AT related malicious URL (cpcontacts.98-70-36-140.cprapid.com/art?c_ds_na=4Vm8sLB0Ukz40CCymJClIl4HaYlIDGvYxgUVy03Xjs&c_ds_no=%2A%2F%2A)

SID: 6005412Rev: 10 views
Sourcejulioliraup/antiphishing
CreatedMay 23, 2026
UpdatedMay 23, 2026
Classificationsocial-engineering
alert http $HOME_NET any -> any any (msg:"AT related malicious URL (cpcontacts.98-70-36-140.cprapid.com/art?c_ds_na=4Vm8sLB0Ukz40CCymJClIl4HaYlIDGvYxgUVy03Xjs&c_ds_no=%2A%2F%2A)"; flow:established,to_server; http.uri; content:"/art?c_ds_na=4Vm8sLB0Ukz40CCymJClIl4HaYlIDGvYxgUVy03Xjs&c_ds_no=%2A%2F%2A"; startswith; fast_pattern; http.host; content:"cpcontacts.98-70-36-140.cprapid.com"; endswith; reference:url,openphish.com; reference:url,julioliraup.github.io/ET/signature.html?sid=6005412; classtype:social-engineering; sid:6005412; rev:1; metadata:signature_severity Major, created_et 2026_05_22;)

References

urlopenphish.com
urljulioliraup.github.io/ET/signature.html?sid=6005412

Metadata

signature severityMajor
created et2026_05_22

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!