype:trojan-activity; sid:100003554; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=505be76830f4dc4c&resid=505be76830f4dc4c%21406&authkey=aarnp48wumgu6tq",nocase; classtype:trojan-activity; sid:100003555; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=505be76830f4dc4c&resid=505be76830f4dc4c%21415&authkey=aglzsd6-g0nzj7s",nocase; classtype:trojan-activity; sid:100003556; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=505be76830f4dc4c&resid=505be76830f4dc4c%21420&authkey=akk5droung_ecww",nocase; classtype:trojan-activity; sid:100003557; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=505be76830f4dc4c&resid=505be76830f4dc4c%21440&authkey=ai7-dpr11wnzyq8",nocase; classtype:trojan-activity; sid:100003558; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=513190d240e51e0e&resid=513190d240e51e0e%211121&authkey=al_fmezwfay4za4",nocase; classtype:trojan-activity; sid:100003559; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=513190d240e51e0e&resid=513190d240e51e0e%211122&authkey=anz_q5njlanv2mu",nocase; classtype:trojan-activity; sid:100003560; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=52ca67cbc48c0212&resid=52ca67cbc48c0212%21110&authkey=akars6koxqzdwgi",nocase; classtype:trojan-activity; sid:100003561; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=52ca67cbc48c0212&resid=52ca67cbc48c0212%21112&authkey=aadare1gec7nzy8",nocase; classtype:trojan-activity; sid:100003562; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=53965c96e65f4f6d&resid=53965c96e65f4f6d!109&authkey=adriswrtwdpbuc8",nocase; classtype:trojan-activity; sid:100003563; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=53965c96e65f4f6d&resid=53965c96e65f4f6d!109&authkey=adriswrtwdpbuc8&em=2",nocase; classtype:trojan-activity; sid:100003564; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=53965c96e65f4f6d&resid=53965c96e65f4f6d%21109&authkey=adriswrtwdpbuc8&em=2",nocase; classtype:trojan-activity; sid:100003565; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=53c5e6b8f6893887&resid=53c5e6b8f6893887!802&authkey=aapuufivkn2zwu8",nocase; classtype:trojan-activity; sid:100003566; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=541a106160d50be3&resid=541a106160d50be3!106&authkey=anzlf1ksptbqok8",nocase; classtype:trojan-activity; sid:100003567; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=541a106160d50be3&resid=541a106160d50be3!107&authkey=ag4dr58jrjuxfyq",nocase; classtype:trojan-activity; sid:100003568; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=541a106160d50be3&resid=541a106160d50be3%21106&authkey=anzlf1ksptbqok8",nocase; classtype:trojan-activity; sid:100003569; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=541a106160d50be3&resid=541a106160d50be3%21107&authkey=ag4dr58jrjuxfyq",nocase; classtype:trojan-activity; sid:100003570; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=54f92c3a2f5d8033&resid=54f92c3a2f5d8033%21200&authkey=aofadhhfwlm2gum",nocase; classtype:trojan-activity; sid:100003571; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=55381ffd75ef8cda&resid=55381ffd75ef8cda!270&authkey=aev4isgyubiofdi",nocase; classtype:trojan-activity; sid:100003572; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=554bbd19bdd72613&resid=554bbd19bdd72613!157&authkey=an55tjzt-9vbjfy",nocase; classtype:trojan-activity; sid:100003573; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=554bbd19bdd72613&resid=554bbd19bdd72613%21156&authkey=agiuawekkbxb_4o",nocase; classtype:trojan-activity; sid:100003574; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=55c9feaf3907aae5&resid=55c9feaf3907aae5%21208&authkey=adwuyrapfdzkyoa",nocase; classtype:trojan-activity; sid:100003575; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=5607da13ee53f950&resid=5607da13ee53f950!280&authkey=advq4p3xhfhinq8",nocase; classtype:trojan-activity; sid:100003576; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=5607da13ee53f950&resid=5607da13ee53f950%21280&authkey=advq4p3xhfhinq8",nocase; classtype:trojan-activity; sid:100003577; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=5629da828892367d&resid=5629da828892367d!803&authkey=aphjbq-bsg7ohpc",nocase; classtype:trojan-activity; sid:100003578; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=5696478acb744989&resid=5696478acb744989%21383&authkey=adldpuaya7kj1dk",nocase; classtype:trojan-activity; sid:100003579; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=5696478acb744989&resid=5696478acb744989%21384&authkey=alsuxvtsof32vea",nocase; classtype:trojan-activity; sid:100003580; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=57b52435d7fee30d&resid=57b52435d7fee30d!3599&authkey=am4yicme6lrjpki",nocase; classtype:trojan-activity; sid:100003581; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=57b52435d7fee30d&resid=57b52435d7fee30d!3604&authkey=al6pb71mtq4jr1s",nocase; classtype:trojan-activity; sid:100003582; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=57b52435d7fee30d&resid=57b52435d7fee30d%213599&authkey=am4yicme6lrjpki",nocase; classtype:trojan-activity; sid:100003583; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=57b52435d7fee30d&resid=57b52435d7fee30d%213604&authkey=al6pb71mtq4jr1s",nocase; classtype:trojan-activity; sid:100003584; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=57c0958db500fe0b&resid=57c0958db500fe0b!68197&authkey=aowpm7ocl_21-oc",nocase; classtype:trojan-activity; sid:100003585; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=57c0958db500fe0b&resid=57c0958db500fe0b%2168197&authkey=aowpm7ocl_21-oc",nocase; classtype:trojan-activity; sid:100003586; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=59389d626d829e8c&resid=59389d626d829e8c%212940&authkey=anx1ngd27vqeiwo",nocase; classtype:trojan-activity; sid:100003587; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=5bf0e9600d9f9da0&resid=5bf0e9600d9f9da0%211568&authkey=aemrnwoi75oflva",nocase; classtype:trojan-activity; sid:100003588; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=5bf0e9600d9f9da0&resid=5bf0e9600d9f9da0%211572&authkey=aelz-gxlrxcwtnc",nocase; classtype:trojan-activity; sid:100003589; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=5bf0e9600d9f9da0&resid=5bf0e9600d9f9da0%211573&authkey=ahksfdvda0doles",nocase; classtype:trojan-activity; sid:100003590; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=5c5404bd403dbdc9&resid=5c5404bd403dbdc9!4464&authkey=ajskjf2hshbudeg",nocase; classtype:trojan-activity; sid:100003591; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=5f3a7a50acb94052&resid=5f3a7a50acb94052!406&authkey=aeyeq5j9zfepgai",nocase; classtype:trojan-activity; sid:100003592; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=5f3a7a50acb94052&resid=5f3a7a50acb94052!407&authkey=adnh8af-rvoxlcc",nocase; classtype:trojan-activity; sid:100003593; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=5f3a7a50acb94052&resid=5f3a7a50acb94052%21406&authkey=aeyeq5j9zfepgai",nocase; classtype:trojan-activity; sid:100003594; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=5f3a7a50acb94052&resid=5f3a7a50acb94052%21407&authkey=adnh8af-rvoxlcc",nocase; classtype:trojan-activity; sid:100003595; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=5fb9958ff55c0123&resid=5fb9958ff55c0123%21892&authkey=apwphufzjdtsedw",nocase; classtype:trojan-activity; sid:100003596; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=5fb9958ff55c0123&resid=5fb9958ff55c0123%21897&authkey=aomt6el1av5ruc8",nocase; classtype:trojan-activity; sid:100003597; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=604aa6c584db9137&resid=604aa6c584db9137%21121&authkey=adjzlorvgx_ezhq",nocase; classtype:trojan-activity; sid:100003598; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=604aa6c584db9137&resid=604aa6c584db9137%21123&authkey=ancfnepawtbmnug",nocase; classtype:trojan-activity; sid:100003599; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=604aa6c584db9137&resid=604aa6c584db9137%21124&authkey=ao7bknnuodxtfua",nocase; classtype:trojan-activity; sid:100003600; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=604aa6c584db9137&resid=604aa6c584db9137%21126&authkey=an6sswp8an1kfoe",nocase; classtype:trojan-activity; sid:100003601; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=607978009e823f21&resid=607978009e823f21!446&authkey=aofddjtovqbb_3i",nocase; classtype:trojan-activity; sid:100003602; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=618391b69828cf46&resid=618391b69828cf46%21212&authkey=akmdmweqgestysa",nocase; classtype:trojan-activity; sid:100003603; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=6196314c52185efc&resid=6196314c52185efc%21106&authkey=ape4rx1hrtmrxxe",nocase; classtype:trojan-activity; sid:100003604; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=65d5e5f1b48c0d94&resid=65d5e5f1b48c0d94!852&authkey=adzvvmms349gxmi",nocase; classtype:trojan-activity; sid:100003605; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=65f2f37122477ee7&resid=65f2f37122477ee7%211001&authkey=ap3umqxngmtk-6e",nocase; classtype:trojan-activity; sid:100003606; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=6601b18b9069ce5e&resid=6601b18b9069ce5e!1094&authkey=anqjzd7pr18fu90",nocase; classtype:trojan-activity; sid:100003607; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=6601b18b9069ce5e&resid=6601b18b9069ce5e!1099&authkey=alxq-bvz7nqbv4c",nocase; classtype:trojan-activity; sid:100003608; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=6601b18b9069ce5e&resid=6601b18b9069ce5e%211094&authkey=anqjzd7pr18fu90",nocase; classtype:trojan-activity; sid:100003609; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=6601b18b9069ce5e&resid=6601b18b9069ce5e%211099&authkey=alxq-bvz7nqbv4c",nocase; classtype:trojan-activity; sid:100003610; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=6605275726c6094a&resid=6605275726c6094a%21129&authkey=ak5szbnikeklmzk",nocase; classtype:trojan-activity; sid:100003611; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=6605275726c6094a&resid=6605275726c6094a%21132&authkey=ad3ia_1wkq0lyd4",nocase; classtype:trojan-activity; sid:100003612; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=6608a4dea9ff5918&resid=6608a4dea9ff5918%21399&authkey=aoya7flv_s9toxo",nocase; classtype:trojan-activity; sid:100003613; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=67f7a3925acbb2ad&resid=67f7a3925acbb2ad!1421&authkey=adixg2-asekemjw",nocase; classtype:trojan-activity; sid:100003614; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=67f7a3925acbb2ad&resid=67f7a3925acbb2ad%211421&authkey=adixg2-asekemjw",nocase; classtype:trojan-activity; sid:100003615; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=6819bca13312697b&resid=6819bca13312697b%213096&authkey=aob-cm9vv6erxqg",nocase; classtype:trojan-activity; sid:100003616; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=6819bca13312697b&resid=6819bca13312697b%213097&authkey=abcuevfyu6pdw70",nocase; classtype:trojan-activity; sid:100003617; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=69b503a3f081a183&resid=69b503a3f081a183%21111&authkey=aazm9wlg1rvgzoc",nocase; classtype:trojan-activity; sid:100003618; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=6a1602e410531072&resid=6a1602e410531072!112&authkey=aasndgbcwol3mys",nocase; classtype:trojan-activity; sid:100003619; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=6a1602e410531072&resid=6a1602e410531072!113&authkey=ak3tzu1lg4uuh5m",nocase; classtype:trojan-activity; sid:100003620; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=6a1602e410531072&resid=6a1602e410531072%21112&authkey=aasndgbcwol3mys",nocase; classtype:trojan-activity; sid:100003621; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=6a1602e410531072&resid=6a1602e410531072%21113&authkey=ak3tzu1lg4uuh5m",nocase; classtype:trojan-activity; sid:100003622; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=6a4147b45f4b0876&resid=6a4147b45f4b0876%21108&authkey=ameouv2jdxo5obw",nocase; classtype:trojan-activity; sid:100003623; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=6a4147b45f4b0876&resid=6a4147b45f4b0876%21119&authkey=aazzzrl7mv2xbwq",nocase; classtype:trojan-activity; sid:100003624; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=6a7b40a2bc530c6c&resid=6a7b40a2bc530c6c%21112&authkey=afuov36rbymlvxm",nocase; classtype:trojan-activity; sid:100003625; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=6b3ee3b3b5fb10d3&resid=6b3ee3b3b5fb10d3!118&authkey=aepf8f3mfmlsng0",nocase; classtype:trojan-activity; sid:100003626; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=6b3ee3b3b5fb10d3&resid=6b3ee3b3b5fb10d3%21118&authkey=aepf8f3mfmlsng0",nocase; classtype:trojan-activity; sid:100003627; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=6b61e983f930f79f&resid=6b61e983f930f79f!540&authkey=ap2n5w41ifew0i8",nocase; classtype:trojan-activity; sid:100003628; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=6b71cecfb2f8c8a7&resid=6b71cecfb2f8c8a7!1154&authkey=acnbdscb8-rbmcu",nocase; classtype:trojan-activity; sid:100003629; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=6b71cecfb2f8c8a7&resid=6b71cecfb2f8c8a7%211154&authkey=acnbdscb8-rbmcu",nocase; classtype:trojan-activity; sid:100003630; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=7043c80efc0bdbd6&resid=7043c80efc0bdbd6!301&authkey=abquzhtdjg5pryk",nocase; classtype:trojan-activity; sid:100003631; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=7043c80efc0bdbd6&resid=7043c80efc0bdbd6!302&authkey=al2_xstzqulnnqw",nocase; classtype:trojan-activity; sid:100003632; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=7043c80efc0bdbd6&resid=7043c80efc0bdbd6!305&authkey=an-uuhplpk2zp5u",nocase; classtype:trojan-activity; sid:100003633; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=7043c80efc0bdbd6&resid=7043c80efc0bdbd6%21301&authkey=abquzhtdjg5pryk",nocase; classtype:trojan-activity; sid:100003634; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=7043c80efc0bdbd6&resid=7043c80efc0bdbd6%21302&authkey=al2_xstzqulnnqw",nocase; classtype:trojan-activity; sid:100003635; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=7043c80efc0bdbd6&resid=7043c80efc0bdbd6%21305&authkey=an-uuhplpk2zp5u",nocase; classtype:trojan-activity; sid:100003636; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=70c4976fc04ddb54&resid=70c4976fc04ddb54%21106&authkey=apvhok6edhtogfu",nocase; classtype:trojan-activity; sid:100003637; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=70c4976fc04ddb54&resid=70c4976fc04ddb54%21115&authkey=amc_k1nnlywdc4i",nocase; classtype:trojan-activity; sid:100003638; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=724b5c509337556e&resid=724b5c509337556e%21908&authkey=agcbb3nakpteyam",nocase; classtype:trojan-activity; sid:100003639; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=7285f51e65036769&resid=7285f51e65036769%21264&authkey=akyjvrz006qlble",nocase; classtype:trojan-activity; sid:100003640; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=7366fefc2190d2e3&resid=7366fefc2190d2e3%21243&authkey=apivjmxivosek60",nocase; classtype:trojan-activity; sid:100003641; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=7366fefc2190d2e3&resid=7366fefc2190d2e3%21256&authkey=adljht0ogfq775k",nocase; classtype:trojan-activity; sid:100003642; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=7366fefc2190d2e3&resid=7366fefc2190d2e3%21260&authkey=aig6cydr4_e-qj8",nocase; classtype:trojan-activity; sid:100003643; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=7366fefc2190d2e3&resid=7366fefc2190d2e3%21262&authkey=ak4fiz1-a1ks8rg",nocase; classtype:trojan-activity; sid:100003644; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=7366fefc2190d2e3&resid=7366fefc2190d2e3%21264&authkey=aizkjymvlgqwpte",nocase; classtype:trojan-activity; sid:100003645; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=7621307c0282fefe&resid=7621307c0282fefe!106&authkey=ahu5s4ttjvxbnxo",nocase; classtype:trojan-activity; sid:100003646; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=7621307c0282fefe&resid=7621307c0282fefe!107&authkey=abj3eccentbeaqa",nocase; classtype:trojan-activity; sid:100003647; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=7621307c0282fefe&resid=7621307c0282fefe!108&authkey=amvcygo4prlgt4i",nocase; classtype:trojan-activity; sid:100003648; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=7621307c0282fefe&resid=7621307c0282fefe!110&authkey=ahzuehvk5nvzo90",nocase; classtype:trojan-activity; sid:100003649; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=7621307c0282fefe&resid=7621307c0282fefe%21106&authkey=ahu5s4ttjvxbnxo",nocase; classtype:trojan-activity; sid:100003650; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=7621307c0282fefe&resid=7621307c0282fefe%21107&authkey=abj3eccentbeaqa",nocase; classtype:trojan-activity; sid:100003651; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=7621307c0282fefe&resid=7621307c0282fefe%21108&authkey=amvcygo4prlgt4i",nocase; classtype:trojan-activity; sid:100003652; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=7621307c0282fefe&resid=7621307c0282fefe%21110&authkey=ahzuehvk5nvzo90",nocase; classtype:trojan-activity; sid:100003653; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=77518d098ad4dfb0&resid=77518d098ad4dfb0%21939&authkey=akzqobxxxn89z34",nocase; classtype:trojan-activity; sid:100003654; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=78bfb08e0f7bc86f&resid=78bfb08e0f7bc86f%21111&authkey=aggnhgqj6uhxm2w",nocase; classtype:trojan-activity; sid:100003655; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=78bfb08e0f7bc86f&resid=78bfb08e0f7bc86f%21112&authkey=abser1xtkpb3-ta",nocase; classtype:trojan-activity; sid:100003656; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=78bfb08e0f7bc86f&resid=78bfb08e0f7bc86f%21117&authkey=aivf1ddcvvu22em",nocase; classtype:trojan-activity; sid:100003657; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=7a5e689dd1dc641f&resid=7a5e689dd1dc641f!119&authkey=aozjai26izprqto",nocase; classtype:trojan-activity; sid:100003658; