title: Detect Activity to Known Malicious Indicator - "d3cc5fceeda8d98795d9d813921368620d5e98f2682b76e635c5b567985a3abe" id: auto-4427ee5db6c7f90f8762d0cbf1f617d0a752ce1d5e5e5122a9fbfc10e3130b4f status: experimental description: Detects traffic or activity related to "d3cc5fceeda8d98795d9d813921368620d5e98f2682b76e635c5b567985a3abe" which is a known malicious hash. logsource: category: process_creation detection: selection: hashes: - '* "d3cc5fceeda8d98795d9d813921368620d5e98f2682b76e635c5b567985a3abe"*' condition: selection level: high tags: - attack.T1071 - source.MalwareBazaar --- title: Detect Activity to Known Malicious Indicator - "2cb1969ccab20338ba96687a793a6371bf27ea16cb14da93c9ed5717a9184cfb" id: auto-4f941edfc71edc76a5ac73962f9d9f9b5f53cdf1104cf72043b4ff5de1ea6de9 status: experimental description: Detects traffic or activity related to "2cb1969ccab20338ba96687a793a6371bf27ea16cb14da93c9ed5717a9184cfb" which is a known malicious hash. logsource: category: process_creation detection: selection: hashes: - '* "2cb1969ccab20338ba96687a793a6371bf27ea16cb14da93c9ed5717a9184cfb"*' condition: selection level: high tags: - attack.T1071 - source.MalwareBazaar --- title: Detect Activity to Known Malicious Indicator - "706f044dae810939a637a2144c2714f2899affe4649e8297ffb66d808e54ae76" id: auto-e02bc99c65ef103220c3742476198b82be945e604ea3dc38c0a28b78643b0b12 status: experimental description: Detects traffic or activity related to "706f044dae810939a637a2144c2714f2899affe4649e8297ffb66d808e54ae76" which is a known malicious hash. logsource: category: process_creation detection: selection: hashes: - '* "706f044dae810939a637a2144c2714f2899affe4649e8297ffb66d808e54ae76"*' condition: selection level: high tags: - attack.T1071 - source.MalwareBazaar --- title: Detect Activity to Known Malicious Indicator - "f81ecb59f4088e9c98ed5722b5835ccd1aab215cb79671c095bccb754801f0cb" id: auto-e85c0d286512a1c3b4a4226b10b9c1912bbe9b56fcd5447d4d9555099c3568b2 status: experimental description: Detects traffic or activity related to "f81ecb59f4088e9c98ed5722b5835ccd1aab215cb79671c095bccb754801f0cb" which is a known malicious hash. logsource: category: process_creation detection: selection: hashes: - '* "f81ecb59f4088e9c98ed5722b5835ccd1aab215cb79671c095bccb754801f0cb"*' condition: selection level: high tags: - attack.T1071 - source.MalwareBazaar --- title: Detect Activity to Known Malicious Indicator - "4e5777574f81eadada40188796507da424f5d32cba7ac6c00e13a9f55fd2da66" id: auto-919d6a4db4283025e36cde61518d046119e20987876a900781a3c3f0bc96c838 status: experimental description: Detects traffic or activity related to "4e5777574f81eadada40188796507da424f5d32cba7ac6c00e13a9f55fd2da66" which is a known malicious hash. logsource: category: process_creation detection: selection: hashes: - '* "4e5777574f81eadada40188796507da424f5d32cba7ac6c00e13a9f55fd2da66"*' condition: selection level: high tags: - attack.T1071 - source.MalwareBazaar --- title: Detect Activity to Known Malicious Indicator - "bbe32a257e3aefb42f557ca65ae171faedb5718283801348e3ea990015ec2db9" id: auto-b51f36785aa79a7afed72c82005254aea162e552eb1aa53221fd8821d7f4799f status: experimental description: Detects traffic or activity related to "bbe32a257e3aefb42f557ca65ae171faedb5718283801348e3ea990015ec2db9" which is a known malicious hash. logsource: category: process_creation detection: selection: hashes: - '* "bbe32a257e3aefb42f557ca65ae171faedb5718283801348e3ea990015ec2db9"*' condition: selection level: high tags: - attack.T1071 - source.MalwareBazaar --- title: Detect Activity to Known Malicious Indicator - "33d2ede41373ccb57c46aa7f608f7b8610cff511500eaa80c24427a1de11bcb0" id: auto-c7b899c6ae5eb710554a621a16c443448c729e3e742ccad4131cd27a6e3549e5 status: experimental description: Detects traffic or activity related to "33d2ede41373ccb57c46aa7f608f7b8610cff511500eaa80c24427a1de11bcb0" which is a known malicious hash. logsource: category: process_creation detection: selection: hashes: - '* "33d2ede41373ccb57c46aa7f608f7b8610cff511500eaa80c24427a1de11bcb0"*' condition: selection level: high tags: - attack.T1071 - source.MalwareBazaar --- title: Detect Activity to Known Malicious Indicator - "7d979e19ebb28eb9e3c473dc130288526f950afea202b4ecaaaa74683c8c4758" id: auto-f1e4769b1e753694c454d804b62d59701cad958aa08af89089d335d29c319bff status: experimental description: Detects traffic or activity related to "7d979e19ebb28eb9e3c473dc130288526f950afea202b4ecaaaa74683c8c4758" which is a known malicious hash. logsource: category: process_creation detection: selection: hashes: - '* "7d979e19ebb28eb9e3c473dc130288526f950afea202b4ecaaaa74683c8c4758"*' condition: selection level: high tags: - attack.T1071 - source.MalwareBazaar --- title: Detect Activity to Known Malicious Indicator - "42caae0666649bd94561b64d976c762bf990ca592f66eb13a68ca9ab3f3b825e" id: auto-1d6023b63849fd40ef1091b0daeb2e1738602184facaa7265a0b1b814a6896f2 status: experimental description: Detects traffic or activity related to "42caae0666649bd94561b64d976c762bf990ca592f66eb13a68ca9ab3f3b825e" which is a known malicious hash. logsource: category: process_creation detection: selection: hashes: - '* "42caae0666649bd94561b64d976c762bf990ca592f66eb13a68ca9ab3f3b825e"*' condition: selection level: high tags: - attack.T1071 - source.MalwareBazaar --- title: Detect Activity to Known Malicious Indicator - "b769c834523acfc208548b071df9b51d415235da4604420ee29864c0660e7d30" id: auto-f2ae949ae28ee9bf0535a9a23a480051c5d4470a46615d1bc37785b5d943a6d6 status: experimental description: Detects traffic or activity related to "b769c834523acfc208548b071df9b51d415235da4604420ee29864c0660e7d30" which is a known malicious hash. logsource: category: process_creation detection: selection: hashes: - '* "b769c834523acfc208548b071df9b51d415235da4604420ee29864c0660e7d30"*' condition: selection level: high tags: - attack.T1071 - source.MalwareBazaar --- title: Detect Activity to Known Malicious Indicator - "4920f87d77a06d39793db7f6badae775702facb6bf848ef2f2868a2e022911b3" id: auto-8db863e222cce13f8a920824c5ee9e2e7c5efc5ac5f4a8a72578c43f0673d29c status: experimental description: Detects traffic or activity related to "4920f87d77a06d39793db7f6badae775702facb6bf848ef2f2868a2e022911b3" which is a known malicious hash. logsource: category: process_creation detection: selection: hashes: - '* "4920f87d77a06d39793db7f6badae775702facb6bf848ef2f2868a2e022911b3"*' condition: selection level: high tags: - attack.T1071 - source.MalwareBazaar --- title: Detect Activity to Known Malicious Indicator - "fe0184cd17b02eb0fb6b1fd83e9ff5bbd7ce34c455abe93c4f5b78e6df1553c8" id: auto-6427541e0c8c5c54ee7b84f8284af6bad7d782c11e916321e3c6148268bf8ac9 status: experimental description: Detects traffic or activity related to "fe0184cd17b02eb0fb6b1fd83e9ff5bbd7ce34c455abe93c4f5b78e6df1553c8" which is a known malicious hash. logsource: category: process_creation detection: selection: hashes: - '* "fe0184cd17b02eb0fb6b1fd83e9ff5bbd7ce34c455abe93c4f5b78e6df1553c8"*' condition: selection level: high tags: - attack.T1071 - source.MalwareBazaar --- title: Detect Activity to Known Malicious Indicator - "8ef463592cbf5e37d83f9bdfa74feee4ba1722e6ef5a417c6976758b6c991747" id: auto-474494e155cce8c9c95dacf0e9b49dc160d144588958e9082bc797ef3ef60b07 status: experimental description: Detects traffic or activity related to "8ef463592cbf5e37d83f9bdfa74feee4ba1722e6ef5a417c6976758b6c991747" which is a known malicious hash. logsource: category: process_creation detection: selection: hashes: - '* "8ef463592cbf5e37d83f9bdfa74feee4ba1722e6ef5a417c6976758b6c991747"*' condition: selection level: high tags: - attack.T1071 - source.MalwareBazaar --- title: Detect Activity to Known Malicious Indicator - "8bde0f38b2eafbdbe2c33f4f7352029b2890e345cdcda3cc171e1e1246535814" id: auto-c89a08ad5b4ca09b25e487757d72a5d749d97689a3052bb024f2430c5e8d647a status: experimental description: Detects traffic or activity related to "8bde0f38b2eafbdbe2c33f4f7352029b2890e345cdcda3cc171e1e1246535814" which is a known malicious hash. logsource: category: process_creation detection: selection: hashes: - '* "8bde0f38b2eafbdbe2c33f4f7352029b2890e345cdcda3cc171e1e1246535814"*' condition: selection level: high tags: - attack.T1071 - source.MalwareBazaar --- title: Detect Activity to Known Malicious Indicator - "26541cd26b08929911eaf9d3d09d2bdf06ae314b3c76bd02d2a75248033c875f" id: auto-62adb5d50ccfcf7f939ec5035bcdcd048c509faf14dfc0abf2953345609be953 status: experimental description: Detects traffic or activity related to "26541cd26b08929911eaf9d3d09d2bdf06ae314b3c76bd02d2a75248033c875f" which is a known malicious hash. logsource: category: process_creation detection: selection: hashes: - '* "26541cd26b08929911eaf9d3d09d2bdf06ae314b3c76bd02d2a75248033c875f"*' condition: selection level: high tags: - attack.T1071 - source.MalwareBazaar --- title: Detect Activity to Known Malicious Indicator - "4054e6f4b770317d3c847281ce6ea8b19c2fe7efeb4cfd26105eb994cbfa9c4c" id: auto-68c443481b2e555d111e7dbda7b62a0087ea733aaf55ecfed70e8044926b4601 status: experimental description: Detects traffic or activity related to "4054e6f4b770317d3c847281ce6ea8b19c2fe7efeb4cfd26105eb994cbfa9c4c" which is a known malicious hash. logsource: category: process_creation detection: selection: hashes: - '* "4054e6f4b770317d3c847281ce6ea8b19c2fe7efeb4cfd26105eb994cbfa9c4c"*' condition: selection level: high tags: - attack.T1071 - source.MalwareBazaar --- title: Detect Activity to Known Malicious Indicator - "6cbdbecf9532279610ae6425b31349cc7ad67367df970bfd3815bb32171f23aa" id: auto-d3ddc6ff6fd60a79c9116655d8a050d2583406fdc8e5dad87edf7bf4d1d3c88c status: experimental description: Detects traffic or activity related to "6cbdbecf9532279610ae6425b31349cc7ad67367df970bfd3815bb32171f23aa" which is a known malicious hash. logsource: category: process_creation detection: selection: hashes: - '* "6cbdbecf9532279610ae6425b31349cc7ad67367df970bfd3815bb32171f23aa"*' condition: selection level: high tags: - attack.T1071 - source.MalwareBazaar --- title: Detect Activity to Known Malicious Indicator - "beca148fe90dcb06dc2aedfffc5b7098453b1489f1cc6e69febb520e2e253ce4" id: auto-55b1081640849e2af78d9574ca10369b6ef0de42091a19855fc30208f0a9520c status: experimental description: Detects traffic or activity related to "beca148fe90dcb06dc2aedfffc5b7098453b1489f1cc6e69febb520e2e253ce4" which is a known malicious hash. logsource: category: process_creation detection: selection: hashes: - '* "beca148fe90dcb06dc2aedfffc5b7098453b1489f1cc6e69febb520e2e253ce4"*' condition: selection level: high tags: - attack.T1071 - source.MalwareBazaar --- title: Detect Activity to Known Malicious Indicator - "bd52309c600df9be82a2e8afd09bfd19ba20a303ecc05a85e550afd426906283" id: auto-b25b0e2b0f36283348e768f2a78836e6f5496d98b04f6f3a28c7e8ee0244425a status: experimental description: Detects traffic or activity related to "bd52309c600df9be82a2e8afd09bfd19ba20a303ecc05a85e550afd426906283" which is a known malicious hash. logsource: category: process_creation detection: selection: hashes: - '* "bd52309c600df9be82a2e8afd09bfd19ba20a303ecc05a85e550afd426906283"*' condition: selection level: high tags: - attack.T1071 - source.MalwareBazaar --- title: Detect Activity to Known Malicious Indicator - "1e2815e66bf6bf2604368349d86435e5e648ae44910e196e323ca09375e8e1f5" id: auto-31cf751c30d13dcafb0f97bf035b59753deac79e10815eb7946d48a4741c4de8 status: experimental description: Detects traffic or activity related to "1e2815e66bf6bf2604368349d86435e5e648ae44910e196e323ca09375e8e1f5" which is a known malicious hash. logsource: category: process_creation detection: selection: hashes: - '* "1e2815e66bf6bf2604368349d86435e5e648ae44910e196e323ca09375e8e1f5"*' condition: selection level: high tags: - attack.T1071 - source.MalwareBazaar --- title: Detect Activity to Known Malicious Indicator - "3cb55b5a027163e2a3ed05770386a1bd80577f37a4085f30ae46a23fde8bb737" id: auto-cccec4511df91e3ed3b527962c595f3bab146bd9331ccec4d161aaf8bc4eb383 status: experimental description: Detects traffic or activity related to "3cb55b5a027163e2a3ed05770386a1bd80577f37a4085f30ae46a23fde8bb737" which is a known malicious hash. logsource: category: process_creation detection: selection: hashes: - '* "3cb55b5a027163e2a3ed05770386a1bd80577f37a4085f30ae46a23fde8bb737"*' condition: selection level: high tags: - attack.T1071 - source.MalwareBazaar --- title: Detect Activity to Known Malicious Indicator - "574d5ae7f5c7fd8ffa275e755f285f3a92f2a232a015113eef0329e64e72609e" id: auto-04ac312ff4960296d39247c6bf1b30db9d8539a5e8ad30bf90db71ea6743e98c status: experimental description: Detects traffic or activity related to "574d5ae7f5c7fd8ffa275e755f285f3a92f2a232a015113eef0329e64e72609e" which is a known malicious hash. logsource: category: process_creation detection: selection: hashes: - '* "574d5ae7f5c7fd8ffa275e755f285f3a92f2a232a015113eef0329e64e72609e"*' condition: selection level: high tags: - attack.T1071 - source.MalwareBazaar --- title: Detect Activity to Known Malicious Indicator - "273220ff86844cef705dca2fed8a434b2a1546ba1f249a48af9140525371e3e1" id: auto-4e8a7d3631ab73936852c27f95a2fcef03fd31dea42c97aad3b34983c7abe8d8 status: experimental description: Detects traffic or activity related to "273220ff86844cef705dca2fed8a434b2a1546ba1f249a48af9140525371e3e1" which is a known malicious hash. logsource: category: process_creation detection: selection: hashes: - '* "273220ff86844cef705dca2fed8a434b2a1546ba1f249a48af9140525371e3e1"*' condition: selection level: high tags: - attack.T1071 - source.MalwareBazaar --- title: Detect Activity to Known Malicious Indicator - "37c5b6a429b149fa9542c544aa30d6651d9572e713e081f64582eba0aaac1269" id: auto-5fe378422fdcb0aec9c8fda9bcc359796f12e39218f4d6f433e35c57b228714f status: experimental description: Detects traffic or activity related to "37c5b6a429b149fa9542c544aa30d6651d9572e713e081f64582eba0aaac1269" which is a known malicious hash. logsource: category: process_creation detection: selection: hashes: - '* "37c5b6a429b149fa9542c544aa30d6651d9572e713e081f64582eba0aaac1269"*' condition: selection level: high tags: - attack.T1071 - source.MalwareBazaar --- title: Detect Activity to Known Malicious Indicator - "76f508f8c3b732a544afb16124eb7683b40f9c29ed1f363674aa57a4ba82e43a" id: auto-e1bb1796762591614a0d4329e5e16a3e40f7177574d714dda6bc7266e8bdc75a status: experimental description: Detects traffic or activity related to "76f508f8c3b732a544afb16124eb7683b40f9c29ed1f363674aa57a4ba82e43a" which is a known malicious hash. logsource: category: process_creation detection: selection: hashes: - '* "76f508f8c3b732a544afb16124eb7683b40f9c29ed1f363674aa57a4ba82e43a"*' condition: selection level: high tags: - attack.T1071 - source.MalwareBazaar --- title: Detect Activity to Known Malicious Indicator - "e138cd5302d28a0a83734a3f0b4796e92b38346c4db858b9adb2f2a78c055358" id: auto-44781e1dd3f9fe868d2cede6067fe7a6d8824a2038dc17ab071292f3c2089895 status: experimental description: Detects traffic or activity related to "e138cd5302d28a0a83734a3f0b4796e92b38346c4db858b9adb2f2a78c055358" which is a known malicious hash. logsource: category: process_creation detection: selection: hashes: - '* "e138cd5302d28a0a83734a3f0b4796e92b38346c4db858b9adb2f2a78c055358"*' condition: selection level: high tags: - attack.T1071 - source.MalwareBazaar --- title: Detect Activity to Known Malicious Indicator - "fd8144fa9fadab3ce862d6e42da69e1f81e98906fe097ec884cc1ae9a73a5fd5" id: auto-e8f1e66913ab6305bd9b3bdbcfbc36d0b9509516c91d6a4530df8a9b11e1afd1 status: experimental description: Detects traffic or activity related to "fd8144fa9fadab3ce862d6e42da69e1f81e98906fe097ec884cc1ae9a73a5fd5" which is a known malicious hash. logsource: category: process_creation detection: selection: hashes: - '* "fd8144fa9fadab3ce862d6e42da69e1f81e98906fe097ec884cc1ae9a73a5fd5"*' condition: selection level: high tags: - attack.T1071 - source.MalwareBazaar --- title: Detect Activity to Known Malicious Indicator - "c90728a79d70f90ae768dada42cc29a5a03427fa18a0cad875a799b8dd67c92d" id: auto-dd49a8bf397e5db34de7ae4bdfceaabb287791e10670c44f689a8578d9337815 status: experimental description: Detects traffic or activity related to "c90728a79d70f90ae768dada42cc29a5a03427fa18a0cad875a799b8dd67c92d" which is a known malicious hash. logsource: category: process_creation detection: selection: hashes: - '* "c90728a79d70f90ae768dada42cc29a5a03427fa18a0cad875a799b8dd67c92d"*' condition: selection level: high tags: - attack.T1071 - source.MalwareBazaar --- title: Detect Activity to Known Malicious Indicator - "55344b5a814d9a4b560d7f1062c27f758349da39719f2a67a02a5587d9be6948" id: auto-4581c4ed91edc813d44cd0bab20b8b65b78386e8abf75255c18496a79f875f9c status: experimental description: Detects traffic or activity related to "55344b5a814d9a4b560d7f1062c27f758349da39719f2a67a02a5587d9be6948" which is a known malicious hash. logsource: category: process_creation detection: selection: hashes: - '* "55344b5a814d9a4b560d7f1062c27f758349da39719f2a67a02a5587d9be6948"*' condition: selection level: high tags: - attack.T1071 - source.MalwareBazaar --- title: Detect Activity to Known Malicious Indicator - "b8af4830d1c00082588109443abc5f31218e71d35b718127b65fe3817cbff0f4" id: auto-b3373f8356896dfc2147369b84a95214717ce8bd781dde18878e8dc265b5c1a6 status: experimental description: Detects traffic or activity related to "b8af4830d1c00082588109443abc5f31218e71d35b718127b65fe3817cbff0f4" which is a known malicious hash. logsource: category: process_creation detection: selection: hashes: - '* "b8af4830d1c00082588109443abc5f31218e71d35b718127b65fe3817cbff0f4"*' condition: selection level: high tags: - attack.T1071 - source.MalwareBazaar --- title: Detect Activity to Known Malicious Indicator - "0dfed1b9b09e103d363e6a9ee3371cf99db771f4d7b1f4b350255e3faf333327" id: auto-5772758259bc88046d85b47b27b04cbce0350f682b0c5dcd58de72831d5cc31b status: experimental description: Detects traffic or activity related to "0dfed1b9b09e103d363e6a9ee3371cf99db771f4d7b1f4b350255e3faf333327" which is a known malicious hash. logsource: category: process_creation detection: selection: hashes: - '* "0dfed1b9b09e103d363e6a9ee3371cf99db771f4d7b1f4b350255e3faf333327"*' condition: selection level: high tags: - attack.T1071 - source.MalwareBazaar --- title: Detect Activity to Known Malicious Indicator - "d91f2a957889f74f01498d1c4fcf55b2d2fa66f689af9090362a568be8582b0a" id: auto-0a6719e341bc31cf1bae2aebfdcf83491f86036b7240eade593719032caf4679 status: experimental description: Detects traffic or activity related to "d91f2a957889f74f01498d1c4fcf55b2d2fa66f689af9090362a568be8582b0a" which is a known malicious hash. logsource: category: process_creation detection: selection: hashes: - '* "d91f2a957889f74f01498d1c4fcf55b2d2fa66f689af9090362a568be8582b0a"*' condition: selection level: high tags: - attack.T1071 - source.MalwareBazaar --- title: Detect Activity to Known Malicious Indicator - "e052bbaba494f4af95ccdd394bfe009ed34d445ad6dc1e249b34eb3a0013f27f" id: auto-30864c24103f9cafde936bcfbb1c30a99568a9e006a7ac42a11166a8d171240c status: experimental description: Detects traffic or activity related to "e052bbaba494f4af95ccdd394bfe009ed34d445ad6dc1e249b34eb3a0013f27f" which is a known malicious hash. logsource: category: process_creation detection: selection: hashes: - '* "e052bbaba494f4af95ccdd394bfe009ed34d445ad6dc1e249b34eb3a0013f27f"*' condition: selection level: high tags: - attack.T1071 - source.MalwareBazaar --- title: Detect Activity to Known Malicious Indicator - https://fiker.cattermicoffa.sbs/chrome_300_percent.pak id: auto-933685077f5fe3e757c01fbd858652dcf928d6eb560d2cf93dfa043bb5d351ff status: experimental description: Detects traffic or activity related to https://fiker.cattermicoffa.sbs/chrome_300_percent.pak which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://fiker.cattermicoffa.sbs/chrome_300_percent.pak*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://gitlab.com/khannely/derrxt/-/raw/main/259UZDS8POXH.exe id: auto-1a10913dd4118a3d9ed3a00de4ccc20487210e186d5e53f928912c1010edfd23 status: experimental description: Detects traffic or activity related to https://gitlab.com/khannely/derrxt/-/raw/main/259UZDS8POXH.exe which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://gitlab.com/khannely/derrxt/-/raw/main/259UZDS8POXH.exe*' condition: selection level: high tags: - attack.t1204.002 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://force-field.infodynamics.in.net/verification.google id: auto-cd7331d021efbf7e42747c405664884875b0f5ecc3101c8bb0f13c72695bc8e0 status: experimental description: Detects traffic or activity related to https://force-field.infodynamics.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://force-field.infodynamics.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://range-extend.signalvector.in.net/verification.google id: auto-e41dddf08a58e2e77d5d8e7d29851b6f16493660efade25289c015f2c6eef173 status: experimental description: Detects traffic or activity related to https://range-extend.signalvector.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://range-extend.signalvector.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ping-gate.signalvector.in.net/verification.google id: auto-e9763dbcf6853f03c9d9e0312405df63b5bbf565241f771ded58ff61371bc092 status: experimental description: Detects traffic or activity related to https://ping-gate.signalvector.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ping-gate.signalvector.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://wave-form.signalvector.in.net/verification.google id: auto-e1f1d5dc12f5c876adc6270287be6bb6cf0fef016ed272139f2cd31bbfb01c9f status: experimental description: Detects traffic or activity related to https://wave-form.signalvector.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://wave-form.signalvector.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://tower-sync.signalvector.in.net/verification.google id: auto-4d0316276c6cbb43e4397cc4e866601ab39836e270bcb354d1de656b9a8c270e status: experimental description: Detects traffic or activity related to https://tower-sync.signalvector.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://tower-sync.signalvector.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://radio-freq.signalvector.in.net/verification.google id: auto-020c8d65f086aa01e0aedba100ae0ebc4a50904b7620e59439ccefb93b95d473 status: experimental description: Detects traffic or activity related to https://radio-freq.signalvector.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://radio-freq.signalvector.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://beam-target.signalvector.in.net/verification.google id: auto-2152d7dfc90a36e5fb7e4609b0faf74e1d64e70201d1f1255eac7226b5b5fa14 status: experimental description: Detects traffic or activity related to https://beam-target.signalvector.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://beam-target.signalvector.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://raster-api.pixelengine.in.net/verification.google id: auto-f8485783037d1cc920fcfe55d991d425aacdde8759d0cb8dbf58f881424e97bd status: experimental description: Detects traffic or activity related to https://raster-api.pixelengine.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://raster-api.pixelengine.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://draw-logic.pixelengine.in.net/verification.google id: auto-7d615fbd1b7574d32ac3c27029f6672c9807ae03f854d467d43e8d8af188fe28 status: experimental description: Detects traffic or activity related to https://draw-logic.pixelengine.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://draw-logic.pixelengine.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://frame-buffer.pixelengine.in.net/verification.google id: auto-71c47f5561e3de6f3a57153babb971446360fe50d9fc74a9df3adf36ea3ba2fe status: experimental description: Detects traffic or activity related to https://frame-buffer.pixelengine.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://frame-buffer.pixelengine.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://color-map.pixelengine.in.net/verification.google id: auto-7b865fcf01a4c450f419420b6aa94df21cd88bd4575e48f52e60e33d11caa2ab status: experimental description: Detects traffic or activity related to https://color-map.pixelengine.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://color-map.pixelengine.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://image-proc.pixelengine.in.net/verification.google id: auto-0bd6a08231f2ceec624cdbdd511e9e120b0131ecfdb50afd20526e2f4b1ccf64 status: experimental description: Detects traffic or activity related to https://image-proc.pixelengine.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://image-proc.pixelengine.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://drift-core.nanostream.in.net/verification.google id: auto-e789933c58b3c8f5d1830271cb7a1090342b0f6abaedc974966229cfa11ebc75 status: experimental description: Detects traffic or activity related to https://drift-core.nanostream.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://drift-core.nanostream.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://pulse-svc.nanostream.in.net/verification.google id: auto-8ff6ae263f60dc4860491cbc71684e602b82b09527418d9ba3083c8c1b50f182 status: experimental description: Detects traffic or activity related to https://pulse-svc.nanostream.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://pulse-svc.nanostream.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://fast-track.nanostream.in.net/verification.google id: auto-6937831f1389db6de1c7689b1212a0eec990623a245ed5cc1300aa6f45103f74 status: experimental description: Detects traffic or activity related to https://fast-track.nanostream.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://fast-track.nanostream.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://small-packet.nanostream.in.net/verification.google id: auto-01defefe3cb32915f4ccdd91e2f3d95aea9a9ed4b441330c80d24a981af655c3 status: experimental description: Detects traffic or activity related to https://small-packet.nanostream.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://small-packet.nanostream.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://rapid-io.nanostream.in.net/verification.google id: auto-733e1b7af0fef93041616a8d37ac4c083918c74d4739c729ba26244e98b594ea status: experimental description: Detects traffic or activity related to https://rapid-io.nanostream.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://rapid-io.nanostream.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://micro-bit.nanostream.in.net/verification.google id: auto-10a5332c3d54354540e91e2cce7b7cf55e8d068eb0fdc3cb988f96b0370e89df status: experimental description: Detects traffic or activity related to https://micro-bit.nanostream.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://micro-bit.nanostream.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://zone-portal.cyberlattice.in.net/verification.google id: auto-5e1fb265eba98bf558bb48325a5b9a1e3ccc562b69ef1c4ae00a7ee2355f7c67 status: experimental description: Detects traffic or activity related to https://zone-portal.cyberlattice.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://zone-portal.cyberlattice.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://link-vault.cyberlattice.in.net/verification.google id: auto-673e6013e202ae6f4c2323767e08eb8d987467f08c21c2e242c40f9d52c1e512 status: experimental description: Detects traffic or activity related to https://link-vault.cyberlattice.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://link-vault.cyberlattice.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://net-fiber.cyberlattice.in.net/verification.google id: auto-51c54ef6dadd1384087e9b1272343224244dd04505eda17b1f12028a7b666f68 status: experimental description: Detects traffic or activity related to https://net-fiber.cyberlattice.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://net-fiber.cyberlattice.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://shield-base.cyberlattice.in.net/verification.google id: auto-fbdb47f681b65b2104c2febca0f9d27d64acb7c7b15040d2e2381ec1c2d2f835 status: experimental description: Detects traffic or activity related to https://shield-base.cyberlattice.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://shield-base.cyberlattice.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://grid-secure.cyberlattice.in.net/verification.google id: auto-5577814f339cc26fdba6e2e1df7e66a9a9610376cd826aefd3189c036b78d3ef status: experimental description: Detects traffic or activity related to https://grid-secure.cyberlattice.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://grid-secure.cyberlattice.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://mesh-gate.cyberlattice.in.net/verification.google id: auto-d3f6e8697633bfb80437cb6c27c2b5a5cf20187ac085bab0d6bccc7213aef1e0 status: experimental description: Detects traffic or activity related to https://mesh-gate.cyberlattice.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://mesh-gate.cyberlattice.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://pool-manager.datacascade.in.net/verification.google id: auto-7fabca7eff9001fe2bd26e4d7206c0ae619d8c8b5c6a09ef91fb8cd124160612 status: experimental description: Detects traffic or activity related to https://pool-manager.datacascade.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://pool-manager.datacascade.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://level-check.datacascade.in.net/verification.google id: auto-03c7a3b19f93d8bcdccc8c7348144b708e3a514e176e5b67d3762f30f19c4eef status: experimental description: Detects traffic or activity related to https://level-check.datacascade.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://level-check.datacascade.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://tier-access.datacascade.in.net/verification.google id: auto-af779238ab2b1606e003035da9b97666125489b30b0c868f84a881fde3ad94fe status: experimental description: Detects traffic or activity related to https://tier-access.datacascade.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://tier-access.datacascade.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://bulk-logic.datacascade.in.net/verification.google id: auto-7c8883f66b8fa230a4fff3a3ee04279eb3d9e5de9335864a56081c6be883ac10 status: experimental description: Detects traffic or activity related to https://bulk-logic.datacascade.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://bulk-logic.datacascade.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://stream-view.datacascade.in.net/verification.google id: auto-bad7610b1fe68aefbd4689ea20bc599f33c577af002630f4996b44a85a16fde9 status: experimental description: Detects traffic or activity related to https://stream-view.datacascade.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://stream-view.datacascade.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://flow-drop.datacascade.in.net/verification.google id: auto-76d651c3f7f3d9553332574192765a51d4a8f314601841bf44572fa4487e1098 status: experimental description: Detects traffic or activity related to https://flow-drop.datacascade.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://flow-drop.datacascade.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://vector-node.infovector.in.net/verification.google id: auto-4649c0202cf8446d6986d44399bea58ac4f7c151823fecd640e31511b88ef611 status: experimental description: Detects traffic or activity related to https://vector-node.infovector.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://vector-node.infovector.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://trace-sync.infovector.in.net/verification.google id: auto-60a5b46aee7fc851782fc951e97cb870b2ba95375e73350c8c0f2d64cb553562 status: experimental description: Detects traffic or activity related to https://trace-sync.infovector.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://trace-sync.infovector.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://route-api.infovector.in.net/verification.google id: auto-b6e5841358352ecf4f2c307567f5ae22b10153e35512743c2be1f5df051d1377 status: experimental description: Detects traffic or activity related to https://route-api.infovector.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://route-api.infovector.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://data-relay.infovector.in.net/verification.google id: auto-fbc59bc18d2b3ab7faf431a456311a0387b6772541e7584732ee92ba8b95566e status: experimental description: Detects traffic or activity related to https://data-relay.infovector.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://data-relay.infovector.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://path-finder.infovector.in.net/verification.google id: auto-2cc82c9f6cd2aea739d03b81cf179eb29033e9076b2008caacc56dfa3bbf9589 status: experimental description: Detects traffic or activity related to https://path-finder.infovector.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://path-finder.infovector.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://info-point.infovector.in.net/verification.google id: auto-ab117e269135e606e6e9f2396f7b3ea0e18e7a0495866e1720172f30e5395f28 status: experimental description: Detects traffic or activity related to https://info-point.infovector.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://info-point.infovector.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dlnhov4.granulatetouch.in.net/verification.google id: auto-0da119ba8bca6f479d02ac906759006fbf9e8f0285ebd402347cc3951b16c723 status: experimental description: Detects traffic or activity related to https://dlnhov4.granulatetouch.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dlnhov4.granulatetouch.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://daem-gate.granulatetouch.in.net/verification.google id: auto-f41eeec1a911df518978fe06d9429a67c0cd16355302a08f5db285bab368a367 status: experimental description: Detects traffic or activity related to https://daem-gate.granulatetouch.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://daem-gate.granulatetouch.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://wildcircuit.granulatetouch.in.net/verification.google id: auto-af2a9e14c491a59c0cc0525ede87b38af53a34119314c1888633d68b01d66fef status: experimental description: Detects traffic or activity related to https://wildcircuit.granulatetouch.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://wildcircuit.granulatetouch.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://rnonito-watch.granulatetouch.in.net/verification.google id: auto-6a5d0315540e7aa4c370ff03786f3dafaa5875328fcf9331410fb57897e205f0 status: experimental description: Detects traffic or activity related to https://rnonito-watch.granulatetouch.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://rnonito-watch.granulatetouch.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://hyper-14b.granulatetouch.in.net/verification.google id: auto-e3274429138de242f400275b77b93657d550f01fcd4630e82d2da596f74b5a65 status: experimental description: Detects traffic or activity related to https://hyper-14b.granulatetouch.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://hyper-14b.granulatetouch.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dqkgif.granulatetouch.in.net/verification.google id: auto-d189508d43d1a34357c11e2975c86bbbadaef165743333836eaff4d74664bd56 status: experimental description: Detects traffic or activity related to https://dqkgif.granulatetouch.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dqkgif.granulatetouch.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cast-spar.coddlcaught.in.net/verification.google id: auto-1c39a0f87a6669a83ad4ae82c3252e35e22fa4024b114010bff9c6ce892028d0 status: experimental description: Detects traffic or activity related to https://cast-spar.coddlcaught.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cast-spar.coddlcaught.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://snapshotgeyser.coddlcaught.in.net/verification.google id: auto-d8b4829c40b140f3b8afdf767a98a819562c4c4fbe4d2b7b9b1e6ba27d815473 status: experimental description: Detects traffic or activity related to https://snapshotgeyser.coddlcaught.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://snapshotgeyser.coddlcaught.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://mode14-node.coddlcaught.in.net/verification.google id: auto-9d1494689ceb2c1ba8d504fd3da81a8e3dc44fd7a7be1e2377557f4021324ad2 status: experimental description: Detects traffic or activity related to https://mode14-node.coddlcaught.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://mode14-node.coddlcaught.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://shie1d-leaf.coddlcaught.in.net/verification.google id: auto-df1aadd4b0b8be39333786fc741af2cd2638c39dd194ddf7955db6113da58025 status: experimental description: Detects traffic or activity related to https://shie1d-leaf.coddlcaught.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://shie1d-leaf.coddlcaught.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://24zog.coddlcaught.in.net/verification.google id: auto-134a7ae04d3efecce2882f3eef594c86695965f3f8c1e71a2557fbfa37919c35 status: experimental description: Detects traffic or activity related to https://24zog.coddlcaught.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://24zog.coddlcaught.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://foredeliv.coddlcaught.in.net/verification.google id: auto-966aef4bd53338542df1484456393a469f60dbc33e5bafa2b2835b5e40977cd2 status: experimental description: Detects traffic or activity related to https://foredeliv.coddlcaught.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://foredeliv.coddlcaught.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://storagefreig.glassterrible.in.net/verification.google id: auto-ee424386b275cf48ca69cbde6a0f38ffb8265d6dc00d6ce58fdb655b57305909 status: experimental description: Detects traffic or activity related to https://storagefreig.glassterrible.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://storagefreig.glassterrible.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://zwjk9ew.glassterrible.in.net/verification.google id: auto-fc5fb0affbd2bd94d5dba0f98c53ffcedaefa154a650fb04f57a337c9c8a1aae status: experimental description: Detects traffic or activity related to https://zwjk9ew.glassterrible.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://zwjk9ew.glassterrible.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://secure-spool.glassterrible.in.net/verification.google id: auto-0a220e911754c71be3c8584bbc2ed898ed60183107ce4bc4428553d0d2df231a status: experimental description: Detects traffic or activity related to https://secure-spool.glassterrible.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://secure-spool.glassterrible.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://matri-insp.glassterrible.in.net/verification.google id: auto-a3eed7a2ba3cf27ed7e51712e94191c2258b28a01e6cba10ac654e053f8c4d90 status: experimental description: Detects traffic or activity related to https://matri-insp.glassterrible.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://matri-insp.glassterrible.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://proto-voy4.glassterrible.in.net/verification.google id: auto-08cb4f04d303320b2baeeac81e7cc2ac5c38b8d044ce700355d990ca0e5fb982 status: experimental description: Detects traffic or activity related to https://proto-voy4.glassterrible.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://proto-voy4.glassterrible.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://7kutx52w.glassterrible.in.net/verification.google id: auto-606e6eb29913c62de210e2d978c3e9a5b0539197907fdfcff3e6c6ac843eb582 status: experimental description: Detects traffic or activity related to https://7kutx52w.glassterrible.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://7kutx52w.glassterrible.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://datarea.dropaway.in.net/verification.google id: auto-e005dd4d16a83fae2424e3d604f0290c5c5934965a71dbf13816ce04eff7fff2 status: experimental description: Detects traffic or activity related to https://datarea.dropaway.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://datarea.dropaway.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ijnjw.dropaway.in.net/verification.google id: auto-51d0086000511c8d3c11e02e6a5157a66aed1483d5040b30712316bc5c925017 status: experimental description: Detects traffic or activity related to https://ijnjw.dropaway.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ijnjw.dropaway.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://qnde.dropaway.in.net/verification.google id: auto-104eee5f187978c8b908ee098d626f1db407027264c7bf3ab38435e9e3189bb2 status: experimental description: Detects traffic or activity related to https://qnde.dropaway.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://qnde.dropaway.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://vrr80sq.dropaway.in.net/verification.google id: auto-082faefdaceda34dc07fcec8cae6e7d19b443c973b3f9eaa9cb250bea4a268f6 status: experimental description: Detects traffic or activity related to https://vrr80sq.dropaway.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://vrr80sq.dropaway.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://threaopti.dropaway.in.net/verification.google id: auto-56ab2ef4bd2380f58b0af4407c5282254f007097f77d29aa222546da3db7f4b9 status: experimental description: Detects traffic or activity related to https://threaopti.dropaway.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://threaopti.dropaway.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dr1v5-frame.dropaway.in.net/verification.google id: auto-d2c8902831da69f4a88e5e532f740752c7220cf095c2b47ec9673d218fa89cce status: experimental description: Detects traffic or activity related to https://dr1v5-frame.dropaway.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dr1v5-frame.dropaway.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://5hsg8.sewdarken.in.net/verification.google id: auto-a4ce38cb415f8f8b7927b5f832829d8816362fa83a98c86c20e8c86c9cc66f8b status: experimental description: Detects traffic or activity related to https://5hsg8.sewdarken.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://5hsg8.sewdarken.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://9lftebnr.sewdarken.in.net/verification.google id: auto-6fd64a872054b44fa861c9ef6a1b662b75ac60fe24feffdfcdcf4e1296087a88 status: experimental description: Detects traffic or activity related to https://9lftebnr.sewdarken.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://9lftebnr.sewdarken.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://geo-d4ta.sewdarken.in.net/verification.google id: auto-e1e00e28e8fae6adad4961f7ee06e361398cd0ec49f5ab478ad3f7ae04f73eae status: experimental description: Detects traffic or activity related to https://geo-d4ta.sewdarken.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://geo-d4ta.sewdarken.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://nbjc.sewdarken.in.net/verification.google id: auto-efd7dcff1b348842d8fe65810d115b40aec1d66b1e0a36f6b0ffd444a29b3d1d status: experimental description: Detects traffic or activity related to https://nbjc.sewdarken.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://nbjc.sewdarken.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://finalvault.sewdarken.in.net/verification.google id: auto-7f88d687d177cab9e635db7d57be2826525acf7e4049fbc8729c3106ed340920 status: experimental description: Detects traffic or activity related to https://finalvault.sewdarken.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://finalvault.sewdarken.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://lumline0al.sewdarken.in.net/verification.google id: auto-2b3cc065668dba7e7be29c22f49ce9a047f164d83fc9b2d65fd5cdc63af85d3c status: experimental description: Detects traffic or activity related to https://lumline0al.sewdarken.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://lumline0al.sewdarken.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://d3pl-lab.movementsheptun.in.net/verification.google id: auto-afac0f3c3fefb61b122095977025815fc15a26de9a8c2d969f815e0aa254e913 status: experimental description: Detects traffic or activity related to https://d3pl-lab.movementsheptun.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://d3pl-lab.movementsheptun.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://hfx03k.movementsheptun.in.net/verification.google id: auto-d923078417d31c48c361dc8a5f80ff10aeee59fa7fa6caea0a702a23fc18818f status: experimental description: Detects traffic or activity related to https://hfx03k.movementsheptun.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://hfx03k.movementsheptun.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://sp4rk3-trace.movementsheptun.in.net/verification.google id: auto-d865038d6622b481dcf26555d344d2f09a4a90d86d743de50797ec03ce561c70 status: experimental description: Detects traffic or activity related to https://sp4rk3-trace.movementsheptun.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://sp4rk3-trace.movementsheptun.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://arn3i.movementsheptun.in.net/verification.google id: auto-e3dccd3938116d1aa2917a2f4133d19aaf591c204e72186d2f8e94cd49a0c2dc status: experimental description: Detects traffic or activity related to https://arn3i.movementsheptun.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://arn3i.movementsheptun.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://fvbtyoj.movementsheptun.in.net/verification.google id: auto-e79c9de825399543d443e1676387487a23e29df2c53e25e5f242b903a396ce2a status: experimental description: Detects traffic or activity related to https://fvbtyoj.movementsheptun.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://fvbtyoj.movementsheptun.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://relay-chain.movementsheptun.in.net/verification.google id: auto-82f0073178dba7133dac41cc034806f51484b7017156536c92b46f4f013b295d status: experimental description: Detects traffic or activity related to https://relay-chain.movementsheptun.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://relay-chain.movementsheptun.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://9sis.demolishtunis.in.net/verification.google id: auto-b9aef88c77ef4fe4593cf557829abc26d078979ebc25cde24bf99a191f43ebb4 status: experimental description: Detects traffic or activity related to https://9sis.demolishtunis.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://9sis.demolishtunis.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://jjczes4.demolishtunis.in.net/verification.google id: auto-69b1c2e6ce3132feb09a1fd8fad766ad4f21eb5dd0d8ff5145be774a4e3a18f7 status: experimental description: Detects traffic or activity related to https://jjczes4.demolishtunis.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://jjczes4.demolishtunis.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://m15t7-sync.demolishtunis.in.net/verification.google id: auto-f9aa62074402c716d86c6f740999995b504a8d184c57b63fdda8c2cc842dd19c status: experimental description: Detects traffic or activity related to https://m15t7-sync.demolishtunis.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://m15t7-sync.demolishtunis.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://binaryassay.demolishtunis.in.net/verification.google id: auto-4f853e2fc95e7126798ae3ff7d4aabcaa5fc9c8c4d7317557d2e93ed75775b4a status: experimental description: Detects traffic or activity related to https://binaryassay.demolishtunis.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://binaryassay.demolishtunis.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://talforgeal2.demolishtunis.in.net/verification.google id: auto-b42a806fe847258831bec2e8d5a9523b1977dcba5ffa9d4a22bb2337a355ef88 status: experimental description: Detects traffic or activity related to https://talforgeal2.demolishtunis.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://talforgeal2.demolishtunis.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dynfluxal.demolishtunis.in.net/verification.google id: auto-69074898e12e4787205163d0a95028fc1742d8c4f54fe804e738134073521f1d status: experimental description: Detects traffic or activity related to https://dynfluxal.demolishtunis.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dynfluxal.demolishtunis.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://lo98.barondecont.in.net/verification.google id: auto-2f809f6e87790d00559f627f0205a0c164fe8de7d9469cfb63c44c6a16dafe42 status: experimental description: Detects traffic or activity related to https://lo98.barondecont.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://lo98.barondecont.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://sprucethorn.barondecont.in.net/verification.google id: auto-543723c24a3746bf68bdbfbe948e70a1d1abae43a11f89597743d6f1a7f4829e status: experimental description: Detects traffic or activity related to https://sprucethorn.barondecont.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://sprucethorn.barondecont.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://h4rb-loop.barondecont.in.net/verification.google id: auto-47fe598aad754e0b9bd7902a7eb18659bce2a067dc971aa2b00fa228be05ac53 status: experimental description: Detects traffic or activity related to https://h4rb-loop.barondecont.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://h4rb-loop.barondecont.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://crirn4-point.barondecont.in.net/verification.google id: auto-9912d37b3ab6780c19771bdde82b74a92e22a8068d1c49ed4690d75500294e3d status: experimental description: Detects traffic or activity related to https://crirn4-point.barondecont.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://crirn4-point.barondecont.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://calmion.barondecont.in.net/verification.google id: auto-f3cd7bb17984e43f6d74e368c8efa2e08d05105b6a22727a614baa327eb5e170 status: experimental description: Detects traffic or activity related to https://calmion.barondecont.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://calmion.barondecont.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://qobavx3.barondecont.in.net/verification.google id: auto-7d0a9c60407f475f58bf920811e9edea76bd6aa10cdae44242bb85d85cfa974b status: experimental description: Detects traffic or activity related to https://qobavx3.barondecont.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://qobavx3.barondecont.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://neo-d3v.vivatwoman.in.net/verification.google id: auto-fa3080dcb90363b7dc011b0e149a4b1823878fc43d3bb8805694fcc0e2bc2376 status: experimental description: Detects traffic or activity related to https://neo-d3v.vivatwoman.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://neo-d3v.vivatwoman.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://norvenix2.vivatwoman.in.net/verification.google id: auto-23455cc31ff6e62972b62a15bc5f0e0f7f7098875cf018b246d55c31132bb694 status: experimental description: Detects traffic or activity related to https://norvenix2.vivatwoman.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://norvenix2.vivatwoman.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://lumnexen7.vivatwoman.in.net/verification.google id: auto-6a410746ad8a7e1a4094248f83c6e02f02bb130970e247a85d1112de82ad0efc status: experimental description: Detects traffic or activity related to https://lumnexen7.vivatwoman.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://lumnexen7.vivatwoman.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://6jamieya.vivatwoman.in.net/verification.google id: auto-5967ce45f584bd9200d9c04d2f625e0d38fc7ad2e720733f77a47e13605396dc status: experimental description: Detects traffic or activity related to https://6jamieya.vivatwoman.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://6jamieya.vivatwoman.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://solcresten2.vivatwoman.in.net/verification.google id: auto-608694c73fe026c704dca524bad53c86836a079dc005a03be90459f0748b2a78 status: experimental description: Detects traffic or activity related to https://solcresten2.vivatwoman.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://solcresten2.vivatwoman.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://wild-mount.vivatwoman.in.net/verification.google id: auto-3eb4b4eaee21c39aad86624dfd4d9568ed6a233f1492370c6d5b26bb48fa911d status: experimental description: Detects traffic or activity related to https://wild-mount.vivatwoman.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://wild-mount.vivatwoman.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://kxep42pp.driveaway.in.net/verification.google id: auto-f2243f7e1ed2132caa60d55a554baf364cec4c49918dd01f670b889d7ee12a5d status: experimental description: Detects traffic or activity related to https://kxep42pp.driveaway.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://kxep42pp.driveaway.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://choru5-hinge.driveaway.in.net/verification.google id: auto-c9af92223b287e209cd87580ee2417980972f6331e982c2420b5af9061e7f2d6 status: experimental description: Detects traffic or activity related to https://choru5-hinge.driveaway.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://choru5-hinge.driveaway.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://compilpow.driveaway.in.net/verification.google id: auto-069e069c8411cd3f06f06bc1537a3f411b94bf76994cf78432d1c08aeeac701d status: experimental description: Detects traffic or activity related to https://compilpow.driveaway.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://compilpow.driveaway.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://nppw50at.driveaway.in.net/verification.google id: auto-754e7d2f36bf8f22d9496f53676b49c270e4b721e63ce1b14fdce2156a88a70c status: experimental description: Detects traffic or activity related to https://nppw50at.driveaway.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://nppw50at.driveaway.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://wzovragk.driveaway.in.net/verification.google id: auto-3ddd71048817bfe598c6d28d41a0aabb313e9ae78a793eb9bfe1495d436bac80 status: experimental description: Detects traffic or activity related to https://wzovragk.driveaway.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://wzovragk.driveaway.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://soft-glob.driveaway.in.net/verification.google id: auto-b4733fe033c4c6754539ce28c867ef1ac2442283def8656758ddb312e41c06fd status: experimental description: Detects traffic or activity related to https://soft-glob.driveaway.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://soft-glob.driveaway.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://loud-cloud.brillwhistleb.in.net/verification.google id: auto-9b56fba086c6c5c5dc2a8e029760ff1f4f3e730c385edbe25bfa96f675298096 status: experimental description: Detects traffic or activity related to https://loud-cloud.brillwhistleb.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://loud-cloud.brillwhistleb.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://wind-flow.brillwhistleb.in.net/verification.google id: auto-14398918b3f7fa094e59fc144ffbaa9757ec824c1de4f240f341ccffb0eb9aab status: experimental description: Detects traffic or activity related to https://wind-flow.brillwhistleb.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://wind-flow.brillwhistleb.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://alert-svc.brillwhistleb.in.net/verification.google id: auto-269396178d2819768701c278585724dcd9ad5d1dcc96bb340c6ae6b20f1a165d status: experimental description: Detects traffic or activity related to https://alert-svc.brillwhistleb.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://alert-svc.brillwhistleb.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://signal-box.brillwhistleb.in.net/verification.google id: auto-a767318c8a48b1f8f7bc5cd492edfee472885803b2f8885fcf70988948911f65 status: experimental description: Detects traffic or activity related to https://signal-box.brillwhistleb.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://signal-box.brillwhistleb.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://tune-api.brillwhistleb.in.net/verification.google id: auto-d7ef53f760726640877ee67e7df2072f48cd9cefcba2672141ebd58cd6fceb88 status: experimental description: Detects traffic or activity related to https://tune-api.brillwhistleb.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://tune-api.brillwhistleb.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://high-note.brillwhistleb.in.net/verification.google id: auto-46e94a74765babeb02ac31f3de70fa82423911f660e74afc9bcbf3e785363589 status: experimental description: Detects traffic or activity related to https://high-note.brillwhistleb.