AT related malicious URL (plain-dawn-63d3.herberthc88.workers.dev/0x69b19b8be8bfb5d41f021393/o/aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29t-lg/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca)

SID: 6007059Rev: 10 views
Sourcejulioliraup/antiphishing
CreatedMay 26, 2026
UpdatedMay 26, 2026
Classificationsocial-engineering
alert http $HOME_NET any -> any any (msg:"AT related malicious URL (plain-dawn-63d3.herberthc88.workers.dev/0x69b19b8be8bfb5d41f021393/o/aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29t-lg/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca)"; flow:established,to_server; http.uri; content:"/0x69b19b8be8bfb5d41f021393/o/aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29t-lg/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca"; startswith; fast_pattern; http.host; content:"plain-dawn-63d3.herberthc88.workers.dev"; endswith; reference:url,openphish.com; reference:url,julioliraup.github.io/ET/signature.html?sid=6007059; classtype:social-engineering; sid:6007059; rev:1; metadata:signature_severity Major, created_et 2026_05_25;)

References

urlopenphish.com
urljulioliraup.github.io/ET/signature.html?sid=6007059

Metadata

signature severityMajor
created et2026_05_25

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!