2000577 < Main < EmergingThreats

Main Web>2000577 (2018-09-13, TWikiGuest) (raw view)
 <h2>
 

#alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET DELETED Popuptraffic.com Bot Reporting"; flow: to_server,established; content:"/scripts/click.php?"; nocase; http_uri; content:"hid="; http_uri; reference:url,popuptraffic.com; reference:url,doc.emergingthreats.net/bin/view/Main/2000577; classtype:policy-violation; sid:2000577; rev:10; metadata:created_at 2010_07_30, updated_at 2010_07_30;)

</h2>

Added 2018-09-13 19:37:09 UTC


 %COMMENT{type="threadmode" default="Please enter documentation, comments, false positives, or concerns with this signature. Press the Attach button below to add samples or Pcaps." button="Add to Documentation" }%
 
 <hr>
 


 <h2>
 


</h2>

Added 2018-09-13 17:52:22 UTC


 
 <hr>
 


 <h2>
 

#alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET DELETED Popuptraffic.com Bot Reporting"; flow: to_server,established; content:"/scripts/click.php?"; nocase; http_uri; content:"hid="; http_uri; reference:url,popuptraffic.com; reference:url,doc.emergingthreats.net/bin/view/Main/2000577; classtype:policy-violation; sid:2000577; rev:10; metadata:created_at 2010_07_30, updated_at 2010_07_30;)

</h2>

Added 2017-08-07 20:55:16 UTC


 
 <hr>
 


 <h2>
 

#alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg:"ET DELETED Popuptraffic.com Bot Reporting"; flow: to_server,established; content:"/scripts/click.php?"; nocase; http_uri; content:"hid="; http_uri; reference:url,popuptraffic.com; reference:url,doc.emergingthreats.net/bin/view/Main/2000577; classtype:policy-violation; sid:2000577; rev:9;)

</h2>

Added 2012-03-16 17:30:47 UTC


 
 <hr>
 


 <h2>
 

alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg:"ET MALWARE Popuptraffic.com Bot Reporting"; flow: to_server,established; content:"/scripts/click.php?"; nocase; http_uri; content:"hid="; http_uri; reference:url,popuptraffic.com; reference:url,doc.emergingthreats.net/bin/view/Main/2000577; classtype:policy-violation; sid:2000577; rev:9;)

</h2>

Added 2011-10-12 19:09:50 UTC


 
 <hr>
 


 <h2>
 

alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg:"ET MALWARE Popuptraffic.com Bot Reporting"; flow: to_server,established; content:"/scripts/click.php?"; nocase; http_uri; content:"hid="; http_uri; classtype: policy-violation; reference:url,popuptraffic.com; reference:url,doc.emergingthreats.net/bin/view/Main/2000577; sid:2000577; rev:9;)

</h2>

Added 2011-09-15 14:46:18 UTC


 
 <hr>
 


 <h2>
 

alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg:"ET MALWARE Popuptraffic.com Bot Reporting"; flow: to_server,established; content:"/scripts/click.php?"; nocase; http_uri; content:"hid="; http_uri; classtype: policy-violation; reference:url,popuptraffic.com; reference:url,doc.emergingthreats.net/bin/view/Main/2000577; sid:2000577; rev:9;)

</h2>

Added 2011-09-14 20:39:42 UTC


 
 <hr>
 


 <h2>
 

alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg:"ET MALWARE Popuptraffic.com Bot Reporting"; flow: to_server,established; content:"/scripts/click.php?"; nocase; http_uri; content:"hid="; http_uri; classtype: policy-violation; reference:url,popuptraffic.com; reference:url,doc.emergingthreats.net/bin/view/Main/2000577; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/MALWARE/MALWARE_Popuptraffic.com_Reporting; sid:2000577; rev:9;)

</h2>

Added 2011-02-04 17:21:16 UTC


 
 <hr>
 


 <h2>
 

alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg:"ET MALWARE Popuptraffic.com Bot Reporting"; flow: to_server,established; uricontent:"/scripts/click.php?"; nocase; uricontent:"hid="; reference:url,popuptraffic.com; classtype: policy-violation; reference:url,doc.emergingthreats.net/bin/view/Main/2000577; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/MALWARE/MALWARE_Popuptraffic.com_Reporting; sid:2000577; rev:8;)

