Rule History

alert ip [89.28.33.199,89.34.96.151,89.37.172.133,89.37.172.148,89.37.172.152,89.37.172.156,89.44.32.243,90.114.164.236,90.133.136.27,90.151.171.109,90.188.27.236,90.189.163.188,90.202.22.243,90.211.96.114,90.212.198.242,90.224.175.26,90.231.36.146,90.247.74.247,90.51.113.118,90.68.82.102,90.73.208.73,91.103.248.160,91.103.251.152,91.107.190.78,91.107.243.87,91.116.161.75,91.125.113.14,91.148.190.150,91.178.181.143,91.179.105.206,91.191.209.118,91.191.209.46,91.191.209.98,91.196.152.1,91.196.152.10,91.196.152.100,91.196.152.103,91.196.152.104,91.196.152.105,91.196.152.107,91.196.152.108,91.196.152.11,91.196.152.110,91.196.152.111,91.196.152.112,91.196.152.113,91.196.152.114,91.196.152.115,91.196.152.117,91.196.152.118] any -> $HOME_NET any (msg:"ET CINS Active Threat Intelligence Poor Reputation IP group 129"; reference:url,www.cinsscore.com; threshold: type limit, track by_src, seconds 3600, count 1; classtype:misc-attack; sid:2403428; rev:109065; metadata:affected_product Any, attack_target Any, deployment Perimeter, tag CINS, signature_severity Major, created_at 2013_10_08, updated_at 2026_05_26;)