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=7a5e689dd1dc641f&resid=7a5e689dd1dc641f!120&authkey=ajj7ueqjvobgfum",nocase; classtype:trojan-activity; sid:100003659; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=7a5e689dd1dc641f&resid=7a5e689dd1dc641f%21119&authkey=aozjai26izprqto",nocase; classtype:trojan-activity; sid:100003660; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=7a5e689dd1dc641f&resid=7a5e689dd1dc641f%21120&authkey=ajj7ueqjvobgfum",nocase; classtype:trojan-activity; sid:100003661; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=7c1fc7da38ab958e&resid=7c1fc7da38ab958e!146&authkey=aktmjqz8n4s_sbm",nocase; classtype:trojan-activity; sid:100003662; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=7c3f8e95e474dff2&resid=7c3f8e95e474dff2%2125570&authkey=aejqgjglwurnb0a",nocase; classtype:trojan-activity; sid:100003663; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=7c3f8e95e474dff2&resid=7c3f8e95e474dff2%2125575&authkey=ahnmpmvzshrwoyq",nocase; classtype:trojan-activity; sid:100003664; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=7c3f8e95e474dff2&resid=7c3f8e95e474dff2%2125579&authkey=amhnrbwecb4hp_k",nocase; classtype:trojan-activity; sid:100003665; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=7c41ddcfa01aeff7&resid=7c41ddcfa01aeff7!5295&authkey=aasceqj1mdodeuo",nocase; classtype:trojan-activity; sid:100003666; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=7c41ddcfa01aeff7&resid=7c41ddcfa01aeff7!5296&authkey=ank3vz5syaf6bny",nocase; classtype:trojan-activity; sid:100003667; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=7c41ddcfa01aeff7&resid=7c41ddcfa01aeff7!5298&authkey=albzyizuqczfv9s",nocase; classtype:trojan-activity; sid:100003668; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=7c41ddcfa01aeff7&resid=7c41ddcfa01aeff7%215295&authkey=aasceqj1mdodeuo",nocase; classtype:trojan-activity; sid:100003669; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=7c41ddcfa01aeff7&resid=7c41ddcfa01aeff7%215296&authkey=ank3vz5syaf6bny",nocase; classtype:trojan-activity; sid:100003670; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=7c41ddcfa01aeff7&resid=7c41ddcfa01aeff7%215298&authkey=albzyizuqczfv9s",nocase; classtype:trojan-activity; sid:100003671; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=7d109f249b512466&resid=7d109f249b512466!543&authkey=acqc4xjghclmwbs",nocase; classtype:trojan-activity; sid:100003672; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=7e5a4eadcfc79be0&resid=7e5a4eadcfc79be0!443&authkey=abue79u9di9axjm",nocase; classtype:trojan-activity; sid:100003673; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=7e5a4eadcfc79be0&resid=7e5a4eadcfc79be0!444&authkey=abzxvycu0ggtmg8",nocase; classtype:trojan-activity; sid:100003674; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=7e5a4eadcfc79be0&resid=7e5a4eadcfc79be0%21444&authkey=abzxvycu0ggtmg8",nocase; classtype:trojan-activity; sid:100003675; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=7e81645429ac5a22&resid=7e81645429ac5a22%21105&authkey=aa691jwf5wqi80c",nocase; classtype:trojan-activity; sid:100003676; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=7fed4fbea32e3c1e&resid=7fed4fbea32e3c1e%21107&authkey=aeoxfycpolifch0",nocase; classtype:trojan-activity; sid:100003677; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=806bac90dc071edf&resid=806bac90dc071edf!105&authkey=!ao7jyz6-licb8hq",nocase; classtype:trojan-activity; sid:100003678; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=81c2d8b116274e17&resid=81c2d8b116274e17%21107&authkey=aaqw-t4dx2sbvda",nocase; classtype:trojan-activity; sid:100003679; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=82977114b1af209d&resid=82977114b1af209d!220&authkey=abuin5vdedjughm",nocase; classtype:trojan-activity; sid:100003680; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=860a0980486c93fa&resid=860a0980486c93fa!303&authkey=!agcmlab4r6syfvk",nocase; classtype:trojan-activity; sid:100003681; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=87dc3e587977c459&resid=87dc3e587977c459%21164&authkey=agbeiinncf8ok_4",nocase; classtype:trojan-activity; sid:100003682; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=87dc3e587977c459&resid=87dc3e587977c459%21165&authkey=aiof8rdvxglnm-c",nocase; classtype:trojan-activity; sid:100003683; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=883587d3e32ee1c4&resid=883587d3e32ee1c4!2402&authkey=amigiam45mt6jia",nocase; classtype:trojan-activity; sid:100003684; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=883587d3e32ee1c4&resid=883587d3e32ee1c4%212402&authkey=amigiam45mt6jia",nocase; classtype:trojan-activity; sid:100003685; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=890837b4e4ca07c6&resid=890837b4e4ca07c6%21289&authkey=abujc0akmtbsxf4",nocase; classtype:trojan-activity; sid:100003686; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=89360b4c7415c088&resid=89360b4c7415c088%21106&authkey=akfcfq3zq5oof2i",nocase; classtype:trojan-activity; sid:100003687; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=89360b4c7415c088&resid=89360b4c7415c088%21108&authkey=amfbkmapqbvzpvk",nocase; classtype:trojan-activity; sid:100003688; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=8a1574ed0cecd68a&resid=8a1574ed0cecd68a%21395&authkey=ane01evt0sz-1wk",nocase; classtype:trojan-activity; sid:100003689; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=8c77cee60e33a6b1&resid=8c77cee60e33a6b1%21106&authkey=af8h8jn801bjnbk",nocase; classtype:trojan-activity; sid:100003690; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=8ffd8cbd6540c065&resid=8ffd8cbd6540c065!822&authkey=acfj7bbrmktj1i0",nocase; classtype:trojan-activity; sid:100003691; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=911a03165832a3d6&resid=911a03165832a3d6%21278&authkey=abdo23i3bvy0_my",nocase; classtype:trojan-activity; sid:100003692; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=914146ba02b70d25&resid=914146ba02b70d25!130&authkey=ais_g9dqoddonsc",nocase; classtype:trojan-activity; sid:100003693; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=914146ba02b70d25&resid=914146ba02b70d25%21106&authkey=ahfgxp0p6nk0eby",nocase; classtype:trojan-activity; sid:100003694; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=914146ba02b70d25&resid=914146ba02b70d25%21109&authkey=akr1n3qxtmnttuo",nocase; classtype:trojan-activity; sid:100003695; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=914146ba02b70d25&resid=914146ba02b70d25%21113&authkey=ajpvf1h89sqstti",nocase; classtype:trojan-activity; sid:100003696; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=92462ab265d53cb2&resid=92462ab265d53cb2!112&authkey=af43qpcgl0t2f5o",nocase; classtype:trojan-activity; sid:100003697; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=92462ab265d53cb2&resid=92462ab265d53cb2!113&authkey=ag92_wxfvrsuix8",nocase; classtype:trojan-activity; sid:100003698; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=92462ab265d53cb2&resid=92462ab265d53cb2%21112&authkey=af43qpcgl0t2f5o",nocase; classtype:trojan-activity; sid:100003699; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=92462ab265d53cb2&resid=92462ab265d53cb2%21113&authkey=ag92_wxfvrsuix8",nocase; classtype:trojan-activity; sid:100003700; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=944cfbbd7823d265&resid=944cfbbd7823d265%21105&authkey=ah9x7rn0p03kd_m",nocase; classtype:trojan-activity; sid:100003701; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=944cfbbd7823d265&resid=944cfbbd7823d265%21110&authkey=ammswulpdsjeu4w",nocase; classtype:trojan-activity; sid:100003702; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=94fefff7000581d3&resid=94fefff7000581d3!107&authkey=ac-m9dlvo5l7wfk",nocase; classtype:trojan-activity; sid:100003703; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=94fefff7000581d3&resid=94fefff7000581d3%21107&authkey=ac-m9dlvo5l7wfk",nocase; classtype:trojan-activity; sid:100003704; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=96a54b19ff5f6bab&resid=96a54b19ff5f6bab%21107&authkey=anxv07ez7s5sh_k",nocase; classtype:trojan-activity; sid:100003705; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=96e7ccc5d61517fc&resid=96e7ccc5d61517fc%21410&authkey=acwug6bewxk0pli",nocase; classtype:trojan-activity; sid:100003706; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=96e7ccc5d61517fc&resid=96e7ccc5d61517fc%21411&authkey=aj8o1fcvfhibmlm",nocase; classtype:trojan-activity; sid:100003707; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=96fd249b957988a2&resid=96fd249b957988a2%211303&authkey=ah_etf1fqofknue",nocase; classtype:trojan-activity; sid:100003708; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=97b465ea1ddc3935&resid=97b465ea1ddc3935%21775&authkey=abblpjxi4mwomgs",nocase; classtype:trojan-activity; sid:100003709; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=98103c88c2d68867&resid=98103c88c2d68867!773&authkey=akptbml43mi4ufc",nocase; classtype:trojan-activity; sid:100003710; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=982