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://high-note.brillwhistleb.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://yield-hub.combinekabisia.in.net/verification.google id: auto-b56c8a6588476b0c7c8102a1362be423c4a1c95e1b54b5c8dd0ba4772244fc54 status: experimental description: Detects traffic or activity related to https://yield-hub.combinekabisia.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://yield-hub.combinekabisia.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://crop-trace.combinekabisia.in.net/verification.google id: auto-e0ba127a0488848663ca928097a7a2f07aa5bddd3cbf42b59d803887c1ee62f9 status: experimental description: Detects traffic or activity related to https://crop-trace.combinekabisia.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://crop-trace.combinekabisia.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://harvest-api.combinekabisia.in.net/verification.google id: auto-d5743bece2e513ca99f18b9c413e6e13a533d72d32b85e7755ee3d9809730904 status: experimental description: Detects traffic or activity related to https://harvest-api.combinekabisia.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://harvest-api.combinekabisia.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://field-scan.combinekabisia.in.net/verification.google id: auto-c12ec88045401a89e5b391439d46d979a4b3bd3846d177400cbf0f980de387b6 status: experimental description: Detects traffic or activity related to https://field-scan.combinekabisia.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://field-scan.combinekabisia.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://grain-store.combinekabisia.in.net/verification.google id: auto-0e58cd66397814f77abbebc1e267e4390e665d4449a32a2fc73d4a34d4805be7 status: experimental description: Detects traffic or activity related to https://grain-store.combinekabisia.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://grain-store.combinekabisia.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://farm-logic.combinekabisia.in.net/verification.google id: auto-dcc5de3c91677b98096b1187c99b9df7789803c3d362554dd26668a4132bdb05 status: experimental description: Detects traffic or activity related to https://farm-logic.combinekabisia.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://farm-logic.combinekabisia.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://root-source.maknothplacenta.in.net/verification.google id: auto-c365d225a54228ac1e36b3f03e6bd2b967bed95d905bd40b28e360ed81b3142b status: experimental description: Detects traffic or activity related to https://root-source.maknothplacenta.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://root-source.maknothplacenta.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://health-node.maknothplacenta.in.net/verification.google id: auto-4655b41d03ef53bee1f5aa67d106566b40862eaff1d49e30e5e75717c02a86be status: experimental description: Detects traffic or activity related to https://health-node.maknothplacenta.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://health-node.maknothplacenta.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://organ-sync.maknothplacenta.in.net/verification.google id: auto-3eb4f76a080481b109a674d095c05f9ba7742748b0ed3fd242100e7de95b0d32 status: experimental description: Detects traffic or activity related to https://organ-sync.maknothplacenta.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://organ-sync.maknothplacenta.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cell-logic.maknothplacenta.in.net/verification.google id: auto-1660b05cfe21f297dce7de3792f89354c353ae07124cc1b515962a0b049f4cf5 status: experimental description: Detects traffic or activity related to https://cell-logic.maknothplacenta.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cell-logic.maknothplacenta.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://life-cycle.maknothplacenta.in.net/verification.google id: auto-36e23577532025f0d143fffeb077262df14e4f03317354f8098327b7b13f6f8a status: experimental description: Detects traffic or activity related to https://life-cycle.maknothplacenta.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://life-cycle.maknothplacenta.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://bio-record.maknothplacenta.in.net/verification.google id: auto-8b7250f6de52ed552664301be70b81d570752f90715bad2e05d4a596b04a0e11 status: experimental description: Detects traffic or activity related to https://bio-record.maknothplacenta.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://bio-record.maknothplacenta.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://wave-form.lohsmacknon.in.net/verification.google id: auto-e50db5501cbdb69af0090832250782cd3466fc7520620d088007f7bc5767d636 status: experimental description: Detects traffic or activity related to https://wave-form.lohsmacknon.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://wave-form.lohsmacknon.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://audio-path.lohsmacknon.in.net/verification.google id: auto-a9b1b441fc63b5ff81caf2cccd6c06864cd1a69c521a80767755e25db4c3f939 status: experimental description: Detects traffic or activity related to https://audio-path.lohsmacknon.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://audio-path.lohsmacknon.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://noise-gate.lohsmacknon.in.net/verification.google id: auto-988259b55b6dae9453a5aca253ccdf7646c0251b8978ba785ba4fd50169bdafb status: experimental description: Detects traffic or activity related to https://noise-gate.lohsmacknon.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://noise-gate.lohsmacknon.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://echo-relay.lohsmacknon.in.net/verification.google id: auto-7f47200a4941965dc81434ee7caf9660df7c5ace611a73516d481a0f1319d5e9 status: experimental description: Detects traffic or activity related to https://echo-relay.lohsmacknon.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://echo-relay.lohsmacknon.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://bass-boost.lohsmacknon.in.net/verification.google id: auto-6f311122c9dc44d90df34bc9464450adf0365bab6f75a1dacbb4cc0c7f559cef status: experimental description: Detects traffic or activity related to https://bass-boost.lohsmacknon.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://bass-boost.lohsmacknon.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://sound-check.lohsmacknon.in.net/verification.google id: auto-6a97d8b2076594af9d7cbadab3c2b7e371cf63855d388282ab0716965d25d31a status: experimental description: Detects traffic or activity related to https://sound-check.lohsmacknon.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://sound-check.lohsmacknon.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://def-system.fighttrapper.in.net/verification.google id: auto-aa6998fec4d510cce6c0072a7ae72fd0cee890bde35c7854f0d65a59ce6131fb status: experimental description: Detects traffic or activity related to https://def-system.fighttrapper.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://def-system.fighttrapper.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://target-api.fighttrapper.in.net/verification.google id: auto-aa43e1d349e2d6ecccbeae01c98e77ab80bc86bc04253415a054471e0c237b0e status: experimental description: Detects traffic or activity related to https://target-api.fighttrapper.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://target-api.fighttrapper.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://secure-hit.fighttrapper.in.net/verification.google id: auto-27d73ab1e9877a06595e2013cb261fde51495a9bbfc9455eeee3c11978a24e94 status: experimental description: Detects traffic or activity related to https://secure-hit.fighttrapper.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://secure-hit.fighttrapper.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://catch-node.fighttrapper.in.net/verification.google id: auto-a03218c80d636575a12236df87e2f0987139de456ef38e596823e6a8bf13ea2b status: experimental description: Detects traffic or activity related to https://catch-node.fighttrapper.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://catch-node.fighttrapper.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cage-match.fighttrapper.in.net/verification.google id: auto-f89f82e33f07b458e967d8cac6e06baa9876f76d7dfa308264a09e3e3ade7ea9 status: experimental description: Detects traffic or activity related to https://cage-match.fighttrapper.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cage-match.fighttrapper.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://action-log.fighttrapper.in.net/verification.google id: auto-4572de661d6805d6863e2ec0183e53a5a78bba87c400f589516e02319af385f1 status: experimental description: Detects traffic or activity related to https://action-log.fighttrapper.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://action-log.fighttrapper.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://video-drop.cameoinfusion.in.net/verification.google id: auto-d5040f95292bc6afd4b668ad5011be25df9048f33b20fcd7768bdd43d7f23845 status: experimental description: Detects traffic or activity related to https://video-drop.cameoinfusion.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://video-drop.cameoinfusion.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://blend-master.cameoinfusion.in.net/verification.google id: auto-cc8bd99f775686fe7045ff9fafc6fbf814984f4a1b5007292180fbdd034d9cf8 status: experimental description: Detects traffic or activity related to https://blend-master.cameoinfusion.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://blend-master.cameoinfusion.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://color-mix.cameoinfusion.in.net/verification.google id: auto-133c97d4671be5160e13a9eaa7f43af2e30763545f73e13abee0e4298d9e7cce status: experimental description: Detects traffic or activity related to https://color-mix.cameoinfusion.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://color-mix.cameoinfusion.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://style-sync.cameoinfusion.in.net/verification.google id: auto-c0f2912eea7d4d41f4f9c0696e81ad8af9d24f5eedd4231da76fac3c674bb926 status: experimental description: Detects traffic or activity related to https://style-sync.cameoinfusion.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://style-sync.cameoinfusion.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://art-portal.cameoinfusion.in.net/verification.google id: auto-c59b8e43a01e7a39ebf8094e06cb4384af72bc121ccde397121ff4512b284aeb status: experimental description: Detects traffic or activity related to https://art-portal.cameoinfusion.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://art-portal.cameoinfusion.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://small-frame.cameoinfusion.in.net/verification.google id: auto-df120e1c680bf8e573f8e446cc34ce61fd83d7b09319d805301aa9c5afdd0fe3 status: experimental description: Detects traffic or activity related to https://small-frame.cameoinfusion.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://small-frame.cameoinfusion.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://silk-route.industtarant.in.net/verification.google id: auto-fb03f7a76453f5e390f991bdf43d94f18b841c3a49f56629d893685c5afe60cd status: experimental description: Detects traffic or activity related to https://silk-route.industtarant.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://silk-route.industtarant.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://venom-dev.industtarant.in.net/verification.google id: auto-79a9333ac4cc5c3d90c4d158e0e902e19df14b336a57eb5d2d40c214f2ad8742 status: experimental description: Detects traffic or activity related to https://venom-dev.industtarant.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://venom-dev.industtarant.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://heavy-link.industtarant.in.net/verification.google id: auto-34dcd9bab7d4d49a59a931da46d1b6ede24e46d73c8592a43107fb677d94f2f0 status: experimental description: Detects traffic or activity related to https://heavy-link.industtarant.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://heavy-link.industtarant.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://factory-io.industtarant.in.net/verification.google id: auto-794e14c23c8b3f8bc9d3a8aa314b7da8a052b75451ee9d4a1c75e00a24d99fda status: experimental description: Detects traffic or activity related to https://factory-io.industtarant.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://factory-io.industtarant.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://web-crawl.industtarant.in.net/verification.google id: auto-f9555ec93f7d02dc6f6a7b81383b0cc5f6381d52f5e21fd7a295cfdfef2c04f2 status: experimental description: Detects traffic or activity related to https://web-crawl.industtarant.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://web-crawl.industtarant.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://spider-net.industtarant.in.net/verification.google id: auto-aa4b7bd84c60ae3aef977663258a3b042952d457971eb7d1197896e38062c74c status: experimental description: Detects traffic or activity related to https://spider-net.industtarant.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://spider-net.industtarant.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://skin-proxy.dervishpeel.in.net/verification.google id: auto-cebc966d008d04972599637d50f8716bd6d33a874ca85ffc0e3b22b2e4c7247e status: experimental description: Detects traffic or activity related to https://skin-proxy.dervishpeel.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://skin-proxy.dervishpeel.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://rotate-node.dervishpeel.in.net/verification.google id: auto-12252e332e2413abd6e44a78fc1c1da5717e56e38292cc53cb8e180d63fb3569 status: experimental description: Detects traffic or activity related to https://rotate-node.dervishpeel.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://rotate-node.dervishpeel.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://core-wrap.dervishpeel.in.net/verification.google id: auto-dac6b22f0ce70e7c2d18f2008da977c05d8bacca7e09be27f4da0f3e924121d6 status: experimental description: Detects traffic or activity related to https://core-wrap.dervishpeel.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://core-wrap.dervishpeel.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://outer-shell.dervishpeel.in.net/verification.google id: auto-d7a7411c22a5ff125aa0063d39180f5f1b07834100b03c46e0c798168f54febb status: experimental description: Detects traffic or activity related to https://outer-shell.dervishpeel.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://outer-shell.dervishpeel.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://layer-check.dervishpeel.in.net/verification.google id: auto-abf6e01bc3a4d7daffe5912743d17e3297abeddc813034cd1282ebce17f66beb status: experimental description: Detects traffic or activity related to https://layer-check.dervishpeel.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://layer-check.dervishpeel.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://spin-cycle.dervishpeel.in.net/verification.google id: auto-d3708ba77ad82538616d965002e00944916d3c79b957db91d35b333bdd51d7c4 status: experimental description: Detects traffic or activity related to https://spin-cycle.dervishpeel.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://spin-cycle.dervishpeel.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://source-log.needwatka.in.net/verification.google id: auto-21661e7283f22eb35b31908e495b1e04c43a41d2fd0118ef8c8c7470736a7f50 status: experimental description: Detects traffic or activity related to https://source-log.needwatka.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://source-log.needwatka.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://hydro-svc.needwatka.in.net/verification.google id: auto-a67ea9226cdc2ad6f184e6d9e418b8b11c9d1d003b466d7d2264dc7a7e39104d status: experimental description: Detects traffic or activity related to https://hydro-svc.needwatka.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://hydro-svc.needwatka.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://pump-ctrl.needwatka.in.net/verification.google id: auto-a192eb374b92cda8c6ff4a15639699012cf41957e5a8a88a0fef6d74bfbddc81 status: experimental description: Detects traffic or activity related to https://pump-ctrl.needwatka.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://pump-ctrl.needwatka.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://well-point.needwatka.in.net/verification.google id: auto-43d8abe5c7076b4a540feda8a144d9e6826ff024e9437c5dfe3dd8fdfc75eeb9 status: experimental description: Detects traffic or activity related to https://well-point.needwatka.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://well-point.needwatka.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://liquid-api.needwatka.in.net/verification.google id: auto-777d95c1ae85c7403cd8b4f2440730ae7523f60b1411e37492fc536e16a71c49 status: experimental description: Detects traffic or activity related to https://liquid-api.needwatka.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://liquid-api.needwatka.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://water-flow.needwatka.in.net/verification.google id: auto-f499d34ba6261eeb1340dd7c432ba527bcc54bec8f2a3c428790ba6df395666c status: experimental description: Detects traffic or activity related to https://water-flow.needwatka.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://water-flow.needwatka.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://site-connect.fetterland.in.net/verification.google id: auto-b5cc7056c815559fbb8818d72d3cbc9c66642e2b6524b053568f93ae553ba7ea status: experimental description: Detects traffic or activity related to https://site-connect.fetterland.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://site-connect.fetterland.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://fence-logic.fetterland.in.net/verification.google id: auto-908a2ad8b43b7842a38c13d03ea0527ba791bc86b64418c9053aaf05af65930e status: experimental description: Detects traffic or activity related to https://fence-logic.fetterland.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://fence-logic.fetterland.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://soil-monitor.fetterland.in.net/verification.google id: auto-665fe1fb8ab0c49f2078248ff628524ffdd4414444e3755bf056b7c274a7797b status: experimental description: Detects traffic or activity related to https://soil-monitor.fetterland.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://soil-monitor.fetterland.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://land-mark.fetterland.in.net/verification.google id: auto-6fa1af1cab9720e60ab1e64d47f6a2df4c23247cb89129f77fd87920945ac9cd status: experimental description: Detects traffic or activity related to https://land-mark.fetterland.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://land-mark.fetterland.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://area-scanner.fetterland.in.net/verification.google id: auto-459a6a8541290849eaf7edcac71b5b503a09e7ab277cd48b627cdcc29a214a79 status: experimental description: Detects traffic or activity related to https://area-scanner.fetterland.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://area-scanner.fetterland.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://border-gate.fetterland.in.net/verification.google id: auto-c82b1fa27f600d0fd10644dd937e2c350ecadcb77805118a4ac05250c0032855 status: experimental description: Detects traffic or activity related to https://border-gate.fetterland.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://border-gate.fetterland.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://robot-api.mechaforge.in.net/verification.google id: auto-459a8283424b3efce5fa497a71b9f6d4133aadd15339d006efb16be04cdde89e status: experimental description: Detects traffic or activity related to https://robot-api.mechaforge.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://robot-api.mechaforge.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://steel-core.mechaforge.in.net/verification.google id: auto-4f543002489f9312d683352ba5b3f65bb5f25d5a8c629a547f031e74dc0c469d status: experimental description: Detects traffic or activity related to https://steel-core.mechaforge.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://steel-core.mechaforge.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://auto-build.mechaforge.in.net/verification.google id: auto-73c9dbcf514b9a33a6e957134e4026c93f451a1434a5d318740e5ae1088e0fdc status: experimental description: Detects traffic or activity related to https://auto-build.mechaforge.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://auto-build.mechaforge.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://power-plant.mechaforge.in.net/verification.google id: auto-11ab9a2fe6f6bb2c5bb08d3f325572712220b8d38a74909c5cee763b0e6ed5f9 status: experimental description: Detects traffic or activity related to https://power-plant.mechaforge.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://power-plant.mechaforge.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://iron-works.mechaforge.in.net/verification.google id: auto-c76fae780bfd3ee9aa8add2810740a8e8645f1c87d67ccf2b4242d30b2e303b3 status: experimental description: Detects traffic or activity related to https://iron-works.mechaforge.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://iron-works.mechaforge.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://heavy-duty.mechaforge.in.net/verification.google id: auto-9d342f6b3daaa3704322d068e385e53b9547800ae3453f6536703959bc793b22 status: experimental description: Detects traffic or activity related to https://heavy-duty.mechaforge.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://heavy-duty.mechaforge.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://pilot-svc.aerovector.in.net/verification.google id: auto-87a8c95080a62b970adc5d41837a248d15334a0d329b5fa1b70ab5cb548ae4a2 status: experimental description: Detects traffic or activity related to https://pilot-svc.aerovector.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://pilot-svc.aerovector.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://alt-logic.aerovector.in.net/verification.google id: auto-37d7557190a393185573392dd25c68a449f68b76190266c5256e8086fa3741a1 status: experimental description: Detects traffic or activity related to https://alt-logic.aerovector.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://alt-logic.aerovector.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://wing-span.aerovector.in.net/verification.google id: auto-c0c377efd9bc7110537924be05c054370079b8bda6bef2a920d0e1479ff61207 status: experimental description: Detects traffic or activity related to https://wing-span.aerovector.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://wing-span.aerovector.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://sky-route.aerovector.in.net/verification.google id: auto-0236414fd84527699cbb1fd90a167b72ec0b0bea545fda1b23279c2fbdc7cadd status: experimental description: Detects traffic or activity related to https://sky-route.aerovector.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://sky-route.aerovector.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://air-traffic.aerovector.in.net/verification.google id: auto-c556d0cd22a9df7fbd8af0e1980b9403ade42b2035736b76f4e9807ab03ea331 status: experimental description: Detects traffic or activity related to https://air-traffic.aerovector.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://air-traffic.aerovector.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://flight-path.aerovector.in.net/verification.google id: auto-0c4761d4068f467064b04174d25640fa1082d503cc1ad014f62c02580e6fbf88 status: experimental description: Detects traffic or activity related to https://flight-path.aerovector.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://flight-path.aerovector.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://point-edge.digisphere.in.net/verification.google id: auto-b91792a6a224302191ebefd2237378298e7f0680222e867ed5e13998bca7ea34 status: experimental description: Detects traffic or activity related to https://point-edge.digisphere.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://point-edge.digisphere.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://static-cdn.digisphere.in.net/verification.google id: auto-89abb573d3cc5622b8e59cdf41d32d6c60b83b4df1eb294daa9a1a4b5af681bb status: experimental description: Detects traffic or activity related to https://static-cdn.digisphere.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://static-cdn.digisphere.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://web-portal.digisphere.in.net/verification.google id: auto-0d44ad10425bfeb4c4d37bb88bc4993f846c055875f0bda90c3491c53b95fe49 status: experimental description: Detects traffic or activity related to https://web-portal.digisphere.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://web-portal.digisphere.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://info-orbit.digisphere.in.net/verification.google id: auto-20797f92a81ab502fc9854fc17185f8b7262e9c6c196146c3af71ff0b157b6f5 status: experimental description: Detects traffic or activity related to https://info-orbit.digisphere.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://info-orbit.digisphere.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cloud-ring.digisphere.in.net/verification.google id: auto-5a6fa73c68eea903b52cd106f2fe922e95d868484b3050e7817c96999473d617 status: experimental description: Detects traffic or activity related to https://cloud-ring.digisphere.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cloud-ring.digisphere.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://data-field.digisphere.in.net/verification.google id: auto-7b227c1dac6e58ee83b3f5f15042c65ce853f0407c3806c15ec535d14117d0bc status: experimental description: Detects traffic or activity related to https://data-field.digisphere.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://data-field.digisphere.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://light-logic.quantacircuit.in.net/verification.google id: auto-1cf903a6ed8d6cb38570cbadb946060547997bb68dcfcff144df2053953829b6 status: experimental description: Detects traffic or activity related to https://light-logic.quantacircuit.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://light-logic.quantacircuit.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://fast-track.quantacircuit.in.net/verification.google id: auto-77da302935192181a444ffdc526328d74cdf70d5fc17b9b7f19ab5b920719b97 status: experimental description: Detects traffic or activity related to https://fast-track.quantacircuit.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://fast-track.quantacircuit.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://qubit-sync.quantacircuit.in.net/verification.google id: auto-e24adeba1fa1c570246cb8e06a4f864c7eccfa7066f094eef5721982345e6f2f status: experimental description: Detects traffic or activity related to https://qubit-sync.quantacircuit.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://qubit-sync.quantacircuit.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://packet-flow.quantacircuit.in.net/verification.google id: auto-3a3bbce2e402c7468f314fcb7129dd04f907571ca490dadf383c41b9f75d6f99 status: experimental description: Detects traffic or activity related to https://packet-flow.quantacircuit.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://packet-flow.quantacircuit.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://speed-test.quantacircuit.in.net/verification.google id: auto-4349832e4aa573f621a53dc132bd75b45037ebaa446cef60ce9d59a7d43703e7 status: experimental description: Detects traffic or activity related to https://speed-test.quantacircuit.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://speed-test.quantacircuit.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://bit-stream.quantacircuit.in.net/verification.google id: auto-ba28a7d018cb02f9e2b46fb008cafe6e01480b61e8fe94bb57425ed3b8f8e83f status: experimental description: Detects traffic or activity related to https://bit-stream.quantacircuit.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://bit-stream.quantacircuit.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://mind-node.neurovector.in.net/verification.google id: auto-d71371004ff8269ba0bcc38c5c10cd938e981dbefefad41343f2d0d9bd355a9a status: experimental description: Detects traffic or activity related to https://mind-node.neurovector.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://mind-node.neurovector.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://brain-scan.neurovector.in.net/verification.google id: auto-6cdcecabdd99ada602c2b9933aeaa08916b74ebd827d476d38b6d84029b31aa4 status: experimental description: Detects traffic or activity related to https://brain-scan.neurovector.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://brain-scan.neurovector.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://thought-hub.neurovector.in.net/verification.google id: auto-1b5e795c755c9a9270f2dd6f51ec838c4a3660e45567851e8fe00d39cbffdb38 status: experimental description: Detects traffic or activity related to https://thought-hub.neurovector.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://thought-hub.neurovector.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://impulse-api.neurovector.in.net/verification.google id: auto-75440707c7a1682adc11d574692bfa76cc6aa794e079121a84619a180843f9da status: experimental description: Detects traffic or activity related to https://impulse-api.neurovector.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://impulse-api.neurovector.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://nerve-center.neurovector.in.net/verification.google id: auto-f7b18556abc4d6b9a636efb3d60edf70581572d253109a5181cbdec3f552ecc7 status: experimental description: Detects traffic or activity related to https://nerve-center.neurovector.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://nerve-center.neurovector.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://synapse-log.neurovector.in.net/verification.google id: auto-035e813e02ecdf3e8d22bc15bc30a92b4e3fd816d2b113569ff340802498bd29 status: experimental description: Detects traffic or activity related to https://synapse-log.neurovector.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://synapse-log.neurovector.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://outer-shell.technosphere.in.net/verification.google id: auto-273c6415c42d03d3684971d1699f358cdd22a4b63c369346014283d971f8cbc4 status: experimental description: Detects traffic or activity related to https://outer-shell.technosphere.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://outer-shell.technosphere.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://meta-layer.technosphere.in.net/verification.google id: auto-68a3acf9ad6d86a72067786a4c29719b1e3a5961e9d3552b646e4109f8f0196d status: experimental description: Detects traffic or activity related to https://meta-layer.technosphere.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://meta-layer.technosphere.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://world-view.technosphere.in.net/verification.google id: auto-c69a249f4d9b3b4a8f975f61f6a32cb5d280e5dbc58e53da8f364965a4713068 status: experimental description: Detects traffic or activity related to https://world-view.technosphere.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://world-view.technosphere.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://eco-monitor.technosphere.in.net/verification.google id: auto-966d5b83da4ec5b91dfc41df6077e17aeb7270d5b922198422f9df0c5fb30f2f status: experimental description: Detects traffic or activity related to https://eco-monitor.technosphere.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://eco-monitor.technosphere.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://urban-hub.technosphere.in.net/verification.google id: auto-06a31d22556283721c1cb518101cb1f94ed8c41c16e0ef70abc4bf896f15688d status: experimental description: Detects traffic or activity related to https://urban-hub.technosphere.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://urban-hub.technosphere.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://global-net.technosphere.in.net/verification.google id: auto-2ff90ded6e7df2eeb9df696d8cc8f0275886a47295b5b4e3c7ab6212a1f0f7f9 status: experimental description: Detects traffic or activity related to https://global-net.technosphere.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://global-net.technosphere.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://brain-base.logicmatrix.in.net/verification.google id: auto-2ba88699bda8d06c2a0a3dda82ad371631a767edfece45b8a7ac211b5c30a20a status: experimental description: Detects traffic or activity related to https://brain-base.logicmatrix.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://brain-base.logicmatrix.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://decision-svc.logicmatrix.in.net/verification.google id: auto-6f43f063e9d83b07263db1cc49f31c56b06edd3d3d0e0ac71b12a2cfaa7aec31 status: experimental description: Detects traffic or activity related to https://decision-svc.logicmatrix.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://decision-svc.logicmatrix.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://process-io.logicmatrix.in.net/verification.google id: auto-1be36005de3821d82f2d5acea69fdc9201d7c13676623291b52e0499e1c8767b status: experimental description: Detects traffic or activity related to https://process-io.logicmatrix.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://process-io.logicmatrix.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://truth-table.logicmatrix.in.net/verification.google id: auto-a0df72d52476773ec4ab702f3632f9395d33b0d26b3060f8767e15bd943f81a1 status: experimental description: Detects traffic or activity related to https://truth-table.logicmatrix.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://truth-table.logicmatrix.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://rule-engine.logicmatrix.in.net/verification.google id: auto-b828f3b85fabdd6d74a665e3e955a19dd9cb7263c8752edd186677c9cdd29c79 status: experimental description: Detects traffic or activity related to https://rule-engine.logicmatrix.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://rule-engine.logicmatrix.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://main-frame.logicmatrix.in.net/verification.google id: auto-ab4a526c9b571034e6f1171e7b837b005e6e019342b0bf666ad23c94e78b7c9c status: experimental description: Detects traffic or activity related to https://main-frame.logicmatrix.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://main-frame.logicmatrix.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://enc-tunnel.cryptovault.in.net/verification.google id: auto-69c10e9c060c898a874b6ada01324389a4a36d846c462928659be4a6550cf7f3 status: experimental description: Detects traffic or activity related to https://enc-tunnel.cryptovault.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://enc-tunnel.cryptovault.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://hash-store.cryptovault.in.net/verification.google id: auto-922f2115021e272a51df1592da089f3a89c87b3c8f9b6afeada805742d165abf status: experimental description: Detects traffic or activity related to https://hash-store.cryptovault.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://hash-store.cryptovault.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://anon-auth.cryptovault.in.net/verification.google id: auto-49d63854cd58d0ece6fc8ff5c9c20892aaced4f531ed377542890d6d82fd3488 status: experimental description: Detects traffic or activity related to https://anon-auth.cryptovault.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://anon-auth.cryptovault.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://secret-api.cryptovault.in.net/verification.google id: auto-61d6c206f80ca8bebfa0483298207e918f0d6e9fe21d2d317417a05a9fc37658 status: experimental description: Detects traffic or activity related to https://secret-api.cryptovault.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://secret-api.cryptovault.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://lock-box.cryptovault.in.net/verification.google id: auto-d191708dbb1f3b0de6de3fccddbe7a80a9517b71e11bbb90907f84fda3e22fb5 status: experimental description: Detects traffic or activity related to https://lock-box.cryptovault.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://lock-box.cryptovault.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://secure-key.cryptovault.in.net/verification.google id: auto-e8dcbab8d629279bfadde56dbcf0aaa0a54c61f43665e2a2fd56ecea1ce4d914 status: experimental description: Detects traffic or activity related to https://secure-key.cryptovault.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://secure-key.cryptovault.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://chip-set.infocircuit.in.net/verification.google id: auto-ad950159b6ac498e2cd2007819deb13c5c8a6f3ad0eb7ed0159981797ebc77d6 status: experimental description: Detects traffic or activity related to https://chip-set.infocircuit.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://chip-set.infocircuit.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://board-mgr.infocircuit.in.net/verification.google id: auto-28eb2ba037e8b48eba92c41205ac0baa486d29c30afa823f1a9dd05cc2803b90 status: experimental description: Detects traffic or activity related to https://board-mgr.infocircuit.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://board-mgr.infocircuit.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://volt-check.infocircuit.in.net/verification.google id: auto-76ce783a1f89465be6ae5de916e7f9201c66dad7c3447594b2b13b6f966fde81 status: experimental description: Detects traffic or activity related to https://volt-check.infocircuit.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://volt-check.infocircuit.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://bus-bridge.infocircuit.in.net/verification.google id: auto-c1f98b19e0a42fa98c4d27cfeb980236f2955fb8c7aba2f5da9168d862c30ca3 status: experimental description: Detects traffic or activity related to https://bus-bridge.infocircuit.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://bus-bridge.infocircuit.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://wire-sync.infocircuit.in.net/verification.google id: auto-d83d3fb936a0b8e1e5c4d6eff8bd51481c3509b36443bf5089f42928a5fda473 status: experimental description: Detects traffic or activity related to https://wire-sync.infocircuit.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://wire-sync.infocircuit.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://logic-gate.infocircuit.in.net/verification.google id: auto-a0fab5bbbffb757e6a9903e10e7c797d5d9408d7aaf0ff00d1ea491aceaa4a67 status: experimental description: Detects traffic or activity related to https://logic-gate.infocircuit.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://logic-gate.infocircuit.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://broad-cast.signalforge.in.net/verification.google id: auto-e3ea2aeeb8400c5cc52159c7d9b25631f1b41592546a23bb46f194cec11d9db0 status: experimental description: Detects traffic or activity related to https://broad-cast.signalforge.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://broad-cast.signalforge.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ping-gate.signalforge.in.net/verification.google id: auto-9fe9fe56e0a4500e58974255e53c931faff9c54689d0fb31535ab937c9dbdb92 status: experimental description: Detects traffic or activity related to https://ping-gate.signalforge.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ping-gate.signalforge.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://tower-sync.signalforge.in.net/verification.google id: auto-8492821e0ff34bdfe6d04a9f3df93fec60c86d22fcf694e7cb1caa1bdafbd1fb status: experimental description: Detects traffic or activity related to https://tower-sync.signalforge.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://tower-sync.signalforge.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://beam-relay.signalforge.in.net/verification.google id: auto-4e24e9b962a9779c7692da64a930928a5e0e55cb0bcafd01e2fac5521d0bf889 status: experimental description: Detects traffic or activity related to https://beam-relay.signalforge.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://beam-relay.signalforge.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://wave-form.signalforge.in.net/verification.google id: auto-d6e74d62ebbd8c3b622ab38c1245fe636f943cefc258305228a0611f73ff1fb0 status: experimental description: Detects traffic or activity related to https://wave-form.signalforge.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://wave-form.signalforge.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://radio-freq.signalforge.in.net/verification.google id: auto-049cd9b447ad01c7d3ccbe2995aed2dcd178b916b3bcd0cdd9b649b36cb91de6 status: experimental description: Detects traffic or activity related to https://radio-freq.signalforge.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://radio-freq.signalforge.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://raster-node.pixelmatrix.in.net/verification.google id: auto-33f039c8b8609aa7fb034147c6045bc2f1a8bb9431d4da8f0fda118e861421d8 status: experimental description: Detects traffic or activity related to https://raster-node.pixelmatrix.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://raster-node.pixelmatrix.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://display-svc.pixelmatrix.in.net/verification.google id: auto-d06a2e3da78c52cef8c4abd053c713ff01077d3ad4dc80dffbb6daaa698712f8 status: experimental description: Detects traffic or activity related to https://display-svc.pixelmatrix.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://display-svc.pixelmatrix.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://video-buffer.pixelmatrix.in.net/verification.google id: auto-a8b83dc3d9f455725b255732b007a9100d5ac7b7f12ec4d49d2b9fb331e21457 status: experimental description: Detects traffic or activity related to https://video-buffer.pixelmatrix.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://video-buffer.pixelmatrix.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://image-stack.pixelmatrix.in.net/verification.google id: auto-0dfe9043d0f121fa169eac35ae4d091d6d32e79afa459d46c4a9d86418bd501f status: experimental description: Detects traffic or activity related to https://image-stack.pixelmatrix.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://image-stack.pixelmatrix.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://render-grid.pixelmatrix.in.net/verification.google id: auto-95a4be8d4e5b93e7445158ea7ba81d08f6088654fbf58a22a13215ef77ab8c2b status: experimental description: Detects traffic or activity related to https://render-grid.pixelmatrix.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://render-grid.pixelmatrix.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://color-bit.pixelmatrix.in.net/verification.google id: auto-726a3c63ea76024ba480030c55e4209c3335858dbb64e206e9d11a5bd21b43d5 status: experimental description: Detects traffic or activity related to https://color-bit.pixelmatrix.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://color-bit.pixelmatrix.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://scan-core.nanovector.in.net/verification.google id: auto-a674d8f724254160093cbd825d8346600178a8c1730b11cc3d37c6218745f9c8 status: experimental description: Detects traffic or activity related to https://scan-core.nanovector.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://scan-core.nanovector.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://particle-api.nanovector.in.net/verification.google id: auto-876478895c5e4dc63877adc26e76efdbdb9d774386225188f6779def7d78ea95 status: experimental description: Detects traffic or activity related to https://particle-api.nanovector.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://particle-api.nanovector.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://small-unit.nanovector.in.net/verification.google id: auto-2f333fbde28d9689896cc869a306925123e92aeea8add74916d00fdcdbeacbd3 status: experimental description: Detects traffic or activity related to https://small-unit.nanovector.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://small-unit.nanovector.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://precision-io.nanovector.in.net/verification.google id: auto-862e286f03ca5eb5d5063db8a26bf48a93027d9a427803c09d184219fa18d9f0 status: experimental description: Detects traffic or activity related to https://precision-io.nanovector.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://precision-io.nanovector.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://atom-trace.nanovector.in.net/verification.google id: auto-517864e3841867e4e3244b9bc0fcdf2e0cebf90ce3d8b0cece5cc9d3b7f0c62e status: experimental description: Detects traffic or activity related to https://atom-trace.nanovector.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://atom-trace.nanovector.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://micro-scale.nanovector.in.net/verification.google id: auto-828072e6e3755fc30beb38965225b13b21aa7d5058b0be9d45241dbb08e0d255 status: experimental description: Detects traffic or activity related to https://micro-scale.nanovector.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://micro-scale.nanovector.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ping-gate.signalcrest.in.net/verification.google id: auto-5c70a1e5553c18d33b42cbfa894c9dee03f1c7b21cc993465a92e30962cccec4 status: experimental description: Detects traffic or activity related to https://ping-gate.signalcrest.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ping-gate.signalcrest.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://broad-cast.signalcrest.in.net/verification.google id: auto-b5cf0550cace8cdf377509b67dfb6de83ae3f391cce50cc303c875a6254416c7 status: experimental description: Detects traffic or activity related to https://broad-cast.signalcrest.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://broad-cast.signalcrest.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://range-extend.signalcrest.in.net/verification.google id: auto-49112bdc0b193e3885ea5164381ec33c91c1fd9d84c87c255410b359bed0560c status: experimental description: Detects traffic or activity related to https://range-extend.signalcrest.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://range-extend.signalcrest.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://tower-sync.signalcrest.in.net/verification.google id: auto-10e49c0223bf0dd21acbdb871d15e3627f552cbb6c5fe7e5c7d7e5f070071ca5 status: experimental description: Detects traffic or activity related to https://tower-sync.signalcrest.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://tower-sync.signalcrest.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://radio-freq.signalcrest.in.net/verification.google id: auto-1253dc15ad467cfc6bdd0a68615c3ce3b7e3c9c5d375e9fd89658ea077104734 status: experimental description: Detects traffic or activity related to https://radio-freq.signalcrest.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://radio-freq.signalcrest.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://wave-crest.signalcrest.in.net/verification.google id: auto-319b998dc99c433f6eb361deec00122f4633d5dc0e84e225ccba61fd24c0364f status: experimental description: Detects traffic or activity related to https://wave-crest.signalcrest.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://wave-crest.signalcrest.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://meta-stack.datacrest.in.net/verification.google id: auto-079dde41de3b51dc40d0b857657c895759294d560f681e36a2f17e5c1f7a8734 status: experimental description: Detects traffic or activity related to https://meta-stack.datacrest.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://meta-stack.datacrest.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://base-record.datacrest.in.net/verification.google id: auto-b399c1be4e06d2c7d0c0d8790076ddb94f6f066aa50365dcd4fd6e2ae6a66809 status: experimental description: Detects traffic or activity related to https://base-record.datacrest.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://base-record.datacrest.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://info-summit.datacrest.in.net/verification.google id: auto-1974bff52fe6bc9d88c5a89065b07fa3955f13a756786790bf44975d905056f3 status: experimental description: Detects traffic or activity related to https://info-summit.datacrest.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://info-summit.datacrest.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://bulk-export.datacrest.in.net/verification.google id: auto-686ca486d4a74d95d4c264c3f2b2c761683fbbd89e518707f5fba5174e601ad2 status: experimental description: Detects traffic or activity related to https://bulk-export.datacrest.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://bulk-export.datacrest.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://archive-top.datacrest.in.net/verification.google id: auto-8e25a4cc69b6cfa48f0e08aa6bcd777c9e93917b05476075e08239ff8e26d8fe status: experimental description: Detects traffic or activity related to https://archive-top.datacrest.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://archive-top.datacrest.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://high-ridge.datacrest.in.net/verification.google id: auto-f1045e0cd8e703d37eeab17b8d989ff0c1facadfbd579f34ae6d6f05d82fcac9 status: experimental description: Detects traffic or activity related to https://high-ridge.datacrest.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://high-ridge.datacrest.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://enc-tunnel.cyberhaven.in.net/verification.google id: auto-58b6af6b54e18cb5bfdd7b17e57c83ff1e89250ff4bb4b84e2135cc34f4c3781 status: experimental description: Detects traffic or activity related to https://enc-tunnel.cyberhaven.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://enc-tunnel.cyberhaven.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://anon-relay.cyberhaven.in.net/verification.google id: auto-02d497cdcae9a9d9d5a348772ab9a918e29f2414b911def4cb7170f53f202a23 status: experimental description: Detects traffic or activity related to https://anon-relay.cyberhaven.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://anon-relay.cyberhaven.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://secure-vault.cyberhaven.in.net/verification.google id: auto-8a703f03eef1a33c0d0567f9b3abd68d4669cc61695d1b60c9272712dea7f59d status: experimental description: Detects traffic or activity related to https://secure-vault.cyberhaven.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://secure-vault.cyberhaven.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://threat-log.cyberhaven.in.net/verification.google id: auto-6a63c854c527a7b7e21d7a9772906342080db7189e9f33aa05c48dd2f794d128 status: experimental description: Detects traffic or activity related to https://threat-log.cyberhaven.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://threat-log.cyberhaven.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://mesh-proxy.cyberhaven.in.net/verification.google id: auto-c00782790de95f7f6f34cf1004737c79ab17b559084147d3eef0accc29f35cd6 status: experimental description: Detects traffic or activity related to https://mesh-proxy.cyberhaven.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://mesh-proxy.cyberhaven.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ghost-shell.cyberhaven.in.net/verification.google id: auto-4a672affc3966f4c8a132c36eb9aa2be09016459fd4f297c80d8d0c5cf1a3cef status: experimental description: Detects traffic or activity related to https://ghost-shell.cyberhaven.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ghost-shell.cyberhaven.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://bio-sensor.neurobloom.in.net/verification.google id: auto-c348233b2e8385f5d9e0cd07e2bd99b4ae084508c7efdbac0e6b0b094bd93d5b status: experimental description: Detects traffic or activity related to https://bio-sensor.neurobloom.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://bio-sensor.neurobloom.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://pulse-logic.neurobloom.in.net/verification.google id: auto-3d90d815afb57e1239fa959f9553f51ce920664488c005da540f278e055e33a2 status: experimental description: Detects traffic or activity related to https://pulse-logic.neurobloom.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://pulse-logic.neurobloom.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://nerve-center.neurobloom.in.net/verification.google id: auto-b87fe4b55ec85d4de8202220489890948f7548377dcd2c48ccc244901b899ed1 status: experimental description: Detects traffic or activity related to https://nerve-center.neurobloom.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://nerve-center.neurobloom.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://thought-api.neurobloom.in.net/verification.google id: auto-7d9a7fb2df84512d20b1a39c87fe7ad4a84fd5a4a2ba64f529cbd5ffc1721633 status: experimental description: Detects traffic or activity related to https://thought-api.neurobloom.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://thought-api.neurobloom.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://brain-scan.neurobloom.in.net/verification.google id: auto-fec1ac56c05d19d36bca37cb7382f31026ce085c294ccbf3a989b1b1569610d1 status: experimental description: Detects traffic or activity related to https://brain-scan.neurobloom.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://brain-scan.neurobloom.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://synapse-net.neurobloom.in.net/verification.google id: auto-19459cf2f86581788a6894bae89f89368032d561f38dd82943f2697001c5e959 status: experimental description: Detects traffic or activity related to https://synapse-net.neurobloom.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://synapse-net.neurobloom.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://bit-stream.quantaflux.in.net/verification.google id: auto-5e426f53601508045632062a436175c4549713b18498bcd80a4f02001d35ccf3 status: experimental description: Detects traffic or activity related to https://bit-stream.quantaflux.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://bit-stream.quantaflux.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://packet-flow.quantaflux.in.net/verification.google id: auto-ccd63c757ed876712b9d1d92e460f67dd88444719b61362f9c017ecebf1b5886 status: experimental description: Detects traffic or activity related to https://packet-flow.quantaflux.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://packet-flow.quantaflux.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://speed-test.quantaflux.in.net/verification.google id: auto-11b0508ee2d0bb54f3df9b69347a2456eb8e9af9f49a6dc811c0a0babe0867e0 status: experimental description: Detects traffic or activity related to https://speed-test.quantaflux.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://speed-test.quantaflux.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://logic-gate.quantaflux.in.net/verification.google id: auto-34fd29e7bdaf2779b90a9ae390ae9eff5b66c3c4d9261ac31bf2ab7fddbabd53 status: experimental description: Detects traffic or activity related to https://logic-gate.quantaflux.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://logic-gate.quantaflux.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://atom-split.quantaflux.in.net/verification.google id: auto-f3998044b9df94e9b328034a85251f66a01767e871c2ca34bb18083dfa95795c status: experimental description: Detects traffic or activity related to https://atom-split.quantaflux.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://atom-split.quantaflux.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://micro-pulse.quantaflux.in.net/verification.google id: auto-1d8029ade10cf1363e4c412d91e80c063f83a47d0a29a3115e762d19a5e58a92 status: experimental description: Detects traffic or activity related to https://micro-pulse.quantaflux.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://micro-pulse.quantaflux.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://pilot-auth.astrahaven.in.net/verification.google id: auto-3bc2e6c9128aea84f1ee251fcb952ba2c0b36b3f0b5e4d95f0f7845453aa0448 status: experimental description: Detects traffic or activity related to https://pilot-auth.astrahaven.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://pilot-auth.astrahaven.