AT related malicious URL (voicedatacenterrecice-address-desktopam-a150.widivag676.workers.dev/Voicemailacess-document-authorization-m365-sector-M2QPNyB6V9z98D1V3ovQyxbeOKMYfCq9/0nbbrggGwe4qPC66Qf8Q9SNTD2nJcH4VIcp50xnS/)
Sourcejulioliraup/antiphishing
Fileantiphishing.rules
CreatedMay 25, 2026
UpdatedJune 25, 2026
Classificationsocial-engineering
alert http $HOME_NET any -> any any (msg:"AT related malicious URL (voicedatacenterrecice-address-desktopam-a150.widivag676.workers.dev/Voicemailacess-document-authorization-m365-sector-M2QPNyB6V9z98D1V3ovQyxbeOKMYfCq9/0nbbrggGwe4qPC66Qf8Q9SNTD2nJcH4VIcp50xnS/)"; flow:established,to_server ; http.uri; content:"/Voicemailacess-document-authorization-m365-sector-M2QPNyB6V9z98D1V3ovQyxbeOKMYfCq9/0nbbrggGwe4qPC66Qf8Q9SNTD2nJcH4VIcp50xnS/"; startswith; fast_pattern; http.host; content:"voicedatacenterrecice-address-desktopam-a150.widivag676.workers.dev"; endswith; reference:url,openphish.com ; reference:url,julioliraup.github.io/AT/signature.html?sid=6006752 ; classtype:social-engineering; sid:6006752; rev:1; metadata:signature_severity Major, created_et 2026_05_25, updated_et 2026_06_25;)
References
Metadata
signature severityMajor
created et2026_05_25
updated et2026_06_25
Comments (0)
Please sign in to leave a comment.
Sign inNo comments yet. Be the first to comment!