b2c4bb2a23649&resid=982b2c4bb2a23649%211925&authkey=amhhfhcsigeue9w",nocase; classtype:trojan-activity; sid:100003711; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=982b2c4bb2a23649&resid=982b2c4bb2a23649%211927&authkey=an_3paqpemptbvm",nocase; classtype:trojan-activity; sid:100003712; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=982b2c4bb2a23649&resid=982b2c4bb2a23649%211953&authkey=abdfqiyruwplpo0",nocase; classtype:trojan-activity; sid:100003713; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=982b2c4bb2a23649&resid=982b2c4bb2a23649%211954&authkey=aok-srkhxjazccy",nocase; classtype:trojan-activity; sid:100003714; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=9a8688776fe2dbf4&resid=9a8688776fe2dbf4%21172&authkey=ahharhcv0fmn5fm",nocase; classtype:trojan-activity; sid:100003715; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=9a8688776fe2dbf4&resid=9a8688776fe2dbf4%21173&authkey=aecb3qcquacvzhi",nocase; classtype:trojan-activity; sid:100003716; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=9a8688776fe2dbf4&resid=9a8688776fe2dbf4%21174&authkey=afv7cprqwxezgsi",nocase; classtype:trojan-activity; sid:100003717; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=9a8688776fe2dbf4&resid=9a8688776fe2dbf4%21177&authkey=als6_be40lt5jk8",nocase; classtype:trojan-activity; sid:100003718; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=9e4e4faca91ad3d2&resid=9e4e4faca91ad3d2!113&authkey=akeqdnxllfzf8hq",nocase; classtype:trojan-activity; sid:100003719; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=9e4e4faca91ad3d2&resid=9e4e4faca91ad3d2%21113&authkey=akeqdnxllfzf8hq",nocase; classtype:trojan-activity; sid:100003720; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=9fba865c1fdce17f&resid=9fba865c1fdce17f%211109&authkey=achpeiyvsphyn9o",nocase; classtype:trojan-activity; sid:100003721; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=a023fe2d1ac611f2&resid=a023fe2d1ac611f2!514&authkey=alaxh02uycquui4",nocase; classtype:trojan-activity; sid:100003722; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=a04a98741fafee2b&resid=a04a98741fafee2b%211857&authkey=af3qhnjtfnffevi",nocase; classtype:trojan-activity; sid:100003723; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=a0fb3cde2e262340&resid=a0fb3cde2e262340!997&authkey=akw6btyej2zht08",nocase; classtype:trojan-activity; sid:100003724; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=a0fb3cde2e262340&resid=a0fb3cde2e262340%21997&authkey=akw6btyej2zht08",nocase; classtype:trojan-activity; sid:100003725; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=a1c8c8055848b889&resid=a1c8c8055848b889!111&authkey=agzlftsgr4lspvo",nocase; classtype:trojan-activity; sid:100003726; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=a2cd2cdb93584d7e&resid=a2cd2cdb93584d7e%21106&authkey=aeifpqbwo1s3dyq",nocase; classtype:trojan-activity; sid:100003727; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=a31988151cf6813e&resid=a31988151cf6813e%21107&authkey=ab9lanzt1aj_0ws",nocase; classtype:trojan-activity; sid:100003728; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=a4000de54b92dcc6&resid=a4000de54b92dcc6%211064&authkey=apebndb6tstxywi",nocase; classtype:trojan-activity; sid:100003729; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=a4000de54b92dcc6&resid=a4000de54b92dcc6%211065&authkey=aca4_dggi5gbbfs",nocase; classtype:trojan-activity; sid:100003730; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=a4000de54b92dcc6&resid=a4000de54b92dcc6%211067&authkey=ae-3ej9zzj4ibhw",nocase; classtype:trojan-activity; sid:100003731; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=a4000de54b92dcc6&resid=a4000de54b92dcc6%211069&authkey=agx6b8qjt_clm-o",nocase; classtype:trojan-activity; sid:100003732; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=a502994ea313f5c7&resid=a502994ea313f5c7%21215&authkey=aiydvejv0l8stbs",nocase; classtype:trojan-activity; sid:100003733; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=a6d02acf038b0114&resid=a6d02acf038b0114%21251&authkey=ainluv1ppu-8ogu",nocase; classtype:trojan-activity; sid:100003734; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=a6dd95780c6c7e21&resid=a6dd95780c6c7e21!6053&authkey=agfh0ahstj7rrki",nocase; classtype:trojan-activity; sid:100003735; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=a6dd95780c6c7e21&resid=a6dd95780c6c7e21%216053&authkey=agfh0ahstj7rrki",nocase; classtype:trojan-activity; sid:100003736; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=a75074ec168603e4&resid=a75074ec168603e4%21108&authkey=apnjueurszwr7fi",nocase; classtype:trojan-activity; sid:100003737; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=a7d52fea62ebd0f0&resid=a7d52fea62ebd0f0%21414&authkey=akf9uwwkitvhrvc",nocase; classtype:trojan-activity; sid:100003738; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=a7d52fea62ebd0f0&resid=a7d52fea62ebd0f0%21415&authkey=ag_5kthuezprnoy",nocase; classtype:trojan-activity; sid:100003739; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=a7d52fea62ebd0f0&resid=a7d52fea62ebd0f0%21416&authkey=airlma-pycgfkyc",nocase; classtype:trojan-activity; sid:100003740; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=a7d52fea62ebd0f0&resid=a7d52fea62ebd0f0%21419&authkey=ab1-sgyv2gibyey",nocase; classtype:trojan-activity; sid:100003741; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=a7d52fea62ebd0f0&resid=a7d52fea62ebd0f0%21422&authkey=acphsmdy415izjg",nocase; classtype:trojan-activity; sid:100003742; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=a7d52fea62ebd0f0&resid=a7d52fea62ebd0f0%21424&authkey=afvfwz5uvde1pui",nocase; classtype:trojan-activity; sid:100003743; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=a88c38fdad791818&resid=a88c38fdad791818!129&authkey=aesewk3cf5vbrxw",nocase; classtype:trojan-activity; sid:100003744; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=a88c38fdad791818&resid=a88c38fdad791818%21129&authkey=aesewk3cf5vbrxw",nocase; classtype:trojan-activity; sid:100003745; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=aa4e252db942faec&resid=aa4e252db942faec%21168&authkey=anlnjo7xnwtswuk",nocase; classtype:trojan-activity; sid:100003746; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=ae28961c75435487&resid=ae28961c75435487%21106&authkey=alph5awcis8r9iw",nocase; classtype:trojan-activity; sid:100003747; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=ae80108520d75992&resid=ae80108520d75992!113&authkey=agh9q_zzyjjcspc",nocase; classtype:trojan-activity; sid:100003748; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=ae80108520d75992&resid=ae80108520d75992%21113&authkey=agh9q_zzyjjcspc",nocase; classtype:trojan-activity; sid:100003749; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=b03ee17d51411308&resid=b03ee17d51411308%212152&authkey=abutaac83l5utks",nocase; classtype:trojan-activity; sid:100003750; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=b1239884e2deb3b9&resid=b1239884e2deb3b9%21650&authkey=aht-wbxsofyx33u",nocase; classtype:trojan-activity; sid:100003751; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=b1239884e2deb3b9&resid=b1239884e2deb3b9%21651&authkey=aebbyk6sevdmzgm",nocase; classtype:trojan-activity; sid:100003752; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=b1239884e2deb3b9&resid=b1239884e2deb3b9%21652&authkey=afsw5wahxo5kwjy",nocase; classtype:trojan-activity; sid:100003753; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=b1c3a5ef115e135c&resid=b1c3a5ef115e135c%216219&authkey=ahr7bklirbub0pc",nocase; classtype:trojan-activity; sid:100003754; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=b3805920e5eb0711&resid=b3805920e5eb0711%21120&authkey=aozmspl2dqkgkgy",nocase; classtype:trojan-activity; sid:100003755; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=b3805920e5eb0711&resid=b3805920e5eb0711%21123&authkey=aj18p0rtfbtwa84",nocase; classtype:trojan-activity; sid:100003756; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=b3a118354e81d1bb&resid=b3a118354e81d1bb%21139&authkey=ahwfjvw4zmjukeo",nocase; classtype:trojan-activity; sid:100003757; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=b3a118354e81d1bb&resid=b3a118354e81d1bb%21140&authkey=aksvfpmrfqrrggw",nocase; classtype:trojan-activity; sid:100003758; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=b3a118354e81d1bb&resid=b3a118354e81d1bb%21141&authkey=acznh6clby0qyww",nocase; classtype:trojan-activity; sid:100003759; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=b3a118354e81d1bb&resid=b3a118354e81d1bb%21142&authkey=ajf7j1rr3d7jcxy",nocase; classtype:trojan-activity; sid:100003760; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=b3a118354e81d1bb&resid=b3a118354e81d1bb%21143&authkey=ahs21wnsqb_vu9w",nocase; classtype:trojan-activity; sid:100003761; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=b50c4248502103d0&resid=b50c4248502103d0%21107&authkey=alf1nley7ja4dbq",nocase; classtype:trojan-activity; sid:100003762; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=b5ea8d4249d866