AT related malicious URL (indexmxhwnvfiu4wu2106429vfm4odq2fqwt6pnfzup3iwdwxy.restaurantedugandolfo.com.br/authenticationtokenDeyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9yJvcmlnaW5hbFVybCI6Imh0dHBzOi8vbWFpbGVyLWkxZHh4dGE3aWJvbHoweG5lbXVpZms3d2dieGI1YjN5bXQzZG5lbXVpZms3d2/)

SID: 6004994Rev: 10 views
Sourcejulioliraup/antiphishing
CreatedMay 22, 2026
UpdatedMay 22, 2026
Classificationsocial-engineering
alert http $HOME_NET any -> any any (msg:"AT related malicious URL (indexmxhwnvfiu4wu2106429vfm4odq2fqwt6pnfzup3iwdwxy.restaurantedugandolfo.com.br/authenticationtokenDeyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9yJvcmlnaW5hbFVybCI6Imh0dHBzOi8vbWFpbGVyLWkxZHh4dGE3aWJvbHoweG5lbXVpZms3d2dieGI1YjN5bXQzZG5lbXVpZms3d2/)"; flow:established,to_server; http.uri; content:"/authenticationtokenDeyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9yJvcmlnaW5hbFVybCI6Imh0dHBzOi8vbWFpbGVyLWkxZHh4dGE3aWJvbHoweG5lbXVpZms3d2dieGI1YjN5bXQzZG5lbXVpZms3d2/"; startswith; fast_pattern; http.host; content:"indexmxhwnvfiu4wu2106429vfm4odq2fqwt6pnfzup3iwdwxy.restaurantedugandolfo.com.br"; endswith; reference:url,phishstats.info; reference:url,julioliraup.github.io/ET/signature.html?sid=6004994; classtype:social-engineering; sid:6004994; rev:1; metadata:signature_severity Major, created_et 2026_05_22;)

References

urlphishstats.info
urljulioliraup.github.io/ET/signature.html?sid=6004994

Metadata

signature severityMajor
created et2026_05_22

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!