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://void-storage.astrahaven.in.net/verification.google id: auto-19df7691b5d30e6f45c85ce616c03cfb40f29692bfeb8e214247e5ad366622d1 status: experimental description: Detects traffic or activity related to https://void-storage.astrahaven.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://void-storage.astrahaven.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cosmic-link.astrahaven.in.net/verification.google id: auto-2306474955a54e2e3d80ed952440ad660626ee94d3b47454b7f8230d414e29c0 status: experimental description: Detects traffic or activity related to https://cosmic-link.astrahaven.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cosmic-link.astrahaven.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://star-map.astrahaven.in.net/verification.google id: auto-83e296dba5db2cfd86bbd9b0f468c4aa87e39a95602714f4183b29f747bc7f12 status: experimental description: Detects traffic or activity related to https://star-map.astrahaven.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://star-map.astrahaven.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://deep-sky.astrahaven.in.net/verification.google id: auto-240f298285b8b084379c997472f0807752f8f272d1691ba4bc4b9ab276446aed status: experimental description: Detects traffic or activity related to https://deep-sky.astrahaven.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://deep-sky.astrahaven.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://safe-ship.astrahaven.in.net/verification.google id: auto-4d360f814abc4ee36527af5d865eaf2820348d2240ddce912b417a36bb82f043 status: experimental description: Detects traffic or activity related to https://safe-ship.astrahaven.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://safe-ship.astrahaven.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://launch-pad.orbitforge.in.net/verification.google id: auto-11b076b1f58fd6e8b1d64eb89225a3108d0792545a2a75866c8d85a3fc813da1 status: experimental description: Detects traffic or activity related to https://launch-pad.orbitforge.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://launch-pad.orbitforge.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://gravity-io.orbitforge.in.net/verification.google id: auto-b19cc9dcfd076dce932aa422f7a3dc2cc02f6cec16ab1f8a6af0be9c445b95f8 status: experimental description: Detects traffic or activity related to https://gravity-io.orbitforge.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://gravity-io.orbitforge.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://spin-control.orbitforge.in.net/verification.google id: auto-49e0cdfd9a6886f1c1f4840097ab31fda2ab2168129b2ff4d2d230db4bb45c7e status: experimental description: Detects traffic or activity related to https://spin-control.orbitforge.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://spin-control.orbitforge.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://round-trip.orbitforge.in.net/verification.google id: auto-8397ca713e903b5ca0ac73bd3adf4bb7ef08964432562ec0d9cb564efa63e0d1 status: experimental description: Detects traffic or activity related to https://round-trip.orbitforge.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://round-trip.orbitforge.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cycle-monitor.orbitforge.in.net/verification.google id: auto-f4febdb74e1981f139e7dd7a5728798890d9456ecc276a7561ee6f6928a97857 status: experimental description: Detects traffic or activity related to https://cycle-monitor.orbitforge.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cycle-monitor.orbitforge.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://path-finder.orbitforge.in.net/verification.google id: auto-ab8e0b436f01929ce68f7a6566d7e69922a4c08f26782a66d0ebee376805995a status: experimental description: Detects traffic or activity related to https://path-finder.orbitforge.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://path-finder.orbitforge.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://glow-portal.luminflux.in.net/verification.google id: auto-d34d59ff4238c2f665b6d9e9553951cab05978d4c7c2dbb498efe2a7a7e6e195 status: experimental description: Detects traffic or activity related to https://glow-portal.luminflux.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://glow-portal.luminflux.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://light-trace.luminflux.in.net/verification.google id: auto-8e1747fd48ad4ef79dbe085f4dc1d49816386c98ce2a5155415e17b812c40e2f status: experimental description: Detects traffic or activity related to https://light-trace.luminflux.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://light-trace.luminflux.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://photo-sync.luminflux.in.net/verification.google id: auto-e3b7875f2074c4a1d8dd18cdec52970a247d18f1aad2129486fa53092d969497 status: experimental description: Detects traffic or activity related to https://photo-sync.luminflux.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://photo-sync.luminflux.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://optic-hub.luminflux.in.net/verification.google id: auto-91ffa87751a62398e750d186c260fb3474e1005cf01f1ffa42b487e5ba2e75d4 status: experimental description: Detects traffic or activity related to https://optic-hub.luminflux.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://optic-hub.luminflux.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://wave-length.luminflux.in.net/verification.google id: auto-c705d4bc4e76671a3234d8b873bef707c14597f5cc6058bb2d067bc6f8e19f61 status: experimental description: Detects traffic or activity related to https://wave-length.luminflux.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://wave-length.luminflux.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://bright-beam.luminflux.in.net/verification.google id: auto-7a9c7f205fc74568c1db1299d59ea4154377fd46186da6d563f749109d360f7a status: experimental description: Detects traffic or activity related to https://bright-beam.luminflux.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://bright-beam.luminflux.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://smelt-logic.novaforge.in.net/verification.google id: auto-8c514e88839c67484835ebe19878fcb8082bbf8f7d9c82d8c1413cb8b5737171 status: experimental description: Detects traffic or activity related to https://smelt-logic.novaforge.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://smelt-logic.novaforge.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://plasma-node.novaforge.in.net/verification.google id: auto-5136af48840be068f23f702bced1649e28ebc5a32c9438c5b34851ebc1ee1b87 status: experimental description: Detects traffic or activity related to https://plasma-node.novaforge.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://plasma-node.novaforge.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://blast-zone.novaforge.in.net/verification.google id: auto-d2f38f1ca233554c2334aba328ece9db07bea244747767f57337966cb517e04c status: experimental description: Detects traffic or activity related to https://blast-zone.novaforge.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://blast-zone.novaforge.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://heavy-metal.novaforge.in.net/verification.google id: auto-f6f292385bbd603621af4f9096907154f3da0872613276f99b94de2a53e2ccf1 status: experimental description: Detects traffic or activity related to https://heavy-metal.novaforge.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://heavy-metal.novaforge.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://fusion-core.novaforge.in.net/verification.google id: auto-284c9fb2783e57e84fa6f49936f54a154b0a475dccb43896c39369917df1f44f status: experimental description: Detects traffic or activity related to https://fusion-core.novaforge.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://fusion-core.novaforge.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://star-build.novaforge.in.net/verification.google id: auto-aa94f41726a5e22f9d39230ada8cda741f3e54d16f4e2a162a39e858c3156ec8 status: experimental description: Detects traffic or activity related to https://star-build.novaforge.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://star-build.novaforge.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://polygon-svc.vertexbloom.in.net/verification.google id: auto-607a656208b8180d3d50dc8e19a64d7e0642d03a227f09be75822df044565e60 status: experimental description: Detects traffic or activity related to https://polygon-svc.vertexbloom.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://polygon-svc.vertexbloom.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://top-level.vertexbloom.in.net/verification.google id: auto-3567dcbf175313dcf1997f3b5299e873b5e4ba5586b1170daca6785591f9650d status: experimental description: Detects traffic or activity related to https://top-level.vertexbloom.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://top-level.vertexbloom.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://spatial-api.vertexbloom.in.net/verification.google id: auto-2401dc547c846e20c365e1b31a2fcb05c6b0756ef7689dcfefb2739582417a94 status: experimental description: Detects traffic or activity related to https://spatial-api.vertexbloom.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://spatial-api.vertexbloom.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://render-farm.vertexbloom.in.net/verification.google id: auto-409f024da693af173f4db8216d46e39d9a499b80b11829f4d0289ae838a15a61 status: experimental description: Detects traffic or activity related to https://render-farm.vertexbloom.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://render-farm.vertexbloom.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://growth-engine.vertexbloom.in.net/verification.google id: auto-56794a89a326de6bb93db6955d0df2f5cdb7f5f752847500e19d7a5c17763720 status: experimental description: Detects traffic or activity related to https://growth-engine.vertexbloom.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://growth-engine.vertexbloom.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://peak-point.vertexbloom.in.net/verification.google id: auto-1ce164b5ad2439badcd049303ffc5ac2abaf08810c8ccf526500b0536a832e22 status: experimental description: Detects traffic or activity related to https://peak-point.vertexbloom.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://peak-point.vertexbloom.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://vale-gra.prefixwag.in.net/verification.google id: auto-8fc6dc4428c034ba5e9e31ff8dab14ed4faae91474836e9a95ca80749b43cd94 status: experimental description: Detects traffic or activity related to https://vale-gra.prefixwag.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://vale-gra.prefixwag.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://devsig.prefixwag.in.net/verification.google id: auto-f983982b49899b064e29df5534ef660bc1098d332df6092301fcb70891203c41 status: experimental description: Detects traffic or activity related to https://devsig.prefixwag.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://devsig.prefixwag.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://vgtp5o.manchustill.in.net/verification.google id: auto-a350f02c0319d389cb6a08284e91db922c6762856f7edffbc20a58690da46f42 status: experimental description: Detects traffic or activity related to https://vgtp5o.manchustill.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://vgtp5o.manchustill.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://qz65lmfc.manchustill.in.net/verification.google id: auto-d3ed945010c7f748cd74de251a749d007f8532e3be6504de9bcc9d14bfe07aad status: experimental description: Detects traffic or activity related to https://qz65lmfc.manchustill.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://qz65lmfc.manchustill.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://formalpod.premiumtos.in.net/verification.google id: auto-ade08f97d739f007f8d736360a069f3f3219cddd9f6f643d558cde3605767de0 status: experimental description: Detects traffic or activity related to https://formalpod.premiumtos.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://formalpod.premiumtos.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://vaulvoc.premiumtos.in.net/verification.google id: auto-c98aff31c51600ab91563880de721c778ba8b91f70d1aa48552d7f91f283cad0 status: experimental description: Detects traffic or activity related to https://vaulvoc.premiumtos.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://vaulvoc.premiumtos.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cata1og-forge.batkascript.in.net/verification.google id: auto-aab7cad24aeb81ce53328aa82ea03309c20c6ee41d5cbd902e1f778d76044bae status: experimental description: Detects traffic or activity related to https://cata1og-forge.batkascript.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cata1og-forge.batkascript.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://xxhq.batkascript.in.net/verification.google id: auto-be7f38fc56e704244c9a92ce8800cf9820f76563ca6c8a6a7e5f8b07bc4317df status: experimental description: Detects traffic or activity related to https://xxhq.batkascript.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://xxhq.batkascript.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://partnerrelay.beltfloor.in.net/verification.google id: auto-ae4d6bccfa2a91ad70bb831ab26a7dcd3ba1a535b68db48bd5db44939d7389fb status: experimental description: Detects traffic or activity related to https://partnerrelay.beltfloor.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://partnerrelay.beltfloor.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://value9-mesh.beltfloor.in.net/verification.google id: auto-08f8759ad2fb0dcaef3bd8c5a4ae2d5a26a974c5e29f98c8ab1fb727ba1fcb93 status: experimental description: Detects traffic or activity related to https://value9-mesh.beltfloor.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://value9-mesh.beltfloor.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://lum-markal.radiatebeef.in.net/verification.google id: auto-ea5f87cc06eac40192172880a1a734470830080a445e07a86754158f2bdecae2 status: experimental description: Detects traffic or activity related to https://lum-markal.radiatebeef.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://lum-markal.radiatebeef.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://mer-lithen.radiatebeef.in.net/verification.google id: auto-57b767afdb2495be8eeffdf73ff4779b429935a2467e6956b1c6066bece68b71 status: experimental description: Detects traffic or activity related to https://mer-lithen.radiatebeef.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://mer-lithen.radiatebeef.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://load-spark.chernomofnothes.in.net/verification.google id: auto-a842b702d556509a5710eceda0621550d6d0c11e431532cada0a4ad10ac01529 status: experimental description: Detects traffic or activity related to https://load-spark.chernomofnothes.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://load-spark.chernomofnothes.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://kvvfusu.chernomofnothes.in.net/verification.google id: auto-531f893996c6c0c24810cf06dd9b43986c801f6c7af76716ddd203e19b39440a status: experimental description: Detects traffic or activity related to https://kvvfusu.chernomofnothes.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://kvvfusu.chernomofnothes.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://voicefjo.paleontraglan.in.net/verification.google id: auto-5e8386c1c738f69425c6931ec90f18ca2c523adf2f52eacb4a3532759254f42d status: experimental description: Detects traffic or activity related to https://voicefjo.paleontraglan.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://voicefjo.paleontraglan.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://honestsort.paleontraglan.in.net/verification.google id: auto-8b42878877d97b473f5f2c60ea4a1b4ea0767255914d075699a4f2431ff92612 status: experimental description: Detects traffic or activity related to https://honestsort.paleontraglan.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://honestsort.paleontraglan.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://rne4d7-zone.cuffsorbsky.in.net/verification.google id: auto-1514f6fb38d21ef8ad9308629890a3bb3da33e326fe5634c3f3b44805ce3e7ed status: experimental description: Detects traffic or activity related to https://rne4d7-zone.cuffsorbsky.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://rne4d7-zone.cuffsorbsky.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://loosesnow.cuffsorbsky.in.net/verification.google id: auto-9d7a445bc3f04ffdd79fdc23944d364da6deec515840de00b04407d062cd4361 status: experimental description: Detects traffic or activity related to https://loosesnow.cuffsorbsky.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://loosesnow.cuffsorbsky.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://st4b1l-span.cuffsorbsky.in.net/verification.google id: auto-9b9023e65debce27e730a388f178f93f7a53e2d862cf6a398fa9d53e4917e9b9 status: experimental description: Detects traffic or activity related to https://st4b1l-span.cuffsorbsky.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://st4b1l-span.cuffsorbsky.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://bundstar.cuffsorbsky.in.net/verification.google id: auto-01b0d02e4957dca84280e6294f36839c659aafe1bc9e1e1c0a40940d54e9a85a status: experimental description: Detects traffic or activity related to https://bundstar.cuffsorbsky.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://bundstar.cuffsorbsky.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://yfjgi.cuffsorbsky.in.net/verification.google id: auto-a4ef60b38f6164fe706e35dd1159fd85fcec5f2646b3cd04dd427362aff389da status: experimental description: Detects traffic or activity related to https://yfjgi.cuffsorbsky.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://yfjgi.cuffsorbsky.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://scarlet-tra.cuffsorbsky.in.net/verification.google id: auto-c46e1c440dc8efc531893f836b1a44a377fa3056ce358b4ed63248a8e0821a09 status: experimental description: Detects traffic or activity related to https://scarlet-tra.cuffsorbsky.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://scarlet-tra.cuffsorbsky.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://gentle5-crest.codcomparable.in.net/verification.google id: auto-7a37974bbaafb1f253286bf3822810a7da22f8e959cda78057f9d2f64bc660a2 status: experimental description: Detects traffic or activity related to https://gentle5-crest.codcomparable.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://gentle5-crest.codcomparable.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://j30k.codcomparable.in.net/verification.google id: auto-e24ad9281d27bca73cea64cd7e631857ae2e0e0faabed0f1918b27878557e8a0 status: experimental description: Detects traffic or activity related to https://j30k.codcomparable.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://j30k.codcomparable.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://theor-spool.codcomparable.in.net/verification.google id: auto-46608a16292ca0baa49ad35769eb4cd33ace91805108907fb589871d3d9f6936 status: experimental description: Detects traffic or activity related to https://theor-spool.codcomparable.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://theor-spool.codcomparable.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://sp0o-forge.codcomparable.in.net/verification.google id: auto-a5fedc931333f85294ee56ade49ac21a28d3425d2b3fe10e1fe9fb2a2c7190fe status: experimental description: Detects traffic or activity related to https://sp0o-forge.codcomparable.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://sp0o-forge.codcomparable.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://c0nvoy5-field.codcomparable.in.net/verification.google id: auto-80ae6a9247d6badf748c0d2bb8852de2962b518c141b929d0d8205e9085d7c0c status: experimental description: Detects traffic or activity related to https://c0nvoy5-field.codcomparable.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://c0nvoy5-field.codcomparable.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://py28ionr.prefixwag.in.net/verification.google id: auto-2b9ef1e255ad386f5a9df48765df88c28a067d00723509e36844c6cdf5e12a67 status: experimental description: Detects traffic or activity related to https://py28ionr.prefixwag.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://py28ionr.prefixwag.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ledge5-switch.prefixwag.in.net/verification.google id: auto-1fd244b374c14b79499543882c9d52b5f2ea6383af49beb72ffda0b65ed247fc status: experimental description: Detects traffic or activity related to https://ledge5-switch.prefixwag.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ledge5-switch.prefixwag.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://4csbzg.prefixwag.in.net/verification.google id: auto-41ea10c8ce4908f432380bfb97dad2df829e235ff373c8baad1255945da2e065 status: experimental description: Detects traffic or activity related to https://4csbzg.prefixwag.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://4csbzg.prefixwag.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://csbtxwz.prefixwag.in.net/verification.google id: auto-01bb57ec5c6b13637e532c89bb88a129272b5dfcd71488b714d8d3782242e885 status: experimental description: Detects traffic or activity related to https://csbtxwz.prefixwag.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://csbtxwz.prefixwag.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://zenvaleex.prefixwag.in.net/verification.google id: auto-3f7cc49f75303744135a093821f37d5392cec0740706bdf4d5df6b0dd06d0536 status: experimental description: Detects traffic or activity related to https://zenvaleex.prefixwag.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://zenvaleex.prefixwag.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://lumnexum1.prefixwag.in.net/verification.google id: auto-a31405f713db1f367cfe077ca7fa5f1a87fc3508af61b5e9916361b9d68af8d2 status: experimental description: Detects traffic or activity related to https://lumnexum1.prefixwag.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://lumnexum1.prefixwag.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://zennex8ar.manchustill.in.net/verification.google id: auto-bac68d3f71f0e8cb7630d3b64fac2fd143dead0b14abf983e4a4f8b1b5dc34cb status: experimental description: Detects traffic or activity related to https://zennex8ar.manchustill.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://zennex8ar.manchustill.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://tokcheck.manchustill.in.net/verification.google id: auto-a810c14aadba5ec0f3f9316cece78bae0545bb7dad8778229620f80e43f1dbe3 status: experimental description: Detects traffic or activity related to https://tokcheck.manchustill.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://tokcheck.manchustill.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://veobw.manchustill.in.net/verification.google id: auto-a8e879728279e3536581bb8abd545ee9972c1647a37631ffe4b8bb4d631881f6 status: experimental description: Detects traffic or activity related to https://veobw.manchustill.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://veobw.manchustill.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://targettest.manchustill.in.net/verification.google id: auto-09e50d83a695e623288a2bb4c9a20d22ee350dda5f336c05fd3dbc93c92bb17c status: experimental description: Detects traffic or activity related to https://targettest.manchustill.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://targettest.manchustill.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://vxfxox7r.manchustill.in.net/verification.google id: auto-e4342126ad3c05558da1e70d24e22830c274ba528f46120a68755e62438b1df8 status: experimental description: Detects traffic or activity related to https://vxfxox7r.manchustill.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://vxfxox7r.manchustill.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://b4nn-mount.manchustill.in.net/verification.google id: auto-2ae7fde70cc37a99276b6663819be95d41d2eb3c99bad0a95e987fc7e1510209 status: experimental description: Detects traffic or activity related to https://b4nn-mount.manchustill.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://b4nn-mount.manchustill.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://meta-cu1tur.premiumtos.in.net/verification.google id: auto-2076459fe95332b04d2c37d743878f096d5e982e29b5b997da6a053fe3d32c86 status: experimental description: Detects traffic or activity related to https://meta-cu1tur.premiumtos.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://meta-cu1tur.premiumtos.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://markpeak.premiumtos.in.net/verification.google id: auto-836b95112194ac5ae2c3d6c1523ba964bc3b877305814c3ef330bc56b8ee2636 status: experimental description: Detects traffic or activity related to https://markpeak.premiumtos.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://markpeak.premiumtos.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://pu1s-trail.premiumtos.in.net/verification.google id: auto-275653e0a10b0294eeba6e58c9bdbc6d7a3b73d9caa9c392ae11e339417f075d status: experimental description: Detects traffic or activity related to https://pu1s-trail.premiumtos.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://pu1s-trail.premiumtos.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://imagedis.premiumtos.in.net/verification.google id: auto-b88bbbc0c161686a3511a14010beec45a479d7ae71e8a0952234a0220cf45cc3 status: experimental description: Detects traffic or activity related to https://imagedis.premiumtos.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://imagedis.premiumtos.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://epkzg.premiumtos.in.net/verification.google id: auto-397147e92702341bb115425d3c5cf847fce6b3a2f735ac814ffe96ae404c7936 status: experimental description: Detects traffic or activity related to https://epkzg.premiumtos.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://epkzg.premiumtos.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://alt-h0llow.premiumtos.in.net/verification.google id: auto-416191d81215ebad485e70b362055748da0d63f449e2a3f8f9fd1c98c49830c5 status: experimental description: Detects traffic or activity related to https://alt-h0llow.premiumtos.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://alt-h0llow.premiumtos.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://g38198.batkascript.in.net/verification.google id: auto-1b90feb0deef15f4f5be7a7fdb52af4fa9613c2c62649b7ae0f24a5bfcb59eeb status: experimental description: Detects traffic or activity related to https://g38198.batkascript.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://g38198.batkascript.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://clusterclinic.batkascript.in.net/verification.google id: auto-508583758bc64f9d7d33f2c5138433e7458f6367eae6296960214825f8f337f6 status: experimental description: Detects traffic or activity related to https://clusterclinic.batkascript.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://clusterclinic.batkascript.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://btkrpap.batkascript.in.net/verification.google id: auto-c4befba5166374dedf3e1d103a858b8a921eaf095769194fc5f5b08bc9a8fdd7 status: experimental description: Detects traffic or activity related to https://btkrpap.batkascript.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://btkrpap.batkascript.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://canyonfresh.batkascript.in.net/verification.google id: auto-c367176931e0ff1ec43e55b3f00eb802a5e771306b351b84a04d87de1c4a17f9 status: experimental description: Detects traffic or activity related to https://canyonfresh.batkascript.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://canyonfresh.batkascript.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://summitgeyser.batkascript.in.net/verification.google id: auto-48c35e6c4c673b9ee01cb6490e336b0be10d0c08f55c5a698461fe61e8a89d8f status: experimental description: Detects traffic or activity related to https://summitgeyser.batkascript.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://summitgeyser.batkascript.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://xehramf.batkascript.in.net/verification.google id: auto-106898be4ed6769dcaa0ca6707416c63a2dae9dec88dcc87d7a67678cab594c4 status: experimental description: Detects traffic or activity related to https://xehramf.batkascript.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://xehramf.batkascript.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ahus.beltfloor.in.net/verification.google id: auto-4c636ab3c9e16747cd737ba8b1d5d2862ab884d09f4abd5df1c5e56fc01324a6 status: experimental description: Detects traffic or activity related to https://ahus.beltfloor.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ahus.beltfloor.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cqnvpcp.beltfloor.in.net/verification.google id: auto-4c2f7185beffcf973959220d2726c8e2a0d71363bd9b2095acd96c013c1b9b21 status: experimental description: Detects traffic or activity related to https://cqnvpcp.beltfloor.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cqnvpcp.beltfloor.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://11szohw.beltfloor.in.net/verification.google id: auto-1b5f04ff3722a3fe56f7347f1a3b7c3d6ea6b8bcea5617a29bb561928951196d status: experimental description: Detects traffic or activity related to https://11szohw.beltfloor.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://11szohw.beltfloor.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://sterilelan.beltfloor.in.net/verification.google id: auto-42042643a4ea50f1f1d9953a7fae7b61ac59ba20205a7ccf32317181ae2c2ca0 status: experimental description: Detects traffic or activity related to https://sterilelan.beltfloor.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://sterilelan.beltfloor.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://f4br2-scope.beltfloor.in.net/verification.google id: auto-75d61b6e43fb18cf35159dbc66e5fee793d62447592137a6f00d200be76fb90b status: experimental description: Detects traffic or activity related to https://f4br2-scope.beltfloor.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://f4br2-scope.beltfloor.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://d3nse-gate.beltfloor.in.net/verification.google id: auto-7ad45016deb8d21bc7ca0d87d04fa2b401c8797b2fc54391b89b712db5a25e9b status: experimental description: Detects traffic or activity related to https://d3nse-gate.beltfloor.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://d3nse-gate.beltfloor.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://carg-man.radiatebeef.in.net/verification.google id: auto-e786aa2c1be63a3eb2df67b5db2616c2962f4fdb729858a6425fc626d4f2863d status: experimental description: Detects traffic or activity related to https://carg-man.radiatebeef.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://carg-man.radiatebeef.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://waveque.radiatebeef.in.net/verification.google id: auto-97ceecdc9d905661b7d7a9fa2c8b1712cc076c5385dd63a3ca449177c61885b2 status: experimental description: Detects traffic or activity related to https://waveque.radiatebeef.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://waveque.radiatebeef.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://verify-invoi.radiatebeef.in.net/verification.google id: auto-d4cedfd7432615c9bce6692491ca7d246eb007ad6f4db3b65374f40c48b8a1ac status: experimental description: Detects traffic or activity related to https://verify-invoi.radiatebeef.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://verify-invoi.radiatebeef.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://5ucnd.radiatebeef.in.net/verification.google id: auto-12e807b901950abda15ca948adb0ac48e1df5fb5eb474032c5b44e619d7e08f8 status: experimental description: Detects traffic or activity related to https://5ucnd.radiatebeef.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://5ucnd.radiatebeef.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://vn06.radiatebeef.in.net/verification.google id: auto-abdc477dfd96cf79721eba68a9455df973cad80612006ed7a9733aef66d74080 status: experimental description: Detects traffic or activity related to https://vn06.radiatebeef.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://vn06.radiatebeef.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://crawlerstor.radiatebeef.in.net/verification.google id: auto-d11379ffae281925216c4235c2c03a9e76e3224212db247de6f512522ff9dbe4 status: experimental description: Detects traffic or activity related to https://crawlerstor.radiatebeef.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://crawlerstor.radiatebeef.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://m0on-flow.chernomofnothes.in.net/verification.google id: auto-729f510d78ad0864e72043eab23efd60370dbd41952e477485cec1151954f536 status: experimental description: Detects traffic or activity related to https://m0on-flow.chernomofnothes.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://m0on-flow.chernomofnothes.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://taldrais3.chernomofnothes.in.net/verification.google id: auto-c4ff5dc61b25f6679ff8bc113360a87e5bb00804aa362522f4d866bc1929d9e9 status: experimental description: Detects traffic or activity related to https://taldrais3.chernomofnothes.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://taldrais3.chernomofnothes.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://gr0v-hold.chernomofnothes.in.net/verification.google id: auto-9f225640268e559fc153fcfb8970e46d5c5175a248e9d97b3bc15e590e74093f status: experimental description: Detects traffic or activity related to https://gr0v-hold.chernomofnothes.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://gr0v-hold.chernomofnothes.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://protectsup.chernomofnothes.in.net/verification.google id: auto-623e84b72b0efe66a75f54d8a1c6abc648a684dd204da8c729361b2685e1bec8 status: experimental description: Detects traffic or activity related to https://protectsup.chernomofnothes.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://protectsup.chernomofnothes.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://basaltextend.chernomofnothes.in.net/verification.google id: auto-e3984d12431755767d539a2802e7272334703c9024e4e06344af67f2e15649f1 status: experimental description: Detects traffic or activity related to https://basaltextend.chernomofnothes.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://basaltextend.chernomofnothes.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://decode-frame.chernomofnothes.in.net/verification.google id: auto-586e5e4bd0a3b3879c1f586be99b6ecba9492900772a5f43a702eb0a4e6ff620 status: experimental description: Detects traffic or activity related to https://decode-frame.chernomofnothes.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://decode-frame.chernomofnothes.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://vorforgeet.paleontraglan.in.net/verification.google id: auto-31a1d5a538c75f18808138d561467a46a3748d54085bea30749dab758caa86bf status: experimental description: Detects traffic or activity related to https://vorforgeet.paleontraglan.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://vorforgeet.paleontraglan.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://oasitre.paleontraglan.in.net/verification.google id: auto-5798f2d3725cc87ac8df5ff2e8139248887934d90532fc1f74f67505b93c1b77 status: experimental description: Detects traffic or activity related to https://oasitre.paleontraglan.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://oasitre.paleontraglan.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dyn-valeal.paleontraglan.in.net/verification.google id: auto-d8edc01a9f3672cb640b60375f2e6323cee5cdab697298016b8a18db983f26b5 status: experimental description: Detects traffic or activity related to https://dyn-valeal.paleontraglan.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dyn-valeal.paleontraglan.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://hardexte.paleontraglan.in.net/verification.google id: auto-601b532adb32cecd74fb2a3b7f0567f880b39d97a29b7fe13d1dfb91f708515a status: experimental description: Detects traffic or activity related to https://hardexte.paleontraglan.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://hardexte.paleontraglan.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://l4b-mesh.paleontraglan.in.net/verification.google id: auto-c5b945d5329aee7b5076b0de9f95bc0deb6852c00a98852e7d78ed6f2e227993 status: experimental description: Detects traffic or activity related to https://l4b-mesh.paleontraglan.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://l4b-mesh.paleontraglan.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://paui.paleontraglan.in.net/verification.google id: auto-6ffeaab8001483beafb8f8adfb6088073eb21a7d1d4afbf93215053e35212cab status: experimental description: Detects traffic or activity related to https://paui.paleontraglan.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://paui.paleontraglan.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://mine-trace.metallurgiclink.in.net/verification.google id: auto-066d45e372ee65e5859eb44f7c1353462a27ba48646fab2d3aaf83770d880627 status: experimental description: Detects traffic or activity related to https://mine-trace.metallurgiclink.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://mine-trace.metallurgiclink.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cast-iron.metallurgiclink.in.net/verification.google id: auto-1aae3716947a4a38687e72cf389bb4dd61eb9b531b17cb6dc4a235f5e31ae1b7 status: experimental description: Detects traffic or activity related to https://cast-iron.metallurgiclink.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cast-iron.metallurgiclink.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://blast-svc.metallurgiclink.in.net/verification.google id: auto-785120fa7eeecefc7e772688e2619769aba172da564856fd0f9bb80a18114e72 status: experimental description: Detects traffic or activity related to https://blast-svc.metallurgiclink.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://blast-svc.metallurgiclink.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://smelt-logic.metallurgiclink.in.net/verification.google id: auto-50f842de9279e6d75afa395fd3aaf930a4675f1264cdc7f26855c9b97bf825ad status: experimental description: Detects traffic or activity related to https://smelt-logic.metallurgiclink.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://smelt-logic.metallurgiclink.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://steel-core.metallurgiclink.in.net/verification.google id: auto-18c8761b064963ba9a0f79cef9bcacfb7424873ba92f2e199af8bf4c68f1d752 status: experimental description: Detects traffic or activity related to https://steel-core.metallurgiclink.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://steel-core.metallurgiclink.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://alloy-forge.metallurgiclink.in.net/verification.google id: auto-dd7cd77d54cf7c1ce8fadf8f722d2011ad49cbe2e0845d76a0a48ad9e7319496 status: experimental description: Detects traffic or activity related to https://alloy-forge.metallurgiclink.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://alloy-forge.metallurgiclink.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://gas-storage.cryogenicbuffer.in.net/verification.google id: auto-f553dc850de1d9e22a4ae0857457eb455b7d6f2471937734f7f362fce7d758f5 status: experimental description: Detects traffic or activity related to https://gas-storage.cryogenicbuffer.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://gas-storage.cryogenicbuffer.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://chilled-link.cryogenicbuffer.in.net/verification.google id: auto-fa7b61b083a3d879787f7e0e1774d960dbdaa9c3fb2c3b54392d9d088848d891 status: experimental description: Detects traffic or activity related to https://chilled-link.cryogenicbuffer.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://chilled-link.cryogenicbuffer.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://frost-node.cryogenicbuffer.in.net/verification.google id: auto-39c8c503e92b5724da5494b569f3b52f1341133f0b9ff5febe191d35e44b62a5 status: experimental description: Detects traffic or activity related to https://frost-node.cryogenicbuffer.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://frost-node.cryogenicbuffer.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://zero-point.cryogenicbuffer.in.net/verification.google id: auto-84b89089f4ccc4ae42bb69f4c543632c5f78a6a3810ebc8317b539127ce8d05e status: experimental description: Detects traffic or activity related to https://zero-point.cryogenicbuffer.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://zero-point.cryogenicbuffer.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://nitro-vault.cryogenicbuffer.in.net/verification.google id: auto-7e2acfbda073c18391d6b26728b5f20a62abc13c5f6c6cef9ca33c2f1574b49d status: experimental description: Detects traffic or activity related to https://nitro-vault.cryogenicbuffer.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://nitro-vault.cryogenicbuffer.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://deep-freeze.cryogenicbuffer.in.net/verification.google id: auto-d81250c18e676b0d351bc0c0ae9bb0a45f9444e87228c0adf2b58ddc193b3341 status: experimental description: Detects traffic or activity related to https://deep-freeze.cryogenicbuffer.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://deep-freeze.cryogenicbuffer.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://beam-portal.isotopecleaner.in.net/verification.google id: auto-f0952bd00efd424309fa6ccb0944000dfc7fc626bb864d716ba9c5980321bacc status: experimental description: Detects traffic or activity related to https://beam-portal.isotopecleaner.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://beam-portal.isotopecleaner.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://alpha-gate.isotopecleaner.in.net/verification.google id: auto-6d9f52ba046421171e41534567dcda9a4929eb8a6c65b6f06f1778be55c9c7b8 status: experimental description: Detects traffic or activity related to https://alpha-gate.isotopecleaner.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://alpha-gate.isotopecleaner.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://radiant-log.isotopecleaner.in.net/verification.google id: auto-67a7fdbbe20a00028468145d1de33cab7096055975f3fd600e50abbee03b6e99 status: experimental description: Detects traffic or activity related to https://radiant-log.isotopecleaner.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://radiant-log.isotopecleaner.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://decay-check.isotopecleaner.in.net/verification.google id: auto-dbecd07878245a626b644f112e745a61fe7f6a4c02e5ca339fabe22136c691b1 status: experimental description: Detects traffic or activity related to https://decay-check.isotopecleaner.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://decay-check.isotopecleaner.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://trace-element.isotopecleaner.in.net/verification.google id: auto-480afa25f16d8b30a6665804a6c6d0d8d3e5a64f6e8f2bf9be2944084dc5abf0 status: experimental description: Detects traffic or activity related to https://trace-element.isotopecleaner.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://trace-element.isotopecleaner.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://half-life.isotopecleaner.in.net/verification.google id: auto-3544ff6e5ee97d46b24f20bdddb09399fb816de5cbe9aaceaa0497a8afff5ce3 status: experimental description: Detects traffic or activity related to https://half-life.isotopecleaner.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://half-life.isotopecleaner.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://metal-trace.alkalineelement.in.net/verification.google id: auto-aac0d22d805fe949b3448f4e536ac22fb9447dc9b4acff8ecc064ddf87fbfcd1 status: experimental description: Detects traffic or activity related to https://metal-trace.alkalineelement.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://metal-trace.alkalineelement.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://reactive-hub.alkalineelement.in.net/verification.google id: auto-f47f29539f3a175df60f9360149f2b3df048c8389473d742be674580f591c143 status: experimental description: Detects traffic or activity related to https://reactive-hub.alkalineelement.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://reactive-hub.alkalineelement.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://caustic-api.alkalineelement.in.net/verification.google id: auto-cc3d3b7e5dc7b4a4478ab9a4b0274cf407532f613cbd5c4919727c51829f8e0d status: experimental description: Detects traffic or activity related to https://caustic-api.alkalineelement.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://caustic-api.alkalineelement.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://salt-buffer.alkalineelement.in.net/verification.google id: auto-1269cb0bce8db7f88e0c2edef06ec33f4b0aa9f36f038cffddf9caf2ad949fe3 status: experimental description: Detects traffic or activity related to https://salt-buffer.alkalineelement.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://salt-buffer.alkalineelement.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ph-monitor.alkalineelement.in.net/verification.google id: auto-05fc91c130c845366c87879bd15b64664e156bd75d8970aa3e6c8a306943f0af status: experimental description: Detects traffic or activity related to https://ph-monitor.alkalineelement.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ph-monitor.alkalineelement.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://base-level.alkalineelement.in.net/verification.google id: auto-0f655e7d393afc340718792f020fe65a11efd20d5afcabaa83235f0731c44c36 status: experimental description: Detects traffic or activity related to https://base-level.alkalineelement.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://base-level.alkalineelement.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://fire-wall.refractorymatrix.in.net/verification.google id: auto-9471b2d29d1dd36fd9f7363cb611156275179fd09b06a23addc85f6169041c6d status: experimental description: Detects traffic or activity related to https://fire-wall.refractorymatrix.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://fire-wall.refractorymatrix.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://solid-state.refractorymatrix.in.net/verification.google id: auto-4272d5b7ebd346afd207c4b6b42c4c579c8af98a15d18e66dbb6348c169d9f9c status: experimental description: Detects traffic or activity related to https://solid-state.refractorymatrix.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://solid-state.refractorymatrix.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://shield-base.refractorymatrix.in.net/verification.google id: auto-46cd36e94c320ebafc4af96ce2631a0f3c60dd7b62a21379e114f5009dd392ad status: experimental description: Detects traffic or activity related to https://shield-base.refractorymatrix.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://shield-base.refractorymatrix.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://high-heat.refractorymatrix.in.net/verification.google id: auto-80fc3ef960c1665e994522296b2b35dbc1a6d2a9f64f1b0e951f180da4e4b8fe status: experimental description: Detects traffic or activity related to https://high-heat.refractorymatrix.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://high-heat.refractorymatrix.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://kiln-control.refractorymatrix.in.net/verification.google id: auto-29b3b7334d8319b199f5d6862b32be82f39cdfd2158276b044b0c568415f2c04 status: experimental description: Detects traffic or activity related to https://kiln-control.refractorymatrix.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://kiln-control.refractorymatrix.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://brick-layer.refractorymatrix.in.net/verification.google id: auto-397e7a9391bd505a4a388a74031aa5a890955bb268239fb10aaa88ff05560f02 status: experimental description: Detects traffic or activity related to https://brick-layer.refractorymatrix.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://brick-layer.refractorymatrix.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://pump-gate.viscositycontrol.in.net/verification.google id: auto-69b106f6b42433ae843ee7d3e2de30dec2746de50e06f3f0f96fc905acd3a6f9 status: experimental description: Detects traffic or activity related to https://pump-gate.viscositycontrol.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://pump-gate.viscositycontrol.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://density-svc.viscositycontrol.in.net/verification.google id: auto-70b6a90d3b6a3f768101c823ff2fee5767d240d21a9e983fa68aada8c6345256 status: experimental description: Detects traffic or activity related to https://density-svc.viscositycontrol.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://density-svc.viscositycontrol.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://friction-log.viscositycontrol.in.net/verification.google id: auto-fe1365173fbc623ab9e012607e440391ec0109b5ec97371ce33186eb34b53f97 status: experimental description: Detects traffic or activity related to https://friction-log.viscositycontrol.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://friction-log.viscositycontrol.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://flow-regulator.viscositycontrol.in.net/verification.google id: auto-13b6dbd51962df3d82640ef3303d8e2551d3674febe3de25142de1f43ed70432 status: experimental description: Detects traffic or activity related to https://flow-regulator.viscositycontrol.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://flow-regulator.viscositycontrol.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://thick-layer.viscositycontrol.in.net/verification.google id: auto-dbd2934fddb1d8ca704f3f3673a24c38d8edd6978dbbd914801cde67de7e8b36 status: experimental description: Detects traffic or activity related to https://thick-layer.viscositycontrol.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://thick-layer.viscositycontrol.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://fluid-path.viscositycontrol.in.net/verification.google id: auto-082764ae31dae24963c052d0c9e174bc211bb6e43a645da4d4ba598b5f92f61f status: experimental description: Detects traffic or activity related to https://fluid-path.viscositycontrol.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://fluid-path.viscositycontrol.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://blend-master.syntheticpolymer.in.net/verification.google id: auto-52d83e84abd6aa3e2c46e6b1dc72f6b75c7440c6ea41328d098c9c39f565d214 status: experimental description: Detects traffic or activity related to https://blend-master.syntheticpolymer.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://blend-master.syntheticpolymer.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://elastic-net.syntheticpolymer.in.net/verification.google id: auto-16df3ef55453510c7fc61e458285d49d4df14b5805411002422e0da6aa6c6762 status: experimental description: Detects traffic or activity related to https://elastic-net.syntheticpolymer.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://elastic-net.syntheticpolymer.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://mold-engine.syntheticpolymer.in.net/verification.google id: auto-c29641be8905a5ae4b7d2cc7f53bd84096c813bcf4f889c2cb743d2f616099ea status: experimental description: Detects traffic or activity related to https://mold-engine.syntheticpolymer.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://mold-engine.syntheticpolymer.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://plastic-dev.syntheticpolymer.in.net/verification.google id: auto-55c39fa9b2d1c25f15a4afb83abde7b13c0ad63620b3e898c92dc47acd17f44a status: experimental description: Detects traffic or activity related to https://plastic-dev.syntheticpolymer.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://plastic-dev.syntheticpolymer.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://fiber-optic.syntheticpolymer.in.net/verification.google id: auto-9e09595b3326937b3c24cf89838cacb9b1f4a61ab3d8c8806c14fdfc1c4e9ae2 status: experimental description: Detects traffic or activity related to https://fiber-optic.syntheticpolymer.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://fiber-optic.syntheticpolymer.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://resin-store.syntheticpolymer.in.net/verification.google id: auto-5d09115ee26fb7088299533a46090402856c97bc9c5fa1dc35bd060d07a5d93b status: experimental description: Detects traffic or activity related to https://resin-store.syntheticpolymer.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://resin-store.syntheticpolymer.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://range-finder.isothermalmetric.in.net/verification.google id: auto-fe24376544d80d9bfced99e84b7d6fdebe723b15f02ec2e686b627fdb9bfc4f1 status: experimental description: Detects traffic or activity related to https://range-finder.isothermalmetric.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://range-finder.isothermalmetric.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://thermal-sync.isothermalmetric.in.net/verification.google id: auto-05bf463f15635f5ee8e9ee272c31b53a248759e7514d86abc0bca457f86dac80 status: experimental description: Detects traffic or activity related to https://thermal-sync.isothermalmetric.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://thermal-sync.isothermalmetric.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://temp-archive.isothermalmetric.in.net/verification.google id: auto-aaf3b96649ead488bc5c826bef0b4761a0b9b788fc918f7bc6c15b885f620120 status: experimental description: Detects traffic or activity related to https://temp-archive.isothermalmetric.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://temp-archive.isothermalmetric.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cold-bridge.isothermalmetric.in.net/verification.google id: auto-3207693e2948d5cc9d5dc6fd16558e7ff9a0bb9dc748af76fea7e717ef98a2ef status: experimental description: Detects traffic or activity related to https://cold-bridge.isothermalmetric.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cold-bridge.isothermalmetric.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://constant-io.isothermalmetric.in.net/verification.google id: auto-496a2bff6f47edf4208abc5b894810a54b01c07ff440f0c3501eddb266a58028 status: experimental description: Detects traffic or activity related to https://constant-io.isothermalmetric.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://constant-io.isothermalmetric.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://heat-sensor.isothermalmetric.in.net/verification.google id: auto-1c2b81936cdaffddb977e34414476cdccffc66d270aa765156e742fa61627135 status: experimental description: Detects traffic or activity related to https://heat-sensor.isothermalmetric.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://heat-sensor.isothermalmetric.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://force-field.molecularbonding.in.net/verification.google id: auto-fade5982a8aab4ea9116704588b5609e4ecbc728927447aee7ca784f6610f9e0 status: experimental description: Detects traffic or activity related to https://force-field.molecularbonding.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://force-field.molecularbonding.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://stable-node.molecularbonding.in.net/verification.google id: auto-b553b321f9b7d6adfbcd830fb25f47527daaead9a34929a5fdfb152c29b143dd status: experimental description: Detects traffic or activity related to https://stable-node.molecularbonding.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://stable-node.molecularbonding.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ion-channel.molecularbonding.in.net/verification.google id: auto-99c387ecfb62722ae3748cf1539d704312cdb4cee48c67f1f8d211a9cd4887e4 status: experimental description: Detects traffic or activity related to https://ion-channel.molecularbonding.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ion-channel.molecularbonding.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://covalent-hub.molecularbonding.in.net/verification.google id: auto-d03f1871258996dd3ee54c6cf26e80e5b4601be43d5374f278caa0b110482138 status: experimental description: Detects traffic or activity related to https://covalent-hub.molecularbonding.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://covalent-hub.molecularbonding.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://chain-logic.molecularbonding.in.net/verification.google id: auto-dc7e4feccfc21e450aa7d5928c4110835e95a259b3d3eb1fb12b876043d4e2d8 status: experimental description: Detects traffic or activity related to https://chain-logic.molecularbonding.