</h2>

Added 2010-06-23 13:46:06 UTC


 
 <hr>
 


 <h2>
 

alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg:"ET MALWARE Popuptraffic.com Bot Reporting"; flow: to_server,established; uricontent:"/scripts/click.php?"; nocase; uricontent:"hid="; reference:url,popuptraffic.com; classtype: policy-violation; reference:url,doc.emergingthreats.net/bin/view/Main/2000577; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/MALWARE/MALWARE_Popuptraffic.com_Reporting; sid:2000577; rev:8;)

</h2>

Added 2010-06-23 13:46:06 UTC


 
 <hr>
 


 <h2>
 

alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg:"ET MALWARE Popuptraffic.com Bot Reporting"; flow: to_server,established; uricontent:"/scripts/click.php?"; nocase; uricontent:"hid="; reference:url,popuptraffic.com; classtype: policy-violation; reference:url,doc.emergingthreats.net/bin/view/Main/2000577; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/MALWARE/MALWARE_Popuptraffic.com_Reporting; sid: 2000577; rev:8;)

</h2>

Added 2009-02-08 17:45:22 UTC


 
 <hr>
 


 <h2>
 

alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg:"ET MALWARE Popuptraffic.com Bot Reporting"; flow: to_server,established; uricontent:"/scripts/click.php?"; nocase; uricontent:"hid="; reference:url,popuptraffic.com; classtype: policy-violation; reference:url,doc.emergingthreats.net/bin/view/Main/2000577; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/MALWARE/MALWARE_Popuptraffic.com_Reporting; sid: 2000577; rev:8;)

</h2>

Added 2009-02-08 17:45:22 UTC


 
 <hr>
 


 <h2>
 

alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg:"ET MALWARE Popuptraffic.com Bot Reporting"; flow: to_server,established; uricontent:"/scripts/click.php?"; nocase; uricontent:"hid="; reference:url,popuptraffic.com; classtype: policy-violation; reference:url,doc.emergingthreats.net/bin/view/Main/2000577; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/MALWARE/MALWARE_Popuptraffic.com_Reporting; sid: 2000577; rev:8;)

</h2>

Added 2009-02-08 17:42:35 UTC


 
 <hr>
 


 <h2>
 

alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg:"ET MALWARE Popuptraffic.com Bot Reporting"; flow: to_server,established; uricontent:"/scripts/click.php?"; nocase; uricontent:"hid="; reference:url,popuptraffic.com; classtype: policy-violation; reference:url,doc.emergingthreats.net/bin/view/Main/2000577; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/MALWARE/MALWARE_Popuptraffic.com_Reporting; sid: 2000577; rev:8;)

</h2>

Added 2009-02-08 17:42:35 UTC


 
 <hr>
 


 <h2>
 

alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg:"ET MALWARE Popuptraffic.com Bot Reporting"; flow: to_server,established; uricontent:"/scripts/click.php?"; nocase; uricontent:"hid="; reference:url,popuptraffic.com; classtype: policy-violation; sid: 2000577; rev:7;)

</h2>

Added 2008-01-28 17:24:18 UTC


 
 <hr>
 


 <h2>
 

alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg:"ET MALWARE Popuptraffic.com Bot Reporting"; flow: to_server,established; uricontent:"/scripts/click.php?"; nocase; uricontent:"hid="; reference:url,popuptraffic.com; classtype: policy-violation; sid: 2000577; rev:7;)

</h2>

Added 2008-01-28 17:24:18 UTC


 
 <hr>
 


 <h2>
 

alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg: "BLEEDING-EDGE Malware Popuptraffic.com Bot Reporting"; flow: to_server,established; uricontent:"/scripts/click.php?"; nocase; uricontent:"hid="; reference:url,popuptraffic.com; classtype: policy-violation; sid: 2000577; rev:6; )

 </h2>
 <hr>
 
 
 <hr>
Topic revision: r1 - 2018-09-13 - TWikiGuest
Main
User Reference
ATasteOfTWiki
TextFormattingRules
Signature Reference
WebRss Feed
EmergingFAQ