AT related malicious URL (www.settlementdomain.com/5DLFML8/S5T8TN8/?__rpt=0&__po=17304&__ptid=d396a06733c3406f899ff00d14b7af3e&__rpa=1&__rc=1&sub1=&sub2=&sub3=&sub4=&sub5=&source_id=&__pcd=9)

SID: 6002875Rev: 10 views
Sourcejulioliraup/antiphishing
CreatedMay 22, 2026
UpdatedMay 22, 2026
Classificationsocial-engineering
alert http $HOME_NET any -> any any (msg:"AT related malicious URL (www.settlementdomain.com/5DLFML8/S5T8TN8/?__rpt=0&__po=17304&__ptid=d396a06733c3406f899ff00d14b7af3e&__rpa=1&__rc=1&sub1=&sub2=&sub3=&sub4=&sub5=&source_id=&__pcd=9)"; flow:established,to_server; http.uri; content:"/5DLFML8/S5T8TN8/?__rpt=0&__po=17304&__ptid=d396a06733c3406f899ff00d14b7af3e&__rpa=1&__rc=1&sub1=&sub2=&sub3=&sub4=&sub5=&source_id=&__pcd=9"; startswith; fast_pattern; http.host; content:"www.settlementdomain.com"; endswith; reference:url,phishstats.info; reference:url,julioliraup.github.io/ET/signature.html?sid=6002875; classtype:social-engineering; sid:6002875; rev:1; metadata:signature_severity Major, created_et 2026_05_18;)

References

urlphishstats.info
urljulioliraup.github.io/ET/signature.html?sid=6002875

Metadata

signature severityMajor
created et2026_05_18

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!