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://chain-logic.molecularbonding.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://atom-lattice.molecularbonding.in.net/verification.google id: auto-166209c31c04bb53562f61652d4ead3a01cde4e8eccfd9e19ea4c586f5384a23 status: experimental description: Detects traffic or activity related to https://atom-lattice.molecularbonding.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://atom-lattice.molecularbonding.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://agent-proxy.catalyticprocess.in.net/verification.google id: auto-b0ab4b64bc1539135b493c0017b684569f6bd620d39ac0381693340b8045fb3b status: experimental description: Detects traffic or activity related to https://agent-proxy.catalyticprocess.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://agent-proxy.catalyticprocess.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://batch-report.catalyticprocess.in.net/verification.google id: auto-c16a372b9845af7f6bc7ddad893fba25624a068541370c044ae959d813a17db3 status: experimental description: Detects traffic or activity related to https://batch-report.catalyticprocess.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://batch-report.catalyticprocess.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://filter-press.catalyticprocess.in.net/verification.google id: auto-23d7a204c3ef79ad1003f15acf7bdc2fa84281c0d91c3d593862d33146abff74 status: experimental description: Detects traffic or activity related to https://filter-press.catalyticprocess.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://filter-press.catalyticprocess.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://solvent-vault.catalyticprocess.in.net/verification.google id: auto-e3de9c7de53e7e7540d1eb1b38bcc0acfdd7afa1e346798b8f1b059b1c820578 status: experimental description: Detects traffic or activity related to https://solvent-vault.catalyticprocess.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://solvent-vault.catalyticprocess.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://yield-monitor.catalyticprocess.in.net/verification.google id: auto-2cc4224c2996737a420163191fba58a60b7cfbbc63ca70d33f2f5bf004be5713 status: experimental description: Detects traffic or activity related to https://yield-monitor.catalyticprocess.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://yield-monitor.catalyticprocess.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://reaction-api.catalyticprocess.in.net/verification.google id: auto-5e2742d2081c7a8d3683df291583bc9742dd3600814a32fc51efc9b69c969367 status: experimental description: Detects traffic or activity related to https://reaction-api.catalyticprocess.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://reaction-api.catalyticprocess.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://orbit-path.cosmoforge.in.net/verification.google id: auto-c12f95aea7c64de1f1ac76f23451b9a10626ee495149cf3e1d6d699554a97fe1 status: experimental description: Detects traffic or activity related to https://orbit-path.cosmoforge.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://orbit-path.cosmoforge.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dark-matter.cosmoforge.in.net/verification.google id: auto-4eeda1ab774a14f7aa0e8c46400560ef8565b3a61ba18165446fdf4426f65688 status: experimental description: Detects traffic or activity related to https://dark-matter.cosmoforge.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dark-matter.cosmoforge.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://nova-core.cosmoforge.in.net/verification.google id: auto-d3a353b1c5aedb622a8fd5d225aa56a46f5fd2d9d6e73986a0156be074387ce1 status: experimental description: Detects traffic or activity related to https://nova-core.cosmoforge.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://nova-core.cosmoforge.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://void-gate.cosmoforge.in.net/verification.google id: auto-00175ae0a9728e57e581c32fccacddf9bfd0ca3881e194c02cd9fee9a799243b status: experimental description: Detects traffic or activity related to https://void-gate.cosmoforge.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://void-gate.cosmoforge.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://star-field.cosmoforge.in.net/verification.google id: auto-129b0f2ee19daa41251b17a4ffe38118b03710eef512aff28adb00dc63c74704 status: experimental description: Detects traffic or activity related to https://star-field.cosmoforge.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://star-field.cosmoforge.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://deep-space.cosmoforge.in.net/verification.google id: auto-686f33009191c770cae37c5a09d1b8926598b47efe62cfdd560542d18be3e090 status: experimental description: Detects traffic or activity related to https://deep-space.cosmoforge.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://deep-space.cosmoforge.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://fast-trace.dynaflux.in.net/verification.google id: auto-8dd5ecd05220b9d8437ae725f9a5c748a913ebcd92b624395f30506516e4982f status: experimental description: Detects traffic or activity related to https://fast-trace.dynaflux.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://fast-trace.dynaflux.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://spin-relay.dynaflux.in.net/verification.google id: auto-4189707e29db8fd576891a20df3ea7be24694754fa56e29287dea295795e10b5 status: experimental description: Detects traffic or activity related to https://spin-relay.dynaflux.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://spin-relay.dynaflux.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://motor-unit.dynaflux.in.net/verification.google id: auto-2e35651e87499e81d7f0be1af2618ddc27280dd59d514604ab1c58b8698e319b status: experimental description: Detects traffic or activity related to https://motor-unit.dynaflux.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://motor-unit.dynaflux.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://torque-svc.dynaflux.in.net/verification.google id: auto-0e51584b704350fff1e59278009cb9a4cd8e6b99932fe5545b64706dfffbb3fe status: experimental description: Detects traffic or activity related to https://torque-svc.dynaflux.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://torque-svc.dynaflux.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://kinetic-io.dynaflux.in.net/verification.google id: auto-ffbafb6cc92abcc12c150867e1a41ab0d805d8ebbe8236e219821f2e79a91fd3 status: experimental description: Detects traffic or activity related to https://kinetic-io.dynaflux.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://kinetic-io.dynaflux.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://power-drive.dynaflux.in.net/verification.google id: auto-2081ff3a117399c21313e420b82f118f53e6996e1c00f3e3e119259d169ef0fa status: experimental description: Detects traffic or activity related to https://power-drive.dynaflux.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://power-drive.dynaflux.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://warm-cache.helioshaven.in.net/verification.google id: auto-61e43f3258e1a8d8d7f91ef62e6d7b2bbfeeac6432a92e453d9bb707030743c5 status: experimental description: Detects traffic or activity related to https://warm-cache.helioshaven.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://warm-cache.helioshaven.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://bright-edge.helioshaven.in.net/verification.google id: auto-a216c87f9060ceccae9f60bea0d6c61a52fbda662dafbc2a07b9db85a2a36c9b status: experimental description: Detects traffic or activity related to https://bright-edge.helioshaven.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://bright-edge.helioshaven.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://day-light.helioshaven.in.net/verification.google id: auto-74e9ecfeecd011fb98905691e7299cc3b99eabb36ee0a9ef44b7bf173da1710c status: experimental description: Detects traffic or activity related to https://day-light.helioshaven.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://day-light.helioshaven.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://solar-api.helioshaven.in.net/verification.google id: auto-94cbeef15fe0838afa6356f56037d85306db7efe39b565052a1dd02d62d0ab06 status: experimental description: Detects traffic or activity related to https://solar-api.helioshaven.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://solar-api.helioshaven.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://heat-shield.helioshaven.in.net/verification.google id: auto-f87411f96bceb8df4c6bc61c86bcd6826f2e0f8408a251d9503b5f7ae91f03a6 status: experimental description: Detects traffic or activity related to https://heat-shield.helioshaven.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://heat-shield.helioshaven.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://sun-flare.helioshaven.in.net/verification.google id: auto-49b44f9ea2e3b2ede4b95d23649e5e103cec65cc813d3484f77590cec3378cc6 status: experimental description: Detects traffic or activity related to https://sun-flare.helioshaven.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://sun-flare.helioshaven.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ice-vault.polarisbloom.in.net/verification.google id: auto-f746af94f43daa86fd589f2917825dc2d3a6f23d880520d86c4b0904614892a5 status: experimental description: Detects traffic or activity related to https://ice-vault.polarisbloom.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ice-vault.polarisbloom.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cold-store.polarisbloom.in.net/verification.google id: auto-8d4b54764382a5c63ccfa464134a12de48f19d16ad7a542d5a1f6536f02aa9a2 status: experimental description: Detects traffic or activity related to https://cold-store.polarisbloom.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cold-store.polarisbloom.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://peak-access.polarisbloom.in.net/verification.google id: auto-d337d504c32791de111fb3e2103b6daf1343a90f71b05a24e5894ca5bc86353a status: experimental description: Detects traffic or activity related to https://peak-access.polarisbloom.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://peak-access.polarisbloom.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://top-render.polarisbloom.in.net/verification.google id: auto-b1ed862ae128c9f8ad0d0cac3e004689b306c7d2aea4e2eecddc7177a7b4a85a status: experimental description: Detects traffic or activity related to https://top-render.polarisbloom.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://top-render.polarisbloom.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://guide-path.polarisbloom.in.net/verification.google id: auto-79fd7e36261daa7225b5f350e241c7a9f3a826933e656e543b17725525d4071a status: experimental description: Detects traffic or activity related to https://guide-path.polarisbloom.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://guide-path.polarisbloom.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://north-star.polarisbloom.in.net/verification.google id: auto-da91b1da2640b6e29e911d623407ffe5005b7d4df57836afd2b526a55d671ce3 status: experimental description: Detects traffic or activity related to https://north-star.polarisbloom.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://north-star.polarisbloom.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://bus-bridge.circuitflux.in.net/verification.google id: auto-61a7a2f1afd5bb6da7b62e57d91f1d0ae192d5fcfe049d669763d5efbe5287de status: experimental description: Detects traffic or activity related to https://bus-bridge.circuitflux.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://bus-bridge.circuitflux.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://amp-control.circuitflux.in.net/verification.google id: auto-c6ec9c754fbd7c53d9ef32609a790fffa8af3fbac4bc78dd3739ca03c6cf10e4 status: experimental description: Detects traffic or activity related to https://amp-control.circuitflux.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://amp-control.circuitflux.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://wire-sync.circuitflux.in.net/verification.google id: auto-49c6121145810930ab4994c718107db9c303d6cfe06dca79d9150b8d19320d80 status: experimental description: Detects traffic or activity related to https://wire-sync.circuitflux.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://wire-sync.circuitflux.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://signal-box.circuitflux.in.net/verification.google id: auto-5eb92201660f5608ddc97020b7f492d5a90f944edd2909f5b8b0343910a81c00 status: experimental description: Detects traffic or activity related to https://signal-box.circuitflux.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://signal-box.circuitflux.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://volt-power.circuitflux.in.net/verification.google id: auto-ad459a798f1df316c5aab572a6259683235c31d12b6081dd4ac3f4c87a758b2c status: experimental description: Detects traffic or activity related to https://volt-power.circuitflux.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://volt-power.circuitflux.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://micro-chip.circuitflux.in.net/verification.google id: auto-9d2a68e8d750b477d19a7d771d1dfa0b446207404dae1907f2e7b888b97ae1e6 status: experimental description: Detects traffic or activity related to https://micro-chip.circuitflux.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://micro-chip.circuitflux.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://stat-portal.axiomforge.in.net/verification.google id: auto-b31ba985dca479fb90f37c66f8ea52ab7d7149ee531253a1550bfe36ec620d40 status: experimental description: Detects traffic or activity related to https://stat-portal.axiomforge.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://stat-portal.axiomforge.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://math-proc.axiomforge.in.net/verification.google id: auto-b245552dd782a014c44ebe157c459a78dedab9ee8d48d46b402162bae94278fa status: experimental description: Detects traffic or activity related to https://math-proc.axiomforge.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://math-proc.axiomforge.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://main-frame.axiomforge.in.net/verification.google id: auto-8b8e8b5a71f16d16b844c60087823396867a475b08955f0c001526aa06c76cce status: experimental description: Detects traffic or activity related to https://main-frame.axiomforge.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://main-frame.axiomforge.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://base-theory.axiomforge.in.net/verification.google id: auto-89107f62f84153a57f19da011b3ec954d3a42d48bfa30c1d02151e59d992e898 status: experimental description: Detects traffic or activity related to https://base-theory.axiomforge.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://base-theory.axiomforge.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://proof-check.axiomforge.in.net/verification.google id: auto-a7c38def69b6d179c66db7b1b1fa1272ce3e5954d56b89246d967441e11bd7c4 status: experimental description: Detects traffic or activity related to https://proof-check.axiomforge.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://proof-check.axiomforge.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://logic-rule.axiomforge.in.net/verification.google id: auto-79b083fc4249c55bd3c639013b05fa2bce9555b3dd02863e89cc5733a01183e0 status: experimental description: Detects traffic or activity related to https://logic-rule.axiomforge.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://logic-rule.axiomforge.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://leaf-proxy.orbitbloom.in.net/verification.google id: auto-ec1bb5ad14e70568eab48966c2970686a100c7b71d2656a53beca8657cde23b2 status: experimental description: Detects traffic or activity related to https://leaf-proxy.orbitbloom.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://leaf-proxy.orbitbloom.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://root-cluster.orbitbloom.in.net/verification.google id: auto-7b75146631d9fa9d575284a165b430c12703b92929444366175553d1078bb6dd status: experimental description: Detects traffic or activity related to https://root-cluster.orbitbloom.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://root-cluster.orbitbloom.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://plant-logic.orbitbloom.in.net/verification.google id: auto-54d4e1c33487a53b76d0c62f2368d4f5c5a2c5e96290491fbd3f2575a32b6b50 status: experimental description: Detects traffic or activity related to https://plant-logic.orbitbloom.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://plant-logic.orbitbloom.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://green-node.orbitbloom.in.net/verification.google id: auto-4202caf24e1cf2ae2fb50c89b1f18e62270b96483da652c3b52ecf8d77dfc6db status: experimental description: Detects traffic or activity related to https://green-node.orbitbloom.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://green-node.orbitbloom.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://eco-system.orbitbloom.in.net/verification.google id: auto-ae9b1766874fad37020d5954f41f259c2eb1558750a1b7cfd9a09ea4588261a1 status: experimental description: Detects traffic or activity related to https://eco-system.orbitbloom.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://eco-system.orbitbloom.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://bio-growth.orbitbloom.in.net/verification.google id: auto-261513d7d70115cf9a278d7632d326cef35261c32afdcbcccf08821548d01ad5 status: experimental description: Detects traffic or activity related to https://bio-growth.orbitbloom.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://bio-growth.orbitbloom.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ion-stream.stellarflux.in.net/verification.google id: auto-24cd3407b31cb3bdbb7d85f993f87e66ddb63bebb6e909022f43cbeb3614455a status: experimental description: Detects traffic or activity related to https://ion-stream.stellarflux.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ion-stream.stellarflux.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://drift-sensor.stellarflux.in.net/verification.google id: auto-b938deeed4ae49b467fb7803e4a18554cd7d6348aea3b56e41a997bbe3c812ea status: experimental description: Detects traffic or activity related to https://drift-sensor.stellarflux.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://drift-sensor.stellarflux.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://pulse-gate.stellarflux.in.net/verification.google id: auto-c923a69844d3d7ad4c76243e00a016b6635c90fd73c615a255582044cdbc3457 status: experimental description: Detects traffic or activity related to https://pulse-gate.stellarflux.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://pulse-gate.stellarflux.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://beam-target.stellarflux.in.net/verification.google id: auto-6b2a7f6b8a4cfea77a46d243967345b5008670d4e634f99721601e6f8ec30448 status: experimental description: Detects traffic or activity related to https://beam-target.stellarflux.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://beam-target.stellarflux.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://wave-monitor.stellarflux.in.net/verification.google id: auto-855e773216b14b7cffce0fb803286c86610f9e19411f408e7e0944699d4147db status: experimental description: Detects traffic or activity related to https://wave-monitor.stellarflux.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://wave-monitor.stellarflux.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://light-speed.stellarflux.in.net/verification.google id: auto-a94c6eb9785252716f395d722b183ab1dccf9cf18806b977ce1e60a5ce2e9d05 status: experimental description: Detects traffic or activity related to https://light-speed.stellarflux.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://light-speed.stellarflux.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://relay-server.nexushaven.in.net/verification.google id: auto-e4335dbfed58c1f2b665c1743894cc42d71bc368f8c79ba6ae5d85c7638b1cb9 status: experimental description: Detects traffic or activity related to https://relay-server.nexushaven.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://relay-server.nexushaven.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://secure-link.nexushaven.in.net/verification.google id: auto-f6bdf53a7b73fe3fde0ee4d512be702fd3c68b6a20d67940e98686f4823915dc status: experimental description: Detects traffic or activity related to https://secure-link.nexushaven.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://secure-link.nexushaven.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://backup-node.nexushaven.in.net/verification.google id: auto-9202b84663b548cc00b000cd9eaa18a97eae0ea30d619719c81056c691863f28 status: experimental description: Detects traffic or activity related to https://backup-node.nexushaven.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://backup-node.nexushaven.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://guest-access.nexushaven.in.net/verification.google id: auto-778a11989403b6619a2e62afba77f6ba8166f19ff51de77485dbdffd602a0448 status: experimental description: Detects traffic or activity related to https://guest-access.nexushaven.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://guest-access.nexushaven.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cloud-vault.nexushaven.in.net/verification.google id: auto-350eb586db465c0f7dff09623d77a1c2b66a967572795dccddaa1b647a2e94be status: experimental description: Detects traffic or activity related to https://cloud-vault.nexushaven.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cloud-vault.nexushaven.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://safe-harbor.nexushaven.in.net/verification.google id: auto-3df7d3741b74a34a7a968b0783461fa31581bcc92380f98ea27c734d276453ed status: experimental description: Detects traffic or activity related to https://safe-harbor.nexushaven.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://safe-harbor.nexushaven.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://auth-proxy.vectorforge.in.net/verification.google id: auto-bc6e2b44a5fc4b85079ef7038709200217a3ea029fbb8d1c717e4bb197217834 status: experimental description: Detects traffic or activity related to https://auth-proxy.vectorforge.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://auth-proxy.vectorforge.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://build-deploy.vectorforge.in.net/verification.google id: auto-d3e3878aa69423aa2555f569fbea51553adb66f5543ff0f67e315729dbe0ee5d status: experimental description: Detects traffic or activity related to https://build-deploy.vectorforge.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://build-deploy.vectorforge.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://data-pipeline.vectorforge.in.net/verification.google id: auto-2dff5c9711c5b8d92be84990293f1b71f51886583516afdf632a38be2d2bc2bc status: experimental description: Detects traffic or activity related to https://data-pipeline.vectorforge.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://data-pipeline.vectorforge.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://api-endpoint.vectorforge.in.net/verification.google id: auto-93ca9be29c693cd1c9eb15827b3114edc12d7a79382adf1c255b822e5bbc6597 status: experimental description: Detects traffic or activity related to https://api-endpoint.vectorforge.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://api-endpoint.vectorforge.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://load-stress.vectorforge.in.net/verification.google id: auto-4ee94679223276353fe91f4fa080af86f42316d149f1a64160778eaeb7158850 status: experimental description: Detects traffic or activity related to https://load-stress.vectorforge.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://load-stress.vectorforge.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://core-engine.vectorforge.in.net/verification.google id: auto-658e0e30de0e3c43ee7132efd6be93eeec535e57070b0d93bcad48994c357927 status: experimental description: Detects traffic or activity related to https://core-engine.vectorforge.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://core-engine.vectorforge.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://rpaizy.ashenkite.in.net/verification.google id: auto-c53a25c1deeef600d224705dd16dda99f2881d72887efe0dad0f570d5b6e072e status: experimental description: Detects traffic or activity related to https://rpaizy.ashenkite.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://rpaizy.ashenkite.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://185ez3.ashenkite.in.net/verification.google id: auto-ddfded2c8faa0e5ca95d4bf00fad0e052a10e687aca4d1787c3f6bf46ad9a1e0 status: experimental description: Detects traffic or activity related to https://185ez3.ashenkite.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://185ez3.ashenkite.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://pixelsola.ashenkite.in.net/verification.google id: auto-af9229ae77f8814fdadcac3aab584a860d9ee67d5ea6f08f3a76924011928955 status: experimental description: Detects traffic or activity related to https://pixelsola.ashenkite.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://pixelsola.ashenkite.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cr4t-flow.ashenkite.in.net/verification.google id: auto-af0762f15550b3146359567c963a6b65f200c37a1203c39f92be4a048677f92f status: experimental description: Detects traffic or activity related to https://cr4t-flow.ashenkite.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cr4t-flow.ashenkite.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://uyr3.ashenkite.in.net/verification.google id: auto-58d1c367eba6c2215db84c91e81367f3bd91dd0269c67c74a37da3022a864e69 status: experimental description: Detects traffic or activity related to https://uyr3.ashenkite.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://uyr3.ashenkite.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://arkmeshet6.ashenkite.in.net/verification.google id: auto-234d0aeb3a390fb25fb6f6f3d458241ab44bf81d8e3e49344dd8b5958a4dd336 status: experimental description: Detects traffic or activity related to https://arkmeshet6.ashenkite.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://arkmeshet6.ashenkite.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://open-mesh.quillspire.in.net/verification.google id: auto-3ede9e1d1728ee234876f43a342c511480bf291cb795eae4729c4bf9cb6c44c7 status: experimental description: Detects traffic or activity related to https://open-mesh.quillspire.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://open-mesh.quillspire.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://bin4ry-ring.quillspire.in.net/verification.google id: auto-f04c305c63f37b55c06de34c9b6c560fd760352170e0dd0c84a86d468be61d68 status: experimental description: Detects traffic or activity related to https://bin4ry-ring.quillspire.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://bin4ry-ring.quillspire.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://m3rg-hinge.quillspire.in.net/verification.google id: auto-f61479db93cc99ca4c2d50c87677acaa5f52f30a477d2f7fcf77c1be5c46715c status: experimental description: Detects traffic or activity related to https://m3rg-hinge.quillspire.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://m3rg-hinge.quillspire.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://nuaeftf.quillspire.in.net/verification.google id: auto-3b72115fb741a5ed7996dd62db3824b93f2a650f8d3448e0be5961392e9b9784 status: experimental description: Detects traffic or activity related to https://nuaeftf.quillspire.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://nuaeftf.quillspire.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://mer-forgeex.quillspire.in.net/verification.google id: auto-d8aa56bd108dd4f27fbfa9b5339a10ca7dc3ff86c20ad3dc10ca3c26f06c6673 status: experimental description: Detects traffic or activity related to https://mer-forgeex.quillspire.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://mer-forgeex.quillspire.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://erpqy89.quillspire.in.net/verification.google id: auto-5e6dec6a4f83ca4b5b1d53d29d95f1f7a922fa97d736493f6cae18ebb43da68a status: experimental description: Detects traffic or activity related to https://erpqy89.quillspire.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://erpqy89.quillspire.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://primemicrobe.silvershade.in.net/verification.google id: auto-f7ddd3c04279c5566dc22ae787faea6e5f89e2c55c8bab9f75f0e92a067a9ab0 status: experimental description: Detects traffic or activity related to https://primemicrobe.silvershade.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://primemicrobe.silvershade.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://blen-reef.silvershade.in.net/verification.google id: auto-85d1494ba59fdbe2a86d7626e59ecc3bb18cec5990f4c6370532b69f568f8b5e status: experimental description: Detects traffic or activity related to https://blen-reef.silvershade.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://blen-reef.silvershade.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://social-hau.silvershade.in.net/verification.google id: auto-f10b102f147854a088132dfe1331bc1133ca95de8e4515cf491dde8d2deb13fa status: experimental description: Detects traffic or activity related to https://social-hau.silvershade.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://social-hau.silvershade.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://5udd-glow.silvershade.in.net/verification.google id: auto-ec7594a7b9d65c9ae0e7d5930c549171ff47f87c02d5cb86db521b4dc2fa9218 status: experimental description: Detects traffic or activity related to https://5udd-glow.silvershade.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://5udd-glow.silvershade.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://wolfpas.silvershade.in.net/verification.google id: auto-a131f9f82dddcb6fa7159d22b68ee43edfc01f5d0eb387742597708a06be224e status: experimental description: Detects traffic or activity related to https://wolfpas.silvershade.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://wolfpas.silvershade.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://exp05e-crest.silvershade.in.net/verification.google id: auto-84d2f3efbb37ef0fc277cfcfa22b032fd0d9165330de1454dd104c9935634d1c status: experimental description: Detects traffic or activity related to https://exp05e-crest.silvershade.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://exp05e-crest.silvershade.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://partnerreb.mistlatch.in.net/verification.google id: auto-a41e3acec3cbd139e80fe4896b649b18bb9d4af4d87b5b965e787a1c60125f4d status: experimental description: Detects traffic or activity related to https://partnerreb.mistlatch.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://partnerreb.mistlatch.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://2lripcrt.mistlatch.in.net/verification.google id: auto-2199415e2ffa5e8a7a9709413d25fa8d728dda40d62f1ca705359c3a9483bd01 status: experimental description: Detects traffic or activity related to https://2lripcrt.mistlatch.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://2lripcrt.mistlatch.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://fabric-plate.mistlatch.in.net/verification.google id: auto-bc15f1355cc3084ff93f16ae25356bb64f19f0500b0b6971fd077a90eb89238a status: experimental description: Detects traffic or activity related to https://fabric-plate.mistlatch.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://fabric-plate.mistlatch.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://mossroad.mistlatch.in.net/verification.google id: auto-4e542791a1aebe71436c8ae963970931a90725c28043f7ae9c592670d3ded16d status: experimental description: Detects traffic or activity related to https://mossroad.mistlatch.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://mossroad.mistlatch.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://arkmark4et.mistlatch.in.net/verification.google id: auto-932260ac8feb8493004407fb3b19cddf2c8236abd92eb7ae4c39eafa549ead2e status: experimental description: Detects traffic or activity related to https://arkmark4et.mistlatch.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://arkmark4et.mistlatch.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://brokerpasture.mistlatch.in.net/verification.google id: auto-b0c90e350cda3b99a7eb251b20e6ca1f286402b51764d855055d678b88996457 status: experimental description: Detects traffic or activity related to https://brokerpasture.mistlatch.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://brokerpasture.mistlatch.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://po5a.skyl1tfern.in.net/verification.google id: auto-d714ce2a6b153b55ed4abf57715d79dcc3c1ebca6cbf552e24b723ecd1f2d3b8 status: experimental description: Detects traffic or activity related to https://po5a.skyl1tfern.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://po5a.skyl1tfern.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cur1o1-phase.skyl1tfern.in.net/verification.google id: auto-f6b9e6f1c2927ea95f2ef9ec4c4403d68504f952020cfff51450449361150aef status: experimental description: Detects traffic or activity related to https://cur1o1-phase.skyl1tfern.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cur1o1-phase.skyl1tfern.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://89n5b.skyl1tfern.in.net/verification.google id: auto-6b52f2e36febbb49e5d44ced4a38ff5bcdc73300f64da22e63b2db3e625d4ad4 status: experimental description: Detects traffic or activity related to https://89n5b.skyl1tfern.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://89n5b.skyl1tfern.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://5tud1o6-path.skyl1tfern.in.net/verification.google id: auto-43ab1cdb49343f924f92e71c852ec4e67fae05b18f760a2dbfd21969415d3571 status: experimental description: Detects traffic or activity related to https://5tud1o6-path.skyl1tfern.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://5tud1o6-path.skyl1tfern.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://gatewayraven.skyl1tfern.in.net/verification.google id: auto-31b46b43218a3f8892e18bbd4dc517e8ee35f7b19d0ac5e88d07f68aa6f791e0 status: experimental description: Detects traffic or activity related to https://gatewayraven.skyl1tfern.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://gatewayraven.skyl1tfern.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cr4ft9-core.skyl1tfern.in.net/verification.google id: auto-fcac8427dc54df6621125440b9831f77154071d4a89a466895c6c36f4d645229 status: experimental description: Detects traffic or activity related to https://cr4ft9-core.skyl1tfern.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cr4ft9-core.skyl1tfern.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://sub-hau1.fabledrift.in.net/verification.google id: auto-2df6b87215298993980903223d04b8c5ca7088459852a49cc559753aaf2a603a status: experimental description: Detects traffic or activity related to https://sub-hau1.fabledrift.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://sub-hau1.fabledrift.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://quorspireum8.fabledrift.in.net/verification.google id: auto-e96e5d4883b58bb1a192dae2c2ea7bcbe2098e872348c864b406c3c2298c485a status: experimental description: Detects traffic or activity related to https://quorspireum8.fabledrift.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://quorspireum8.fabledrift.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://storyfros.fabledrift.in.net/verification.google id: auto-d070103d2a9c201dffdc5d20632fd61a5cbecda3491881973b42405b335c2d62 status: experimental description: Detects traffic or activity related to https://storyfros.fabledrift.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://storyfros.fabledrift.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://tpqicucp.fabledrift.in.net/verification.google id: auto-4bd5e7928513ecc790c717149b5f3e7e75d97af58ac4e2f4a7c29c5028d7df13 status: experimental description: Detects traffic or activity related to https://tpqicucp.fabledrift.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://tpqicucp.fabledrift.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://securclea.fabledrift.in.net/verification.google id: auto-8b11d30b617e69ffb7926312864d3950140b5cd0a25333406328896701d08bb7 status: experimental description: Detects traffic or activity related to https://securclea.fabledrift.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://securclea.fabledrift.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://arraynarrow.fabledrift.in.net/verification.google id: auto-70753a34bef03a2a96efebb61ce0308946bb96722cf518cfb73a5594c9e4e309 status: experimental description: Detects traffic or activity related to https://arraynarrow.fabledrift.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://arraynarrow.fabledrift.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://lumlithor9.thorncairn.in.net/verification.google id: auto-b20e214628bcd09cd5a98640481f917a654d43c77a2dc38d93ea1cf07d023dd6 status: experimental description: Detects traffic or activity related to https://lumlithor9.thorncairn.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://lumlithor9.thorncairn.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://clif-lagoo.thorncairn.in.net/verification.google id: auto-b08561d8a7fc5ba67684da4802c431ffe099ff60208541ce2e19ad1c83a6637c status: experimental description: Detects traffic or activity related to https://clif-lagoo.thorncairn.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://clif-lagoo.thorncairn.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://kfem.thorncairn.in.net/verification.google id: auto-f7a8df89c84b6f2fd550127534565794aa854073b6f710242210f42e95ef7698 status: experimental description: Detects traffic or activity related to https://kfem.thorncairn.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://kfem.thorncairn.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ze2975m.thorncairn.in.net/verification.google id: auto-3bda441bf88796e9834e1835bb6e7b1835e3f18c6e26c1f4c562412a23f40ade status: experimental description: Detects traffic or activity related to https://ze2975m.thorncairn.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ze2975m.thorncairn.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://vgge57l.thorncairn.in.net/verification.google id: auto-5c6d563ede53d62d81403891e82e0747274eae505d334b3cee3674bb8d520ff0 status: experimental description: Detects traffic or activity related to https://vgge57l.thorncairn.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://vgge57l.thorncairn.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://solforgeor4.thorncairn.in.net/verification.google id: auto-36e2310ee2fec0a936888c5513fe9a8d4a42d26683b5b7a7b179ff1867a5c0fd status: experimental description: Detects traffic or activity related to https://solforgeor4.thorncairn.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://solforgeor4.thorncairn.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://loyalreel.v7lora.in.net/verification.google id: auto-b9480fe85cb7e911bedcfe0de0b266f30392e3b63e96f1cdac1d5367b0b4bb70 status: experimental description: Detects traffic or activity related to https://loyalreel.v7lora.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://loyalreel.v7lora.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://tr4ck-frame.v7lora.in.net/verification.google id: auto-8631fdac43f2b9930032d40e97639818775f430dc12a253d2bf0bc49da3c133b status: experimental description: Detects traffic or activity related to https://tr4ck-frame.v7lora.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://tr4ck-frame.v7lora.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://tdp72.v7lora.in.net/verification.google id: auto-681bc47a7917c022e09f034a1938e9cb0f2402de77dbd0987ff62f2be49b6a4b status: experimental description: Detects traffic or activity related to https://tdp72.v7lora.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://tdp72.v7lora.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://sswms.v7lora.in.net/verification.google id: auto-cf8d9fe5f8b60a13c1f68457fa8b9d9b64c91c11dadf54ac82b7dfa5bb56959d status: experimental description: Detects traffic or activity related to https://sswms.v7lora.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://sswms.v7lora.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://surnm5-route.v7lora.in.net/verification.google id: auto-92b04055da3ea329bf207039fc2e824887a2719463dfbe2ffd2244a412290dd4 status: experimental description: Detects traffic or activity related to https://surnm5-route.v7lora.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://surnm5-route.v7lora.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://r0ug3-stack.v7lora.in.net/verification.google id: auto-551c81701f0fc4e247d9381c48c4630b5c9f3ec686171894ca079cdae656dfc5 status: experimental description: Detects traffic or activity related to https://r0ug3-stack.v7lora.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://r0ug3-stack.v7lora.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://meta-pur3.glowhaven.in.net/verification.google id: auto-6e3d05baa0edb7f50004127d9f8abe13c46076bbeca939a654b4a946aad4ceb6 status: experimental description: Detects traffic or activity related to https://meta-pur3.glowhaven.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://meta-pur3.glowhaven.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://pr1v-zone.glowhaven.in.net/verification.google id: auto-79a0e835a590879a49b75330341bd33867b04e32254e50def2d394d422af8eef status: experimental description: Detects traffic or activity related to https://pr1v-zone.glowhaven.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://pr1v-zone.glowhaven.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://pin3-point.glowhaven.in.net/verification.google id: auto-518f6f6398f6f5c6854d0e0eae413d954cd69e290208ad4635cf1351996663ed status: experimental description: Detects traffic or activity related to https://pin3-point.glowhaven.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://pin3-point.glowhaven.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://fz01ob.glowhaven.in.net/verification.google id: auto-8361cf564001acb6e32f332c80fed0242ed34e8a48653c587299d4d273a329ba status: experimental description: Detects traffic or activity related to https://fz01ob.glowhaven.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://fz01ob.glowhaven.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://quatrigge.glowhaven.in.net/verification.google id: auto-634c91263bc40a33e83f11378da1f367c4b4f4db4f757445bcaaa6c72844105c status: experimental description: Detects traffic or activity related to https://quatrigge.glowhaven.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://quatrigge.glowhaven.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://normesh0a.glowhaven.in.net/verification.google id: auto-dbaf1192803597892838efe84f2aeb56d95d5c6bdde549641eb489e536ed3597 status: experimental description: Detects traffic or activity related to https://normesh0a.glowhaven.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://normesh0a.glowhaven.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://triforgea4.cinderbay.in.net/verification.google id: auto-ecd91ca22844a159b3c79b162600a9f8629197f57653eb93527b07f9b09a2127 status: experimental description: Detects traffic or activity related to https://triforgea4.cinderbay.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://triforgea4.cinderbay.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://velvetautu.cinderbay.in.net/verification.google id: auto-5bff728a097bd64b6fcd9f6fd0d5b9537ffc891ad8b4db9865fbd3d4a2c41511 status: experimental description: Detects traffic or activity related to https://velvetautu.cinderbay.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://velvetautu.cinderbay.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://coralsolid.cinderbay.in.net/verification.google id: auto-d1817df1a9ed81e1136b8f9c8bc05ba9c22df6fce660253f7a16d0ddce9270dd status: experimental description: Detects traffic or activity related to https://coralsolid.cinderbay.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://coralsolid.cinderbay.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ziuyacdv.cinderbay.in.net/verification.google id: auto-786ad8cbe70bb35d03740753eaa560a76d8fec479b14d6701cbae6fbb8e83fb3 status: experimental description: Detects traffic or activity related to https://ziuyacdv.cinderbay.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ziuyacdv.cinderbay.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://talline1is.cinderbay.in.net/verification.google id: auto-eff72fbed11117cd1fa91ed951fca02a8b0d955117318780a5015127483cf2db status: experimental description: Detects traffic or activity related to https://talline1is.cinderbay.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://talline1is.cinderbay.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://poster-port.cinderbay.in.net/verification.google id: auto-f936b25eeee014cbdc10650c2afda0aa8c9ad0e8dbea9f98ae383775b9b4dc92 status: experimental description: Detects traffic or activity related to https://poster-port.cinderbay.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://poster-port.cinderbay.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://falldusk.mossbyte.in.net/verification.google id: auto-e4af16994f61b8aeab712f189a9a06ee582e05cf0cc907c7710e93375791d178 status: experimental description: Detects traffic or activity related to https://falldusk.mossbyte.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://falldusk.mossbyte.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://wkilqh.mossbyte.in.net/verification.google id: auto-a9402121152c59b5399a486ca1e709b29f605f4c76956d733db9fcfbd3829ffa status: experimental description: Detects traffic or activity related to https://wkilqh.mossbyte.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://wkilqh.mossbyte.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://wavrapi.mossbyte.in.net/verification.google id: auto-bb20cf0c831ef393a6ddf069b2a3a7c1c5238c514a539f41c2cff1b1f6c0c85e status: experimental description: Detects traffic or activity related to https://wavrapi.mossbyte.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://wavrapi.mossbyte.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://gb3r.mossbyte.in.net/verification.google id: auto-520e39548b1f7edaeaa5060f399bfa2297b060544ab91d53c08ac077e9b6a400 status: experimental description: Detects traffic or activity related to https://gb3r.mossbyte.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://gb3r.mossbyte.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://r6cp.mossbyte.in.net/verification.google id: auto-5af075a45eb0427a034d514c42c65c5be8076ac4356996174f81f7262ffa0cf1 status: experimental description: Detects traffic or activity related to https://r6cp.mossbyte.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://r6cp.mossbyte.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://nor-lineor.mossbyte.in.net/verification.google id: auto-f7f150f6d6efaa7b9f7481cc40db419afba47ebcf53f77a9c7d48f50bd5a5ed7 status: experimental description: Detects traffic or activity related to https://nor-lineor.mossbyte.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://nor-lineor.mossbyte.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://handleramber.cl0verpeak.in.net/verification.google id: auto-bc5bd215603f44db6f7fedb7629ae30cc54c726b2c29d96e3e29bb3bf85fb56f status: experimental description: Detects traffic or activity related to https://handleramber.cl0verpeak.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://handleramber.cl0verpeak.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://scrip8-grid.cl0verpeak.in.net/verification.google id: auto-3e2d85188fbe396bebb785e8d6460bc09ed3f566a7e976b4dda7865165cc9102 status: experimental description: Detects traffic or activity related to https://scrip8-grid.cl0verpeak.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://scrip8-grid.cl0verpeak.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://zennexos5.cl0verpeak.in.net/verification.google id: auto-9feb0b2ad093aa9ce8f7eb0bbfd1031fca4350e5db262ace7c17013afc62c5df status: experimental description: Detects traffic or activity related to https://zennexos5.cl0verpeak.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://zennexos5.cl0verpeak.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://tri-coreen.cl0verpeak.in.net/verification.google id: auto-1076ab50735dc2ecb68b2f89bc96e2bbeb063630c047a3ee46c36c397093a091 status: experimental description: Detects traffic or activity related to https://tri-coreen.cl0verpeak.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://tri-coreen.cl0verpeak.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dtlxmaf.cl0verpeak.in.net/verification.google id: auto-88ab3a5b16ecd78af71fd34817ccb59a7583dd0c0cbdf0a7b0031322bc69aa2a status: experimental description: Detects traffic or activity related to https://dtlxmaf.cl0verpeak.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dtlxmaf.cl0verpeak.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://voyageinspect.cl0verpeak.in.net/verification.google id: auto-6d653f47b2a48627b8099cea2b6f3c2744e1d49083dd91ab672705b949b9ed90 status: experimental description: Detects traffic or activity related to https://voyageinspect.cl0verpeak.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://voyageinspect.cl0verpeak.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://solcresten3.n0vabrook.in.net/verification.google id: auto-323e4fa085ac462406d9465e0f3be652c5250b14e83b117aefd16423835b6bbb status: experimental description: Detects traffic or activity related to https://solcresten3.n0vabrook.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://solcresten3.n0vabrook.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://delta6-zone.stormglade.in.net/verification.google id: auto-3408b9de54dec1579111f15a14eee6859da431ce84332c40dc1e9368ee16647a status: experimental description: Detects traffic or activity related to https://delta6-zone.stormglade.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://delta6-zone.stormglade.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://roy4l-node.foxrunet.in.net/verification.google id: auto-7ac84e0ec294fe33d8adf3b205274b1f9081eb08283483af914a4f6b55c2db64 status: experimental description: Detects traffic or activity related to https://roy4l-node.foxrunet.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://roy4l-node.foxrunet.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://tru37-point.oakwhisper.in.net/verification.google id: auto-c390de96e0084cd6a639a149e6f13d63c930815b178aba84bba59a98f8301e74 status: experimental description: Detects traffic or activity related to https://tru37-point.oakwhisper.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://tru37-point.oakwhisper.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://d3ep-forge.br1ghtmere.in.net/verification.google id: auto-c3d24a465b22f24b64d1e44c20fcb4983281994f94c919849faf9d24292e8393 status: experimental description: Detects traffic or activity related to https://d3ep-forge.br1ghtmere.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://d3ep-forge.br1ghtmere.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://vzdgys.starforge.in.net/verification.google id: auto-75867e3b4ace77247d3005e2507b3bcba6f715aa991bce912c4cbf628563aac1 status: experimental description: Detects traffic or activity related to https://vzdgys.starforge.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://vzdgys.starforge.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://yx16l.n0vabrook.in.net/verification.google id: auto-ba349542a570f5086ebe3b6a19603efbd871c7b85342107f2d76edc9f796e19a status: experimental description: Detects traffic or activity related to https://yx16l.n0vabrook.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://yx16l.n0vabrook.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://sh1f-signal.n0vabrook.in.net/verification.google id: auto-49052f513accc93be8463fcbaedc4bc15f112e3ba998c50d5c500597475256ca status: experimental description: Detects traffic or activity related to https://sh1f-signal.n0vabrook.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://sh1f-signal.n0vabrook.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://gl0ss-grid.n0vabrook.in.net/verification.google id: auto-9f15f37dcd83cfb34244f9ec03562d8fdabe10a47708a4ca072a81d9884b9450 status: experimental description: Detects traffic or activity related to https://gl0ss-grid.n0vabrook.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://gl0ss-grid.n0vabrook.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://hmndwk.n0vabrook.in.net/verification.google id: auto-58dad3f04f55df53ae8b816faa7a12a3be729f0256b0a12f41c3811315fbeb17 status: experimental description: Detects traffic or activity related to https://hmndwk.n0vabrook.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://hmndwk.n0vabrook.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://capitclou.stormglade.in.net/verification.google id: auto-a205c011b16259de331a047e1e51b147c93daa85d836ac9fc6887dc9e95f4e00 status: experimental description: Detects traffic or activity related to https://capitclou.stormglade.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://capitclou.stormglade.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://creekcargo.stormglade.in.net/verification.google id: auto-4a6e1d1b291c6fc7927ed085b4065bd2050c3a33874ff6f2d66b6c9cf778fe67 status: experimental description: Detects traffic or activity related to https://creekcargo.stormglade.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://creekcargo.stormglade.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://39vhl.stormglade.in.net/verification.google id: auto-c5a0381ddc8ac35b13c19ca2001eee299f22a5ec02060272e3f5ace2774fdef7 status: experimental description: Detects traffic or activity related to https://39vhl.stormglade.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://39vhl.stormglade.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dpvvgwcg.stormglade.in.net/verification.google id: auto-46642cb456d795f98b2a9e8e51249f7be4d750db1e30fc8bb180d54afeba9d5e status: experimental description: Detects traffic or activity related to https://dpvvgwcg.stormglade.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dpvvgwcg.stormglade.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://sceneretainer.foxrunet.in.net/verification.google id: auto-e5d3cf234075b07be99e5213b45af968d2a816af8f5a19a7e172dd53d955c73e status: experimental description: Detects traffic or activity related to https://sceneretainer.foxrunet.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://sceneretainer.foxrunet.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://field-shoa.foxrunet.in.net/verification.google id: auto-442304b43d06715e5890efe0db448c17f49d8922f2cd8a661932464fec567d21 status: experimental description: Detects traffic or activity related to https://field-shoa.foxrunet.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://field-shoa.foxrunet.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://margingene.foxrunet.in.net/verification.google id: auto-7f4ac02b12bd7eacfbdcb5a134d718b463682aa1e507f029f2ff7c412445ad6a status: experimental description: Detects traffic or activity related to https://margingene.foxrunet.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://margingene.foxrunet.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cybdh.foxrunet.in.net/verification.google id: auto-c4ffab4c4fa98de07fdd4744ccfe1722bb5f6015ffb04c88f9e5fd57683df1ba status: experimental description: Detects traffic or activity related to https://cybdh.foxrunet.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cybdh.foxrunet.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://solline0en.oakwhisper.in.net/verification.google id: auto-f329c162695baa3f1fad653c3eed3f9e1348d3dc83e79ad639e3cc48a16ca025 status: experimental description: Detects traffic or activity related to https://solline0en.oakwhisper.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://solline0en.oakwhisper.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://atom-mount.oakwhisper.in.net/verification.google id: auto-cc3af17b2bac22e5add15d264c8b851e02c3403e2a10a34678606db72aec0522 status: experimental description: Detects traffic or activity related to https://atom-mount.oakwhisper.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://atom-mount.oakwhisper.