e6&resid=b5ea8d4249d866e6!164&authkey=adfsfcdaw3biboy",nocase; classtype:trojan-activity; sid:100003763; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=b5ea8d4249d866e6&resid=b5ea8d4249d866e6%21164&authkey=adfsfcdaw3biboy",nocase; classtype:trojan-activity; sid:100003764; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=b86046e8cbd4254b&resid=b86046e8cbd4254b%21115&authkey=agwstptwpaquleg",nocase; classtype:trojan-activity; sid:100003765; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=b8ba73db68da7c0b&resid=b8ba73db68da7c0b!7521&authkey=ablt9zdyq2d4rb0",nocase; classtype:trojan-activity; sid:100003766; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=b8ba73db68da7c0b&resid=b8ba73db68da7c0b%217521&authkey=ablt9zdyq2d4rb0",nocase; classtype:trojan-activity; sid:100003767; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=b90c1aa3b6cd0326&resid=b90c1aa3b6cd0326%21471&authkey=aoil8ra4oc4s_2m",nocase; classtype:trojan-activity; sid:100003768; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=b9690a1860a591d0&resid=b9690a1860a591d0%21161&authkey=aehawjpwf6tqtm8",nocase; classtype:trojan-activity; sid:100003769; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=bd6fbb121626b540&resid=bd6fbb121626b540!1047&authkey=aod6jbxyicq2v4g",nocase; classtype:trojan-activity; sid:100003770; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=bd6fbb121626b540&resid=bd6fbb121626b540%211047&authkey=aod6jbxyicq2v4g",nocase; classtype:trojan-activity; sid:100003771; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=beaf30da1f621c9b&resid=beaf30da1f621c9b!246&authkey=afyrchdutalpu90",nocase; classtype:trojan-activity; sid:100003772; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=beaf30da1f621c9b&resid=beaf30da1f621c9b%21246&authkey=afyrchdutalpu90",nocase; classtype:trojan-activity; sid:100003773; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=bf83d9247c2329e0&resid=bf83d9247c2329e0%211108&authkey=absaw-bpqrc6mpq",nocase; classtype:trojan-activity; sid:100003774; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=c121261804708478&resid=c121261804708478%214199&authkey=adgqe8qiyu92bqm",nocase; classtype:trojan-activity; sid:100003775; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=c121261804708478&resid=c121261804708478%214200&authkey=adqtju8i3nmlgai",nocase; classtype:trojan-activity; sid:100003776; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=c121261804708478&resid=c121261804708478%214201&authkey=ahqber27s7gg8kk",nocase; classtype:trojan-activity; sid:100003777; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=c359b1a8babc6019&resid=c359b1a8babc6019!1251&authkey=act34eizpzjugfa",nocase; classtype:trojan-activity; sid:100003778; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=c359b1a8babc6019&resid=c359b1a8babc6019%211251&authkey=act34eizpzjugfa",nocase; classtype:trojan-activity; sid:100003779; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=c3d8ad85ba2add4e&resid=c3d8ad85ba2add4e!1337&authkey=afnvu1fsuczht5e",nocase; classtype:trojan-activity; sid:100003780; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=c3d8ad85ba2add4e&resid=c3d8ad85ba2add4e!1338&authkey=ajngambosws75_c",nocase; classtype:trojan-activity; sid:100003781; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=c3d8ad85ba2add4e&resid=c3d8ad85ba2add4e!1340&authkey=al1ay3fbtude6d8",nocase; classtype:trojan-activity; sid:100003782; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=c3d8ad85ba2add4e&resid=c3d8ad85ba2add4e!1342&authkey=acpr_htn2jtaxfu",nocase; classtype:trojan-activity; sid:100003783; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=c3d8ad85ba2add4e&resid=c3d8ad85ba2add4e!1344&authkey=aozerppd6mnokwy",nocase; classtype:trojan-activity; sid:100003784; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=c3d8ad85ba2add4e&resid=c3d8ad85ba2add4e!1345&authkey=aevvyhonxhtcdh0",nocase; classtype:trojan-activity; sid:100003785; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=c3d8ad85ba2add4e&resid=c3d8ad85ba2add4e!1346&authkey=achrnf5vlov1gf4",nocase; classtype:trojan-activity; sid:100003786; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=c3d8ad85ba2add4e&resid=c3d8ad85ba2add4e!1347&authkey=al-zge-ttvr921s",nocase; classtype:trojan-activity; sid:100003787; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=c3d8ad85ba2add4e&resid=c3d8ad85ba2add4e%211337&authkey=afnvu1fsuczht5e",nocase; classtype:trojan-activity; sid:100003788; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=c3d8ad85ba2add4e&resid=c3d8ad85ba2add4e%211340&authkey=al1ay3fbtude6d8",nocase; classtype:trojan-activity; sid:100003789; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=c3d8ad85ba2add4e&resid=c3d8ad85ba2add4e%211342&authkey=acpr_htn2jtaxfu",nocase; classtype:trojan-activity; sid:100003790; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=c3d8ad85ba2add4e&resid=c3d8ad85ba2add4e%211343&authkey=abodysrxu9l2xxu",nocase; classtype:trojan-activity; sid:100003791; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=c3d8ad85ba2add4e&resid=c3d8ad85ba2add4e%211345&authkey=aevvyhonxhtcdh0",nocase; classtype:trojan-activity; sid:100003792; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=c3d8ad85ba2add4e&resid=c3d8ad85ba2add4e%211346&authkey=achrnf5vlov1gf4",nocase; classtype:trojan-activity; sid:100003793; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=c3d8ad85ba2add4e&resid=c3d8ad85ba2add4e%211347&authkey=al-zge-ttvr921s",nocase; classtype:trojan-activity; sid:100003794; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=c701663053a57d59&resid=c701663053a57d59%211009&authkey=ahowgkak7j0p2q8",nocase; classtype:trojan-activity; sid:100003795; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=c71b410673c49a80&resid=c71b410673c49a80%21486&authkey=amy4euf_rrlcykc",nocase; classtype:trojan-activity; sid:100003796; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=c71b410673c49a80&resid=c71b410673c49a80%21489&authkey=ako3anwfnqfohnc",nocase; classtype:trojan-activity; sid:100003797; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=c80630c4d385fb9d&resid=c80630c4d385fb9d%21286&authkey=amgaucv8bld_5qs",nocase; classtype:trojan-activity; sid:100003798; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=ca308e3d3912d9e7&resid=ca308e3d3912d9e7%21546&authkey=aa6q-ryiifnet5m",nocase; classtype:trojan-activity; sid:100003799; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=ca308e3d3912d9e7&resid=ca308e3d3912d9e7%21547&authkey=aipm8qnwbgo4yga",nocase; classtype:trojan-activity; sid:100003800; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=ca897bdd16fc7940&resid=ca897bdd16fc7940%21106&authkey=aniklpt8vtlahbg",nocase; classtype:trojan-activity; sid:100003801; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=cb64e6e1a6ce15a2&resid=cb64e6e1a6ce15a2!109&authkey=ac4gxwjoopafr9a",nocase; classtype:trojan-activity; sid:100003802; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=cb64e6e1a6ce15a2&resid=cb64e6e1a6ce15a2%21109&authkey=ac4gxwjoopafr9a",nocase; classtype:trojan-activity; sid:100003803; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=cbb66cac420484bc&resid=cbb66cac420484bc!10968&authkey=aj9bjkobu-rlnaw",nocase; classtype:trojan-activity; sid:100003804; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=cda6c13b54bbe48c&resid=cda6c13b54bbe48c!44331&authkey=afohia-wo-alwiy",nocase; classtype:trojan-activity; sid:100003805; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=cda6c13b54bbe48c&resid=cda6c13b54bbe48c%2144331&authkey=afohia-wo-alwiy",nocase; classtype:trojan-activity; sid:100003806; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=cf0c6d1a4c15233d&resid=cf0c6d1a4c15233d!742&authkey=akbxju17f8g0r2s",nocase; classtype:trojan-activity; sid:100003807; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=cf0c6d1a4c15233d&resid=cf0c6d1a4c15233d!744&authkey=adak4zftd0yhhhs",nocase; classtype:trojan-activity; sid:100003808; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=cf0c6d1a4c15233d&resid=cf0c6d1a4c15233d%21742&authkey=akbxju17f8g0r2s",nocase; classtype:trojan-activity; sid:100003809; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=cf0c6d1a4c15233d&resid=cf0c6d1a4c15233d%21744&authkey=adak4zftd0yhhhs",nocase; classtype:trojan-activity; sid:100003810; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=d06d60404544fb85&resid=d06d60404544fb85!872&authkey=ap9hchztywo8zuo",nocase; classtype:trojan-activity; sid:100003811; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=d06d60404544fb85&resid=d06d60404544fb85!874&authkey=alkzcbxz-dscgum",nocase; classtype:trojan-activity; sid:100003812; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=d06d60404544fb85&resid=d06d60404544fb85!875&authkey=aka55ybdhqnoc6c",nocase; classtype:trojan-activity; sid:100003813; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=d06d60404544fb85&resid=d06d60404544fb85%21872&authkey=ap9hchztywo8zuo",nocase; classtype:trojan-activity; sid:100003814; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=d06d60404544fb85&resid=d06d60404544fb85