AT related malicious URL (pub-b1bc0deb082a43e7ac57352989f383e2 .r2 .dev/index .html?obf=oxcs&session=2831bbdd88b7fd51&usrn=orikx@24b48759403245a73ba5f4296815f480088b .com&client_ip=185 .98 .169 .18&ts=mtc3odi2njc1mw==&token=516d214e10ce)

SID: 6001716Rev: 20 views
Sourcejulioliraup/antiphishing
CreatedMay 22, 2026
UpdatedMay 22, 2026
Classificationsocial-engineering
alert http $HOME_NET any -> any any (msg:"AT related malicious URL (pub-b1bc0deb082a43e7ac57352989f383e2 .r2 .dev/index .html?obf=oxcs&session=2831bbdd88b7fd51&usrn=orikx@24b48759403245a73ba5f4296815f480088b .com&client_ip=185 .98 .169 .18&ts=mtc3odi2njc1mw==&token=516d214e10ce)"; flow:established,to_server; http.uri; content:"/index.html?obf=oxcs&session=2831bbdd88b7fd51&usrn=orikx@24b48759403245a73ba5f4296815f480088b.com&client_ip=185.98.169.18&ts=mtc3odi2njc1mw==&token=516d214e10ce"; startswith; fast_pattern; http.host; content:"pub-b1bc0deb082a43e7ac57352989f383e2.r2.dev"; endswith; reference:url,openphish.com; reference:url,github.com/julioliraup/Antiphishing; reference:url,julioliraup.github.io/ET/signature.html?sid=6001716; classtype:social-engineering; sid:6001716; rev:2; metadata:signature_severity Major, created_et 2026_05_12;)

References

urlopenphish.com
urlgithub.com/julioliraup/Antiphishing
urljulioliraup.github.io/ET/signature.html?sid=6001716

Metadata

signature severityMajor
created et2026_05_12

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!