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://50ravelv.oakwhisper.in.net/verification.google id: auto-7256a486886165cc0a0d11e26bfb20d8d0a807a18b35f62ceb0dce32933c382d status: experimental description: Detects traffic or activity related to https://50ravelv.oakwhisper.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://50ravelv.oakwhisper.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dispatchmemory.oakwhisper.in.net/verification.google id: auto-dffaacd50248a4be0fc5d01ef6949acfa522cbc10bfbf3aebe822676191cd4b5 status: experimental description: Detects traffic or activity related to https://dispatchmemory.oakwhisper.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dispatchmemory.oakwhisper.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://proto-tru5ted.br1ghtmere.in.net/verification.google id: auto-9f07f8adb953bd14ebca0f095b5e0d6adfb66e3c1b59dd41561b46d07b87cd2b status: experimental description: Detects traffic or activity related to https://proto-tru5ted.br1ghtmere.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://proto-tru5ted.br1ghtmere.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://runti5-flow.br1ghtmere.in.net/verification.google id: auto-ac95c870eac01fc56a13ce5729220871033020e52f093ff28c9bb50917ea7e20 status: experimental description: Detects traffic or activity related to https://runti5-flow.br1ghtmere.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://runti5-flow.br1ghtmere.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://95abc92.br1ghtmere.in.net/verification.google id: auto-10c17f3e8b170f81c9db050d01102863f0c0733ee0148aa65877cafcaf20d2dc status: experimental description: Detects traffic or activity related to https://95abc92.br1ghtmere.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://95abc92.br1ghtmere.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://yyin.br1ghtmere.in.net/verification.google id: auto-6035ff343ad2b6b50f8f23f8c52c1c4cb67a35b3eda2e4da1cef40be3c68a8cb status: experimental description: Detects traffic or activity related to https://yyin.br1ghtmere.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://yyin.br1ghtmere.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://geyseropti.starforge.in.net/verification.google id: auto-00a0dec05b64c29f925db1d2d718fac019b4cef88b6555026fee44aeb377f9ca status: experimental description: Detects traffic or activity related to https://geyseropti.starforge.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://geyseropti.starforge.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://tranrur.starforge.in.net/verification.google id: auto-dbd8f4a18bab67600cd18f0f75f03633f0801b014542e5c1c19dff79a7748fb9 status: experimental description: Detects traffic or activity related to https://tranrur.starforge.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://tranrur.starforge.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://meta-0rch.starforge.in.net/verification.google id: auto-f5a7ed3092af1db0543b2f89ed1a7aeaaaaa167d95d322102b2e27bdcf953453 status: experimental description: Detects traffic or activity related to https://meta-0rch.starforge.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://meta-0rch.starforge.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://bzknn.starforge.in.net/verification.google id: auto-a73c1308e6d5f0ba35fbd34852d29c2b2821d0ffc5085b568a7864ea0d02f9bf status: experimental description: Detects traffic or activity related to https://bzknn.starforge.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://bzknn.starforge.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://wu4747.n0vabrook.in.net/verification.google id: auto-0ba951f40d6eb58d0c403b7608b369a987b76dcc52b8bee9d9b9d432583b1888 status: experimental description: Detects traffic or activity related to https://wu4747.n0vabrook.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://wu4747.n0vabrook.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://guarmea.n0vabrook.in.net/verification.google id: auto-7a0af77bb8d6365488ac34c845539318aaa6200aa08d20dc644dd8da6b22f7ac status: experimental description: Detects traffic or activity related to https://guarmea.n0vabrook.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://guarmea.n0vabrook.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://quick8-chain.n0vabrook.in.net/verification.google id: auto-39f70123173c3e7829d3475af40b35cf6319a7e07f17a5c0ec2b922af1d830cd status: experimental description: Detects traffic or activity related to https://quick8-chain.n0vabrook.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://quick8-chain.n0vabrook.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://decode-stead.n0vabrook.in.net/verification.google id: auto-3ac1397adab9ab2bd236a773bf17831a540d1aab8d03a93eed917dd8909175a7 status: experimental description: Detects traffic or activity related to https://decode-stead.n0vabrook.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://decode-stead.n0vabrook.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://3d1t-node.n0vabrook.in.net/verification.google id: auto-bc425ae801ed639584890339a9a5604116a24f064196ac7b47d8578e17689894 status: experimental description: Detects traffic or activity related to https://3d1t-node.n0vabrook.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://3d1t-node.n0vabrook.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://proto-p0rt.n0vabrook.in.net/verification.google id: auto-02ba9173ce96689ce40aa5cc5ef03189212846fabc770e07f6d3beec97a7b2c5 status: experimental description: Detects traffic or activity related to https://proto-p0rt.n0vabrook.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://proto-p0rt.n0vabrook.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://anch0r1-route.stormglade.in.net/verification.google id: auto-2a0f2180df6f8ee80c962aa219e4358acf10f4a3652752d81b29ee927b55fb93 status: experimental description: Detects traffic or activity related to https://anch0r1-route.stormglade.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://anch0r1-route.stormglade.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://we5ohkh2.stormglade.in.net/verification.google id: auto-429e728b279b3ae91fa2477bca366b6d808acb3aaafb6ed3ffe16d0e97ebdc46 status: experimental description: Detects traffic or activity related to https://we5ohkh2.stormglade.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://we5ohkh2.stormglade.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ligh-stric.stormglade.in.net/verification.google id: auto-5dd52be895fdcd1d25e0f03cc2c4de99f4d3686c1521280e3044ec04e1683611 status: experimental description: Detects traffic or activity related to https://ligh-stric.stormglade.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ligh-stric.stormglade.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://offecargo.stormglade.in.net/verification.google id: auto-fecec72eb4fd69caf0e84955b110ebef6114a2548d8c0abff35806bcaae0cce1 status: experimental description: Detects traffic or activity related to https://offecargo.stormglade.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://offecargo.stormglade.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://quordra3os.stormglade.in.net/verification.google id: auto-7326060a7a2de2aed08b5caa309bbe9dfced013068f56b2dc15366ae4c02e8f1 status: experimental description: Detects traffic or activity related to https://quordra3os.stormglade.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://quordra3os.stormglade.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://crimsonpublish.stormglade.in.net/verification.google id: auto-da24b6aaac615b2f078bc6796b5c805d7574e6d0473833d0dff4db6e8e96925f status: experimental description: Detects traffic or activity related to https://crimsonpublish.stormglade.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://crimsonpublish.stormglade.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://nortideis.foxrunet.in.net/verification.google id: auto-02e45eda20719188620d7204f0d00933d983b0f2ffca436f5154f7e24c931655 status: experimental description: Detects traffic or activity related to https://nortideis.foxrunet.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://nortideis.foxrunet.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://echo-draf.foxrunet.in.net/verification.google id: auto-551b2aeb961b0ee5457a901cfb8b650ef84ccc2e6617e39ffdc12d4c0fe00744 status: experimental description: Detects traffic or activity related to https://echo-draf.foxrunet.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://echo-draf.foxrunet.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://refineterminal.foxrunet.in.net/verification.google id: auto-87b02e77ef6748c6781f8dd0ed545278e5d5199c8dc9795c948dfb6c4d1a86d8 status: experimental description: Detects traffic or activity related to https://refineterminal.foxrunet.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://refineterminal.foxrunet.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://urbanvoya.foxrunet.in.net/verification.google id: auto-c1a203231cbf27b85687d3c03f399c7df344f4672fc7a5e7e14dcb02ecb3f206 status: experimental description: Detects traffic or activity related to https://urbanvoya.foxrunet.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://urbanvoya.foxrunet.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://lwvkfb.foxrunet.in.net/verification.google id: auto-70668621f837fc3453ce1c6ddf0c40bd3984c49eb698496c505eff1a015fcc82 status: experimental description: Detects traffic or activity related to https://lwvkfb.foxrunet.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://lwvkfb.foxrunet.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://subtlsegme.foxrunet.in.net/verification.google id: auto-ef89a7a50b62ce455ed98150ab5a2c053f320c606662e0e9acf48af10ec80b89 status: experimental description: Detects traffic or activity related to https://subtlsegme.foxrunet.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://subtlsegme.foxrunet.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://11kzvq.oakwhisper.in.net/verification.google id: auto-193fadf9dd9666f3e42b89e64a9c5a981d3bc0309038d35da8456d87e364ce0c status: experimental description: Detects traffic or activity related to https://11kzvq.oakwhisper.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://11kzvq.oakwhisper.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://wpx3375n.oakwhisper.in.net/verification.google id: auto-1d4dce2f40413b756986e454996b2308c189e3dad4fe56c9e47dedb4f56a145b status: experimental description: Detects traffic or activity related to https://wpx3375n.oakwhisper.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://wpx3375n.oakwhisper.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://riverrefine.oakwhisper.in.net/verification.google id: auto-a2bcb28cbb0211f1e45003ee4f025b035cdbbb1de2c612d02a97d4098267ee9b status: experimental description: Detects traffic or activity related to https://riverrefine.oakwhisper.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://riverrefine.oakwhisper.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://hyper-4uth.oakwhisper.in.net/verification.google id: auto-02b9dd5ae639ab01566320d60cae5b021c8374aa2d3c8917babf4e66fee5ac49 status: experimental description: Detects traffic or activity related to https://hyper-4uth.oakwhisper.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://hyper-4uth.oakwhisper.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://filteglob.oakwhisper.in.net/verification.google id: auto-d1d7364e3afee88ae6716ac88eaaa50f0ed341c3a86833ca1af7d6bff83d1de4 status: experimental description: Detects traffic or activity related to https://filteglob.oakwhisper.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://filteglob.oakwhisper.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://runwaypublic.oakwhisper.in.net/verification.google id: auto-1a0e1585219f67cad53e910bced51f705c22ab9305c1d5a1c0aba87b5b749598 status: experimental description: Detects traffic or activity related to https://runwaypublic.oakwhisper.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://runwaypublic.oakwhisper.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://vmcs.br1ghtmere.in.net/verification.google id: auto-8581cc4d2fe02532817ff9e3499a9ff5171ba0fda80cc82f254026dddca54f49 status: experimental description: Detects traffic or activity related to https://vmcs.br1ghtmere.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://vmcs.br1ghtmere.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://tal-venal.br1ghtmere.in.net/verification.google id: auto-7573a784a516a9978b8826791668f8abe967a6a16ab90746f3129029f192ae53 status: experimental description: Detects traffic or activity related to https://tal-venal.br1ghtmere.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://tal-venal.br1ghtmere.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://wgyinknm.br1ghtmere.in.net/verification.google id: auto-6b48df3bd230630e0be4acf88b33490f383cd4387e06f20c60f128740196d320 status: experimental description: Detects traffic or activity related to https://wgyinknm.br1ghtmere.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://wgyinknm.br1ghtmere.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://screennotify.br1ghtmere.in.net/verification.google id: auto-d31881a98d6e87c29103b47dd4270e8ccaff294253e09c767bbd3058611c195e status: experimental description: Detects traffic or activity related to https://screennotify.br1ghtmere.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://screennotify.br1ghtmere.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cell-plate.br1ghtmere.in.net/verification.google id: auto-7449c4f45bc0c67e39147c8c047028751e2c21b342f619ba7db81bf10f327990 status: experimental description: Detects traffic or activity related to https://cell-plate.br1ghtmere.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cell-plate.br1ghtmere.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://n73pw.br1ghtmere.in.net/verification.google id: auto-96231601ebacdbdda7291af0e127ea74922f0dc5a644d129f48b1843b5265b94 status: experimental description: Detects traffic or activity related to https://n73pw.br1ghtmere.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://n73pw.br1ghtmere.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://aftwizk.starforge.in.net/verification.google id: auto-3e360e2f1be49e1a2821ad12748c45aa21d44d5fb19186e2255200f513e382b6 status: experimental description: Detects traffic or activity related to https://aftwizk.starforge.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://aftwizk.starforge.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://zencrestal2.starforge.in.net/verification.google id: auto-d433a2a15cc92aceecbcb8a14141bcccc67ad332bde5353684e439125b869c7d status: experimental description: Detects traffic or activity related to https://zencrestal2.starforge.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://zencrestal2.starforge.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://icegold.starforge.in.net/verification.google id: auto-608f56861327a1dd86153454a453727a5770a58ebf3af7029a6291bdb61560e9 status: experimental description: Detects traffic or activity related to https://icegold.starforge.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://icegold.starforge.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://80tlyi.starforge.in.net/verification.google id: auto-0189430f06ea723aad1ee98e37c934b9afd87e32e091637bc4f2217e3a702d40 status: experimental description: Detects traffic or activity related to https://80tlyi.starforge.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://80tlyi.starforge.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://vvave3-gate.starforge.in.net/verification.google id: auto-6b961441470f7006902bc52593f7a9bc0a9dc2dc3521bb9207994e90dd903743 status: experimental description: Detects traffic or activity related to https://vvave3-gate.starforge.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://vvave3-gate.starforge.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://lumvale8is.starforge.in.net/verification.google id: auto-b03b67a44c3879533b96624065fe1076c278f8ec24d6ef83b32fc60d3b460dbd status: experimental description: Detects traffic or activity related to https://lumvale8is.starforge.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://lumvale8is.starforge.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://resource-api.infrastructurehub.in.net/verification.google id: auto-cf9e9e01e29b6b476926f7156c3d76b248e7b9b00261a282130f9e48c3471c82 status: experimental description: Detects traffic or activity related to https://resource-api.infrastructurehub.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://resource-api.infrastructurehub.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://power-plant.infrastructurehub.in.net/verification.google id: auto-bf6ac181315663f28096b39a071744d921b488cb066b3e4f91ba8ba506fc789d status: experimental description: Detects traffic or activity related to https://power-plant.infrastructurehub.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://power-plant.infrastructurehub.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://asset-track.infrastructurehub.in.net/verification.google id: auto-7dce8ef363b4dfae266f8766e2bdaaf987782f281026de8de5222af9716d6e42 status: experimental description: Detects traffic or activity related to https://asset-track.infrastructurehub.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://asset-track.infrastructurehub.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://base-build.infrastructurehub.in.net/verification.google id: auto-a74ab40871f591456901cdb04ea7dd65c752dd381d7087b3ed483ca8b5bec71b status: experimental description: Detects traffic or activity related to https://base-build.infrastructurehub.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://base-build.infrastructurehub.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://solid-state.infrastructurehub.in.net/verification.google id: auto-284fe6e9af569b0fad5a40eb8b44a2c622b6baed88f7bb2ff676236774bc750b status: experimental description: Detects traffic or activity related to https://solid-state.infrastructurehub.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://solid-state.infrastructurehub.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://heavy-duty.infrastructurehub.in.net/verification.google id: auto-45504fc209a525db36e8b8ce454aac3d8febcf8bdb61914b38530e4e64c892e9 status: experimental description: Detects traffic or activity related to https://heavy-duty.infrastructurehub.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://heavy-duty.infrastructurehub.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://form-builder.municipalmatrix.in.net/verification.google id: auto-9be21bf905cdbd8fc0622e679dbbe57f083ec600b43590a3d694f7d84c66dc84 status: experimental description: Detects traffic or activity related to https://form-builder.municipalmatrix.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://form-builder.municipalmatrix.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://code-index.municipalmatrix.in.net/verification.google id: auto-d4292276cce6bd38bfbe3d86bbdf2a5e6de8920479d1dbf84383f7a7a91db952 status: experimental description: Detects traffic or activity related to https://code-index.municipalmatrix.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://code-index.municipalmatrix.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://auth-trust.municipalmatrix.in.net/verification.google id: auto-52ad39b40cf248aca3190299f9f407450c6677b6856f9efee6da32f2a8ed7e77 status: experimental description: Detects traffic or activity related to https://auth-trust.municipalmatrix.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://auth-trust.municipalmatrix.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://citizen-dev.municipalmatrix.in.net/verification.google id: auto-63dcf24113605d048e33f6b3affcdd665901467f317f42e261ff5dd9bc8f49ee status: experimental description: Detects traffic or activity related to https://citizen-dev.municipalmatrix.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://citizen-dev.municipalmatrix.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://town-council.municipalmatrix.in.net/verification.google id: auto-cc5fc42f05bcd64b251cd4ed89c4d40ab11e88b579856fbdad6eedb091aaf172 status: experimental description: Detects traffic or activity related to https://town-council.municipalmatrix.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://town-council.municipalmatrix.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://public-serv.municipalmatrix.in.net/verification.google id: auto-efe2e042325b1fe9230783a552369d7b911b6b65ca82900c12a894082002fa3b status: experimental description: Detects traffic or activity related to https://public-serv.municipalmatrix.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://public-serv.municipalmatrix.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://reach-base.territoriallink.in.net/verification.google id: auto-4e80f40de979ea1bfeb48e8805145e7698bcf888683b25ef299cbbc52c399710 status: experimental description: Detects traffic or activity related to https://reach-base.territoriallink.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://reach-base.territoriallink.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://map-anchor.territoriallink.in.net/verification.google id: auto-5fdef47e1454badd84688e1f6555a9cd3f377a355e06de5efc0d96c94133a763 status: experimental description: Detects traffic or activity related to https://map-anchor.territoriallink.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://map-anchor.territoriallink.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://site-connect.territoriallink.in.net/verification.google id: auto-dff7fffbd56d7255fb1cc28b2da9e66dc12c2e2d7018c27e01067e193d1988b2 status: experimental description: Detects traffic or activity related to https://site-connect.territoriallink.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://site-connect.territoriallink.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://land-mark.territoriallink.in.net/verification.google id: auto-cefd74868d0aee85a7b6ab3a8de0e2df8a852bdb9314fe00d7143ff635fc2b5c status: experimental description: Detects traffic or activity related to https://land-mark.territoriallink.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://land-mark.territoriallink.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://proxy-edge.territoriallink.in.net/verification.google id: auto-cd0619c209a09ca21fa25db01adc182b3d081c3baf3ecb7b8a2e6e006a03c33c status: experimental description: Detects traffic or activity related to https://proxy-edge.territoriallink.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://proxy-edge.territoriallink.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://border-gate.territoriallink.in.net/verification.google id: auto-67c69e206ff6c3c1abec7537d3096f0571ec82bdb817f01182963617a6fffbef status: experimental description: Detects traffic or activity related to https://border-gate.territoriallink.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://border-gate.territoriallink.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://remote-log.regionaltelemetry.in.net/verification.google id: auto-b890173786f0ac567f4499edaada76df42df30a9c4a80f82751635bf998f08b4 status: experimental description: Detects traffic or activity related to https://remote-log.regionaltelemetry.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://remote-log.regionaltelemetry.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://wave-form.regionaltelemetry.in.net/verification.google id: auto-fe0bf77bb4a18558c0e44f346ccb7a6b002107761e8c09a55732cd463438cf46 status: experimental description: Detects traffic or activity related to https://wave-form.regionaltelemetry.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://wave-form.regionaltelemetry.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://data-packet.regionaltelemetry.in.net/verification.google id: auto-3daa9eee8773fbec0d334900457a8174a48cf5f16295a9d9e5b8e324712ce696 status: experimental description: Detects traffic or activity related to https://data-packet.regionaltelemetry.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://data-packet.regionaltelemetry.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://signal-box.regionaltelemetry.in.net/verification.google id: auto-f2867b0074429521c07d35bd230432474f9cae1bc38856059b79f17ed5bdb70b status: experimental description: Detects traffic or activity related to https://signal-box.regionaltelemetry.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://signal-box.regionaltelemetry.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://field-report.regionaltelemetry.in.net/verification.google id: auto-859e211380d3d0fa619a6c3e01e239c955d36f5d49c120101e39eaf47c7cd2ea status: experimental description: Detects traffic or activity related to https://field-report.regionaltelemetry.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://field-report.regionaltelemetry.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://wide-telemetry.regionaltelemetry.in.net/verification.google id: auto-1556bada2ea93ee48046c41e6a746eee046868046f8c60231b0a753cc208a6c6 status: experimental description: Detects traffic or activity related to https://wide-telemetry.regionaltelemetry.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://wide-telemetry.regionaltelemetry.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://tunnel-sync.centralizedduct.in.net/verification.google id: auto-e9b45484392bbf19a43e9fc0412bfae19e4ff03cc375e9b0c50a9269a55d798e status: experimental description: Detects traffic or activity related to https://tunnel-sync.centralizedduct.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://tunnel-sync.centralizedduct.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://pressure-io.centralizedduct.in.net/verification.google id: auto-dbdc4ddc7190eeb5b56cc27710b50835cef5f6fb43de54a4e8447e1b5c87efcd status: experimental description: Detects traffic or activity related to https://pressure-io.centralizedduct.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://pressure-io.centralizedduct.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://flow-guide.centralizedduct.in.net/verification.google id: auto-d4602c8f4da67aa59ecfa59faf4318d197dc4bb74a6a9f4cb5ec5e3957db15b2 status: experimental description: Detects traffic or activity related to https://flow-guide.centralizedduct.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://flow-guide.centralizedduct.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://filter-proc.centralizedduct.in.net/verification.google id: auto-9d05a637e5a17cdb8c61e5a66168172ba2dc11c9ab9ea5140017f6ba87d14a3b status: experimental description: Detects traffic or activity related to https://filter-proc.centralizedduct.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://filter-proc.centralizedduct.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://outlet-node.centralizedduct.in.net/verification.google id: auto-7c7d6c3fff38cd5bdffc50b6a86122f91619b53193c2b8427cce1c635b9a1691 status: experimental description: Detects traffic or activity related to https://outlet-node.centralizedduct.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://outlet-node.centralizedduct.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://inlet-valve.centralizedduct.in.net/verification.google id: auto-80b6f2cfe5988b1ef7b7eefeb2f48fcd32e5fa1c784555602b9354ab0694d297 status: experimental description: Detects traffic or activity related to https://inlet-valve.centralizedduct.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://inlet-valve.centralizedduct.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://node-carrier.linearbackbone.in.net/verification.google id: auto-322d94632d82db6aecb22a43a25491a69dcfb227cab421583732c010c5496aaf status: experimental description: Detects traffic or activity related to https://node-carrier.linearbackbone.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://node-carrier.linearbackbone.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://main-frame.linearbackbone.in.net/verification.google id: auto-f458d138faaaf701ce966782877684df9b71854132cd48515f773bd201ddf53e status: experimental description: Detects traffic or activity related to https://main-frame.linearbackbone.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://main-frame.linearbackbone.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://fiber-route.linearbackbone.in.net/verification.google id: auto-55ef41500e2345c2f6ead5b62b18d71165a98fc90e738879a387cf23e8c83636 status: experimental description: Detects traffic or activity related to https://fiber-route.linearbackbone.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://fiber-route.linearbackbone.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://trunk-line.linearbackbone.in.net/verification.google id: auto-f0564223a69fceb9d51541e7543435d7f26c42d64dac3bb1cd45414a81c92bb3 status: experimental description: Detects traffic or activity related to https://trunk-line.linearbackbone.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://trunk-line.linearbackbone.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://path-bridge.linearbackbone.in.net/verification.google id: auto-bc763f7cd8e3d90cba5e3884969cd57d5d39846675ec20c04a21f7c2775daa03 status: experimental description: Detects traffic or activity related to https://path-bridge.linearbackbone.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://path-bridge.linearbackbone.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://link-secure.linearbackbone.in.net/verification.google id: auto-161445b2541abf13915ac54dd0a4a7d8a6cc6e15d8d57130f74624a32dc542ca status: experimental description: Detects traffic or activity related to https://link-secure.linearbackbone.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://link-secure.linearbackbone.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://task-logic.sectoralcontrol.in.net/verification.google id: auto-ca7e4edf00258bf55609496a6d8ef30ba94fd2a06731157e48d8be6f1282e830 status: experimental description: Detects traffic or activity related to https://task-logic.sectoralcontrol.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://task-logic.sectoralcontrol.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://switch-gear.sectoralcontrol.in.net/verification.google id: auto-a68713a43baafd83b9a300df15ef1922063ba7f9004816fab0d2a8a3cdfa6c24 status: experimental description: Detects traffic or activity related to https://switch-gear.sectoralcontrol.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://switch-gear.sectoralcontrol.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://system-core.sectoralcontrol.in.net/verification.google id: auto-874c751b0979d63eb48ddfc8596f04b87217a8909b598be12bc94f0addad4a1b status: experimental description: Detects traffic or activity related to https://system-core.sectoralcontrol.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://system-core.sectoralcontrol.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://remote-desk.sectoralcontrol.in.net/verification.google id: auto-1451ca95a95b3a8f7bfc2b7451cfdb52a18db636070817474098fc9a310f0864 status: experimental description: Detects traffic or activity related to https://remote-desk.sectoralcontrol.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://remote-desk.sectoralcontrol.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://unit-command.sectoralcontrol.in.net/verification.google id: auto-b59342bf89cf37740cb0f67de3995034849ed433e4e59ce226dbf8de207f2009 status: experimental description: Detects traffic or activity related to https://unit-command.sectoralcontrol.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://unit-command.sectoralcontrol.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://admin-panel.sectoralcontrol.in.net/verification.google id: auto-0053142ef0302d2e4b24ad41c5321eea520fff8dcc5a796fae6d7fd54fc2b884 status: experimental description: Detects traffic or activity related to https://admin-panel.sectoralcontrol.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://admin-panel.sectoralcontrol.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://site-archive.districtbuffer.in.net/verification.google id: auto-21f2a70d2ba726899e3304c524f83587883702b5ce694b707a1eba6bb88b0e9e status: experimental description: Detects traffic or activity related to https://site-archive.districtbuffer.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://site-archive.districtbuffer.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://load-buffer.districtbuffer.in.net/verification.google id: auto-182ea4d10eb51dfe7a9a50349b5fc53ebc9ecf0e6f7b66e8fe0f6d939bc1bd46 status: experimental description: Detects traffic or activity related to https://load-buffer.districtbuffer.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://load-buffer.districtbuffer.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://relay-point.districtbuffer.in.net/verification.google id: auto-40757ac7a5d488369e38a70b954518e437d6cccea0cb44e5ef52a07e67086d9c status: experimental description: Detects traffic or activity related to https://relay-point.districtbuffer.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://relay-point.districtbuffer.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://queue-manager.districtbuffer.in.net/verification.google id: auto-7cd0d07ddb2f2bc4034304a3c8057571e794f4acce97ea14088c7fd908442749 status: experimental description: Detects traffic or activity related to https://queue-manager.districtbuffer.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://queue-manager.districtbuffer.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://temp-storage.districtbuffer.in.net/verification.google id: auto-35c29e2288792db7b5c35c56d3c22680b3fe4c4c1f814b562db6d77816306b3f status: experimental description: Detects traffic or activity related to https://temp-storage.districtbuffer.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://temp-storage.districtbuffer.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://local-cache.districtbuffer.in.net/verification.google id: auto-6723bde026d742a6ac2896697f0f08b80bd04f6d63844e643620ee65055b7ce1 status: experimental description: Detects traffic or activity related to https://local-cache.districtbuffer.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://local-cache.districtbuffer.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://topo-render.precisemapnode.in.net/verification.google id: auto-18b923c1e2197042ab8c065f4d0eeaed415cd08bf79f3fa7b2fa8b2949a90d90 status: experimental description: Detects traffic or activity related to https://topo-render.precisemapnode.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://topo-render.precisemapnode.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://view-finder.precisemapnode.in.net/verification.google id: auto-ad233be9d8b6a187e6eb105a6bc4aa11ec3f0884f9bb8ae07663e1c39e8c4d04 status: experimental description: Detects traffic or activity related to https://view-finder.precisemapnode.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://view-finder.precisemapnode.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://scale-vector.precisemapnode.in.net/verification.google id: auto-565fcc3e69c5a61ee0d732acc6aad9d5ec50e5a0e110cf4c02090c57ed4914ec status: experimental description: Detects traffic or activity related to https://scale-vector.precisemapnode.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://scale-vector.precisemapnode.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://layer-stack.precisemapnode.in.net/verification.google id: auto-9c0c6d3ecaa48b755d4754b539b8c3e07e18602bef4d280e568809b57c0d2d7d status: experimental description: Detects traffic or activity related to https://layer-stack.precisemapnode.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://layer-stack.precisemapnode.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://point-atlas.precisemapnode.in.net/verification.google id: auto-3bc0c9adf9deaf980602c0797bb78ee0b92353c1eec9e1c5b0b08ff666bc3d16 status: experimental description: Detects traffic or activity related to https://point-atlas.precisemapnode.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://point-atlas.precisemapnode.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://coord-sync.precisemapnode.in.net/verification.google id: auto-79aaf9e943af5741bbfde4628ef37b676b4a61b62ef8a3f4e3c37a743e492e25 status: experimental description: Detects traffic or activity related to https://coord-sync.precisemapnode.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://coord-sync.precisemapnode.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://flow-master.urbanflowmetric.in.net/verification.google id: auto-598346ddb65e08411c4eefd3f0a18424d58b1351c4a8cd08935233df3e120d37 status: experimental description: Detects traffic or activity related to https://flow-master.urbanflowmetric.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://flow-master.urbanflowmetric.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://drift-control.urbanflowmetric.in.net/verification.google id: auto-c37245450d2215c10ad73f64e374c4f0a146782f08113fb65d0f7601c2467194 status: experimental description: Detects traffic or activity related to https://drift-control.urbanflowmetric.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://drift-control.urbanflowmetric.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://pulse-check.urbanflowmetric.in.net/verification.google id: auto-d429063f95d96ebf2c74aecfbbefa6babca87d57a49179135d5cca14a373aa72 status: experimental description: Detects traffic or activity related to https://pulse-check.urbanflowmetric.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://pulse-check.urbanflowmetric.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://surge-protect.urbanflowmetric.in.net/verification.google id: auto-d2737641e0bc40b122f62bd15aab9af7d1f534b140aa3d538ec68baf308fbfc9 status: experimental description: Detects traffic or activity related to https://surge-protect.urbanflowmetric.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://surge-protect.urbanflowmetric.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://stream-audit.urbanflowmetric.in.net/verification.google id: auto-a606bcb40059bf0eff1a77bdf3aef46fb8bf33d0a0f2fbd1b41879c4ab223418 status: experimental description: Detects traffic or activity related to https://stream-audit.urbanflowmetric.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://stream-audit.urbanflowmetric.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://traffic-api.urbanflowmetric.in.net/verification.google id: auto-c2c941a7207446f1aee16fc61c16820e3b0314aebbf1fdac07e72a15ceb2f5ef status: experimental description: Detects traffic or activity related to https://traffic-api.urbanflowmetric.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://traffic-api.urbanflowmetric.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://urban-access.metropolitangrid.in.net/verification.google id: auto-b2eee632de806605ad14d883893e3c8971f155002271fde850be50d76b7e9b5d status: experimental description: Detects traffic or activity related to https://urban-access.metropolitangrid.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://urban-access.metropolitangrid.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://zone-portal.metropolitangrid.in.net/verification.google id: auto-a45a6ec194700d94ec84158d55cc5c46d388fd0b413a0c123e8023a3e1b5284b status: experimental description: Detects traffic or activity related to https://zone-portal.metropolitangrid.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://zone-portal.metropolitangrid.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://block-sensor.metropolitangrid.in.net/verification.google id: auto-20157125c95cc011949a1b483fdaeb00fe6f10423fb0b64dbe166ab09f7677df status: experimental description: Detects traffic or activity related to https://block-sensor.metropolitangrid.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://block-sensor.metropolitangrid.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://area-scanner.metropolitangrid.in.net/verification.google id: auto-6944b312f33c02feb08aa3bdcabc4841c17de0c58fe5da1d1d4ef39655c46814 status: experimental description: Detects traffic or activity related to https://area-scanner.metropolitangrid.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://area-scanner.metropolitangrid.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://street-logic.metropolitangrid.in.net/verification.google id: auto-3094367131d6174d3fdfe6725967339cca2f3215acbcca308a2855b8e3e0bdb0 status: experimental description: Detects traffic or activity related to https://street-logic.metropolitangrid.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://street-logic.metropolitangrid.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://city-monitor.metropolitangrid.in.net/verification.google id: auto-2174a597711a4168f95324169f60aa5baca479b1b2509be36d0752a041fa7672 status: experimental description: Detects traffic or activity related to https://city-monitor.metropolitangrid.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://city-monitor.metropolitangrid.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://instant-msg.velocityterminal.in.net/verification.google id: auto-847b701ca1b858160d46382b387cdc485926e08870a2e63933caed873bdc7f4a status: experimental description: Detects traffic or activity related to https://instant-msg.velocityterminal.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://instant-msg.velocityterminal.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://quick-step.velocityterminal.in.net/verification.google id: auto-4213f64dd61f535d892645836530c9c041913aa9badfee8101f84023fea70b6f status: experimental description: Detects traffic or activity related to https://quick-step.velocityterminal.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://quick-step.velocityterminal.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://shift-ctrl.velocityterminal.in.net/verification.google id: auto-7f080fe06c3034feafd9e372e246e091e3de814d88d993e637c28a36465d87eb status: experimental description: Detects traffic or activity related to https://shift-ctrl.velocityterminal.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://shift-ctrl.velocityterminal.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://boost-engine.velocityterminal.in.net/verification.google id: auto-b84f3ea783f1e663f385d02f927671ebfecf8efc420862d59668e62b6b4cacf5 status: experimental description: Detects traffic or activity related to https://boost-engine.velocityterminal.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://boost-engine.velocityterminal.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://rapid-fire.velocityterminal.in.net/verification.google id: auto-4ed1cbd333a355c1d374ff8f6bed1a0aa482092af8d90e4b583182ea0d6298d9 status: experimental description: Detects traffic or activity related to https://rapid-fire.velocityterminal.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://rapid-fire.velocityterminal.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://fast-track.velocityterminal.in.net/verification.google id: auto-3387828a8339221e06d9191059dc2f52d013d88e1782379bbd63517bc930f96e status: experimental description: Detects traffic or activity related to https://fast-track.velocityterminal.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://fast-track.velocityterminal.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://codec-proxy.compressionlayer.in.net/verification.google id: auto-7719abb91abddc2db33339db708604d2d9fc826c49f0b4a69ac113f82c016d9c status: experimental description: Detects traffic or activity related to https://codec-proxy.compressionlayer.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://codec-proxy.compressionlayer.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://flat-buffer.compressionlayer.in.net/verification.google id: auto-836c31fea45c625638fefa54788c62f977d70cbeaf2acc1a57a95211f76a9fd5 status: experimental description: Detects traffic or activity related to https://flat-buffer.compressionlayer.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://flat-buffer.compressionlayer.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://shrink-node.compressionlayer.in.net/verification.google id: auto-4a1fabca19b0db3a132f2a19865180c2ff493ef545121956f6b0a11aa9500f12 status: experimental description: Detects traffic or activity related to https://shrink-node.compressionlayer.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://shrink-node.compressionlayer.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://zip-archive.compressionlayer.in.net/verification.google id: auto-07a19d395ce0ee8a6eb699d6bad45860d1583109f7e6ee2e753efc55ad5f795a status: experimental description: Detects traffic or activity related to https://zip-archive.compressionlayer.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://zip-archive.compressionlayer.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dense-pack.compressionlayer.in.net/verification.google id: auto-ed03f779db686a01b14ba5160908891c8b03238d38b026b8b959da8e1527af46 status: experimental description: Detects traffic or activity related to https://dense-pack.compressionlayer.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dense-pack.compressionlayer.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://survey-data.topographictrace.in.net/verification.google id: auto-eb3120507c1a6d513a8fc738b09c4c2b7dffae0219eebe40222aea8351700d15 status: experimental description: Detects traffic or activity related to https://survey-data.topographictrace.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://survey-data.topographictrace.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://contour-api.topographictrace.in.net/verification.google id: auto-923f058988b820a8f0a79b13215ae351737068be3092b3ee1d154386f04a88ed status: experimental description: Detects traffic or activity related to https://contour-api.topographictrace.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://contour-api.topographictrace.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://relief-view.topographictrace.in.net/verification.google id: auto-f5b79f3229cf1fbcf4b161dc861315cc970b25b94f73b1d4c112fad9a8f5b0be status: experimental description: Detects traffic or activity related to https://relief-view.topographictrace.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://relief-view.topographictrace.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://point-cloud.topographictrace.in.net/verification.google id: auto-81510eda4fe7c1c99cb4a01163f1917a55acada0f27b04f883d541b201f4bb33 status: experimental description: Detects traffic or activity related to https://point-cloud.topographictrace.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://point-cloud.topographictrace.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://chart-plotter.topographictrace.in.net/verification.google id: auto-b463a0bcf4317db51bffe410b1f08bd5cd0ebf103069dbf061c153bc7fe07014 status: experimental description: Detects traffic or activity related to https://chart-plotter.topographictrace.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://chart-plotter.topographictrace.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://map-overlay.topographictrace.in.net/verification.google id: auto-d80e44604443b156026df62193b5a11662e774254938e27ed00af74d384351ed status: experimental description: Detects traffic or activity related to https://map-overlay.topographictrace.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://map-overlay.topographictrace.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://core-tunnel.integratedduct.in.net/verification.google id: auto-a38ac150849d340fcab9c5b007b64bf142b75d63a548433dd63ad7e0da140023 status: experimental description: Detects traffic or activity related to https://core-tunnel.integratedduct.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://core-tunnel.integratedduct.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://drain-gate.integratedduct.in.net/verification.google id: auto-3f2b71b1cd83b5915be6680b97a5df61cf97141a1384741d4ad9df6233b1babd status: experimental description: Detects traffic or activity related to https://drain-gate.integratedduct.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://drain-gate.integratedduct.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://pipe-line.integratedduct.in.net/verification.google id: auto-1172a656ed303de2d195f7f98174a6c093e5c99d194e6529798a128a21084270 status: experimental description: Detects traffic or activity related to https://pipe-line.integratedduct.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://pipe-line.integratedduct.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://vent-access.integratedduct.in.net/verification.google id: auto-0b759e13755d483a963d832ae06851d127824760f2f83c9b8db70a27a104daea status: experimental description: Detects traffic or activity related to https://vent-access.integratedduct.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://vent-access.integratedduct.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://flow-sensor.integratedduct.in.net/verification.google id: auto-91309ebe0ba4cb3160801f311d51f7124bc8ae732649a82dbe85c1087c9f3e53 status: experimental description: Detects traffic or activity related to https://flow-sensor.integratedduct.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://flow-sensor.integratedduct.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://main-conduit.integratedduct.in.net/verification.google id: auto-f2a43ee8fb001280f65f0b22b8819063eb619539fa8a24254beaf308962b7f25 status: experimental description: Detects traffic or activity related to https://main-conduit.integratedduct.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://main-conduit.integratedduct.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://pair-connect.symmetricalflow.in.net/verification.google id: auto-0b6394c97d5d4bc312286a81acfa4b7bfcc760a584180ee45332cf4be1a6f471 status: experimental description: Detects traffic or activity related to https://pair-connect.symmetricalflow.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://pair-connect.symmetricalflow.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://match-point.symmetricalflow.in.net/verification.google id: auto-b26530689f8f2c3080c1a14bfa14ffef2ee82b4ccbb3291a02d71eab4e0b1ffc status: experimental description: Detects traffic or activity related to https://match-point.symmetricalflow.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://match-point.symmetricalflow.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://equal-logic.symmetricalflow.in.net/verification.google id: auto-f1fe3d1b0f638fa808b86e6291b5fcffbda3993db9f13d2c12afa9f0392832e0 status: experimental description: Detects traffic or activity related to https://equal-logic.symmetricalflow.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://equal-logic.symmetricalflow.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dual-stream.symmetricalflow.in.net/verification.google id: auto-c0a1ec3f8f37997fc5dc2cd9ffecb3f1fb0fb7c5d972cd3383f455f635b0a128 status: experimental description: Detects traffic or activity related to https://dual-stream.symmetricalflow.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dual-stream.symmetricalflow.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://mirror-sync.symmetricalflow.in.net/verification.google id: auto-721b3015a8f9a2aae5a9b53cf3c9eb3c9cd4a614a59e7ec49bc8611a6a8cf1c7 status: experimental description: Detects traffic or activity related to https://mirror-sync.symmetricalflow.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://mirror-sync.symmetricalflow.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://balanced-io.symmetricalflow.in.net/verification.google id: auto-2b65e2e19da6845e4fc6f83b92797ce05c4f1482bcf5b86a8a4b969c10e6c69b status: experimental description: Detects traffic or activity related to https://balanced-io.symmetricalflow.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://balanced-io.symmetricalflow.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://alt-server.elevationnodebox.in.net/verification.google id: auto-96dc64718b9740dab51844b885f20ca0af6460598b748c978c452b47cd4aac52 status: experimental description: Detects traffic or activity related to https://alt-server.elevationnodebox.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://alt-server.elevationnodebox.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://summit-dev.elevationnodebox.in.net/verification.google id: auto-263f8fdcfba89fff12b9aa1542a4c961fbcc0e7a019a8767f79f87a95a899b34 status: experimental description: Detects traffic or activity related to https://summit-dev.elevationnodebox.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://summit-dev.elevationnodebox.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://level-check.elevationnodebox.in.net/verification.google id: auto-3c4bd49d2a2b8a0c74bd20236440103030d97f7c7242eb627fcbfd18d6baafda status: experimental description: Detects traffic or activity related to https://level-check.elevationnodebox.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://level-check.elevationnodebox.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://peak-traffic.elevationnodebox.in.net/verification.google id: auto-f7f5fafb9a02e695bef87ef4891ed255c41dc63bae424ba929ef60cef74c1110 status: experimental description: Detects traffic or activity related to https://peak-traffic.elevationnodebox.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://peak-traffic.elevationnodebox.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://top-tier.elevationnodebox.in.net/verification.google id: auto-3cb25797126b24c0bda86d2b73b7d870cb6e5c0576305f338bc170db3d43cda9 status: experimental description: Detects traffic or activity related to https://top-tier.elevationnodebox.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://top-tier.elevationnodebox.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://high-point.elevationnodebox.in.net/verification.google id: auto-27c17b070e795a79d08bac63e48786a178ebbf822e4a7696ff19a3132b2576a2 status: experimental description: Detects traffic or activity related to https://high-point.elevationnodebox.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://high-point.elevationnodebox.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://arch-tunnel.cantileverbridge.in.net/verification.google id: auto-3e9257a845494469fbbb233dca76b2e7d360b9dee26524c83f89ce4ce73c6ca1 status: experimental description: Detects traffic or activity related to https://arch-tunnel.cantileverbridge.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://arch-tunnel.cantileverbridge.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://truss-api.cantileverbridge.in.net/verification.google id: auto-d813f8eec017f0130e086aa6f505c831524275bc74267eeec500e5e85920c3f2 status: experimental description: Detects traffic or activity related to https://truss-api.cantileverbridge.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://truss-api.cantileverbridge.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://beam-handler.cantileverbridge.in.net/verification.google id: auto-7f8d1b92164a674d92daaf8bd7b3a51ad199faa19958dc620f9138dbf9f64813 status: experimental description: Detects traffic or activity related to https://beam-handler.cantileverbridge.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://beam-handler.cantileverbridge.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://stress-test.cantileverbridge.in.net/verification.google id: auto-6eba6e878b6182ffb5dcba1de8cde1ab6ebb5fb536db130566e4a4631e2840c1 status: experimental description: Detects traffic or activity related to https://stress-test.cantileverbridge.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://stress-test.cantileverbridge.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://load-balancer.cantileverbridge.in.net/verification.google id: auto-04a8b49a82d89cc64757aa1df74b1baa31f55cce29a6dd21d49634602b3c09d1 status: experimental description: Detects traffic or activity related to https://load-balancer.cantileverbridge.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://load-balancer.cantileverbridge.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://span-control.cantileverbridge.in.net/verification.google id: auto-8c6a2519b6ff0b3570486e378c6da4529c2ecff24df1e905e5a2a5b3856e1577 status: experimental description: Detects traffic or activity related to https://span-control.cantileverbridge.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://span-control.cantileverbridge.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://archive-site.alignmentstorage.in.net/verification.google id: auto-0b9e053bdedcb794d80613b1068fce15debc0314d12b326c5d7a046d968ba38c status: experimental description: Detects traffic or activity related to https://archive-site.alignmentstorage.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://archive-site.alignmentstorage.