ET DELETED SUSPICIOUS Java request to UNI.ME Domain Set 4
Sourceet/open
CreatedSeptember 13, 2013
UpdatedAugust 13, 2021
Classificationbad-unknown
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET DELETED SUSPICIOUS Java request to UNI.ME Domain Set 4"; flow:to_server,established; http.host; pcre:"/^[^\r\n]+?\.(?:t(?:e(?:(?:l(?:e(?:phoneexplained|comsguide)|learth)|n(?:ured(?:explained|info)|nis-ranking))\.com|mp(?:l(?:ates-gratis\.com|ecollege\.net)|converter\.net)|a(?:ching(?:-certificate\.net|explained\.com)|m\.pro))|r(?:a(?:(?:(?:nsferbyt|de-)e|in(?:eesinf|ge)o|mray)\.com|vel(?:insurance-comparison\.net|agentnerd\.com))|e(?:k-bicycles|nd-online)\.net|uckstool\.com|onco\.es)|(?:o(?:wn(?:housepic|study|euro|meta)|(?:tal-tool|memap)s|pgamebook|olboxsol)|u(?:mors?explained|lsatrain|rn-ons)|attoo-websites|ype-racer|wainfo)\.com|h(?:(?:anksgivinggaming|riftexplained)\.com|e(?:sis-examples\.com|atreparis\.net))|i(?:mezonevendor\.com|dl\.net)|cmn\.biz)|w(?:e(?:b(?:(?:b(?:estseller|ailout)|administer)\.com|site(?:downloader\.net|explained\.com)|developertoolbar\.net)|(?:l(?:lesley|fare)explained|akenguide)\.com)|or(?:th(?:voice|war)\.com|ld-records\.net)|ater(?:front-property\.net|-plants\.com)|(?:riterpics|hoiscan)\.com|pbh\.org|sse\.us)|s(?:(?:t(?:ud(?:ent(?:financecontact|s?explained)|yexplained)|r(?:eetmaphub|ongat)|patricksweightloss|onewhat)|wissairinfo)\.com|u(?:(?:mmertimelyrics|nset-wallpaper|per-committee|itegraphic)\.com|b\.(?:name|cat|es)))|v(?:(?:i(?:llage(?:(?:in|na)no|crystal)|deo(?:-mediaset|explained)|ta(?:minssms|lwow)|rtualexplained)|o(?:lumesynergy|ucheragent|ters24)|a(?:rsityexplained|lentinesproxy)|entureexplained)\.com|qtel\.net|f1\.us)|u(?:n(?:i(?:versityexplained\.com|nstalltool\.net|\.me)|(?:(?:secured|am)explained|ravelguide)\.com|limited-web-hosting\.net)|(?:cla(?:explained|info)|s-inflation|alinfo|zdom)\.com|[04]\.org)|y(?:(?:o(?:u(?:ngstersinfo|rbroking)|mkippursocial)|(?:eshiva|ale)explained|vxs)\.com|nna\.biz)|zwr\.org)(?:\x3a\d{1,5})?$/"; http.user_agent; content:"Java/1."; classtype:bad-unknown; sid:2017460; rev:5; metadata:created_at 2013_09_13, signature_severity Unknown, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2021_08_13;)
Metadata
created at2013_09_13
signature severityUnknown
tagDescription_Generated_By_Proofpoint_Nexus
updated at2021_08_13
Comments (0)
Please sign in to leave a comment.
Sign inNo comments yet. Be the first to comment!