Versions (2)
Version DetailsCurrent
Rev: 2 • Feb 22, 2024, 12:00 PM🐾 -⚠ HTTP connection to suspicious domain in french TLD 🇫🇷 - Listed by Red Flag Domains 🚩
alert http any any -> any any (msg:"🐾 -⚠ HTTP connection to suspicious domain in french TLD 🇫🇷 - Listed by Red Flag Domains 🚩"; flow:to_server, stateless; http.host.raw; dataset:isset,pawpatrules_red_flag_domains,type string,load pawpatrules_red_flag_domains.lst; reference: url,https://red.flag.domains/; metadata:created_at 2024_02_22, updated_at 2024_10_21; sid:3301144; rev:2; classtype:bad-unknown;)
Feb 22, 2024, 12:00 PM
Oct 21, 2024, 12:00 PM
Feb 22, 2024, 10:01 PM
May 29, 2025, 11:12 PM
rules/PAW-PATRULES_PHISHING.rules