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://backup-hub.alignmentstorage.in.net/verification.google id: auto-85ac788a9bae54fde754f89555f288b683fc307a112ba4fbb067f488cec4f87d status: experimental description: Detects traffic or activity related to https://backup-hub.alignmentstorage.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://backup-hub.alignmentstorage.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cache-node.alignmentstorage.in.net/verification.google id: auto-68d76a5e6fc0264c3f5ae77b2f3258b5514697a7d0d30fb411a1d3a9550cd3e4 status: experimental description: Detects traffic or activity related to https://cache-node.alignmentstorage.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cache-node.alignmentstorage.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://file-share.alignmentstorage.in.net/verification.google id: auto-7e2b5a760fc4d47e210c8161142a6c6f4be434a90a38456f6ca39d65607160f1 status: experimental description: Detects traffic or activity related to https://file-share.alignmentstorage.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://file-share.alignmentstorage.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://block-storage.alignmentstorage.in.net/verification.google id: auto-074f08b15fc55195226432b1e15a95d2c38c5a2e56f20db022af676d1279b308 status: experimental description: Detects traffic or activity related to https://block-storage.alignmentstorage.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://block-storage.alignmentstorage.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://sync-portal.alignmentstorage.in.net/verification.google id: auto-0eba83e961470faaae6df8aa0b6ebfb0376f89e048c576a3d0bf9492b2525602 status: experimental description: Detects traffic or activity related to https://sync-portal.alignmentstorage.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://sync-portal.alignmentstorage.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://index-master.foundationmetric.in.net/verification.google id: auto-d71a18feb3ce800b3ef5d675c0dbf9cf4cfa9b4ae963fca40d6a78e0bfafc431 status: experimental description: Detects traffic or activity related to https://index-master.foundationmetric.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://index-master.foundationmetric.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://legacy-bridge.foundationmetric.in.net/verification.google id: auto-e23d72f58fecca81b0bb942c72a2f69509c89812bdc71cb0f5c1351f1e33e813 status: experimental description: Detects traffic or activity related to https://legacy-bridge.foundationmetric.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://legacy-bridge.foundationmetric.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://stat-collector.foundationmetric.in.net/verification.google id: auto-b8d9f5ccac8e1678806ac139d58bcb2015e32a25674cdb39eddc1af9a29f4a31 status: experimental description: Detects traffic or activity related to https://stat-collector.foundationmetric.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://stat-collector.foundationmetric.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://audit-trail.foundationmetric.in.net/verification.google id: auto-8e480b64d966621c3e6bf9a27cf4af5dc5b2fbd65b614e38eea990c70498120a status: experimental description: Detects traffic or activity related to https://audit-trail.foundationmetric.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://audit-trail.foundationmetric.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://root-access.foundationmetric.in.net/verification.google id: auto-9ef9a6bd06d28b96d4a4cc9b504c55f028f4e02e0845d5c4edd04a4533ba553e status: experimental description: Detects traffic or activity related to https://root-access.foundationmetric.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://root-access.foundationmetric.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://grid-backbone.reinforcedmatrix.in.net/verification.google id: auto-4c718181829f8edf6125a768cf05c69968e41e9290eca8a7c60a855282355b20 status: experimental description: Detects traffic or activity related to https://grid-backbone.reinforcedmatrix.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://grid-backbone.reinforcedmatrix.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://tensor-unit.reinforcedmatrix.in.net/verification.google id: auto-de5ac7b7d28b3d4891c34b025aa1947ef9d54900a130137b99a288715e2a24ce status: experimental description: Detects traffic or activity related to https://tensor-unit.reinforcedmatrix.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://tensor-unit.reinforcedmatrix.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://base-logic.foundationmetric.in.net/verification.google id: auto-8c028ad5ab39e7251df08dc4eacc4aba6ca4d08c1d94abffca637a796edf2637 status: experimental description: Detects traffic or activity related to https://base-logic.foundationmetric.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://base-logic.foundationmetric.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://shield-relay.reinforcedmatrix.in.net/verification.google id: auto-36b41605a7f18058d255a22dce8e1f62884fe57ccd656b513008e1db35ba6187 status: experimental description: Detects traffic or activity related to https://shield-relay.reinforcedmatrix.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://shield-relay.reinforcedmatrix.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://mesh-gateway.reinforcedmatrix.in.net/verification.google id: auto-f3a05a9265c0f36bfb5b0df6318f58f26f5579735d1ad111dcc0da492f23b7c9 status: experimental description: Detects traffic or activity related to https://mesh-gateway.reinforcedmatrix.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://mesh-gateway.reinforcedmatrix.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://fiber-optic.reinforcedmatrix.in.net/verification.google id: auto-ed4b6fbaed80a5b3f7c977efedff3555d90da9ba7823c1480eb2a704b1001637 status: experimental description: Detects traffic or activity related to https://fiber-optic.reinforcedmatrix.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://fiber-optic.reinforcedmatrix.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://core-lattice.reinforcedmatrix.in.net/verification.google id: auto-7072dbbfceba7234fe16b6e284f7f764f86d028a845f1a4ffbe8900c13254c69 status: experimental description: Detects traffic or activity related to https://core-lattice.reinforcedmatrix.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://core-lattice.reinforcedmatrix.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://mapping-svc.navigationalpath.in.net/verification.google id: auto-ef144290ae8a25120308ea340125f6ce3dc4f130ed50355813b50d045df8a75e status: experimental description: Detects traffic or activity related to https://mapping-svc.navigationalpath.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://mapping-svc.navigationalpath.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://vector-base.navigationalpath.in.net/verification.google id: auto-7ad11d34e56003cb8a32f406a73043147a46e699f56983941550f96d193a0792 status: experimental description: Detects traffic or activity related to https://vector-base.navigationalpath.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://vector-base.navigationalpath.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://trace-beacon.navigationalpath.in.net/verification.google id: auto-01eb2eb7ac625ffd53566e73abfc960c076ea7c4b7517d98bd76c690fcdd9055 status: experimental description: Detects traffic or activity related to https://trace-beacon.navigationalpath.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://trace-beacon.navigationalpath.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://geo-spatial.navigationalpath.in.net/verification.google id: auto-17f4773335a5cc3f3428240c765472d0c120c5290d0e8a9aaf7af572d4373726 status: experimental description: Detects traffic or activity related to https://geo-spatial.navigationalpath.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://geo-spatial.navigationalpath.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://route-engine.navigationalpath.in.net/verification.google id: auto-66666768182a2897e1f76d74962047be2cbb6e2f9c9a5c4d325b87d818e9150e status: experimental description: Detects traffic or activity related to https://route-engine.navigationalpath.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://route-engine.navigationalpath.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://waypoint-alfa.navigationalpath.in.net/verification.google id: auto-a81a38c864a9f6f49b2237e9ff0bcd09cee79ffc0d47260a1e956c678a6c710f status: experimental description: Detects traffic or activity related to https://waypoint-alfa.navigationalpath.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://waypoint-alfa.navigationalpath.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://edge-proxy.structuralgridhub.in.net/verification.google id: auto-d1eb708c42db4413be1e4b0b0f488b6c210ab50759e4a940fe7e85546a29dafc status: experimental description: Detects traffic or activity related to https://edge-proxy.structuralgridhub.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://edge-proxy.structuralgridhub.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://log-monitor.structuralgridhub.in.net/verification.google id: auto-5cfb30d50ba2336c02e134cb4c24313fb08e47a6e4a6bf85ea41bc19947179d3 status: experimental description: Detects traffic or activity related to https://log-monitor.structuralgridhub.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://log-monitor.structuralgridhub.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cdn-static.structuralgridhub.in.net/verification.google id: auto-38a56609fc1601c1a50762be6fe18f74e56b606ca2a9a5c9ec8ea770d78f2e63 status: experimental description: Detects traffic or activity related to https://cdn-static.structuralgridhub.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cdn-static.structuralgridhub.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://data-vault.structuralgridhub.in.net/verification.google id: auto-8b491fc9b8426b2f5754b80eeb3a5c4bfe3a9e2507ba9561233ccce8fd844435 status: experimental description: Detects traffic or activity related to https://data-vault.structuralgridhub.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://data-vault.structuralgridhub.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://api-cluster.structuralgridhub.in.net/verification.google id: auto-b4f0dd9988af38bd6e9f7eee198d108664dc6c46dc6cda4c1b357cdea5847e69 status: experimental description: Detects traffic or activity related to https://api-cluster.structuralgridhub.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://api-cluster.structuralgridhub.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://auth-secure.structuralgridhub.in.net/verification.google id: auto-fa3ae267440d648d521806e88c5400a044a8ae19b1286d4f9468a773d297176c status: experimental description: Detects traffic or activity related to https://auth-secure.structuralgridhub.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://auth-secure.structuralgridhub.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://hruckb.radiantventurex.in.net/verification.google id: auto-2a96d8423698e8e26811a8084dbd739e0f585020994010080f9eba19215a353a status: experimental description: Detects traffic or activity related to https://hruckb.radiantventurex.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://hruckb.radiantventurex.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://opt1-chain.radiantventurex.in.net/verification.google id: auto-85c4715e768099ceab84c3a2995e74f6663f66e77ea4bc9be8e30050b7d45edc status: experimental description: Detects traffic or activity related to https://opt1-chain.radiantventurex.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://opt1-chain.radiantventurex.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://snbz.radiantventurex.in.net/verification.google id: auto-d7583b920a9a7e39673ff6559daf7192b79c8ec0ef7dbe043373e5a34dac6262 status: experimental description: Detects traffic or activity related to https://snbz.radiantventurex.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://snbz.radiantventurex.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://qhsgsm.radiantventurex.in.net/verification.google id: auto-7cf4e3a6da7735f8d25fa8c640d93a9e1ddc36b084d04ecc63bf129e4bb15c08 status: experimental description: Detects traffic or activity related to https://qhsgsm.radiantventurex.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://qhsgsm.radiantventurex.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://soli-cast.radiantventurex.in.net/verification.google id: auto-252f7a4e472e45887022be5bde33e7202ffe4e3b62935a53301e42a042952fc4 status: experimental description: Detects traffic or activity related to https://soli-cast.radiantventurex.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://soli-cast.radiantventurex.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://curiousdrift.radiantventurex.in.net/verification.google id: auto-f46283c7a83e43a0b7af992ccd8c00c6cfb3a0286ea1232875a1f50b20c49b84 status: experimental description: Detects traffic or activity related to https://curiousdrift.radiantventurex.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://curiousdrift.radiantventurex.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://adapterlog.latticeharbora.in.net/verification.google id: auto-9a4d6a1c015b76b16878ec44cea729daccaa12dd813db26036291a6b9157b763 status: experimental description: Detects traffic or activity related to https://adapterlog.latticeharbora.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://adapterlog.latticeharbora.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://sampl-cav.latticeharbora.in.net/verification.google id: auto-a45f3434c511e9d732d87d4a2dd6e81f8c20ac33cf21cbddd96b79b72ee755d0 status: experimental description: Detects traffic or activity related to https://sampl-cav.latticeharbora.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://sampl-cav.latticeharbora.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://travelwes.latticeharbora.in.net/verification.google id: auto-824ee56199c318ec05bd9f6ec8cc4b29a8b06b3cfe02e49ae013f100a7ef8937 status: experimental description: Detects traffic or activity related to https://travelwes.latticeharbora.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://travelwes.latticeharbora.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://wswzw.latticeharbora.in.net/verification.google id: auto-6cca99f2ec1378bfb4c6353a2797b58d0d70ad2630bcde186f26ae2f08ccdbe1 status: experimental description: Detects traffic or activity related to https://wswzw.latticeharbora.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://wswzw.latticeharbora.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://drawvall.latticeharbora.in.net/verification.google id: auto-482df48bf118a6a7b6b9002edd5523044fdd3b1cc5a4814a36017e58458d7214 status: experimental description: Detects traffic or activity related to https://drawvall.latticeharbora.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://drawvall.latticeharbora.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://vor-lineet.latticeharbora.in.net/verification.google id: auto-c9b8509f8ae4a2d724147a2a96165a8706caa9ebb0c7e02cc69c46157db7a35e status: experimental description: Detects traffic or activity related to https://vor-lineet.latticeharbora.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://vor-lineet.latticeharbora.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://mz48d.apexharbinger.in.net/verification.google id: auto-e7bb0f9929c6b94c6575b7328c4b63739a83ec172bb415572be1a290f0520151 status: experimental description: Detects traffic or activity related to https://mz48d.apexharbinger.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://mz48d.apexharbinger.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://merfluxar8.apexharbinger.in.net/verification.google id: auto-3efe5ae566497b8da996e18def33218542a6a62aa6ba4efd9d4576e982a82e0e status: experimental description: Detects traffic or activity related to https://merfluxar8.apexharbinger.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://merfluxar8.apexharbinger.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://pcep.apexharbinger.in.net/verification.google id: auto-5ad2b65f4b8ca2d7d0013cab4e7ee283f817420c042b093050ba1d534613f51f status: experimental description: Detects traffic or activity related to https://pcep.apexharbinger.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://pcep.apexharbinger.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://69hjs0.apexharbinger.in.net/verification.google id: auto-fb859bd31846c7589b9bd5e123d772f53aeabd1d6cddd4d680dfc27f4c761e58 status: experimental description: Detects traffic or activity related to https://69hjs0.apexharbinger.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://69hjs0.apexharbinger.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://lgwdtq.paragonprospera.in.net/verification.google id: auto-6ce6666ea4851506998ac4f936ff378a7fc713d7f8674ce0efd12d6ecfb09578 status: experimental description: Detects traffic or activity related to https://lgwdtq.paragonprospera.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://lgwdtq.paragonprospera.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://sparrowpine.apexharbinger.in.net/verification.google id: auto-4a56b6b6523eaaf4e50ef9107399890ef7bcfa61d413fb5c4c9ad94348b89842 status: experimental description: Detects traffic or activity related to https://sparrowpine.apexharbinger.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://sparrowpine.apexharbinger.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://g51vxer.paragonprospera.in.net/verification.google id: auto-2ab436e09b31477e9235972b62fb31a3c03e80cb625a6eeb4d2a111aaef0a29d status: experimental description: Detects traffic or activity related to https://g51vxer.paragonprospera.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://g51vxer.paragonprospera.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://solvale4a.paragonprospera.in.net/verification.google id: auto-ab6e726a9baf6000381fffb5d4c38fc62c1894584a54bc396b6cfcc41b82282a status: experimental description: Detects traffic or activity related to https://solvale4a.paragonprospera.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://solvale4a.paragonprospera.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://blenddense.paragonprospera.in.net/verification.google id: auto-86d75ed877df65453e6b97e0bd1baaad2300becdf61020e92ffe447acbcaaa5e status: experimental description: Detects traffic or activity related to https://blenddense.paragonprospera.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://blenddense.paragonprospera.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://noblebalan.paragonprospera.in.net/verification.google id: auto-fc9482a1f513ef8884a6a8e907e27212792956d70d76d770acd043a349a2acdf status: experimental description: Detects traffic or activity related to https://noblebalan.paragonprospera.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://noblebalan.paragonprospera.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://b7vwxeo.paragonprospera.in.net/verification.google id: auto-2c436412ea3e92c6ba9cb4cc4504591835574ffa08704bfec7b7018d9640f844 status: experimental description: Detects traffic or activity related to https://b7vwxeo.paragonprospera.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://b7vwxeo.paragonprospera.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dz0ly973.quantumpatronage.in.net/verification.google id: auto-5382a8f4b28811781559e3b3eb561855025edda9a5655bb2a52e16c62b6e1144 status: experimental description: Detects traffic or activity related to https://dz0ly973.quantumpatronage.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dz0ly973.quantumpatronage.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://impor-hinge.quantumpatronage.in.net/verification.google id: auto-79249ec46ed47c1e004634407a5cf4516270cf14040519f1888646aad23165d0 status: experimental description: Detects traffic or activity related to https://impor-hinge.quantumpatronage.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://impor-hinge.quantumpatronage.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://vorcoreen8.quantumpatronage.in.net/verification.google id: auto-0fc04200da69aee167447d9c1e7a74ab1bb20cc256dcb404e3ef93cf8e627938 status: experimental description: Detects traffic or activity related to https://vorcoreen8.quantumpatronage.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://vorcoreen8.quantumpatronage.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://br0o-wave.quantumpatronage.in.net/verification.google id: auto-0e13fa43783c7ab9a66a83573d4b37834c73280964c8d4b656a0919f38463768 status: experimental description: Detects traffic or activity related to https://br0o-wave.quantumpatronage.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://br0o-wave.quantumpatronage.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://gidwwlm.quantumpatronage.in.net/verification.google id: auto-f170670744ad62c0368a77cdd6bb112514fda9d82e2727768a09d507e9de87df status: experimental description: Detects traffic or activity related to https://gidwwlm.quantumpatronage.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://gidwwlm.quantumpatronage.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://quorvale2or.quantumpatronage.in.net/verification.google id: auto-087b40369dc200b910eaaaa904f7406f78750e3ce8d78d40a5c9cb774d635ef7 status: experimental description: Detects traffic or activity related to https://quorvale2or.quantumpatronage.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://quorvale2or.quantumpatronage.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://sfjgv.momentumventurex.in.net/verification.google id: auto-1d2444a2b76e3c2f44194958bd5fad3234e89b64879f10ef7370b97717122411 status: experimental description: Detects traffic or activity related to https://sfjgv.momentumventurex.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://sfjgv.momentumventurex.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://visu-line.momentumventurex.in.net/verification.google id: auto-f3178beb95d821204cecbbd69da86de83b5d4ca57dbb6a3b4c26cb4f8ebec1e2 status: experimental description: Detects traffic or activity related to https://visu-line.momentumventurex.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://visu-line.momentumventurex.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://fierter.momentumventurex.in.net/verification.google id: auto-c76dce4f25b2a06b9b4187bfbbba453dca90d5c82509014ffd858d8a4bc32c0e status: experimental description: Detects traffic or activity related to https://fierter.momentumventurex.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://fierter.momentumventurex.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://hpi496.momentumventurex.in.net/verification.google id: auto-dc4c542c92eee0876d5b35a63c19603b54f4200a6c75328b6a085d100ff260d3 status: experimental description: Detects traffic or activity related to https://hpi496.momentumventurex.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://hpi496.momentumventurex.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://hlhni.momentumventurex.in.net/verification.google id: auto-ddcda7db2d62c0aef8daa5474473e45f55875b52c51a5cfc02a32c543be32431 status: experimental description: Detects traffic or activity related to https://hlhni.momentumventurex.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://hlhni.momentumventurex.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ytun75fm.momentumventurex.in.net/verification.google id: auto-20ed68c5d4284cfe6b9347c6b17dd5491fd1be838bbca49ef94d05eb5e6ed6d6 status: experimental description: Detects traffic or activity related to https://ytun75fm.momentumventurex.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ytun75fm.momentumventurex.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://019a.covenantpatronage.in.net/verification.google id: auto-4b23860bcbfa76395bf780b2c2b5363bba731d6b637b40fc5a62ce9b790d1b04 status: experimental description: Detects traffic or activity related to https://019a.covenantpatronage.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://019a.covenantpatronage.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://velmarkon.covenantpatronage.in.net/verification.google id: auto-6ce27071aa044e7f58f1f93a7b641c9d4e70bb62188abc1ce11ac2e3f84e7588 status: experimental description: Detects traffic or activity related to https://velmarkon.covenantpatronage.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://velmarkon.covenantpatronage.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://gpkvcvl.covenantpatronage.in.net/verification.google id: auto-d230c1739c6798d46a3ab800a3caff7bd370257f5a4b2eb909fb5be81b74c9b8 status: experimental description: Detects traffic or activity related to https://gpkvcvl.covenantpatronage.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://gpkvcvl.covenantpatronage.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://362fon24.covenantpatronage.in.net/verification.google id: auto-e57ac2e2345691908ac66888e40946c4f766a3a288dc1b4dfe2b6066edb98377 status: experimental description: Detects traffic or activity related to https://362fon24.covenantpatronage.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://362fon24.covenantpatronage.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://otzv.covenantpatronage.in.net/verification.google id: auto-e875b4b3e694ce674bfe467db292ab693df018bb6dd65672f3b56d64c83c81f4 status: experimental description: Detects traffic or activity related to https://otzv.covenantpatronage.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://otzv.covenantpatronage.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://794kd31.covenantpatronage.in.net/verification.google id: auto-babea722dae8b5705f8d01048edbc07404aa1feec9b85c4ac8702ba36f4c55c2 status: experimental description: Detects traffic or activity related to https://794kd31.covenantpatronage.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://794kd31.covenantpatronage.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ss86rj.latticeprospera.in.net/verification.google id: auto-81cfed945010933556a363e3d61b9e6f031064944b1b4728e6a1d7983d08aaeb status: experimental description: Detects traffic or activity related to https://ss86rj.latticeprospera.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ss86rj.latticeprospera.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://massivepatte.latticeprospera.in.net/verification.google id: auto-1a2bbde6d6a30b78c5e79b3dde010206f42ac329989e03011c646647d8341a06 status: experimental description: Detects traffic or activity related to https://massivepatte.latticeprospera.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://massivepatte.latticeprospera.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://pingla.latticeprospera.in.net/verification.google id: auto-d7fae5d500050034c3fe817ca6c6dc56c20a16aadd97196e374b606d0944c993 status: experimental description: Detects traffic or activity related to https://pingla.latticeprospera.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://pingla.latticeprospera.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://vzf6.latticeprospera.in.net/verification.google id: auto-83d7c793fbd26876cba71a3f12732c806ad6c39dc488243f908a3b3ea9501f05 status: experimental description: Detects traffic or activity related to https://vzf6.latticeprospera.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://vzf6.latticeprospera.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://warm-grid.latticeprospera.in.net/verification.google id: auto-a4d10542670413b0e1b57cb2e7813b5fb3a8e6802f036feec3dd188fd81bb749 status: experimental description: Detects traffic or activity related to https://warm-grid.latticeprospera.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://warm-grid.latticeprospera.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://binsap.latticeprospera.in.net/verification.google id: auto-2909c0d8dc11b49f578fc13b0987d18757d4983d3b712424b0d470aac24526bb status: experimental description: Detects traffic or activity related to https://binsap.latticeprospera.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://binsap.latticeprospera.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://rybfb.radiantharbinger.in.net/verification.google id: auto-53aefe10b47cef46bfad0416fc915b2d659d03b431b99615b291ec2177883a6d status: experimental description: Detects traffic or activity related to https://rybfb.radiantharbinger.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://rybfb.radiantharbinger.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://plassplit.radiantharbinger.in.net/verification.google id: auto-eda8313612d5d95b5aec401bd296dbba66cd061c3b2b648533f1841c37060112 status: experimental description: Detects traffic or activity related to https://plassplit.radiantharbinger.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://plassplit.radiantharbinger.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://hyper-tr4cke.radiantharbinger.in.net/verification.google id: auto-3454d8dd2fe7bf94a0830d87932af43a6fc911f8050c7535aa0c76bd424f8435 status: experimental description: Detects traffic or activity related to https://hyper-tr4cke.radiantharbinger.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://hyper-tr4cke.radiantharbinger.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://sparr04-path.radiantharbinger.in.net/verification.google id: auto-2fbfa53070fbca422909f8ea397c27ae064f7ead5c2e25faec190c916fe54505 status: experimental description: Detects traffic or activity related to https://sparr04-path.radiantharbinger.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://sparr04-path.radiantharbinger.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://gloscarrie.radiantharbinger.in.net/verification.google id: auto-e71ec9eb729c75d011f5ac4d936c7871cd75dc4b9c45004d2dc4bc3c310ee66d status: experimental description: Detects traffic or activity related to https://gloscarrie.radiantharbinger.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://gloscarrie.radiantharbinger.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://8aij4a.radiantharbinger.in.net/verification.google id: auto-269b141f51611b3aa47009bd140e4062cd0feaa9cc5ea9d78d31c4ad3c1a2e45 status: experimental description: Detects traffic or activity related to https://8aij4a.radiantharbinger.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://8aij4a.radiantharbinger.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://1earn-scope.zenithventurex.in.net/verification.google id: auto-d252ec1d3fc9b4c34dcc4981332879c3907e2cfea1c41ae4dbef1306cfc35cfe status: experimental description: Detects traffic or activity related to https://1earn-scope.zenithventurex.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://1earn-scope.zenithventurex.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://p4yl-phase.zenithventurex.in.net/verification.google id: auto-5270cc8174a6b4f3202290121dd2842eaba89b8728ebde72a3ae89eb44fb1a16 status: experimental description: Detects traffic or activity related to https://p4yl-phase.zenithventurex.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://p4yl-phase.zenithventurex.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://microbecip.zenithventurex.in.net/verification.google id: auto-e2bf56f90e300e2c5dbf59c8dcb4643e3ef5da18c3b8cab4c718473ae78428cc status: experimental description: Detects traffic or activity related to https://microbecip.zenithventurex.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://microbecip.zenithventurex.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://lumvale4en.zenithventurex.in.net/verification.google id: auto-b64ac09ed68e7337aa694050399b48257d9908139e4e4d3f2a3923f0339fa1bc status: experimental description: Detects traffic or activity related to https://lumvale4en.zenithventurex.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://lumvale4en.zenithventurex.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://tri-crestar.zenithventurex.in.net/verification.google id: auto-4c9741cd78a71fdd9822734dfe839e2cc6e98d190287d7059fe0710abd349a6f status: experimental description: Detects traffic or activity related to https://tri-crestar.zenithventurex.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://tri-crestar.zenithventurex.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://arkspireix.zenithventurex.in.net/verification.google id: auto-b1530d608c77329b3e296eab8724638367c9fa07ca50d2d9c9e7541824051968 status: experimental description: Detects traffic or activity related to https://arkspireix.zenithventurex.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://arkspireix.zenithventurex.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://vor-crestex.ironvale.in.net/verification.google id: auto-907c41a8f6f05b7c67278f1c1873646589d4d1ec75ee54ca6f8d3c87801e76b1 status: experimental description: Detects traffic or activity related to https://vor-crestex.ironvale.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://vor-crestex.ironvale.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://brandpale.ironvale.in.net/verification.google id: auto-9dae34d9de1d2500b575d43cea773ed803c44f88caa121c7a7e2f95bca356577 status: experimental description: Detects traffic or activity related to https://brandpale.ironvale.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://brandpale.ironvale.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://0colppvc.ironvale.in.net/verification.google id: auto-5e7b09af92de9b13093c0a54cdfd326398a4a81a5b3201adfdf4790ce527419c status: experimental description: Detects traffic or activity related to https://0colppvc.ironvale.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://0colppvc.ironvale.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://nor-lithor.cr0wnfern.in.net/verification.google id: auto-0df93937510afe2e18fc0cc73945e796c3c61b1cc21f2c38a09f0af4424c012d status: experimental description: Detects traffic or activity related to https://nor-lithor.cr0wnfern.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://nor-lithor.cr0wnfern.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://mof4x8.cr0wnfern.in.net/verification.google id: auto-fa1859d6627f0f66f26d26a107d0401f9d7bdaccd1af48075db2bcd9a9b7e95d status: experimental description: Detects traffic or activity related to https://mof4x8.cr0wnfern.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://mof4x8.cr0wnfern.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dynmarkon.cr0wnfern.in.net/verification.google id: auto-c753129178b684c7121c4ef1fa6daa55412407521240881c7ec7c56b8499d2f1 status: experimental description: Detects traffic or activity related to https://dynmarkon.cr0wnfern.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dynmarkon.cr0wnfern.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://spruc39-dock.cr0wnfern.in.net/verification.google id: auto-751a8161ed43a0a738e6cb896e5f6790ba4f5170506cb114eb1fc77dc44f266c status: experimental description: Detects traffic or activity related to https://spruc39-dock.cr0wnfern.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://spruc39-dock.cr0wnfern.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://storefield.cr0wnfern.in.net/verification.google id: auto-5cb74d73f6d212016c8847013289fe8354673e034c95867ea32e5a52ac2773a6 status: experimental description: Detects traffic or activity related to https://storefield.cr0wnfern.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://storefield.cr0wnfern.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://alignaudio.mosslark.in.net/verification.google id: auto-c45ea1adb9e2774ccae1ec54147bca8e4a2f41afecd5d884476b53d4b9a8a75f status: experimental description: Detects traffic or activity related to https://alignaudio.mosslark.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://alignaudio.mosslark.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://fabv2b.mosslark.in.net/verification.google id: auto-0aa13b535c976d7f114d3310b3a3569bdff657fda8206367bb1ea8b795539623 status: experimental description: Detects traffic or activity related to https://fabv2b.mosslark.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://fabv2b.mosslark.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://brigh-orche.mosslark.in.net/verification.google id: auto-7f36765149f2628dfa5e259b15f4bfe3e18ed704d79fae9cd4678a335037e0e4 status: experimental description: Detects traffic or activity related to https://brigh-orche.mosslark.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://brigh-orche.mosslark.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://authcraft.mosslark.in.net/verification.google id: auto-8af0c162b7188c82eb8fd64fcadd9a4e5b61a9501ca46fdb3b4add9c342fa93a status: experimental description: Detects traffic or activity related to https://authcraft.mosslark.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://authcraft.mosslark.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://icegri.mosslark.in.net/verification.google id: auto-0b7232ebaed4985bbbb35c3e81ce5acdadedcf4d387bef5f8e8984606e1c87f8 status: experimental description: Detects traffic or activity related to https://icegri.mosslark.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://icegri.mosslark.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://wint-node.foxwhirl.in.net/verification.google id: auto-a5451ebc3e2c8e3c6d74f51bd40e2b45bea363d5033fe29fc1be036bfaa1ba06 status: experimental description: Detects traffic or activity related to https://wint-node.foxwhirl.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://wint-node.foxwhirl.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://azuregrowth.foxwhirl.in.net/verification.google id: auto-c7e6fd86952b189b3e67e9df1d16a44214c39f28c50e5fb9de14ad049dbba417 status: experimental description: Detects traffic or activity related to https://azuregrowth.foxwhirl.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://azuregrowth.foxwhirl.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://oohdvj.foxwhirl.in.net/verification.google id: auto-7775c1b811b880b05c0dff643d8fa59110a5d4368b04484f863763f6adb7d54c status: experimental description: Detects traffic or activity related to https://oohdvj.foxwhirl.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://oohdvj.foxwhirl.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://0dxtenvl.foxwhirl.in.net/verification.google id: auto-193aeb25f7f49a18e7f2b857676ce8b0b35abea1c01e9909c94ce3d969832b45 status: experimental description: Detects traffic or activity related to https://0dxtenvl.foxwhirl.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://0dxtenvl.foxwhirl.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://raven-core.foxwhirl.in.net/verification.google id: auto-8f5046489d756f46b5c73682d0e861087b81eba3b8049107aaa5faf0539793eb status: experimental description: Detects traffic or activity related to https://raven-core.foxwhirl.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://raven-core.foxwhirl.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://norspireen5.stormcove.in.net/verification.google id: auto-339e622a8c2de4f5e9357dbfa0ae3e08b8a3ebb6bca67fd39f6c717af3ec96e6 status: experimental description: Detects traffic or activity related to https://norspireen5.stormcove.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://norspireen5.stormcove.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://qu1c-mesh.stormcove.in.net/verification.google id: auto-366f3d75c75214cb5ac157e10b62918bb66e79602859631e32eaaf2a02265945 status: experimental description: Detects traffic or activity related to https://qu1c-mesh.stormcove.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://qu1c-mesh.stormcove.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ahbn5c.stormcove.in.net/verification.google id: auto-3a9a7e92a98af8726ead9c763219d81b83f842d3e588b2462817d0f2e104cb42 status: experimental description: Detects traffic or activity related to https://ahbn5c.stormcove.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ahbn5c.stormcove.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://quorfluxet.stormcove.in.net/verification.google id: auto-fbd5fd1d4cbb363f9a606b6550ddbd5fa70071761c915021af4c82ac6cb34b72 status: experimental description: Detects traffic or activity related to https://quorfluxet.stormcove.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://quorfluxet.stormcove.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://woodspeci.stormcove.in.net/verification.google id: auto-f72dc22eff6bef9bb7ce1875c23debbfd606cb0bc42a7f72e624c09d43b10953 status: experimental description: Detects traffic or activity related to https://woodspeci.stormcove.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://woodspeci.stormcove.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://arnb3r-line.n1ghtbloom.in.net/verification.google id: auto-d63e2ff2dee69729d540772c5cc83620e2ba5e8d86b4198c9da6d0c766a94487 status: experimental description: Detects traffic or activity related to https://arnb3r-line.n1ghtbloom.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://arnb3r-line.n1ghtbloom.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://import-loop.n1ghtbloom.in.net/verification.google id: auto-3f85390d607a886baa2dd88579ffcce91221bf03f2a80cfc0f50a498302050f4 status: experimental description: Detects traffic or activity related to https://import-loop.n1ghtbloom.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://import-loop.n1ghtbloom.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://geyserclient.n1ghtbloom.in.net/verification.google id: auto-de055113cc4afc8e4fbbe5cace78abf470dfc1782317db245cfb3d2d87c763d6 status: experimental description: Detects traffic or activity related to https://geyserclient.n1ghtbloom.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://geyserclient.n1ghtbloom.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://wlikkfq.n1ghtbloom.in.net/verification.google id: auto-2829baad619be8dadb7a672456563beaf7c668c1beda7aca61a23ec3145931c3 status: experimental description: Detects traffic or activity related to https://wlikkfq.n1ghtbloom.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://wlikkfq.n1ghtbloom.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://trustedotter.n1ghtbloom.in.net/verification.google id: auto-6ba2f09cb8e99cfc6f6a2a4e1c39bae273b78805af5a8d9d7a2dc4f5d8327ca9 status: experimental description: Detects traffic or activity related to https://trustedotter.n1ghtbloom.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://trustedotter.n1ghtbloom.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://r9y47.quillridge.in.net/verification.google id: auto-cb25d19d89df7564a51f3ad9295a1a8140f26adc38c2271819bcedb377ae5d66 status: experimental description: Detects traffic or activity related to https://r9y47.quillridge.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://r9y47.quillridge.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://shadowdispatch.quillridge.in.net/verification.google id: auto-1319333d6c8ff422e3bb10df2cb826cf3d689f8486490e88f3d5ae3b87042fac status: experimental description: Detects traffic or activity related to https://shadowdispatch.quillridge.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://shadowdispatch.quillridge.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://processblo.quillridge.in.net/verification.google id: auto-6fcfdb2fdbdbd2ba437fb484a52a8a5306a138ce0ec358f519530d8a39aff6e7 status: experimental description: Detects traffic or activity related to https://processblo.quillridge.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://processblo.quillridge.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://manif-graph.quillridge.in.net/verification.google id: auto-389c8172ee0e9569892604ec50756661e06a5e565d1d9d43a82ddff58f40415d status: experimental description: Detects traffic or activity related to https://manif-graph.quillridge.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://manif-graph.quillridge.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://torren5-plate.quillridge.in.net/verification.google id: auto-e7ed38911060306c7c091a10056d80cdb58c647dc34da9fb9c92189265f5abb7 status: experimental description: Detects traffic or activity related to https://torren5-plate.quillridge.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://torren5-plate.quillridge.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://arkvenum2.silvermuse.in.net/verification.google id: auto-ffbc7ed4fb8054b885dce224fc0262132a1d795ee3ea2756363a029dec05de9a status: experimental description: Detects traffic or activity related to https://arkvenum2.silvermuse.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://arkvenum2.silvermuse.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://my07cfit.silvermuse.in.net/verification.google id: auto-8350f9ce0d9fe5e42a59fa7d8173501638851ef512959e0e2f9241a5e1d6d0bd status: experimental description: Detects traffic or activity related to https://my07cfit.silvermuse.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://my07cfit.silvermuse.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://gzcj.silvermuse.in.net/verification.google id: auto-8097387722de2c66de6000e4f1d67e609505ce67bc8626294214cf6bba065712 status: experimental description: Detects traffic or activity related to https://gzcj.silvermuse.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://gzcj.silvermuse.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://solarcres.si1vermuse.in.net/verification.google id: auto-ffba0d93c4217505d091a0baa7f72f61872ccf8056f694d345e3ec7c6f874e7b status: experimental description: Detects traffic or activity related to https://solarcres.si1vermuse.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://solarcres.si1vermuse.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://silve-scale.si1vermuse.in.net/verification.google id: auto-9f786e157de1e08f9c4dd58bf6f8aca662edc4ad4a5a39f45e610e2d6f15ce61 status: experimental description: Detects traffic or activity related to https://silve-scale.si1vermuse.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://silve-scale.si1vermuse.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://merfluxen2.si1vermuse.in.net/verification.google id: auto-1be9c9de7bd22dc84243ced82757d4343ccf979a04e8bfc57894e26f973dd7ae status: experimental description: Detects traffic or activity related to https://merfluxen2.si1vermuse.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://merfluxen2.si1vermuse.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://densrunw.vertexharbinger.in.net/verification.google id: auto-0dd858acfa5d4f9cdeccc055efca975c40265628cc040b82f2a88bbc71d83a01 status: experimental description: Detects traffic or activity related to https://densrunw.vertexharbinger.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://densrunw.vertexharbinger.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://k3rne8-phase.luminousventurex.in.net/verification.google id: auto-39afd8b638c864a741b8e3e5368b0c3aa5125c48742caf796def77f44a20ee4b status: experimental description: Detects traffic or activity related to https://k3rne8-phase.luminousventurex.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://k3rne8-phase.luminousventurex.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://jk6kmhz.luminousventurex.in.net/verification.google id: auto-a00b80dca8d6e5f5e458632713d97e38b4ec5d1068955f49f625ed4fcc597823 status: experimental description: Detects traffic or activity related to https://jk6kmhz.luminousventurex.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://jk6kmhz.luminousventurex.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://icfsj.keystonepatronage.in.net/verification.google id: auto-934fa2ab18cbf9588d9d2a1ac2408cb9a345d04eb40e3980d6b87a9b85df7fd7 status: experimental description: Detects traffic or activity related to https://icfsj.keystonepatronage.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://icfsj.keystonepatronage.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://1nsight-route.keystonepatronage.in.net/verification.google id: auto-743b761ade0390abc772f51690c4210242fa33b8865e63fd4afb6f2dd0a4cf83 status: experimental description: Detects traffic or activity related to https://1nsight-route.keystonepatronage.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://1nsight-route.keystonepatronage.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cap1ta-flow.spectrumprospera.in.net/verification.google id: auto-c2be382928d6997d91eae8761e56372a4816b7e428a89f219245626842519f77 status: experimental description: Detects traffic or activity related to https://cap1ta-flow.spectrumprospera.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cap1ta-flow.spectrumprospera.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dr80gbyv.spectrumprospera.in.net/verification.google id: auto-df7abe03df63c4e4e82b8c7314bd4e405aa7f17efd571a9110879b3a346c16af status: experimental description: Detects traffic or activity related to https://dr80gbyv.spectrumprospera.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dr80gbyv.spectrumprospera.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://tensor-line.paragonharbinger.in.net/verification.google id: auto-f66fc8e5e0675dec573e158b7b87982bfd1e6e5e848705c29026a59f355ff784 status: experimental description: Detects traffic or activity related to https://tensor-line.paragonharbinger.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://tensor-line.paragonharbinger.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://rave-branch.paragonharbinger.in.net/verification.google id: auto-7089728eed725a411a8ebabab5e2468b8fc75b594c82e0bbdc1427ee685d7e8d status: experimental description: Detects traffic or activity related to https://rave-branch.paragonharbinger.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://rave-branch.paragonharbinger.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://islelaunch.quantumventurex.in.net/verification.google id: auto-58606a11f15564907546cd0e41957b327f08bdb4abfe074924d23b0d240b9eea status: experimental description: Detects traffic or activity related to https://islelaunch.quantumventurex.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://islelaunch.quantumventurex.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://du5k-cast.quantumventurex.in.net/verification.google id: auto-170ae284ccd8d21baed040a5c37cb9a88236e2f1061bcc171f3814ff46b0bd09 status: experimental description: Detects traffic or activity related to https://du5k-cast.quantumventurex.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://du5k-cast.quantumventurex.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://sol-lithos.nexusprospera.in.net/verification.google id: auto-a66ff34a8e5cbacb53aa78bf84d1b783b59a26fac86c958d748365c0ee5c71b5 status: experimental description: Detects traffic or activity related to https://sol-lithos.nexusprospera.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://sol-lithos.nexusprospera.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://spk77w.nexusprospera.in.net/verification.google id: auto-e069f91556a56f0e38a23dd2c40a958591552eafc994ee12f901720e8ce586ba status: experimental description: Detects traffic or activity related to https://spk77w.nexusprospera.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://spk77w.nexusprospera.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://wgnh.vectorpatronage.in.net/verification.google id: auto-ae610b456178d1c7d566439a437da911989755dbaf7a6427dadfba53253eafe2 status: experimental description: Detects traffic or activity related to https://wgnh.vectorpatronage.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://wgnh.vectorpatronage.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://1ukqsofb.vectorpatronage.in.net/verification.google id: auto-d906da594f1d1097e18e30b496222ae13b7f00ced43039d28d9e911cd3ac57df status: experimental description: Detects traffic or activity related to https://1ukqsofb.vectorpatronage.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://1ukqsofb.vectorpatronage.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://grasand.momentumprospera.in.net/verification.google id: auto-d8e348615279fe918cde6b1657a65ec26937f20c7128c05b01960f080848e821 status: experimental description: Detects traffic or activity related to https://grasand.momentumprospera.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://grasand.momentumprospera.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://hyper-opt1.momentumprospera.in.net/verification.google id: auto-379f5820344724f56ab3508f6b84716f4211d16de899c817aa9a4af0e5892f3c status: experimental description: Detects traffic or activity related to https://hyper-opt1.momentumprospera.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://hyper-opt1.momentumprospera.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://loadmatr.apexventurex.in.net/verification.google id: auto-22c94b8ba25fc495a5fe85b4ee03a28f856d07e31666e677f0768dd7f5a12ec3 status: experimental description: Detects traffic or activity related to https://loadmatr.apexventurex.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://loadmatr.apexventurex.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://pitchreed.apexventurex.in.net/verification.google id: auto-aa6a94db6b98f43f736441ae6bfb4036345f43c7d071f88c58734571741d852c status: experimental description: Detects traffic or activity related to https://pitchreed.apexventurex.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://pitchreed.apexventurex.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://compi-vault.covenantprospera.in.net/verification.google id: auto-fe0cc6f393c3db2a59c651f9de32d8b840b7beb1eda3c24990925557895dcde8 status: experimental description: Detects traffic or activity related to https://compi-vault.covenantprospera.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://compi-vault.covenantprospera.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://reviewglyph.covenantprospera.in.net/verification.google id: auto-5b52480c1ba8f881436ca79e39c7ecfd01b0313dd312316c22e49d73b482bb83 status: experimental description: Detects traffic or activity related to https://reviewglyph.covenantprospera.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://reviewglyph.covenantprospera.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://apgjh.latticeharbinger.in.net/verification.google id: auto-12efcca8b81d941bdcd01d6f3a8ea92b09cb31e37c4319e18c8e77497476bfba status: experimental description: Detects traffic or activity related to https://apgjh.latticeharbinger.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://apgjh.latticeharbinger.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://lfgs.latticeharbinger.in.net/verification.google id: auto-312ba920c15f77fc38ef5b3e483af2729446959606d9340d476773c15ccaa9d5 status: experimental description: Detects traffic or activity related to https://lfgs.latticeharbinger.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://lfgs.latticeharbinger.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://rende-trig.radiantpatronage.in.net/verification.google id: auto-f868acc657207d2c888c4d24de99244b260674b10b1b22bcbcab30ccb4204eb6 status: experimental description: Detects traffic or activity related to https://rende-trig.radiantpatronage.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://rende-trig.radiantpatronage.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cliencampa.radiantpatronage.in.net/verification.google id: auto-54a97c657ce47f562abe3c22f980dae0772e6f03a8aa63da1da4ff60a0788125 status: experimental description: Detects traffic or activity related to https://cliencampa.radiantpatronage.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cliencampa.radiantpatronage.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://binarydelive.zenithprospera.in.net/verification.google id: auto-db2f66b9111976dafc514c04c7a85cc5634313a5883f59d9a4339d4877795fd3 status: experimental description: Detects traffic or activity related to https://binarydelive.zenithprospera.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://binarydelive.zenithprospera.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://proto-wi1d.zenithprospera.in.net/verification.google id: auto-21ac3e6ea1b6bd1d3d3511eca4704ed8709790de977cb0b1566921c78fca9505 status: experimental description: Detects traffic or activity related to https://proto-wi1d.zenithprospera.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://proto-wi1d.zenithprospera.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc4link.vertexharbinger.in.net/verification.google id: auto-65cc78481dce0d119b0c3d0589a0742c5b870c011c1b0792785866b6d24aa792 status: experimental description: Detects traffic or activity related to https://svc4link.vertexharbinger.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc4link.vertexharbinger.