AT related malicious URL (booking-poc-ejr.pages.dev/haarlem_rfc_v5)

SID: 6014704Rev: 1EnabledDerived2 views
History
Fileantiphishing.rules
CreatedJune 20, 2026
UpdatedJune 25, 2026
Classificationsocial-engineering
alert http $HOME_NET any -> any any (msg:"AT related malicious URL (booking-poc-ejr.pages.dev/haarlem_rfc_v5)"; flow:established,to_server; http.uri; content:"/haarlem_rfc_v5"; startswith; fast_pattern; http.host; content:"booking-poc-ejr.pages.dev"; endswith; reference:url,openphish.com; reference:url,julioliraup.github.io/AT/signature.html?sid=6014704; classtype:social-engineering; sid:6014704; rev:1; metadata:signature_severity Major, created_et 2026_06_20, updated_et 2026_06_25;)

Metadata

signature severityMajor
created et2026_06_20
updated et2026_06_25

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!