AT related malicious URL (visitwatertownwi.com/sgnv/sg/login?id=WYXzSCTJ4E0VTy65WlLcQoZx1S6mFyWzPNROJg4eVSW1gDvCzzHKFazPO0tRBwjTkKZ53iuqgMB2sulpNg8meYnkShZOwIIqkYd&token=emWPwLuyjsJunRFrSPq8bDg3aLEnDNAlO4NYh7HtGBGcfIvIisVJLyWSqTyvBBMsZAoAQ4HthweEvW4hlie13j1Ej52Z)

SID: 6010693Rev: 11 views

Sourcejulioliraup/antiphishing

Fileantiphishing.rules

CreatedJune 4, 2026

UpdatedJune 4, 2026

Classificationsocial-engineering

alert http $HOME_NET any -> any any (msg:"AT related malicious URL (visitwatertownwi.com/sgnv/sg/login?id=WYXzSCTJ4E0VTy65WlLcQoZx1S6mFyWzPNROJg4eVSW1gDvCzzHKFazPO0tRBwjTkKZ53iuqgMB2sulpNg8meYnkShZOwIIqkYd&token=emWPwLuyjsJunRFrSPq8bDg3aLEnDNAlO4NYh7HtGBGcfIvIisVJLyWSqTyvBBMsZAoAQ4HthweEvW4hlie13j1Ej52Z)"; flow:established,to_server; http.uri; content:"/sgnv/sg/login?id=WYXzSCTJ4E0VTy65WlLcQoZx1S6mFyWzPNROJg4eVSW1gDvCzzHKFazPO0tRBwjTkKZ53iuqgMB2sulpNg8meYnkShZOwIIqkYd&token=emWPwLuyjsJunRFrSPq8bDg3aLEnDNAlO4NYh7HtGBGcfIvIisVJLyWSqTyvBBMsZAoAQ4HthweEvW4hlie13j1Ej52Z"; startswith; fast_pattern; http.host; content:"visitwatertownwi.com"; endswith; reference:url,openphish.com; reference:url,julioliraup.github.io/ET/signature.html?sid=6010693; classtype:social-engineering; sid:6010693; rev:1; metadata:signature_severity Major, created_et 2026_06_04;)

References

url	openphish.com
url	julioliraup.github.io/ET/signature.html?sid=6010693

AT related malicious URL (visitwatertownwi.com/sgnv/sg/login?id=WYXzSCTJ4E0VTy65WlLcQoZx1S6mFyWzPNROJg4eVSW1gDvCzzHKFazPO0tRBwjTkKZ53iuqgMB2sulpNg8meYnkShZOwIIqkYd&token=emWPwLuyjsJunRFrSPq8bDg3aLEnDNAlO4NYh7HtGBGcfIvIisVJLyWSqTyvBBMsZAoAQ4HthweEvW4hlie13j1Ej52Z)

References

Metadata

Comments (0)