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc3user.vertexharbinger.in.net/verification.google id: auto-7486ee1e22d3a1833bd4d8efd8e38fd9ec8e24f954daec3740c53fa60775e75c status: experimental description: Detects traffic or activity related to https://svc3user.vertexharbinger.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc3user.vertexharbinger.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc2base.vertexharbinger.in.net/verification.google id: auto-719eba049c12b12b61d15ba10e24fff7fdd9029846f37b84be7aff386c79e943 status: experimental description: Detects traffic or activity related to https://svc2base.vertexharbinger.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc2base.vertexharbinger.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc1infra.vertexharbinger.in.net/verification.google id: auto-991885925d5761c33e387c192e271bf1c709bed8207ff7a38f5edbdd5b5a3787 status: experimental description: Detects traffic or activity related to https://svc1infra.vertexharbinger.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc1infra.vertexharbinger.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl4link.luminousventurex.in.net/verification.google id: auto-fb96ad63cbd4290aacdffb239bdd962988ac0bd47b595be61f35bf693800c94f status: experimental description: Detects traffic or activity related to https://cl4link.luminousventurex.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl4link.luminousventurex.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl3dev.luminousventurex.in.net/verification.google id: auto-be1b150af8a4d6e0cb89b1b14345cc305bfa07387719ec7066a2ef7ef87c1725 status: experimental description: Detects traffic or activity related to https://cl3dev.luminousventurex.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl3dev.luminousventurex.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl2remote.luminousventurex.in.net/verification.google id: auto-2421369fdae98d66ac4a606bb062e607d6fbf94514e90f8b4780e38196dc9b77 status: experimental description: Detects traffic or activity related to https://cl2remote.luminousventurex.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl2remote.luminousventurex.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl1store.luminousventurex.in.net/verification.google id: auto-994cab703b4530e1b42d882db0b25f22e0bca827da119d27eef0699218ea697b status: experimental description: Detects traffic or activity related to https://cl1store.luminousventurex.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl1store.luminousventurex.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext4sync.keystonepatronage.in.net/verification.google id: auto-9ab48e4a7ca20e3a20a23b48db2b2fdc4317f75542c69017d255fee31ad67df7 status: experimental description: Detects traffic or activity related to https://ext4sync.keystonepatronage.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext4sync.keystonepatronage.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext3gate.keystonepatronage.in.net/verification.google id: auto-995ab977107daf7c479f86efb4a996a33b7269076364d42667f7e970c4bef3ba status: experimental description: Detects traffic or activity related to https://ext3gate.keystonepatronage.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext3gate.keystonepatronage.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext2proc.keystonepatronage.in.net/verification.google id: auto-f4c84817a6962e4d5fb2b574d86e45601a79b460504d8685d2f44ec20c706dbc status: experimental description: Detects traffic or activity related to https://ext2proc.keystonepatronage.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext2proc.keystonepatronage.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext1meta.keystonepatronage.in.net/verification.google id: auto-df6e68e57464b1cf96f81c822a18398c1bd43f3be4525f7fabf6f03994ecd83b status: experimental description: Detects traffic or activity related to https://ext1meta.keystonepatronage.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext1meta.keystonepatronage.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl4static.spectrumprospera.in.net/verification.google id: auto-de239c52c5a37e711d86e88632f40dc7bff7be96e6dff48db2c7cdc57f80cb17 status: experimental description: Detects traffic or activity related to https://cl4static.spectrumprospera.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl4static.spectrumprospera.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl3edge.spectrumprospera.in.net/verification.google id: auto-dab66eb367c94e015c71a8e6e9db565dd71b1bdfd9409cb3ffc0c668620dd3ac status: experimental description: Detects traffic or activity related to https://cl3edge.spectrumprospera.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl3edge.spectrumprospera.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl2data.spectrumprospera.in.net/verification.google id: auto-35b9f778b969e2d066d70fe485885f935cae49a0a771391ab5abca7407531c34 status: experimental description: Detects traffic or activity related to https://cl2data.spectrumprospera.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl2data.spectrumprospera.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl1sync.spectrumprospera.in.net/verification.google id: auto-5a843b87ede4a4d6cfd00a0fcce1bfe126d328e0b54d64f9a66a5dc659773b22 status: experimental description: Detects traffic or activity related to https://cl1sync.spectrumprospera.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl1sync.spectrumprospera.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext4point.paragonharbinger.in.net/verification.google id: auto-adf40166f1e808d5d0dfe2b39b5af18a910115740786a230bc2df5005cc9d2ee status: experimental description: Detects traffic or activity related to https://ext4point.paragonharbinger.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext4point.paragonharbinger.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext3data.paragonharbinger.in.net/verification.google id: auto-9ec3b863e1da3a6910665bc906965359c659d66f43dee70152d96b03db6caa73 status: experimental description: Detects traffic or activity related to https://ext3data.paragonharbinger.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext3data.paragonharbinger.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext2proxy.paragonharbinger.in.net/verification.google id: auto-c4465d06178fc4e12ea6f70d69e3fae3559ff0efa0a01237dbcab2d5f900d3cb status: experimental description: Detects traffic or activity related to https://ext2proxy.paragonharbinger.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext2proxy.paragonharbinger.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext1infra.paragonharbinger.in.net/verification.google id: auto-5f0f4926e05bab56ede5a9e40b1c9f6ff267c22940537b366b41ba3402304174 status: experimental description: Detects traffic or activity related to https://ext1infra.paragonharbinger.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext1infra.paragonharbinger.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc4sat.quantumventurex.in.net/verification.google id: auto-7c57e78775e84de876f46c6186fc6feb0864b752e2f4022efe2bcfaaf58c39e1 status: experimental description: Detects traffic or activity related to https://svc4sat.quantumventurex.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc4sat.quantumventurex.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc3core.quantumventurex.in.net/verification.google id: auto-1d6245a2fad4889f881c903771d9d5872d2902d11be4d4dfda389895d1d96882 status: experimental description: Detects traffic or activity related to https://svc3core.quantumventurex.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc3core.quantumventurex.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc2steel.quantumventurex.in.net/verification.google id: auto-d370668c9530334c0cba9a6d1345c3ed084631492b7f1f569874a489b9fce6cd status: experimental description: Detects traffic or activity related to https://svc2steel.quantumventurex.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc2steel.quantumventurex.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc1proc.quantumventurex.in.net/verification.google id: auto-3223dffe09ed617a305b65ae6fa543a84f172d3a3fbc9bfd5e005ab21c7a4c90 status: experimental description: Detects traffic or activity related to https://svc1proc.quantumventurex.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc1proc.quantumventurex.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dev4space.nexusprospera.in.net/verification.google id: auto-801e7b92d445b67cbdbf04f85db63a127676851e34f65a61aa93f2e6090c6969 status: experimental description: Detects traffic or activity related to https://dev4space.nexusprospera.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dev4space.nexusprospera.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dev3field.nexusprospera.in.net/verification.google id: auto-4eccfdff378dd2920e387f9cc36b16faaca42da60a75f13d60d083665e7e6e1d status: experimental description: Detects traffic or activity related to https://dev3field.nexusprospera.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dev3field.nexusprospera.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dev2outer.nexusprospera.in.net/verification.google id: auto-d88d589e954d5a9ce308ba3fadaae2f3cb7ac5e7f446ab4d40f68b4d6facceef status: experimental description: Detects traffic or activity related to https://dev2outer.nexusprospera.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dev2outer.nexusprospera.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dev1proc.nexusprospera.in.net/verification.google id: auto-278206877d7ee97fc24718ccbad58c302e89e157d23181ead298c6dd83068f8d status: experimental description: Detects traffic or activity related to https://dev1proc.nexusprospera.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dev1proc.nexusprospera.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl4path.vectorpatronage.in.net/verification.google id: auto-53a7bc9540e4973d7bbdb2cdf652d3a328ab7b1b950b5ea865f207ffc92cc643 status: experimental description: Detects traffic or activity related to https://cl4path.vectorpatronage.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl4path.vectorpatronage.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl3view.vectorpatronage.in.net/verification.google id: auto-10339176fa7caaedc37a2130952c1311fd1cc182600cec328fffed6721b1e623 status: experimental description: Detects traffic or activity related to https://cl3view.vectorpatronage.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl3view.vectorpatronage.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl2point.vectorpatronage.in.net/verification.google id: auto-d01aba98ed29dec87ee1d3582e9ab553739c45e38db0556ac96f72e8ba82f927 status: experimental description: Detects traffic or activity related to https://cl2point.vectorpatronage.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl2point.vectorpatronage.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl1proc.vectorpatronage.in.net/verification.google id: auto-8daabd18f13dbf6b391c3ad01f182fc9b42490827c7e5493a215c688d68cffbb status: experimental description: Detects traffic or activity related to https://cl1proc.vectorpatronage.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl1proc.vectorpatronage.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext4view.momentumprospera.in.net/verification.google id: auto-b57368b1078e3b41ba981380d04401a65998b4a2a733979115606ef91a638790 status: experimental description: Detects traffic or activity related to https://ext4view.momentumprospera.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext4view.momentumprospera.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext3ghost.momentumprospera.in.net/verification.google id: auto-68c0d7a026adfbb3e6fa468c9246a0ed54f449fc0022a7070fdcfaea742f1914 status: experimental description: Detects traffic or activity related to https://ext3ghost.momentumprospera.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext3ghost.momentumprospera.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext2core.momentumprospera.in.net/verification.google id: auto-da4fcbb6193ddfb09a1e9a996d812be31fa18418870dfa61e42142127e161140 status: experimental description: Detects traffic or activity related to https://ext2core.momentumprospera.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext2core.momentumprospera.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext1proc.momentumprospera.in.net/verification.google id: auto-4bf667654f5c75a91ab90965d816e787b8bdd9dbc0d53b56d996139df06af87d status: experimental description: Detects traffic or activity related to https://ext1proc.momentumprospera.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext1proc.momentumprospera.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc4link.apexventurex.in.net/verification.google id: auto-6a2c30694df52445e0b1e69984cac84107b4d06e3debe0692c4a31381ff1515f status: experimental description: Detects traffic or activity related to https://svc4link.apexventurex.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc4link.apexventurex.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc3user.apexventurex.in.net/verification.google id: auto-3c9a7d7a8da7828d324fa8dd38183426c814cd92b38517fe254361770b26d683 status: experimental description: Detects traffic or activity related to https://svc3user.apexventurex.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc3user.apexventurex.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc2base.apexventurex.in.net/verification.google id: auto-8e2191f5a9deec3f56a5c64cef6db7195069497042ff7fd754b4615806e63010 status: experimental description: Detects traffic or activity related to https://svc2base.apexventurex.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc2base.apexventurex.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc1infra.apexventurex.in.net/verification.google id: auto-8950eb15de1d577a460f88ab5d8706df836bbc38806ba769f7d13483893e6b1e status: experimental description: Detects traffic or activity related to https://svc1infra.apexventurex.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc1infra.apexventurex.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dev4work.covenantprospera.in.net/verification.google id: auto-8ed8ac32a0f6d62efd2ec7bca6d79667ffa190f1deadbe2f118fda129e93597c status: experimental description: Detects traffic or activity related to https://dev4work.covenantprospera.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dev4work.covenantprospera.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dev3local.covenantprospera.in.net/verification.google id: auto-04ae6b6fe4a79ead0b6b7ca989bbfbbe2aad4b67e9ddcc81149feff079487c3b status: experimental description: Detects traffic or activity related to https://dev3local.covenantprospera.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dev3local.covenantprospera.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dev2power.covenantprospera.in.net/verification.google id: auto-505a8b18b75a795f6965fb04ba4ab071cd14d904247604a24a9be8571570d4b0 status: experimental description: Detects traffic or activity related to https://dev2power.covenantprospera.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dev2power.covenantprospera.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dev1proc.covenantprospera.in.net/verification.google id: auto-cdd4f0f57ab4c2c86c955dd84e4634ab16bd7d1ff2021ecd7e0d29647fa49a33 status: experimental description: Detects traffic or activity related to https://dev1proc.covenantprospera.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dev1proc.covenantprospera.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl4link.latticeharbinger.in.net/verification.google id: auto-25a05194141a3a9ff99074735ac31994bf4c46df7ee0315d4613d95233b582cf status: experimental description: Detects traffic or activity related to https://cl4link.latticeharbinger.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl4link.latticeharbinger.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl3dev.latticeharbinger.in.net/verification.google id: auto-a6a79fc86de33edd9a12c8f2475648a1f4d69669f68acf36ae8e884077654b43 status: experimental description: Detects traffic or activity related to https://cl3dev.latticeharbinger.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl3dev.latticeharbinger.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl2remote.latticeharbinger.in.net/verification.google id: auto-47381d3881515a098f9a060e3178dacdc2107f5e7ddb669f21588f315d4b7c4b status: experimental description: Detects traffic or activity related to https://cl2remote.latticeharbinger.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl2remote.latticeharbinger.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl1store.latticeharbinger.in.net/verification.google id: auto-cc7675e723d7c978ca70d89047f4d19b830eea394133876674c1ad909402b3bc status: experimental description: Detects traffic or activity related to https://cl1store.latticeharbinger.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl1store.latticeharbinger.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext4sync.radiantpatronage.in.net/verification.google id: auto-b971d8a5d2a35884f42d10ca62c4aa6f0ccf8b5477943efbc118494804a7c9ef status: experimental description: Detects traffic or activity related to https://ext4sync.radiantpatronage.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext4sync.radiantpatronage.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext3gate.radiantpatronage.in.net/verification.google id: auto-a0e116b2c8e83deaa2ff37909b41e7874b5dc494e9ac3020c389a3f5e36a1898 status: experimental description: Detects traffic or activity related to https://ext3gate.radiantpatronage.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext3gate.radiantpatronage.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext2proc.radiantpatronage.in.net/verification.google id: auto-b34eddf84b21db3d3a09c40178db7a547c02af5df879e1b99c9ceb6a9601f01e status: experimental description: Detects traffic or activity related to https://ext2proc.radiantpatronage.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext2proc.radiantpatronage.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext1meta.radiantpatronage.in.net/verification.google id: auto-4e70411c0acd64a39ac0c411547417e47088058ce73fcb10a5717b829c3fa08c status: experimental description: Detects traffic or activity related to https://ext1meta.radiantpatronage.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext1meta.radiantpatronage.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc4static.zenithprospera.in.net/verification.google id: auto-e2d63b8e3a0bfd6afadfc4507a83f616982f0e09ce13916cbfd81554dd8e7cdd status: experimental description: Detects traffic or activity related to https://svc4static.zenithprospera.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc4static.zenithprospera.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc3edge.zenithprospera.in.net/verification.google id: auto-7ada29c343909642b68dc67d99df6a337562d4ca3d309a897805fbe165d30d23 status: experimental description: Detects traffic or activity related to https://svc3edge.zenithprospera.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc3edge.zenithprospera.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc2data.zenithprospera.in.net/verification.google id: auto-a2126521b05bec7edc19cae6cb5c4b36703ec461ce3bf0f8b48c36b8d036e291 status: experimental description: Detects traffic or activity related to https://svc2data.zenithprospera.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc2data.zenithprospera.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc1sync.zenithprospera.in.net/verification.google id: auto-8cf71191e5a36f5921cc4ca6ebee137b5f3898a3c37fe84856cd2fd60e112c6e status: experimental description: Detects traffic or activity related to https://svc1sync.zenithprospera.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc1sync.zenithprospera.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext4point.authenticoperation.in.net/verification.google id: auto-41c28fad70d6e28ce2daf25298850fee009b67d56ac4b42d98c8fa47929a6847 status: experimental description: Detects traffic or activity related to https://ext4point.authenticoperation.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext4point.authenticoperation.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext3data.authenticoperation.in.net/verification.google id: auto-2fab88af9c2c26ebeabfdac6e750844f159916a326b28529ae2a8e47c6754453 status: experimental description: Detects traffic or activity related to https://ext3data.authenticoperation.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext3data.authenticoperation.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext2proxy.authenticoperation.in.net/verification.google id: auto-b5153235edd82464362496d195dfc9a7832dca9059db94568fd80a4e724e1ee3 status: experimental description: Detects traffic or activity related to https://ext2proxy.authenticoperation.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext2proxy.authenticoperation.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext1infra.authenticoperation.in.net/verification.google id: auto-6ee85fb555c7569e85bec98f85f58ba5bee8d5ae3f758698877f5a70740d76c7 status: experimental description: Detects traffic or activity related to https://ext1infra.authenticoperation.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext1infra.authenticoperation.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc3core.fundamentaldivision.in.net/verification.google id: auto-79de50fc2faa8fc8c605da1bc80d5579f0dea5ecd48b856722241720d3b18b42 status: experimental description: Detects traffic or activity related to https://svc3core.fundamentaldivision.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc3core.fundamentaldivision.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc1proc.fundamentaldivision.in.net/verification.google id: auto-67085d672a314c98f9eabea77cbd44f9ee682da19be4132354a6322a28fc5b59 status: experimental description: Detects traffic or activity related to https://svc1proc.fundamentaldivision.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc1proc.fundamentaldivision.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dev4space.permanentancillary.in.net/verification.google id: auto-69cc7e3d8d9af1b72028e941847833d3de17325991baef4c7d4e699fd551e547 status: experimental description: Detects traffic or activity related to https://dev4space.permanentancillary.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dev4space.permanentancillary.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dev3field.permanentancillary.in.net/verification.google id: auto-0fb0332277c7f0cb9e9c81411d115a36a8ef2bca99c31b47a471e1d9e43a0ad7 status: experimental description: Detects traffic or activity related to https://dev3field.permanentancillary.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dev3field.permanentancillary.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dev2outer.permanentancillary.in.net/verification.google id: auto-b643ecc6f9793bba4e4e1bd2748c672a4f1f0767eebac57e82f141a312c66b3f status: experimental description: Detects traffic or activity related to https://dev2outer.permanentancillary.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dev2outer.permanentancillary.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dev1proc.permanentancillary.in.net/verification.google id: auto-2652fb7971bfdb2d24965c5820a39fe8f0dcd3df7c695160b9131edeab26b352 status: experimental description: Detects traffic or activity related to https://dev1proc.permanentancillary.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dev1proc.permanentancillary.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl4path.ubiquitousfoundry.in.net/verification.google id: auto-c69dd4e34f5b22dd701238ea16fae3d3619cd471e40ef9ea5e3c9bbe4b55ec9b status: experimental description: Detects traffic or activity related to https://cl4path.ubiquitousfoundry.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl4path.ubiquitousfoundry.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl3view.ubiquitousfoundry.in.net/verification.google id: auto-1495836e53f115b9b5901a88bca5abeaacb0d2390b3220d8063b41a7b235b226 status: experimental description: Detects traffic or activity related to https://cl3view.ubiquitousfoundry.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl3view.ubiquitousfoundry.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl2point.ubiquitousfoundry.in.net/verification.google id: auto-bb1644a0bd715c225b09295ae0ebf4eb04801023e0fafef7169e53039be059d7 status: experimental description: Detects traffic or activity related to https://cl2point.ubiquitousfoundry.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl2point.ubiquitousfoundry.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl1proc.ubiquitousfoundry.in.net/verification.google id: auto-1f325572e13244903df6e76623778bad00b29c3fc3ac0f0c6b34d9c731a60236 status: experimental description: Detects traffic or activity related to https://cl1proc.ubiquitousfoundry.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl1proc.ubiquitousfoundry.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext4view.resonantcommercial.in.net/verification.google id: auto-d0c1730f5e4d5777cd14e0150b391bee4389913705ad001f6bd7ec0137469674 status: experimental description: Detects traffic or activity related to https://ext4view.resonantcommercial.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext4view.resonantcommercial.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext3ghost.resonantcommercial.in.net/verification.google id: auto-cf479d72f7366f8125fc55c27b29ff2a32aa813ec03851f757b2f9f2db44fb08 status: experimental description: Detects traffic or activity related to https://ext3ghost.resonantcommercial.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext3ghost.resonantcommercial.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext2core.resonantcommercial.in.net/verification.google id: auto-6b522c3b78cfa588828517f7847bc4bcc17365e3c5f53e12ea13a9dcb2d4d8fa status: experimental description: Detects traffic or activity related to https://ext2core.resonantcommercial.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext2core.resonantcommercial.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext1proc.resonantcommercial.in.net/verification.google id: auto-8b8e48bbb8e3897d993b54248e5c7db8e92d62731027cec42d64a9622a9db4ca status: experimental description: Detects traffic or activity related to https://ext1proc.resonantcommercial.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext1proc.resonantcommercial.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc4link.absolutecontinuity.in.net/verification.google id: auto-f8ec5829cc3e52ad63f666faa161f7b12f7deaf1b466c35a43049a726e00d44d status: experimental description: Detects traffic or activity related to https://svc4link.absolutecontinuity.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc4link.absolutecontinuity.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc3user.absolutecontinuity.in.net/verification.google id: auto-6079e4b92655510308dda884db5af72b23725836a478bc0e4608d65c9b734e35 status: experimental description: Detects traffic or activity related to https://svc3user.absolutecontinuity.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc3user.absolutecontinuity.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc2base.absolutecontinuity.in.net/verification.google id: auto-ed9e7a237015610e5d7ed9262198d6e4f3f50ab548a95149e4807edf15990a50 status: experimental description: Detects traffic or activity related to https://svc2base.absolutecontinuity.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc2base.absolutecontinuity.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc1infra.absolutecontinuity.in.net/verification.google id: auto-d4745e99d812db67c045ce2852601cac095805c95cde110dc15a2c9eb5dd45bb status: experimental description: Detects traffic or activity related to https://svc1infra.absolutecontinuity.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc1infra.absolutecontinuity.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dev4work.manifestdelivery.in.net/verification.google id: auto-6cd5ff4d51e1e9c2fa8acfca7befe0c96c6a3b1a920e780017c8c9a66f69e46f status: experimental description: Detects traffic or activity related to https://dev4work.manifestdelivery.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dev4work.manifestdelivery.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dev3local.manifestdelivery.in.net/verification.google id: auto-9fa2de108d64237df807ff3ee82435ece9ff3fbed3c9aa7f879d6a0bdff76aab status: experimental description: Detects traffic or activity related to https://dev3local.manifestdelivery.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dev3local.manifestdelivery.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dev2power.manifestdelivery.in.net/verification.google id: auto-44595ada578ae9c7639d54e5c4d023d2679c3ed272d7f8a612e4e87984a60050 status: experimental description: Detects traffic or activity related to https://dev2power.manifestdelivery.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dev2power.manifestdelivery.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dev1proc.manifestdelivery.in.net/verification.google id: auto-62ad455d704b0b0d8371ca983df68934667b764480eaf2f3b60e746675695ce7 status: experimental description: Detects traffic or activity related to https://dev1proc.manifestdelivery.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dev1proc.manifestdelivery.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl4link.sovereignprotocol.in.net/verification.google id: auto-ecfd3fa4183ce1a0affcfac21ea0cc785ce63813a0486ae2c57c89aeab9835ae status: experimental description: Detects traffic or activity related to https://cl4link.sovereignprotocol.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl4link.sovereignprotocol.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl3dev.sovereignprotocol.in.net/verification.google id: auto-1774e8ed9154e9a8d6862ed95f0d1119d5da30ec6214ba9e3c383e7fe6acc7f4 status: experimental description: Detects traffic or activity related to https://cl3dev.sovereignprotocol.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl3dev.sovereignprotocol.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl2remote.sovereignprotocol.in.net/verification.google id: auto-0ca3e94110d628d5ac2675a06f869a749dd36652ace166af044b669060757f1b status: experimental description: Detects traffic or activity related to https://cl2remote.sovereignprotocol.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl2remote.sovereignprotocol.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl1store.sovereignprotocol.in.net/verification.google id: auto-68905308646d6153093f0eb26c210c679217768d4b9e3be773b9a8388f76d420 status: experimental description: Detects traffic or activity related to https://cl1store.sovereignprotocol.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl1store.sovereignprotocol.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext4sync.intrinsiclogistics.in.net/verification.google id: auto-e2a7f4c8bf46ffe3582befb1beac581045c0e920df51aff2b407ee037cd2b145 status: experimental description: Detects traffic or activity related to https://ext4sync.intrinsiclogistics.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext4sync.intrinsiclogistics.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext3gate.intrinsiclogistics.in.net/verification.google id: auto-fb6b4cdda0853a347711aea02e671213058a19acb9e16ded1ce49fe50befe778 status: experimental description: Detects traffic or activity related to https://ext3gate.intrinsiclogistics.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext3gate.intrinsiclogistics.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext2proc.intrinsiclogistics.in.net/verification.google id: auto-6e8a3740a284c289ebdd5f32c07d451bc863e7924b42a0631df9bcdede8584b1 status: experimental description: Detects traffic or activity related to https://ext2proc.intrinsiclogistics.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext2proc.intrinsiclogistics.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext1meta.intrinsiclogistics.in.net/verification.google id: auto-304bc20f235a0bdefef93c43cf51e77e034bcd546583961dfbef444ee52c6cd3 status: experimental description: Detects traffic or activity related to https://ext1meta.intrinsiclogistics.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext1meta.intrinsiclogistics.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc4static.primordialconsensus.in.net/verification.google id: auto-3aa3c4f370fd1f44bc7fc504d3cee712862d42e3e3ee95144e722b7db69bbcab status: experimental description: Detects traffic or activity related to https://svc4static.primordialconsensus.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc4static.primordialconsensus.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc3edge.primordialconsensus.in.net/verification.google id: auto-5f31228d9c6a768be8d0449e58e583cbc697242c9a5c5348a41214e3979bfc71 status: experimental description: Detects traffic or activity related to https://svc3edge.primordialconsensus.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc3edge.primordialconsensus.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc2data.primordialconsensus.in.net/verification.google id: auto-1001e6071788666e470d80f44e2b100875f3d96e5de52755324b28f74316ff45 status: experimental description: Detects traffic or activity related to https://svc2data.primordialconsensus.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc2data.primordialconsensus.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc1sync.primordialconsensus.in.net/verification.google id: auto-a2d990c5eb7839e7b86c40d31e443c5a4a5aa8f58f1725c1b31486b335927a20 status: experimental description: Detects traffic or activity related to https://svc1sync.primordialconsensus.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc1sync.primordialconsensus.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://1dxll.keystoneprospera.in.net/verification.google id: auto-d6936721616e193cdeaa0237680cc12d52314f66bc0f055d71c445a3712a6113 status: experimental description: Detects traffic or activity related to https://1dxll.keystoneprospera.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://1dxll.keystoneprospera.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://yzl9.keystoneprospera.in.net/verification.google id: auto-8c64c463650bed6c04050e61e08cc1359e4e7c4171a57fddcf73a1aa9bb3e130 status: experimental description: Detects traffic or activity related to https://yzl9.keystoneprospera.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://yzl9.keystoneprospera.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://unpf0.spectrumforge.in.net/verification.google id: auto-4978cd55437ec4fc56867fabd86dcadc5501c3d3df3bce405acf0f6da9999ac9 status: experimental description: Detects traffic or activity related to https://unpf0.spectrumforge.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://unpf0.spectrumforge.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://j7pyx.spectrumforge.in.net/verification.google id: auto-539a33fb33de66fb998bb9b3eeab684e1df4feb0be86739fe66958c7288b0945 status: experimental description: Detects traffic or activity related to https://j7pyx.spectrumforge.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://j7pyx.spectrumforge.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://qudo8h54.paragonventure.in.net/verification.google id: auto-fcfb408f7baab181865d9a5b5dff0eff13b99b2dbdafc2f7a4d055cbf291c04d status: experimental description: Detects traffic or activity related to https://qudo8h54.paragonventure.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://qudo8h54.paragonventure.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ser-crestal.paragonventure.in.net/verification.google id: auto-53bfc7f8de635f316420e6a2ffd8f79ed2422c5db23d77c0d2ee284cbfdf7a35 status: experimental description: Detects traffic or activity related to https://ser-crestal.paragonventure.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ser-crestal.paragonventure.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://zenven2ix.quantumprospera.in.net/verification.google id: auto-56a1040aae7c99c090fa81e5e16f9dda1b408ac0d84f093c342ff0d79767988a status: experimental description: Detects traffic or activity related to https://zenven2ix.quantumprospera.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://zenven2ix.quantumprospera.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://linkstudi.quantumprospera.in.net/verification.google id: auto-bcc78ccf6884c1f90e99ae7e35b0d164336dbfb5f5944316e359ec87251aae2a status: experimental description: Detects traffic or activity related to https://linkstudi.quantumprospera.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://linkstudi.quantumprospera.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://vvatch9-array.nexusharbora.in.net/verification.google id: auto-dffa027fb82a656189837f5d81c8d019f37b6311f6b529118d72e4411b109e87 status: experimental description: Detects traffic or activity related to https://vvatch9-array.nexusharbora.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://vvatch9-array.nexusharbora.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://r2tf.nexusharbora.in.net/verification.google id: auto-fc036ebb46ccc64d390a918c5a87ade246d96cd0babf0b5f7ca0a00cd0f4ca5a status: experimental description: Detects traffic or activity related to https://r2tf.nexusharbora.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://r2tf.nexusharbora.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://scuh266.luminouspatron.in.net/verification.google id: auto-1316b53b8d7d3363191eec015f6c86e848cbc6eab5fde9a917abd2de3d0a31f8 status: experimental description: Detects traffic or activity related to https://scuh266.luminouspatron.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://scuh266.luminouspatron.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://print6-lab.luminouspatron.in.net/verification.google id: auto-8fc1546361b73e8a1548b234ac5230e2972a390e42857d9c7f68046dcceae9cf status: experimental description: Detects traffic or activity related to https://print6-lab.luminouspatron.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://print6-lab.luminouspatron.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://zd3cs.apexbloomera.in.net/verification.google id: auto-f10290b1ea6826aac211f7da02c0e3a5fb3aaab28fa70935dcb1e55b2de658dc status: experimental description: Detects traffic or activity related to https://zd3cs.apexbloomera.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://zd3cs.apexbloomera.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://columnbinary.apexbloomera.in.net/verification.google id: auto-d857ecf05b64af7e79520b88df317a5931c64bef525c266bc49dd4e5134ccfc9 status: experimental description: Detects traffic or activity related to https://columnbinary.apexbloomera.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://columnbinary.apexbloomera.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://rvfh.horizonprospera.in.net/verification.google id: auto-2733b77aee3bc411285d292e25a6868ca97807a758a03682be189e3eebb3cae2 status: experimental description: Detects traffic or activity related to https://rvfh.horizonprospera.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://rvfh.horizonprospera.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://gather-line.horizonprospera.in.net/verification.google id: auto-a285bac4d40988759fdd5796da42f9cc1d311a1f38dd9198428262efb8fe6c10 status: experimental description: Detects traffic or activity related to https://gather-line.horizonprospera.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://gather-line.horizonprospera.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cgnnhw.catalystventure.in.net/verification.google id: auto-538d6e571feb4b409bf06aac4068f8237920a1adbbbc2e66042a19fbf229ca1c status: experimental description: Detects traffic or activity related to https://cgnnhw.catalystventure.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cgnnhw.catalystventure.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://trivenen2.catalystventure.in.net/verification.google id: auto-56c5b9d44e15e3179cd2fee1ef29e6331ec7cc16d182e1e581be42cb03b3d724 status: experimental description: Detects traffic or activity related to https://trivenen2.catalystventure.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://trivenen2.catalystventure.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ultra-r0ug.vectorharbinger.in.net/verification.google id: auto-e36d76cedc10aa15d2af1c562228f8cff6a8590c4c624f23041ab333d29811cf status: experimental description: Detects traffic or activity related to https://ultra-r0ug.vectorharbinger.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ultra-r0ug.vectorharbinger.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://c0lo-scope.vectorharbinger.in.net/verification.google id: auto-d12b435db68861ac6fc54bfb27c3f87efb048b03768f002e81f7ae4410233cec status: experimental description: Detects traffic or activity related to https://c0lo-scope.vectorharbinger.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://c0lo-scope.vectorharbinger.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://neurafor.pozellant.in.net/verification.google id: auto-7b87e9d71b900b04ded0c2c831fbf9bb461b20cbd1e392c28c81ecd57419668e status: experimental description: Detects traffic or activity related to https://neurafor.pozellant.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://neurafor.pozellant.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://scanque.pozellant.in.net/verification.google id: auto-c45f34edafae1e65aba71c4493337223dcdfa6d379632876cf5b49fe978f52b4 status: experimental description: Detects traffic or activity related to https://scanque.pozellant.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://scanque.pozellant.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://59fxy.chromeflack.in.net/verification.google id: auto-101086e4751f4637f18e8b2eda421f6a805e0b9aa204debce865cf95639ea0bc status: experimental description: Detects traffic or activity related to https://59fxy.chromeflack.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://59fxy.chromeflack.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://triforgeix.chromeflack.in.net/verification.google id: auto-51959f452b92f7fd613a336fa5ee1cffd2c91d57b59dd1c9858e79f111b992fa status: experimental description: Detects traffic or activity related to https://triforgeix.chromeflack.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://triforgeix.chromeflack.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dyn-tidear.dockhype.in.net/verification.google id: auto-78fca2b162f6a87dd7d7f972526066608dc251355509d7b555da2bb4a26bfef3 status: experimental description: Detects traffic or activity related to https://dyn-tidear.dockhype.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dyn-tidear.dockhype.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://thifleet.dockhype.in.net/verification.google id: auto-45e8aea551303ce2a3633f948bc4defa4876e5227532ecbb0555ebe1acb79274 status: experimental description: Detects traffic or activity related to https://thifleet.dockhype.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://thifleet.dockhype.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://gridfocus.cloudfloot.in.net/verification.google id: auto-6908d0e2e5254941b6680ad29b70463394b53b50f5d47f1bc6778f09c3a6c256 status: experimental description: Detects traffic or activity related to https://gridfocus.cloudfloot.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://gridfocus.cloudfloot.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://336yzvub.cloudfloot.in.net/verification.google id: auto-5571a2a8d9e6a20a10d14ec1cf4ebb6c31894fe09b512fecd88627f0f61ca5cf status: experimental description: Detects traffic or activity related to https://336yzvub.cloudfloot.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://336yzvub.cloudfloot.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://zenmarken4.hostyard.in.net/verification.google id: auto-161903412e163af14e10c3de25b2f1c85364aa3fb8a4c74dcb7a18847896e8dd status: experimental description: Detects traffic or activity related to https://zenmarken4.hostyard.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://zenmarken4.hostyard.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://tw9hk.hostyard.in.net/verification.google id: auto-999b3a8de3fa9a1608c40f238bd11533ea621b623c233ef5582cf6ba2e6392ec status: experimental description: Detects traffic or activity related to https://tw9hk.hostyard.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://tw9hk.hostyard.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://binscree.matchexact.in.net/verification.google id: auto-4fc60a6c022e826da106b5e76617fb2a7a4eef5f5520258934167b02df4a8473 status: experimental description: Detects traffic or activity related to https://binscree.matchexact.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://binscree.matchexact.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://git33.matchexact.in.net/verification.google id: auto-8e0a603355803d045637ef7902a32f3dd097e0b04785c456e1289a06bc828391 status: experimental description: Detects traffic or activity related to https://git33.matchexact.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://git33.matchexact.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://patternprint.productter.in.net/verification.google id: auto-f50136f41ef683f0d37d1a76d7befbf23b68879966aa20b5c17a9021b311415e status: experimental description: Detects traffic or activity related to https://patternprint.productter.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://patternprint.productter.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://circuittraile.productter.in.net/verification.google id: auto-da6f2ee4672f1c40c900471dcef1f51ac0ea16e753f5c2f8d348792cd4b31d95 status: experimental description: Detects traffic or activity related to https://circuittraile.productter.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://circuittraile.productter.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://merlithex.tockentrue.in.net/verification.google id: auto-3f063fec23860e3db4207457daa8eea41b72e55533c373caa20d5bd1f0263d17 status: experimental description: Detects traffic or activity related to https://merlithex.tockentrue.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://merlithex.tockentrue.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://emberbroker.tockentrue.in.net/verification.google id: auto-029f23cd523f580fe1790fc04fff330721640a65519fb90214567e48788bdefe status: experimental description: Detects traffic or activity related to https://emberbroker.tockentrue.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://emberbroker.tockentrue.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://gr0w-grid.paragonbloomera.in.net/verification.google id: auto-d8261e43160c4d2736399e42fdf31b6d478a9b5f901bf01623a5053cbc3b48a4 status: experimental description: Detects traffic or activity related to https://gr0w-grid.paragonbloomera.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://gr0w-grid.paragonbloomera.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://lumforgea.paragonbloomera.in.net/verification.google id: auto-ff92b172fb4720f8ff59927ccaf1cac2932c700ae8e55263ded962537cbf8671 status: experimental description: Detects traffic or activity related to https://lumforgea.paragonbloomera.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://lumforgea.paragonbloomera.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://capitalultra.quantumharbinger.in.net/verification.google id: auto-0239f2167b785d17d58d11fb9f6dfff183c8fd0337eeb0376a33e13b386d2f2a status: experimental description: Detects traffic or activity related to https://capitalultra.quantumharbinger.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://capitalultra.quantumharbinger.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://hyperobs.nexuspatronage.in.net/verification.google id: auto-4ac83ffb7970a7b913d02ef393d343b0e006002de00d695ff2a316f90f481de6 status: experimental description: Detects traffic or activity related to https://hyperobs.nexuspatronage.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://hyperobs.nexuspatronage.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cleanrain.vectorprospera.in.net/verification.google id: auto-fa6b3084344600dba0d5ad6bff766ebaf025575ff8234bd62bdc077af3b6a27b status: experimental description: Detects traffic or activity related to https://cleanrain.vectorprospera.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cleanrain.vectorprospera.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://568sx.momentumbloomera.in.net/verification.google id: auto-b01fa1f7f9dbf623157de3ead8e6d22c269b45f0ad73e07d36fa3496e70a891d status: experimental description: Detects traffic or activity related to https://568sx.momentumbloomera.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://568sx.momentumbloomera.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://24dw.apexharvestor.in.net/verification.google id: auto-ed121955e0cca263dc54b269128b322ae3c6a27df11c633e4ec8282f36b9bb99 status: experimental description: Detects traffic or activity related to https://24dw.apexharvestor.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://24dw.apexharvestor.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://meta-latt1c.covenantventure.in.net/verification.google id: auto-8968e681d55795b6956ac871ec1076eb7128780ebbb41a8453a33bd6239f2ef6 status: experimental description: Detects traffic or activity related to https://meta-latt1c.covenantventure.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://meta-latt1c.covenantventure.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://vect01-gate.latticepatronage.in.net/verification.google id: auto-837443f2a2238cb0086ac20e3e3ca0402526b7f8b2d6664b891aa553586d1474 status: experimental description: Detects traffic or activity related to https://vect01-gate.latticepatronage.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://vect01-gate.latticepatronage.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://arkmeshum2.radiantprospera.in.net/verification.google id: auto-afc3cd63b8f46467dd527448fa3560e9268182e972cc941383dc1c2f02fd682c status: experimental description: Detects traffic or activity related to https://arkmeshum2.radiantprospera.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://arkmeshum2.radiantprospera.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://sync-route.radiantprospera.in.net/verification.google id: auto-14b975e7b120e2e950e6bde96e664298844fed2bc012c090b2c89143d80096a0 status: experimental description: Detects traffic or activity related to https://sync-route.radiantprospera.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://sync-route.radiantprospera.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://mm52vg.zenithharbinger.in.net/verification.google id: auto-fdf59d106b8c1cce3287d8f795dc3c544560c9a3925bb1b73aaf5df4b9b7e6f9 status: experimental description: Detects traffic or activity related to https://mm52vg.zenithharbinger.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://mm52vg.zenithharbinger.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://boldoffe.zenithharbinger.in.net/verification.google id: auto-7ada36b98f36aad1be143425793c11791071d486d1438cc30ac67c500fec5cc0 status: experimental description: Detects traffic or activity related to https://boldoffe.zenithharbinger.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://boldoffe.zenithharbinger.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://notmar.pozellant.in.net/verification.google id: auto-db769689ac6371183cffb98d202acf9e911e3fe3e01aef2be84e4dfb44525aa4 status: experimental description: Detects traffic or activity related to https://notmar.pozellant.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://notmar.pozellant.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://daemondeli.chromeflack.in.net/verification.google id: auto-ee14f75cb16091638ff63bc18b5c9e109de9bedebc30d2814b2a7bd7cfca32cf status: experimental description: Detects traffic or activity related to https://daemondeli.chromeflack.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://daemondeli.chromeflack.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://oi52ewc.dockhype.in.net/verification.google id: auto-ca4367516fa41283d83501d568d11de10f29c98ab7fadc5e57d291ed1c7e3fd8 status: experimental description: Detects traffic or activity related to https://oi52ewc.dockhype.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://oi52ewc.dockhype.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://sun-line.cloudfloot.in.net/verification.google id: auto-8ed1eb4ceb0f61fc949e5e4807d9bf548093b2c59715bde15e0ea420516ce092 status: experimental description: Detects traffic or activity related to https://sun-line.cloudfloot.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://sun-line.cloudfloot.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dyn-coreal.hostyard.in.net/verification.google id: auto-d721e3fa186f7b5c64e419153d44a33455b8416bc23cc2a7c6db8b932bd29506 status: experimental description: Detects traffic or activity related to https://dyn-coreal.hostyard.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dyn-coreal.hostyard.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dockswitch.matchexact.in.net/verification.google id: auto-2f56f62cdf318782e3c50c9d10f872fd58cb2078ce633ab7eba0a460133f4105 status: experimental description: Detects traffic or activity related to https://dockswitch.matchexact.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dockswitch.matchexact.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cfp1laq8.productter.in.net/verification.google id: auto-eec9493e650a140d6c5d7f8550943036adb1000eed002106079e33342df3e5c7 status: experimental description: Detects traffic or activity related to https://cfp1laq8.productter.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cfp1laq8.productter.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://velflux0or.tockentrue.in.net/verification.google id: auto-8e803c611495c8663beec0cacfaa708a6308685fdca76ca60a530a65354d0b86 status: experimental description: Detects traffic or activity related to https://velflux0or.tockentrue.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://velflux0or.tockentrue.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://duskgrand.paragonbloomera.in.net/verification.google id: auto-5c18dd2086cc16c96ef6ae480d4450b79f25714d3be0aa617c340d32b7f978fa status: experimental description: Detects traffic or activity related to https://duskgrand.paragonbloomera.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://duskgrand.paragonbloomera.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://optic5-dock.paragonbloomera.in.net/verification.google id: auto-22c2ea5b378fd4bf4bd0f6cf96c6730b423d2b4ab0edbc7a7335a677fa2475a1 status: experimental description: Detects traffic or activity related to https://optic5-dock.paragonbloomera.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://optic5-dock.paragonbloomera.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://2woz.quantumharbinger.in.net/verification.google id: auto-85e7afb3450676bd2ddffa7074fd2ca73047f72c3d04302c880c0cc5d5a9f956 status: experimental description: Detects traffic or activity related to https://2woz.quantumharbinger.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://2woz.quantumharbinger.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://arkline9ar.quantumharbinger.in.net/verification.google id: auto-802596f95ff86f6125d2eb84c9267a726e04dd9d5972d9f27cfa1c290cc5c37d status: experimental description: Detects traffic or activity related to https://arkline9ar.quantumharbinger.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://arkline9ar.quantumharbinger.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://pol43-plate.nexuspatronage.in.net/verification.google id: auto-c9628ea2920910448b7071cfd541c16cd6305c9c41456c0697d2080d8b592a56 status: experimental description: Detects traffic or activity related to https://pol43-plate.nexuspatronage.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://pol43-plate.nexuspatronage.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://lecbyj6.nexuspatronage.in.net/verification.google id: auto-ddb34abd035080f7757f2a324c107b3999c24edae32eb246204b4611efff6e21 status: experimental description: Detects traffic or activity related to https://lecbyj6.nexuspatronage.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://lecbyj6.nexuspatronage.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://zwyyuczn.vectorprospera.in.net/verification.google id: auto-d99cf55c5bf4f865a88c00beda209c2764652d0831ed67f18ec083a4825e1d00 status: experimental description: Detects traffic or activity related to https://zwyyuczn.vectorprospera.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://zwyyuczn.vectorprospera.