alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET SCAN Hmap Webserver Fingerprint Scan"; flow:to_server,established; urilen:1; http.method; content:"GET"; http.user_agent; content:"4.75 [en] (Windows NT 5.0"; http.protocol; content:"HTTP/1.0"; reference:url,www.ujeni.murkyroc.com/hmap/; classtype:attempted-recon; sid:2008537; rev:9; metadata:created_at 2010_07_30, confidence Medium, signature_severity Informational, updated_at 2020_10_19;)