%21874&authkey=alkzcbxz-dscgum",nocase; classtype:trojan-activity; sid:100003815; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=d06d60404544fb85&resid=d06d60404544fb85%21875&authkey=aka55ybdhqnoc6c",nocase; classtype:trojan-activity; sid:100003816; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=d2f3748954f6f8a8&resid=d2f3748954f6f8a8%21119&authkey=aex5s9uoun2zps0",nocase; classtype:trojan-activity; sid:100003817; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=d4d413b6e7cf7088&resid=d4d413b6e7cf7088%211271&authkey=akz65bxpgvdxjb8",nocase; classtype:trojan-activity; sid:100003818; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=d718e3c8e3bc53c0&resid=d718e3c8e3bc53c0!191&authkey=ajl2uegqunsgc3q",nocase; classtype:trojan-activity; sid:100003819; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=d718e3c8e3bc53c0&resid=d718e3c8e3bc53c0!192&authkey=acd_hx4bka3z0nw",nocase; classtype:trojan-activity; sid:100003820; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=d718e3c8e3bc53c0&resid=d718e3c8e3bc53c0%21191&authkey=ajl2uegqunsgc3q",nocase; classtype:trojan-activity; sid:100003821; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=d718e3c8e3bc53c0&resid=d718e3c8e3bc53c0%21192&authkey=acd_hx4bka3z0nw",nocase; classtype:trojan-activity; sid:100003822; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=d718e3c8e3bc53c0&resid=d718e3c8e3bc53c0%21193&authkey=ah68m6pamjvyscy",nocase; classtype:trojan-activity; sid:100003823; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=db0fc77df51690e1&resid=db0fc77df51690e1%21802&authkey=apefr8w_rdk--pe",nocase; classtype:trojan-activity; sid:100003824; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=db5548cd728f142b&resid=db5548cd728f142b%21187&authkey=aansxudby0o7uwq",nocase; classtype:trojan-activity; sid:100003825; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=db62f747c6d887d0&resid=db62f747c6d887d0%21111&authkey=ai2guftczvfehs4",nocase; classtype:trojan-activity; sid:100003826; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=dcd65237fcd1a1a9&resid=dcd65237fcd1a1a9%21162&authkey=aprqs0hugnfo6uq",nocase; classtype:trojan-activity; sid:100003827; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=dd0a0ec58f4ac5f5&resid=dd0a0ec58f4ac5f5!7527&authkey=aipybipwht56um8",nocase; classtype:trojan-activity; sid:100003828; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=dd0a0ec58f4ac5f5&resid=dd0a0ec58f4ac5f5!7530&authkey=am9p2ic6zdkgfmy",nocase; classtype:trojan-activity; sid:100003829; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=dd0a0ec58f4ac5f5&resid=dd0a0ec58f4ac5f5!7532&authkey=aonjnubquvon_uk",nocase; classtype:trojan-activity; sid:100003830; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=dd0a0ec58f4ac5f5&resid=dd0a0ec58f4ac5f5%217527&authkey=aipybipwht56um8",nocase; classtype:trojan-activity; sid:100003831; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=dd0a0ec58f4ac5f5&resid=dd0a0ec58f4ac5f5%217530&authkey=am9p2ic6zdkgfmy",nocase; classtype:trojan-activity; sid:100003832; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=dd0a0ec58f4ac5f5&resid=dd0a0ec58f4ac5f5%217532&authkey=aonjnubquvon_uk",nocase; classtype:trojan-activity; sid:100003833; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=e0837d627665c3e2&resid=e0837d627665c3e2!1818&authkey=anh2wga7qmhbmuo",nocase; classtype:trojan-activity; sid:100003834; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=e0837d627665c3e2&resid=e0837d627665c3e2%211818&authkey=anh2wga7qmhbmuo",nocase; classtype:trojan-activity; sid:100003835; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=e08e2d452e10fc69&resid=e08e2d452e10fc69%21107&authkey=akrabrcroiddkxw",nocase; classtype:trojan-activity; sid:100003836; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=e08e2d452e10fc69&resid=e08e2d452e10fc69%21115&authkey=ad1ncwtj_zcjsh0",nocase; classtype:trojan-activity; sid:100003837; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=e08e2d452e10fc69&resid=e08e2d452e10fc69%21132&authkey=akpbxohbtjebyn4",nocase; classtype:trojan-activity; sid:100003838; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=e08e2d452e10fc69&resid=e08e2d452e10fc69%21150&authkey=aevazjbqnu7cmjs",nocase; classtype:trojan-activity; sid:100003839; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=e08e2d452e10fc69&resid=e08e2d452e10fc69%21160&authkey=aiendf-9lyln0x0",nocase; classtype:trojan-activity; sid:100003840; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=e1065ab3e86a5fc2&resid=e1065ab3e86a5fc2%211443&authkey=apybkcvf4iwxp_q",nocase; classtype:trojan-activity; sid:100003841; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=e1a2f9756fffc8d2&resid=e1a2f9756fffc8d2!107&authkey=af-bicrg1c6vgck",nocase; classtype:trojan-activity; sid:100003842; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=e1a2f9756fffc8d2&resid=e1a2f9756fffc8d2%21107&authkey=af-bicrg1c6vgck",nocase; classtype:trojan-activity; sid:100003843; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=e2ea0eaee1f43ce2&resid=e2ea0eaee1f43ce2!129&authkey=afk5vdt49soo3co",nocase; classtype:trojan-activity; sid:100003844; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=e2ea0eaee1f43ce2&resid=e2ea0eaee1f43ce2%21129&authkey=afk5vdt49soo3co",nocase; classtype:trojan-activity; sid:100003845; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=e3ddc3980f743711&resid=e3ddc3980f743711%21795&authkey=aptivsvyk2we5xc",nocase; classtype:trojan-activity; sid:100003846; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=e424d4f4fe44dedf&resid=e424d4f4fe44dedf%21745&authkey=ah1i_jo73zgdxpc",nocase; classtype:trojan-activity; sid:100003847; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=e424d4f4fe44dedf&resid=e424d4f4fe44dedf%21746&authkey=ag1mhwlznwdxpw0",nocase; classtype:trojan-activity; sid:100003848; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=e43694f4bd6f68d1&resid=e43694f4bd6f68d1!563&authkey=aj8ovsob9ll6r-c",nocase; classtype:trojan-activity; sid:100003849; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=e4b1e1072dc91f5c&resid=e4b1e1072dc91f5c!509&authkey=akmdyqkzcsuf_gg",nocase; classtype:trojan-activity; sid:100003850; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=e4b1e1072dc91f5c&resid=e4b1e1072dc91f5c!511&authkey=agfs0q7dz7os1lu",nocase; classtype:trojan-activity; sid:100003851; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=e4b1e1072dc91f5c&resid=e4b1e1072dc91f5c%21511&authkey=agfs0q7dz7os1lu",nocase; classtype:trojan-activity; sid:100003852; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=e54ea4e0368d023b&resid=e54ea4e0368d023b%21106&authkey=aozas6g9pm0fzvq",nocase; classtype:trojan-activity; sid:100003853; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=e627fc797baa3032&resid=e627fc797baa3032!2324&authkey=aa8i-r7ixmcraha",nocase; classtype:trojan-activity; sid:100003854; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=e627fc797baa3032&resid=e627fc797baa3032%212324&authkey=aa8i-r7ixmcraha",nocase; classtype:trojan-activity; sid:100003855; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=e74fdc1373fe6eb7&resid=e74fdc1373fe6eb7!142&authkey=apwl64nhnjaj8ke",nocase; classtype:trojan-activity; sid:100003856; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=e790c3d4dd4fa5db&resid=e790c3d4dd4fa5db%21349&authkey=ae9ea8jdsa7vmom",nocase; classtype:trojan-activity; sid:100003857; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=e790c3d4dd4fa5db&resid=e790c3d4dd4fa5db%21350&authkey=ao-vuexoihzj7da",nocase; classtype:trojan-activity; sid:100003858; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=e859da0f2c81d5f2&resid=e859da0f2c81d5f2!142&authkey=ais88uad5aom6qu",nocase; classtype:trojan-activity; sid:100003859; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=e859da0f2c81d5f2&resid=e859da0f2c81d5f2%21142&authkey=ais88uad5aom6qu",nocase; classtype:trojan-activity; sid:100003860; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=e8a5ad7ff91ed1b8&resid=e8a5ad7ff91ed1b8!148&authkey=agjcwq650c8wdbm",nocase; classtype:trojan-activity; sid:100003861; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=e8a5ad7ff91ed1b8&resid=e8a5ad7ff91ed1b8!150&authkey=ami5aqoinvosjle",nocase; classtype:trojan-activity; sid:100003862; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=e8a5ad7ff91ed1b8&resid=e8a5ad7ff91ed1b8%21148&authkey=agjcwq650c8wdbm",nocase; classtype:trojan-activity; sid:100003863; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=e8a5ad7ff91ed1b8&resid=e8a5ad7ff91ed1b8%21150&authkey=ami5aqoinvosjle",nocase; classtype:trojan-activity; sid:100003864; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=e97110434470423e&resid=e97110434470423e%21113&authkey=afowclex54if0g0",nocase; classtype:trojan-activity; sid:100003865; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=e9a57719b11feb33&resid=e9a57719b11feb33!1192&authkey=apnhep6fmmxxdkw",nocase; classtype:trojan-activity; sid:100003866; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=e9a57719b11feb33&resid=e9a57719b11feb33%211192&authkey=apnhep6fmmxxdkw",nocase; classtype:trojan-activity; sid:100003867; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=ead0e1196bd04320&resid=ead0e1196bd04320%211219&authkey=akgo75rmvr4khlc",nocase; classtype:trojan-activity; sid:100003868; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=ebacca5dec27fd20&resid=ebacca5dec27fd20%2118735&authkey=ajfyl1mzidnylc8",nocase; classtype:trojan-activity; sid:100003869; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=edd7401a7180b54c&resid=edd7401a7180b54c%21113&authkey=aovavpmokd2jrns",nocase; classtype:trojan-activity; sid:100003870; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=edd7401a7180b54c&resid=edd7401a7180b54c%21116&authkey=aadnj5xyfasugu8",nocase; classtype:trojan-activity; sid:100003871; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=efdf2c8d834a1928&resid=efdf2c8d834a1928!202&authkey=ah1gjq8j29darw4",nocase; classtype:trojan-activity; sid:100003872; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=efdf2c8d834a1928&resid=efdf2c8d834a1928!203&authkey=af8xr99mrqp8um8",nocase; classtype:trojan-activity; sid:100003873; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=efdf2c8d834a1928&resid=efdf2c8d834a1928!204&authkey=ad0nbzlscbg-0sa",nocase; classtype:trojan-activity; sid:100003874; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=efdf2c8d834a1928&resid=efdf2c8d834a1928%21202&authkey=ah1gjq8j29darw4",nocase; classtype:trojan-activity; sid:100003875; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=efdf2c8d834a1928&resid=efdf2c8d834a1928%21203&authkey=af8xr99mrqp8um8",nocase; classtype:trojan-activity; sid:100003876; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=efdf2c8d834a1928&resid=efdf2c8d834a1928%21204&authkey=ad0nbzlscbg-0sa",nocase; classtype:trojan-activity; sid:100003877; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=f05e45800a084e63&resid=f05e45800a084e63%21489&authkey=ads_gff3tjkd0w0",nocase; classtype:trojan-activity; sid:100003878; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=f05e45800a084e63&resid=f05e45800a084e63%21490&authkey=aj_rld7xooge6aw",nocase; classtype:trojan-activity; sid:100003879; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=f05e45800a084e63&resid=f05e45800a084e63%21492&authkey=ahdb75ptd1_uc8e",nocase; classtype:trojan-activity; sid:100003880; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=f06038a5f7dbd6d6&resid=f06038a5f7dbd6d6%215498&authkey=aiozi3z5qzdysmu",nocase; classtype:trojan-activity; sid:100003881; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=f293cebb54e5ea71&resid=f293cebb54e5ea71%21293&authkey=aha74rsqiuewnpq",nocase; classtype:trojan-activity; sid:100003882; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=f40a6c678d20c1eb&resid=f40a6c678d20c1eb%21566&authkey=aevafh7rydhi19k",nocase; classtype:trojan-activity; sid:100003883; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=f40a6c678d20c1eb&resid=f40a6c678d20c1eb%21581&authkey=agx0b8ho87w4uie",nocase; classtype:trojan-activity; sid:100003884; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=f40a6c678d20c1eb&resid=f40a6c678d20c1eb%21582&authkey=af-9_xwysl1o7-c",nocase; classtype:trojan-activity; sid:100003885; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=f40a6c678d20c1eb&resid=f40a6c678d20c1eb%21598&authkey=ah-gkc-b7fa8h-g",nocase; classtype:trojan-activity; sid:100003886; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=f40a6c678d20c1eb&resid=f40a6c678d20c1eb%21599&authkey=aajunhe1ex_-zta",nocase; classtype:trojan-activity; sid:100003887; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=f75d6b103b974e4c&resid=f75d6b103b974e4c!115&authkey=adbcrakskolznjq",nocase; classtype:trojan-activity; sid:100003888; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=f75d6b103b974e4c&resid=f75d6b103b974e4c%21115&authkey=adbcrakskolznjq",nocase; classtype:trojan-activity; sid:100003889; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=f75d6b103b974e4c&resid=f75d6b103b974e4c%21116&authkey=anenotuhbsni0zu",nocase; classtype:trojan-activity; sid:100003890; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=f79e41c0e32d3314&resid=f79e41c0e32d3314%211182&authkey=aiqtptberyvlgqk&em=2%22",nocase; classtype:trojan-activity; sid:100003891; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=f7ae097903082806&resid=f7ae097903082806!1368&authkey=anphh1fijhvzv6c",nocase; classtype:trojan-activity; sid:100003892; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=f7ae097903082806&resid=f7ae097903082806%211368&authkey=anphh1fijhvzv6c",nocase; classtype:trojan-activity; sid:100003893; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=f824f5d726d5c382&resid=f824f5d726d5c382!159&authkey=ai4_8srrzf48hw0",nocase; classtype:trojan-activity; sid:100003894; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=f824f5d726d5c382&resid=f824f5d726d5c382%21159&authkey=ai4_8srrzf48hw0",nocase; classtype:trojan-activity; sid:100003895; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=fb2177c192eed796&resid=fb2177c192eed796%21124&authkey=abotnmdhu_tg7bc",nocase; classtype:trojan-activity; sid:100003896; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=fd50774e5ce0e314&resid=fd50774e5ce0e314%21778&authkey=aoxb2vhhz3qodiu",nocase; classtype:trojan-activity; sid:100003897; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=fd67fafc46d3c687&resid=fd67fafc46d3c687%21473&authkey=aoid_cp-jgffqvm",nocase; classtype:trojan-activity; sid:100003898; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=fdc68d2b6039f352&resid=fdc68d2b6039f352!847&authkey=aemnhwbhlskovgm",nocase; classtype:trojan-activity; sid:100003899; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=fdc68d2b6039f352&resid=fdc68d2b6039f352!848&authkey=ag1_e421v-t5r9w",nocase; classtype:trojan-activity; sid:100003900; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=fdc68d2b6039f352&resid=fdc68d2b6039f352%21847&authkey=aemnhwbhlskovgm",nocase; classtype:trojan-activity; sid:100003901; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=fdc68d2b6039f352&resid=fdc68d2b6039f352%21848&authkey=ag1_e421v-t5r9w",nocase; classtype:trojan-activity; sid:100003902; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=fe85161c3947f2c1&resid=fe85161c3947f2c1%211441&authkey=agb6c1ecr91svrw",nocase; classtype:trojan-activity; sid:100003903; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=ff1d187273dfbf73&resid=ff1d187273dfbf73!693&authkey=agcpkhnewfte_yc",nocase; classtype:trojan-activity; sid:100003904; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=ff1d187273dfbf73&resid=ff1d187273dfbf73!694&authkey=aa5jqzjsp0esr1s",nocase; classtype:trojan-activity; sid:100003905; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=ff1d187273dfbf73&resid=ff1d187273dfbf73%21693&authkey=agcpkhnewfte_yc",nocase; classtype:trojan-activity; sid:100003906; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=ff1d187273dfbf73&resid=ff1d187273dfbf73%21694&authkey=aa5jqzjsp0esr1s",nocase; classtype:trojan-activity; sid:100003907; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=ff9d39cbb0e96469&resid=ff9d39cbb0e96469!330&authkey=adxnzkb0a09pizw",nocase; classtype:trojan-activity; sid:100003908; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=ff9d39cbb0e96469&resid=ff9d39cbb0e96469!334&authkey=agsvox_t7qim4ta",nocase; classtype:trojan-activity; sid:100003909; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=ff9d39cbb0e96469&resid=ff9d39cbb0e96469!335&authkey=ach14e6omcghwgg",nocase; classtype:trojan-activity; sid:100003910; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=ff9d39cbb0e96469&resid=ff9d39cbb0e96469%21330&authkey=adxnzkb0a09pizw",nocase; classtype:trojan-activity; sid:100003911; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=ff9d39cbb0e96469&resid=ff9d39cbb0e96469%21333&authkey=aielwtaiuvcttlm",nocase; classtype:trojan-activity; sid:100003912; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"onedrive.live.com",nocase; http_uri; content:"/download?cid=ff9d39cbb0e96469&resid=ff9d39cbb0e96469%21334&authkey=agsvox_t7qim4ta",nocase; classtype:trojan-activity; sid:100003913; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"pastebin.com",nocase; http_uri; content:"/raw/77jhk0iw",nocase; classtype:trojan-activity; sid:100003914; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"pastebin.com",nocase; http_uri; content:"/raw/89hkc7wb",nocase; classtype:trojan-activity; sid:100003915; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"pastebin.com",nocase; http_uri; content:"/raw/yqvsvlvq",nocase; classtype:trojan-activity; sid:100003916; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"pierreconsulting.info",nocase; http_uri; content:"/wp-admin/llc/mwcacs65xienqdp/",nocase; classtype:trojan-activity; sid:100003917; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"pioneiraagronegocio.com.br",nocase; http_uri; content:"/bayesian-forecasting-amj5e/s5hqmf6/",nocase; classtype:trojan-activity; sid:100003918; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"procrossover.ru",nocase; http_uri; content:"/wp