AT related malicious URL (43 .156 .7 .24/v3/signin/identifier?amp%3Bfollowup=https%3A%2F%2Faccounts .google .com%2F%3F&amp%3Bifkv=AQMjQ7R3RU9uRsKgwPva2FtOUIg2u42Jvh6lxZEImmqrg78zMB78lA2h8R0plQ3O7gHZcj5aMizPlw&amp%3Bpassive=1209600&amp%3Bxrealip=107 .178 .200 .220&continue=https%3A%2F%2Faccounts .google .com%2F%3F&xrealip=138 .197 .91 .206&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWa2Pavj4_djjqeQGj0s7jDhdE43N6ksOmNAoM11zlKXHEHoKUpLyu_4qrZTxdQ2dv5VyhgFE3mgjQ&dsh=S-567168735%3A1778382722976118)

SID: 6000013Rev: 20 views
Sourcejulioliraup/antiphishing
CreatedMay 22, 2026
UpdatedMay 22, 2026
Classificationsocial-engineering
alert http $HOME_NET any -> any any (msg:"AT related malicious URL (43 .156 .7 .24/v3/signin/identifier?amp%3Bfollowup=https%3A%2F%2Faccounts .google .com%2F%3F&amp%3Bifkv=AQMjQ7R3RU9uRsKgwPva2FtOUIg2u42Jvh6lxZEImmqrg78zMB78lA2h8R0plQ3O7gHZcj5aMizPlw&amp%3Bpassive=1209600&amp%3Bxrealip=107 .178 .200 .220&continue=https%3A%2F%2Faccounts .google .com%2F%3F&xrealip=138 .197 .91 .206&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWa2Pavj4_djjqeQGj0s7jDhdE43N6ksOmNAoM11zlKXHEHoKUpLyu_4qrZTxdQ2dv5VyhgFE3mgjQ&dsh=S-567168735%3A1778382722976118)"; flow:established,to_server; http.uri; content:"/v3/signin/identifier?amp%3Bfollowup=https%3A%2F%2Faccounts.google.com%2F%3F&amp%3Bifkv=AQMjQ7R3RU9uRsKgwPva2FtOUIg2u42Jvh6lxZEImmqrg78zMB78lA2h8R0plQ3O7gHZcj5aMizPlw&amp%3Bpassive=1209600&amp%3Bxrealip=107.178.200.220&continue=https%3A%2F%2Faccounts.google.com%2F%3F&xrealip=138.197.91.206&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWa2Pavj4_djjqeQGj0s7jDhdE43N6ksOmNAoM11zlKXHEHoKUpLyu_4qrZTxdQ2dv5VyhgFE3mgjQ&dsh=S-567168735%3A1778382722976118"; startswith; fast_pattern; http.host; content:"43.156.7.24"; endswith; reference:url,phishstats.info; reference:url,github.com/julioliraup/Antiphishing; reference:url,julioliraup.github.io/ET/signature.html?sid=6000013; classtype:social-engineering; sid:6000013; rev:2; metadata:signature_severity Major, created_et 2026_05_10, updated_et 2025_05_11;)

References

urlphishstats.info
urlgithub.com/julioliraup/Antiphishing
urljulioliraup.github.io/ET/signature.html?sid=6000013

Metadata

signature severityMajor
created et2026_05_10
updated et2025_05_11

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!