-content/uploads/2020/10/skoda22.jpg",nocase; classtype:trojan-activity; sid:100003919; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"procrossover.ru",nocase; http_uri; content:"/wp-content/uploads/2020/10/skodaqq.jpg",nocase; classtype:trojan-activity; sid:100003920; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"qjbutterflyevents.co.za",nocase; http_uri; content:"/wp-admin/zzcoiatsr5wujrwagsgbnm2wkjxldvgu/",nocase; classtype:trojan-activity; sid:100003921; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"quen.s3.us-east-2.amazonaws.com",nocase; http_uri; content:"/dhlshipmentawb80326979402.ace",nocase; classtype:trojan-activity; sid:100003922; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"quen.s3.us-east-2.amazonaws.com",nocase; http_uri; content:"/maersk-bl+draft-copy-shipping-documents.ace",nocase; classtype:trojan-activity; sid:100003923; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"quen.s3.us-east-2.amazonaws.com",nocase; http_uri; content:"/po+for+april+shipment.ace",nocase; classtype:trojan-activity; sid:100003924; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"raw.githubusercontent.com",nocase; http_uri; content:"/arntsonl/calc_security_poc/master/dll/calc.dll",nocase; classtype:trojan-activity; sid:100003925; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"raw.githubusercontent.com",nocase; http_uri; content:"/bero1985/berotinypascal/e34bd4164f4b7c27e7cf667dffd9274d33d6dfbe/bin/btpc.exe",nocase; classtype:trojan-activity; sid:100003926; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"raw.githubusercontent.com",nocase; http_uri; content:"/evil-coder66/defendercontrol/main/defendercontrol.exe",nocase; classtype:trojan-activity; sid:100003927; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"raw.githubusercontent.com",nocase; http_uri; content:"/fuzzbunch/fuzzbunch/master/payloads/doublepulsar-1.3.1.exe",nocase; classtype:trojan-activity; sid:100003928; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"raw.githubusercontent.com",nocase; http_uri; content:"/inquisb/shellcodeexec/master/windows/shellcodeexec.x32.exe",nocase; classtype:trojan-activity; sid:100003929; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"raw.githubusercontent.com",nocase; http_uri; content:"/malwares/webshell/master/ajax_php%20command%20shell.rar",nocase; classtype:trojan-activity; sid:100003930; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"raw.githubusercontent.com",nocase; http_uri; content:"/myqseeaccount/one/main/one.htm",nocase; classtype:trojan-activity; sid:100003931; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"raw.githubusercontent.com",nocase; http_uri; content:"/realtek25556/rhti2/gh-pages/90hfnvo69vk2ot.bmp",nocase; classtype:trojan-activity; sid:100003932; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"raw.githubusercontent.com",nocase; http_uri; content:"/secwiki/windows-kernel-exploits/master/ms15-076/binary/trebuchet.exe",nocase; classtype:trojan-activity; sid:100003933; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"raw.githubusercontent.com",nocase; http_uri; content:"/secwiki/windows-kernel-exploits/master/ms16-098/bfill.exe",nocase; classtype:trojan-activity; sid:100003934; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"raw.githubusercontent.com",nocase; http_uri; content:"/tennc/webshell/master/other/small_shell.txt",nocase; classtype:trojan-activity; sid:100003935; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"res.yeshen.com",nocase; http_uri; content:"/player/launch/2017/09/12/da5f9a1c23034353852750488feeaf36.exe",nocase; classtype:trojan-activity; sid:100003936; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"sendspace.com",nocase; http_uri; content:"/pro/dl/q05z91",nocase; classtype:trojan-activity; sid:100003937; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"shribharatvatika.com",nocase; http_uri; content:"/ey4lpx8rx.zip",nocase; classtype:trojan-activity; sid:100003938; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"sites.google.com",nocase; http_uri; content:"/site/stormqk/dn/stormagent.apk?attredirects=0",nocase; classtype:trojan-activity; sid:100003939; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"slot0.gamoruz.com",nocase; http_uri; content:"/bins/x86",nocase; classtype:trojan-activity; sid:100003940; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"storage.googleapis.com",nocase; http_uri; content:"/wzukusers/user-34654398/documents/5c6ca94027662tilxa4p/base.txt",nocase; classtype:trojan-activity; sid:100003941; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"storage.googleapis.com",nocase; http_uri; content:"/wzukusers/user-34654398/documents/5c6cbd811626fvoj29vw/base64.txt",nocase; classtype:trojan-activity; sid:100003942; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"storage.googleapis.com",nocase; http_uri; content:"/wzukusers/user-34654398/documents/5c6cd19c87f44r9fomit/base64jef.txt",nocase; classtype:trojan-activity; sid:100003943; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"storage.googleapis.com",nocase; http_uri; content:"/wzukusers/user-34654398/documents/5c6e2cbda22efxk3t7x2/base64.txt",nocase; classtype:trojan-activity; sid:100003944; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"storage.googleapis.com",nocase; http_uri; content:"/wzukusers/user-34654398/documents/5c6e2f6c8c5adup2yiwx/basejefin.txt",nocase; classtype:trojan-activity; sid:100003945; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"storage.googleapis.com",nocase; http_uri; content:"/wzukusers/user-34654398/documents/5c6eab37b8dadmy1gx7c/base3.5.txt",nocase; classtype:trojan-activity; sid:100003946; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"storage.googleapis.com",nocase; http_uri; content:"/wzukusers/user-34654398/documents/5c6eb2aa215a8cvwcf6s/fudjs.txt",nocase; classtype:trojan-activity; sid:100003947; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"storage.googleapis.com",nocase; http_uri; content:"/wzukusers/user-34654398/documents/5c6fd6b4eb1c08aamus8/go.jpeg",nocase; classtype:trojan-activity; sid:100003948; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"storage.googleapis.com",nocase; http_uri; content:"/wzukusers/user-34654398/documents/5c7921a2cf26cunjcgvm/nanocoregomes.txt",nocase; classtype:trojan-activity; sid:100003949; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"storage.googleapis.com",nocase; http_uri; content:"/wzukusers/user-34654398/documents/5c9e24cc08a4dlmv7cjo/cdt.txt",nocase; classtype:trojan-activity; sid:100003950; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"technologydistilled.com",nocase; http_uri; content:"/a-nurse-ss8d9/z/",nocase; classtype:trojan-activity; sid:100003951; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"tsrv4.ws",nocase; http_uri; content:"/23.exe",nocase; classtype:trojan-activity; sid:100003952; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"users.skynet.be",nocase; http_uri; content:"/crisanar/defis/jek_crackme1.7.zip",nocase; classtype:trojan-activity; sid:100003953; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"vniel.co.kr",nocase; http_uri; content:"/gnuboard/data/scan/amowvegfrt9ja/",nocase; classtype:trojan-activity; sid:100003954; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"vniel.co.kr",nocase; http_uri; content:"/gnuboard/data/scan/fu6jvxzzs46uqlp7l/",nocase; classtype:trojan-activity; sid:100003955; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"web.mit.edu",nocase; http_uri; content:"/kolya/.f/root/net.mit.edu/net/user/chris/winnt/mit_agenda2a.doc",nocase; classtype:trojan-activity; sid:100003956; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"web.mit.edu",nocase; http_uri; content:"/kolya/.f/root/net.mit.edu/sipb/user/kolya/afs/root.afs/net/user/chris/winnt/mit_agenda2a.doc",nocase; classtype:trojan-activity; sid:100003957; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"websound.ru",nocase; http_uri; content:"/issues/136_140/flt_shovemydiscoupyourarse.exe",nocase; classtype:trojan-activity; sid:100003958; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"websound.ru",nocase; http_uri; content:"/issues/136_140/kb%5efr_ouverture.exe",nocase; classtype:trojan-activity; sid:100003959; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"websound.ru",nocase; http_uri; content:"/issues/136_140/kb^fr_ouverture.exe",nocase; classtype:trojan-activity; sid:100003960; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"websound.ru",nocase; http_uri; content:"/issues/146_150/bc_memories_from_the_mcp.exe",nocase; classtype:trojan-activity; sid:100003961; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"websound.ru",nocase; http_uri; content:"/issues/151_155/tidex_-_short_stuff.exe",nocase; classtype:trojan-activity; sid:100003962; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"urlhaus-filter malicious website detected"; http_header:field host; content:"wikileaks.org",nocase; http_uri; content:"/syria-files/attach/222/222051_instruction.zip",nocase; classtype:trojan-activity; sid:100003963; rev:1;)
|