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://wylzkl.vectorprospera.in.net/verification.google id: auto-b49e70ff313ff7fff4dc00e2a781e033b0fff23f181314e5454e71c7b6d134e8 status: experimental description: Detects traffic or activity related to https://wylzkl.vectorprospera.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://wylzkl.vectorprospera.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://serdraos.momentumbloomera.in.net/verification.google id: auto-4553a2388bae9ff7e6cb3fa888fffa6bb2bb1ecb14ac357e438a2249588aea3f status: experimental description: Detects traffic or activity related to https://serdraos.momentumbloomera.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://serdraos.momentumbloomera.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://pale-line.momentumbloomera.in.net/verification.google id: auto-6ba864bb10f50971de7478ff9dcbaacdd6b6bd375b49c20050ccd0de0f95cd30 status: experimental description: Detects traffic or activity related to https://pale-line.momentumbloomera.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://pale-line.momentumbloomera.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://nimblestitch.apexharvestor.in.net/verification.google id: auto-8fd3360ee51d493bf5cf15b5ffb860eefe4f791ba3903ea10fef06a1bcb4d03a status: experimental description: Detects traffic or activity related to https://nimblestitch.apexharvestor.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://nimblestitch.apexharvestor.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://proto-pub1.apexharvestor.in.net/verification.google id: auto-ac3ded7dae29095cef3669948d14259030142aae0d50d6c15728b2a2d1a4bb19 status: experimental description: Detects traffic or activity related to https://proto-pub1.apexharvestor.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://proto-pub1.apexharvestor.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://roufal.covenantventure.in.net/verification.google id: auto-dd60545ef8f61468048caee07931233749d67497fad38ab9a2f2a97e732b76e0 status: experimental description: Detects traffic or activity related to https://roufal.covenantventure.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://roufal.covenantventure.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ukswf.covenantventure.in.net/verification.google id: auto-761d9185eebe749ccdd142f694f85957435eeaa644af3944aaf8fc764b9de17a status: experimental description: Detects traffic or activity related to https://ukswf.covenantventure.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ukswf.covenantventure.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://c0upon1-sheet.latticepatronage.in.net/verification.google id: auto-1ff991566458d4a7800beba8123cd49541e91971c4534d6c84d2d3aca9a6a099 status: experimental description: Detects traffic or activity related to https://c0upon1-sheet.latticepatronage.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://c0upon1-sheet.latticepatronage.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://focu-stream.latticepatronage.in.net/verification.google id: auto-8713a4f8ef6df07a7a2ae65a37afdf82e982eafaf4efc2f91fe0970d3697efd9 status: experimental description: Detects traffic or activity related to https://focu-stream.latticepatronage.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://focu-stream.latticepatronage.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://xuyk.radiantprospera.in.net/verification.google id: auto-5b9a1bb91ad6637c1e9e1d7acc9cb05d3d23ff2345e913dc0145f741a7ad9c69 status: experimental description: Detects traffic or activity related to https://xuyk.radiantprospera.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://xuyk.radiantprospera.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://tal-marka.radiantprospera.in.net/verification.google id: auto-8e2b49c1ec193450dca6243fc17cf7e6aac78ced7f214f8a591a80125950e5dc status: experimental description: Detects traffic or activity related to https://tal-marka.radiantprospera.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://tal-marka.radiantprospera.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://railglyph.zenithharbinger.in.net/verification.google id: auto-538f91562b86ed05253871c427ecc56f3ae23a3fc30c3c26adf37aa25020ad8f status: experimental description: Detects traffic or activity related to https://railglyph.zenithharbinger.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://railglyph.zenithharbinger.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://lqlk.zenithharbinger.in.net/verification.google id: auto-01b579277b6757d807eae7b0b37281e12ebc6d75b5ee4eb2c5a13a027c46fc5e status: experimental description: Detects traffic or activity related to https://lqlk.zenithharbinger.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://lqlk.zenithharbinger.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://2xxws.pozellant.in.net/verification.google id: auto-bdcb73fdbb115402474273fe4f5fcf5e31f5bc2be22d13e12d45a333b5a8ed72 status: experimental description: Detects traffic or activity related to https://2xxws.pozellant.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://2xxws.pozellant.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://linkclie.pozellant.in.net/verification.google id: auto-344165fab3b31f88ecbe657fe76bf544be144ba8d01a3a3f66ebeb1a1249c98e status: experimental description: Detects traffic or activity related to https://linkclie.pozellant.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://linkclie.pozellant.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://e457.pozellant.in.net/verification.google id: auto-e50a9d366dfa4a53ac31aff99663491361e8bcb39989d059588ccbd56faeb3f4 status: experimental description: Detects traffic or activity related to https://e457.pozellant.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://e457.pozellant.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://1att0-crest.pozellant.in.net/verification.google id: auto-c79e40565c04134358c49166824739c521188f1bd25a86b9ab8cc88570290c89 status: experimental description: Detects traffic or activity related to https://1att0-crest.pozellant.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://1att0-crest.pozellant.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://soltidea3.pozellant.in.net/verification.google id: auto-018493b967b7e339db62f0d52bf69ac36ab30e5da9a60708451fa05a339aa931 status: experimental description: Detects traffic or activity related to https://soltidea3.pozellant.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://soltidea3.pozellant.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://kelvenon1.chromeflack.in.net/verification.google id: auto-a12545327b73167df89e00c8ec6ecb44bdc9086af6a998bed25dfe0cd920c50c status: experimental description: Detects traffic or activity related to https://kelvenon1.chromeflack.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://kelvenon1.chromeflack.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ffvwks.chromeflack.in.net/verification.google id: auto-8d01d2dab91707bcd39c02499d11e97344faf32cb5f3b7405d2c5f98afeb5850 status: experimental description: Detects traffic or activity related to https://ffvwks.chromeflack.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ffvwks.chromeflack.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://0iwbrl.chromeflack.in.net/verification.google id: auto-f607d99750740b61a45c239440d5d46649944e57a4049d1d31d084f6c8f79c67 status: experimental description: Detects traffic or activity related to https://0iwbrl.chromeflack.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://0iwbrl.chromeflack.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://vehb.chromeflack.in.net/verification.google id: auto-e2461bbb1968f3ddd3c4099b6953a3f0bf41cab0d511eaa5ea135b5e5e4a14bc status: experimental description: Detects traffic or activity related to https://vehb.chromeflack.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://vehb.chromeflack.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://nortideix9.chromeflack.in.net/verification.google id: auto-b9a42449105989c5cf97a11ab2123a737f1b176c2e6f6c355e6c09864d56f2f2 status: experimental description: Detects traffic or activity related to https://nortideix9.chromeflack.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://nortideix9.chromeflack.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://pilhar.dockhype.in.net/verification.google id: auto-d1562403d4a9e76d88046d972f2d242dacb60834df947cb439e1a455e3582469 status: experimental description: Detects traffic or activity related to https://pilhar.dockhype.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://pilhar.dockhype.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://compi1e-well.dockhype.in.net/verification.google id: auto-484382301a39d62605633023bdab1442404789d7120992bdf0fcc66ade71cf7c status: experimental description: Detects traffic or activity related to https://compi1e-well.dockhype.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://compi1e-well.dockhype.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://decodeass.dockhype.in.net/verification.google id: auto-8787de4e40d430d0e1dc6b04b4b0c20e28925fd3db549b180b98c70ecb139c72 status: experimental description: Detects traffic or activity related to https://decodeass.dockhype.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://decodeass.dockhype.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://sertideos6.dockhype.in.net/verification.google id: auto-9da41eb5ed8aa058bbcaead2021cd23244d992cea1461eaefc521b47d5b8f4dc status: experimental description: Detects traffic or activity related to https://sertideos6.dockhype.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://sertideos6.dockhype.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://f0x8-frame.dockhype.in.net/verification.google id: auto-267f53b8da8aa3d3ad1f4c59751ae87f3234d6d4436dea28f54a80ec6e3993e6 status: experimental description: Detects traffic or activity related to https://f0x8-frame.dockhype.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://f0x8-frame.dockhype.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://59zvgq.cloudfloot.in.net/verification.google id: auto-f013d59049e2a3e7e867d61c95e97753f9dcd09d1276500d82f9973603f5e7f7 status: experimental description: Detects traffic or activity related to https://59zvgq.cloudfloot.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://59zvgq.cloudfloot.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://broa-glow.cloudfloot.in.net/verification.google id: auto-8b02b6cea9f230be0ea2afee1c73f258b52a741ea42f8cdf65a9075f059d1a59 status: experimental description: Detects traffic or activity related to https://broa-glow.cloudfloot.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://broa-glow.cloudfloot.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://flowmer.cloudfloot.in.net/verification.google id: auto-cc203198446651fe1f2b177c2923d9ed645224b1672df90bf7af983d6bf0c9b5 status: experimental description: Detects traffic or activity related to https://flowmer.cloudfloot.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://flowmer.cloudfloot.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://pur34-grid.cloudfloot.in.net/verification.google id: auto-f3b5a8e588338c9fbd67e34361c3cd33da04d7c69ddea868970d43d8e33307e9 status: experimental description: Detects traffic or activity related to https://pur34-grid.cloudfloot.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://pur34-grid.cloudfloot.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://chorusschema.cloudfloot.in.net/verification.google id: auto-4f216a5c34ca27a1c6a16256dd68361716c99b9ae3ac7a8a53c6018317fea5cc status: experimental description: Detects traffic or activity related to https://chorusschema.cloudfloot.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://chorusschema.cloudfloot.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://fi3ld-mount.hostyard.in.net/verification.google id: auto-edc148e804b045267759181c6a020727aef8c3f545988e0c6a8a351d6d8e459d status: experimental description: Detects traffic or activity related to https://fi3ld-mount.hostyard.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://fi3ld-mount.hostyard.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://bxorbuj.hostyard.in.net/verification.google id: auto-4951dd1d89d1ed5d63031bcec88ff92895c0c143d606ce5d57944136793df54e status: experimental description: Detects traffic or activity related to https://bxorbuj.hostyard.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://bxorbuj.hostyard.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://5tor-bridge.hostyard.in.net/verification.google id: auto-b03cc072c328e2114305fe1a592bb7fca216e43ed7fcb71ac1ba4e4e2be9800c status: experimental description: Detects traffic or activity related to https://5tor-bridge.hostyard.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://5tor-bridge.hostyard.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://datadir.hostyard.in.net/verification.google id: auto-f56cdca3f40445d5d6f9a7607c21b1de3ee8013dce65b5f5ae503f94b0c98b9a status: experimental description: Detects traffic or activity related to https://datadir.hostyard.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://datadir.hostyard.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://vor-draa.hostyard.in.net/verification.google id: auto-d9fee46a2944db46d76c2faf6c1f7cadcd944f46cd1823a6e21c4f6a52452c35 status: experimental description: Detects traffic or activity related to https://vor-draa.hostyard.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://vor-draa.hostyard.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ibdav4vt.matchexact.in.net/verification.google id: auto-fb152c8052e845bf2ab7798466286cdb480345acc627404a772d4c9147fedf10 status: experimental description: Detects traffic or activity related to https://ibdav4vt.matchexact.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ibdav4vt.matchexact.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://meta-qu4nt.matchexact.in.net/verification.google id: auto-a7f01907b8edd5f1f81d35734c5840990cfb14fa0db938026379fdd7e3cf639e status: experimental description: Detects traffic or activity related to https://meta-qu4nt.matchexact.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://meta-qu4nt.matchexact.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ressilen.matchexact.in.net/verification.google id: auto-533722458fa6dbe292af1ff94e53e9ed3c3e384e0290a512bfa6f6be8bf10e58 status: experimental description: Detects traffic or activity related to https://ressilen.matchexact.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ressilen.matchexact.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://lafc2.matchexact.in.net/verification.google id: auto-778170507d99dc4e7a0eff076450f7768f8108b68beccf8dbfa56f5633472b2f status: experimental description: Detects traffic or activity related to https://lafc2.matchexact.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://lafc2.matchexact.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://9uclkz8z.matchexact.in.net/verification.google id: auto-c242b714b5efbc0a4bd2b2ada6ea0dff45769acf9e93faa8fb093c7081b796a3 status: experimental description: Detects traffic or activity related to https://9uclkz8z.matchexact.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://9uclkz8z.matchexact.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://stitchreed.productter.in.net/verification.google id: auto-c81d5ebc426c066e9fc230c3a3888b910d7b852adceb84d80799d6428001ec5b status: experimental description: Detects traffic or activity related to https://stitchreed.productter.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://stitchreed.productter.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://rjpx.productter.in.net/verification.google id: auto-283f68b6f8875ae0a1f019d54f1e82f4c8df0cb0da7b39add6a5f647f35b42f9 status: experimental description: Detects traffic or activity related to https://rjpx.productter.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://rjpx.productter.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://me5h-sheet.productter.in.net/verification.google id: auto-437a124e41c9415c7ea47a3250d8493e138c319393d86e15e37335444f26fef3 status: experimental description: Detects traffic or activity related to https://me5h-sheet.productter.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://me5h-sheet.productter.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://geo-thr3.productter.in.net/verification.google id: auto-175ead8c3beee493e568c75a6c58ae0292dc7268bf14bafc5d6f3d0622c38545 status: experimental description: Detects traffic or activity related to https://geo-thr3.productter.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://geo-thr3.productter.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://pe4k-chain.productter.in.net/verification.google id: auto-e925db7e8dc067d6ddd55dc9d323df5ce9f23afb8bc39c7c95dcbb6476d69543 status: experimental description: Detects traffic or activity related to https://pe4k-chain.productter.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://pe4k-chain.productter.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://69woakx5.tockentrue.in.net/verification.google id: auto-62d035de99ebf45eb2fa141a82b3c340d5ca06b796876ea0935fd93e777db19b status: experimental description: Detects traffic or activity related to https://69woakx5.tockentrue.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://69woakx5.tockentrue.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://48bc.tockentrue.in.net/verification.google id: auto-4f1cfccac1f5420467596e148e79e0b836f9f167341d82d1cd2a5c922e3f86e7 status: experimental description: Detects traffic or activity related to https://48bc.tockentrue.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://48bc.tockentrue.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - http://79.124.59.142/index.ps1 id: auto-671e94bd1c2333c7637f9d1b46a02f54bfbeca069292ecfbbe7f68dcd3ac3950 status: experimental description: Detects traffic or activity related to http://79.124.59.142/index.ps1 which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*http://79.124.59.142/index.ps1*' condition: selection level: high tags: - attack.t1059.001 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://quorcrestum4.tockentrue.in.net/verification.google id: auto-e6944286e3a70d2638b7b5ccd5ecb86dafb48b4e11320d05f80ba25b46b2d9fc status: experimental description: Detects traffic or activity related to https://quorcrestum4.tockentrue.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://quorcrestum4.tockentrue.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://sprble.tockentrue.in.net/verification.google id: auto-5456a1ccca0ce0d1fe08b742a7c13823c9f17d782fa8335e780aa934fa950100 status: experimental description: Detects traffic or activity related to https://sprble.tockentrue.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://sprble.tockentrue.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://primefierc.tockentrue.in.net/verification.google id: auto-b3ea0c5ee024bc4cf7882643c335eccfe3bf99b814adf7c6b88bf1c32eed35b8 status: experimental description: Detects traffic or activity related to https://primefierc.tockentrue.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://primefierc.tockentrue.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext4point.paragonbloomera.in.net/verification.google id: auto-78d8b592155e58b93f2f1123e48d714279c46af98ec2df2756f057fa5221e0cd status: experimental description: Detects traffic or activity related to https://ext4point.paragonbloomera.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext4point.paragonbloomera.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - http://91.92.243.119/steam/lemon.exe id: auto-64033878690f63694dae48447e325c674ee46d635ed1e6492b7d4898220acde5 status: experimental description: Detects traffic or activity related to http://91.92.243.119/steam/lemon.exe which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*http://91.92.243.119/steam/lemon.exe*' condition: selection level: high tags: - attack.t1204.002 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext3data.paragonbloomera.in.net/verification.google id: auto-e29e8d1566fd84e444386c8e2af3dd9047492043e9612620da8436c763708790 status: experimental description: Detects traffic or activity related to https://ext3data.paragonbloomera.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext3data.paragonbloomera.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext2proxy.paragonbloomera.in.net/verification.google id: auto-11297a086ecdb434cef52c40351aeae690ef73ec39d2621ed6354c1dbe6c6e3a status: experimental description: Detects traffic or activity related to https://ext2proxy.paragonbloomera.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext2proxy.paragonbloomera.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext1infra.paragonbloomera.in.net/verification.google id: auto-036a77dc1a5f681095481e1fb6720bc20bfaae91dd6707a71f352ef684e24ec4 status: experimental description: Detects traffic or activity related to https://ext1infra.paragonbloomera.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext1infra.paragonbloomera.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc4sat.quantumharbinger.in.net/verification.google id: auto-bd4009f75a790c95e0ec5075c58785d0a9a7e27cc2b2e36e6106f2a52cce6346 status: experimental description: Detects traffic or activity related to https://svc4sat.quantumharbinger.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc4sat.quantumharbinger.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc3core.quantumharbinger.in.net/verification.google id: auto-f940a37e26079d22a2bc84594aa10f9711240d9d376f46c2fad5b880341ac726 status: experimental description: Detects traffic or activity related to https://svc3core.quantumharbinger.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc3core.quantumharbinger.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc2steel.quantumharbinger.in.net/verification.google id: auto-a2232a57e5a322c25ee1bed45c02a24e3c8916d6f2a211dba4716e0957738a10 status: experimental description: Detects traffic or activity related to https://svc2steel.quantumharbinger.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc2steel.quantumharbinger.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc1proc.quantumharbinger.in.net/verification.google id: auto-2baf66413b5c086e19b440fe29db3a40aeb47b1509625dc91ced20bcf909a2bb status: experimental description: Detects traffic or activity related to https://svc1proc.quantumharbinger.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc1proc.quantumharbinger.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dev4space.nexuspatronage.in.net/verification.google id: auto-f83ae93240d32f53ee97def5af246c070b99b7bbe7344733af5c6e8250efabaf status: experimental description: Detects traffic or activity related to https://dev4space.nexuspatronage.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dev4space.nexuspatronage.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dev3field.nexuspatronage.in.net/verification.google id: auto-40287e1f8b9df5c901ff2f3d1969f5fe069c5af9fd45f0b6da5ba0222de380bd status: experimental description: Detects traffic or activity related to https://dev3field.nexuspatronage.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dev3field.nexuspatronage.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dev2outer.nexuspatronage.in.net/verification.google id: auto-15d9f1899d9913748b9c33129a84f61a719dd85738cbcb12676c082ab50d1cb8 status: experimental description: Detects traffic or activity related to https://dev2outer.nexuspatronage.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dev2outer.nexuspatronage.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dev1proc.nexuspatronage.in.net/verification.google id: auto-aaf2d79d96ead92ef1b667be2a3011284b3f128501f75b331d7a79f39d79e298 status: experimental description: Detects traffic or activity related to https://dev1proc.nexuspatronage.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dev1proc.nexuspatronage.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl4path.vectorprospera.in.net/verification.google id: auto-64b382020a22242f65a35a30d1cb764c8dc5f547ff3ce0121b705dfb34824ed4 status: experimental description: Detects traffic or activity related to https://cl4path.vectorprospera.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl4path.vectorprospera.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl3view.vectorprospera.in.net/verification.google id: auto-ca338ce6c0221e4e87c6450264b29ff1e6e6a1c29a5b0b8b8df5270aff576203 status: experimental description: Detects traffic or activity related to https://cl3view.vectorprospera.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl3view.vectorprospera.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl2point.vectorprospera.in.net/verification.google id: auto-9f16808f66b75c9ef175a6a0f87172b7755f4d400644371e18ea31dc01064c77 status: experimental description: Detects traffic or activity related to https://cl2point.vectorprospera.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl2point.vectorprospera.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl1proc.vectorprospera.in.net/verification.google id: auto-9183b9605302c4a9b88c1df2ef80573700604f3a54771c52b0fd467c9feaacce status: experimental description: Detects traffic or activity related to https://cl1proc.vectorprospera.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl1proc.vectorprospera.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext4view.momentumbloomera.in.net/verification.google id: auto-eb26ff89abe62e30eeb9f6109dc13ab2abd7d6c786364237cfc6f38b21a71000 status: experimental description: Detects traffic or activity related to https://ext4view.momentumbloomera.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext4view.momentumbloomera.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext3ghost.momentumbloomera.in.net/verification.google id: auto-b2d3fea7cc9c544a3bea2bcb45f6fa597931d7479255f6a7066a6e987badaaa3 status: experimental description: Detects traffic or activity related to https://ext3ghost.momentumbloomera.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext3ghost.momentumbloomera.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext2core.momentumbloomera.in.net/verification.google id: auto-e1aca12edc58328dd000eed3073b704c5b41b25679b01c39d3378a00bcf8312b status: experimental description: Detects traffic or activity related to https://ext2core.momentumbloomera.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext2core.momentumbloomera.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext1proc.momentumbloomera.in.net/verification.google id: auto-5bf722289d6c4bd0c543b6fde693c592f7856324ecab4a6eb4a30047a4a9ac20 status: experimental description: Detects traffic or activity related to https://ext1proc.momentumbloomera.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext1proc.momentumbloomera.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc4link.apexharvestor.in.net/verification.google id: auto-7f6410fba8e0c62dcb6af51a658656e1b26f300479260e20e10c7a7cdf8a18b9 status: experimental description: Detects traffic or activity related to https://svc4link.apexharvestor.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc4link.apexharvestor.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc3user.apexharvestor.in.net/verification.google id: auto-a3d8df17ee4a000d04c65e3691beb6ba962d336fb83c7fc44570a0a02a34921c status: experimental description: Detects traffic or activity related to https://svc3user.apexharvestor.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc3user.apexharvestor.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc2base.apexharvestor.in.net/verification.google id: auto-8a393f5d9760dc2ab57cbf2db8285d4118969969bc5d94b499ad5b069f340a19 status: experimental description: Detects traffic or activity related to https://svc2base.apexharvestor.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc2base.apexharvestor.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc1infra.apexharvestor.in.net/verification.google id: auto-06ef822c29f78a19dd006e6e85ede8c349484490137c40d47ec2d9e31d92d562 status: experimental description: Detects traffic or activity related to https://svc1infra.apexharvestor.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc1infra.apexharvestor.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dev4work.covenantventure.in.net/verification.google id: auto-df850f402b0614411f1db15d05d6ddda321f6111bba232914ab2d0379906b818 status: experimental description: Detects traffic or activity related to https://dev4work.covenantventure.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dev4work.covenantventure.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dev3local.covenantventure.in.net/verification.google id: auto-2650c2a381552709bb51a62fdbc1c1b1e0789d2331dd4faf2340ff72eec0bde2 status: experimental description: Detects traffic or activity related to https://dev3local.covenantventure.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dev3local.covenantventure.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dev2power.covenantventure.in.net/verification.google id: auto-664abdc44a047a44ed4322a21df49cf2d0fa53b86f2f61f61bf9dd4e4164fe7d status: experimental description: Detects traffic or activity related to https://dev2power.covenantventure.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dev2power.covenantventure.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dev1proc.covenantventure.in.net/verification.google id: auto-3a7efeda3169b97b0d7ba76920b6d2bc0dac6fddd2f3c41fa7fcdf68916a2e86 status: experimental description: Detects traffic or activity related to https://dev1proc.covenantventure.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dev1proc.covenantventure.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl4link.latticepatronage.in.net/verification.google id: auto-7f01560e51856114fa2e6fd1138c9957af331594e24cc06e33de31085ad5ac7a status: experimental description: Detects traffic or activity related to https://cl4link.latticepatronage.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl4link.latticepatronage.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl3dev.latticepatronage.in.net/verification.google id: auto-6187bea41d51e12716fc0ade865da918d7a31eeb0cd31d5f1fca02dc7ef4890e status: experimental description: Detects traffic or activity related to https://cl3dev.latticepatronage.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl3dev.latticepatronage.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl2remote.latticepatronage.in.net/verification.google id: auto-6d3761abb011bd5d821df6ee58f86ac54091c1b44ed705c0d608380901390990 status: experimental description: Detects traffic or activity related to https://cl2remote.latticepatronage.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl2remote.latticepatronage.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl1store.latticepatronage.in.net/verification.google id: auto-305195be916ae2b2c4d547a254dbc8ab91437d51cc404dc9337568fef1e445b5 status: experimental description: Detects traffic or activity related to https://cl1store.latticepatronage.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl1store.latticepatronage.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext4sync.radiantprospera.in.net/verification.google id: auto-b66682e49138b7205df17770f84cc045fbc75ae739b71b241d6ac54a687ea2eb status: experimental description: Detects traffic or activity related to https://ext4sync.radiantprospera.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext4sync.radiantprospera.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext3gate.radiantprospera.in.net/verification.google id: auto-2fd212560d1c212500c072ce2e48d8b0212c15426923131afc57b34fc6c33c2c status: experimental description: Detects traffic or activity related to https://ext3gate.radiantprospera.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext3gate.radiantprospera.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext2proc.radiantprospera.in.net/verification.google id: auto-97ba46f7d2c37f003ee881b4c8595c1576e67ab78d794b9e6fa1aeb01f279124 status: experimental description: Detects traffic or activity related to https://ext2proc.radiantprospera.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext2proc.radiantprospera.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext1meta.radiantprospera.in.net/verification.google id: auto-51f4d24a76871e7c7f21eef9a0d146b3981c85528acabb38bb70423229b94e91 status: experimental description: Detects traffic or activity related to https://ext1meta.radiantprospera.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext1meta.radiantprospera.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc4static.zenithharbinger.in.net/verification.google id: auto-54110621c9f476738da6f9e98fcdf94424aaf1df542694c7af69d4d466e687dc status: experimental description: Detects traffic or activity related to https://svc4static.zenithharbinger.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc4static.zenithharbinger.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc3edge.zenithharbinger.in.net/verification.google id: auto-260249db7fd22210b8684fecdf047a5de9f248635196f30d572e363ebfc0cae2 status: experimental description: Detects traffic or activity related to https://svc3edge.zenithharbinger.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc3edge.zenithharbinger.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc2data.zenithharbinger.in.net/verification.google id: auto-9e13f694d840ecbe7511f899d84876af4ee6801bc942d6770fbaeced3eda2623 status: experimental description: Detects traffic or activity related to https://svc2data.zenithharbinger.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc2data.zenithharbinger.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc1sync.zenithharbinger.in.net/verification.google id: auto-6b456cb0bdd9b7dd845e832418b791d3c212a90b7f0afd0c98573d1c9eecdbec status: experimental description: Detects traffic or activity related to https://svc1sync.zenithharbinger.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc1sync.zenithharbinger.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext4point.keystoneprospera.in.net/verification.google id: auto-5207c261050f0ba49726d378b94e2d83c15df99cd168160e2c9e0652f3ec5b34 status: experimental description: Detects traffic or activity related to https://ext4point.keystoneprospera.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext4point.keystoneprospera.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext3data.keystoneprospera.in.net/verification.google id: auto-55e3950d192bbc45c0520f2452a3d4e93a7e77c98b23c8fbd8ae95d75ae8ecb9 status: experimental description: Detects traffic or activity related to https://ext3data.keystoneprospera.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext3data.keystoneprospera.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext2proxy.keystoneprospera.in.net/verification.google id: auto-f7a411081ed295a1c174c03f4f9e8c2fec73aeb456b40e3c69b9d426fe218914 status: experimental description: Detects traffic or activity related to https://ext2proxy.keystoneprospera.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext2proxy.keystoneprospera.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext1infra.keystoneprospera.in.net/verification.google id: auto-5a13dcb810e88a87d2eabd2e9c8241f537ce163095e74545caf78249b717406b status: experimental description: Detects traffic or activity related to https://ext1infra.keystoneprospera.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext1infra.keystoneprospera.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc4sat.spectrumforge.in.net/verification.google id: auto-8bd5e9023c2e0aecc8032fe46f03eed0426e4a8dc9051ffbf7e6a1f72c00d2aa status: experimental description: Detects traffic or activity related to https://svc4sat.spectrumforge.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc4sat.spectrumforge.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc3core.spectrumforge.in.net/verification.google id: auto-5cadcd01b65daff5f8388b854f1d52163cd3ec6bd179c74e1344ed69813834a6 status: experimental description: Detects traffic or activity related to https://svc3core.spectrumforge.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc3core.spectrumforge.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc2steel.spectrumforge.in.net/verification.google id: auto-96bbfe4476a1e6a5c5e34bf725a2281df0a57e8bb2c4c609bdf77dd8cefcfe08 status: experimental description: Detects traffic or activity related to https://svc2steel.spectrumforge.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc2steel.spectrumforge.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc1proc.spectrumforge.in.net/verification.google id: auto-93cdb5287d1723f0c24ddfdfd259aefd277ceb3d46a8e9541e08399051829dac status: experimental description: Detects traffic or activity related to https://svc1proc.spectrumforge.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc1proc.spectrumforge.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dev4space.paragonventure.in.net/verification.google id: auto-ee79ceda61fc2a1fb0d6f2021fcf62609541e79cf23cd33e4e87855f02583527 status: experimental description: Detects traffic or activity related to https://dev4space.paragonventure.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dev4space.paragonventure.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dev3field.paragonventure.in.net/verification.google id: auto-69ddc98e24296ecd3d41f5b001d43cf907b0869609f1c44b311f019d9a172a06 status: experimental description: Detects traffic or activity related to https://dev3field.paragonventure.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dev3field.paragonventure.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dev2outer.paragonventure.in.net/verification.google id: auto-a20cbd6f92d2ac982ac21f4f165709b7ebfc9f46e98da779011f885dfd01b0d7 status: experimental description: Detects traffic or activity related to https://dev2outer.paragonventure.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dev2outer.paragonventure.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dev1proc.paragonventure.in.net/verification.google id: auto-c7d9a9402fba308f1943c2dace200092904db1cdd716cf2dda21d4fd57f46d05 status: experimental description: Detects traffic or activity related to https://dev1proc.paragonventure.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dev1proc.paragonventure.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl4path.quantumprospera.in.net/verification.google id: auto-ec8cf9dc3a1eafa09573b797007d9ee1f2adacbbd9729f55afb159af024bfe68 status: experimental description: Detects traffic or activity related to https://cl4path.quantumprospera.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl4path.quantumprospera.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl3view.quantumprospera.in.net/verification.google id: auto-a7d4487e400a2bc6a1d76ceb8c07ba0278ce102d79c48bf2892745e5b5d236b7 status: experimental description: Detects traffic or activity related to https://cl3view.quantumprospera.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl3view.quantumprospera.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl2point.quantumprospera.in.net/verification.google id: auto-a30ef4f6a83cea365d6c106e63fe02af91d4d97f0574292a276850181c3fb9f2 status: experimental description: Detects traffic or activity related to https://cl2point.quantumprospera.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl2point.quantumprospera.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl1proc.quantumprospera.in.net/verification.google id: auto-bb1c9cdfa066602a9b73da746ac2d5acaacbf93941d7ef63d4f2bb3fd3843a68 status: experimental description: Detects traffic or activity related to https://cl1proc.quantumprospera.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl1proc.quantumprospera.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext4view.nexusharbora.in.net/verification.google id: auto-47b2dc8f17e28424a445d4b9aa85e4259b2f644a54efc6a35819e1654d0d0f8b status: experimental description: Detects traffic or activity related to https://ext4view.nexusharbora.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext4view.nexusharbora.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext3ghost.nexusharbora.in.net/verification.google id: auto-923bcc008a7b0b78c580f544758eccc9819b9101860af4e7e9863819a8748bb2 status: experimental description: Detects traffic or activity related to https://ext3ghost.nexusharbora.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext3ghost.nexusharbora.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext2core.nexusharbora.in.net/verification.google id: auto-27fe42d668b077f2ddfcc0fb3d4bed7e732f31aa2e76172bf1f2b2989ec7ac1a status: experimental description: Detects traffic or activity related to https://ext2core.nexusharbora.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext2core.nexusharbora.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext1proc.nexusharbora.in.net/verification.google id: auto-bf6d4d963dfbdbb32fd8cfd6bc1b6d6fc54fc06f35850108e2c8287b1667fdb8 status: experimental description: Detects traffic or activity related to https://ext1proc.nexusharbora.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext1proc.nexusharbora.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc4link.luminouspatron.in.net/verification.google id: auto-dc371a22129a5f75fceeeac8ac9fddf5b4088618a20fc03158532b3fa1f8eb3e status: experimental description: Detects traffic or activity related to https://svc4link.luminouspatron.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc4link.luminouspatron.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc3user.luminouspatron.in.net/verification.google id: auto-2fc616a83792ccca858cc8860728c776d5d54966d09da32fc832897f71b40248 status: experimental description: Detects traffic or activity related to https://svc3user.luminouspatron.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc3user.luminouspatron.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc2base.luminouspatron.in.net/verification.google id: auto-835c3567399d76233f310c96ca79027ca9e2ff4de8f8f9aef0f759d64852691b status: experimental description: Detects traffic or activity related to https://svc2base.luminouspatron.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc2base.luminouspatron.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc1infra.luminouspatron.in.net/verification.google id: auto-7dbe43bafbf8eb01a85e55fbc0178f62b8269478863b4948bb76e9e4257c891b status: experimental description: Detects traffic or activity related to https://svc1infra.luminouspatron.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc1infra.luminouspatron.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dev4work.apexbloomera.in.net/verification.google id: auto-953fecca6124046076b21305c890179bc2b6de3d74618436712375cb689352d8 status: experimental description: Detects traffic or activity related to https://dev4work.apexbloomera.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dev4work.apexbloomera.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dev3local.apexbloomera.in.net/verification.google id: auto-8fa2991a8af155241755a17f9183338e5aa052a97c7b4e5b2ed261eaa9961625 status: experimental description: Detects traffic or activity related to https://dev3local.apexbloomera.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dev3local.apexbloomera.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dev2power.apexbloomera.in.net/verification.google id: auto-ec6d0ce6b39a528aa321ea2702592b890263deccd28780e0435c934ea422caa2 status: experimental description: Detects traffic or activity related to https://dev2power.apexbloomera.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dev2power.apexbloomera.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dev1proc.apexbloomera.in.net/verification.google id: auto-4b10715da629c1340100d910d70be5cc48ed8c19ea9ed77cdeba5e3d33106ad6 status: experimental description: Detects traffic or activity related to https://dev1proc.apexbloomera.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dev1proc.apexbloomera.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl4link.horizonprospera.in.net/verification.google id: auto-f833778883202159cd99df6646f90bac6e23366ab18462a3f497b33c99998be1 status: experimental description: Detects traffic or activity related to https://cl4link.horizonprospera.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl4link.horizonprospera.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl3dev.horizonprospera.in.net/verification.google id: auto-bd4656ba0df8038f0e2d455e3013b3f6de22d419d96b569943becb420c606a4a status: experimental description: Detects traffic or activity related to https://cl3dev.horizonprospera.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl3dev.horizonprospera.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl2remote.horizonprospera.in.net/verification.google id: auto-09d0b96c5b9fa7a7431c9f00493832e4b65439a2100e92e018423276a49cd897 status: experimental description: Detects traffic or activity related to https://cl2remote.horizonprospera.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl2remote.horizonprospera.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl1store.horizonprospera.in.net/verification.google id: auto-f69fa346162648b2ed6132321495881c39ad94787d79d22017c7a0df8b6aae8c status: experimental description: Detects traffic or activity related to https://cl1store.horizonprospera.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl1store.horizonprospera.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext4sync.catalystventure.in.net/verification.google id: auto-7391caa760f97857921d097f88698f776362848a73d0ec796090bcd78aae1d66 status: experimental description: Detects traffic or activity related to https://ext4sync.catalystventure.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext4sync.catalystventure.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext3gate.catalystventure.in.net/verification.google id: auto-2384465e221cf5bc3330f9307bbff9dfad47cde6d2657485953f36006e531b85 status: experimental description: Detects traffic or activity related to https://ext3gate.catalystventure.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext3gate.catalystventure.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext2proc.catalystventure.in.net/verification.google id: auto-642950fa79e3a4195ab7d533e09c02c6192f4e508e098676e10d3aa97ef5c9eb status: experimental description: Detects traffic or activity related to https://ext2proc.catalystventure.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext2proc.catalystventure.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext1meta.catalystventure.in.net/verification.google id: auto-601945cb621864aa51d60e14ec858c211323f2f16bdfd16cb400e892b99ddda4 status: experimental description: Detects traffic or activity related to https://ext1meta.catalystventure.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext1meta.catalystventure.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc4static.vectorharbinger.in.net/verification.google id: auto-bfdd48e2fa5b71edee7a9c581d87a492c81014929329b50628046f084d01bb92 status: experimental description: Detects traffic or activity related to https://svc4static.vectorharbinger.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc4static.vectorharbinger.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc3edge.vectorharbinger.in.net/verification.google id: auto-5da5c8cb65fe18745303ffec5b75dc0496b6725d530977ed1d6e2432f4ac1e67 status: experimental description: Detects traffic or activity related to https://svc3edge.vectorharbinger.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc3edge.vectorharbinger.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc2data.vectorharbinger.in.net/verification.google id: auto-cf1584c9dd202189e2ed69831ef3a8ca8da21f4b66420518b3e1718d473affdc status: experimental description: Detects traffic or activity related to https://svc2data.vectorharbinger.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc2data.vectorharbinger.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc1sync.vectorharbinger.in.net/verification.google id: auto-39f3d3165996962a9743127f5fdb303af4665df5e4e19013d3050cb374650631 status: experimental description: Detects traffic or activity related to https://svc1sync.vectorharbinger.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc1sync.vectorharbinger.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext4point.possibilsubject.in.net/verification.google id: auto-ea9e282d725db99f48f52c735fc8cdc79e07341a5e77c12fd1a92efd455a33b0 status: experimental description: Detects traffic or activity related to https://ext4point.possibilsubject.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext4point.possibilsubject.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext3data.possibilsubject.in.net/verification.google id: auto-f40189e08d10ca9108cf8d27a94234b4a5c2f3d1ae805816d4ca35c3e28bc5dc status: experimental description: Detects traffic or activity related to https://ext3data.possibilsubject.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext3data.possibilsubject.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext2proxy.possibilsubject.in.net/verification.google id: auto-365a5b2544d4ded47809b379a0167c699f2442d5025d598fbb75a3e7f151007d status: experimental description: Detects traffic or activity related to https://ext2proxy.possibilsubject.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext2proxy.possibilsubject.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext1infra.possibilsubject.in.net/verification.google id: auto-9258cbef46e2a3f32dce03ddd29d4dcb363b4b2de38307c3873f31180ceaaa46 status: experimental description: Detects traffic or activity related to https://ext1infra.possibilsubject.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext1infra.possibilsubject.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc4sat.greyreduction.in.net/verification.google id: auto-72ced48ba00da4f6cfa60fc883deeadc21a75450679c98f013faf44b9048f738 status: experimental description: Detects traffic or activity related to https://svc4sat.greyreduction.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc4sat.greyreduction.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc3core.greyreduction.in.net/verification.google id: auto-7430e31ba9497953d57dc7aedfe4ffdae796b298a35c94d6b5dbbfdd191a205d status: experimental description: Detects traffic or activity related to https://svc3core.greyreduction.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc3core.greyreduction.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc2steel.greyreduction.in.net/verification.google id: auto-eb7934db5dfa07bd7e042bce574eed379606f32a2284eba332ca1810e3bb7914 status: experimental description: Detects traffic or activity related to https://svc2steel.greyreduction.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc2steel.greyreduction.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc1proc.greyreduction.in.net/verification.google id: auto-cc34dc3e8c7e3528df4fac3ebe29d94d03a3cac8a92a4806f8264605c0240960 status: experimental description: Detects traffic or activity related to https://svc1proc.greyreduction.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc1proc.greyreduction.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dev4space.meaningvitiaty.in.net/verification.google id: auto-29b0f6103c0e1d41bb5f6b180a955f0cc71fe49c686fff6e5ccfe8a846544015 status: experimental description: Detects traffic or activity related to https://dev4space.meaningvitiaty.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dev4space.meaningvitiaty.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dev3field.meaningvitiaty.in.net/verification.google id: auto-a456d407fc79b514d157948333b94754584f7f69a293e61a9cae332e57f11888 status: experimental description: Detects traffic or activity related to https://dev3field.meaningvitiaty.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dev3field.meaningvitiaty.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dev2outer.meaningvitiaty.in.net/verification.google id: auto-3028b49988497f68c2d8b3d1f580b4893a2924d05980ea4ee68d191e02f2ec5a status: experimental description: Detects traffic or activity related to https://dev2outer.meaningvitiaty.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dev2outer.meaningvitiaty.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dev1proc.meaningvitiaty.in.net/verification.google id: auto-a3b7001bdac77017dc83d87f5c41ba3a66292872afcc08c5871b025e1a2eedc7 status: experimental description: Detects traffic or activity related to https://dev1proc.meaningvitiaty.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dev1proc.meaningvitiaty.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl4path.sororatspot.in.net/verification.google id: auto-82f47472e9553d3afbd8ed50c0557d1c718edaad55c5236def8477e0817130b1 status: experimental description: Detects traffic or activity related to https://cl4path.sororatspot.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl4path.sororatspot.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl3view.sororatspot.in.net/verification.google id: auto-ac97dfd9b608114eb6a8c43261c9d25586f1a6cd446596e87ac3a7fb3d261f0f status: experimental description: Detects traffic or activity related to https://cl3view.sororatspot.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl3view.sororatspot.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl2point.sororatspot.in.net/verification.google id: auto-4b80758d3b16c4bc7c971f35e54e4be36d278bd1962460a51052ab1676ad6b5b status: experimental description: Detects traffic or activity related to https://cl2point.sororatspot.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl2point.sororatspot.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl1proc.sororatspot.in.net/verification.google id: auto-cbbb580103b7824c468522cb30cc97d0f965ba90c6343c4311219ca300a53300 status: experimental description: Detects traffic or activity related to https://cl1proc.sororatspot.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl1proc.sororatspot.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext4view.pleasedprism.in.net/verification.google id: auto-bbcb89989d3638eac738d155401cde675c063c62407a7e4ab2a31db83eae4009 status: experimental description: Detects traffic or activity related to https://ext4view.pleasedprism.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext4view.pleasedprism.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext3ghost.pleasedprism.in.net/verification.google id: auto-87bfd8df16314caaad5a5e165eb7696739ab6f6cf8cb5bd6aba1ed424407627a status: experimental description: Detects traffic or activity related to https://ext3ghost.pleasedprism.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext3ghost.pleasedprism.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext2core.pleasedprism.in.net/verification.google id: auto-58a9f811946da1231f14b3335a3db5f695652106d9704892b0824f66a6d1f14a status: experimental description: Detects traffic or activity related to https://ext2core.pleasedprism.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext2core.pleasedprism.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext1proc.pleasedprism.in.net/verification.google id: auto-079af7767bb432bdc860f2f0e3eb52bc25b0aada4b6fc5e8b88d2704e1464138 status: experimental description: Detects traffic or activity related to https://ext1proc.pleasedprism.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext1proc.pleasedprism.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc4link.canisterget.in.net/verification.google id: auto-8af511168923d1bc8d0c2c3c8ccc628bcc068bac1f6dfdd33636a30b69e902a4 status: experimental description: Detects traffic or activity related to https://svc4link.canisterget.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc4link.canisterget.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc3user.canisterget.in.net/verification.google id: auto-80123e1cb2e2b0da3280dc0822557e2abbbdd067f1e1995b1fe24d9da6528cf1 status: experimental description: Detects traffic or activity related to https://svc3user.canisterget.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc3user.canisterget.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc2base.canisterget.in.net/verification.google id: auto-a3e9dc57c9309e1325178018a79dd4d7a2118109176cf1529ddbea3b7e15995e status: experimental description: Detects traffic or activity related to https://svc2base.canisterget.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc2base.canisterget.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc1infra.canisterget.in.net/verification.google id: auto-80982dc933b41fe3499a9439235a9d2c580c87b62acfba229ab34ab9816b631c status: experimental description: Detects traffic or activity related to https://svc1infra.canisterget.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc1infra.canisterget.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dev4work.dressingsix.in.net/verification.google id: auto-92b4b17b69b6c36c56e571c0e26d1d40b33b13d906017f889ebbe92e1602b148 status: experimental description: Detects traffic or activity related to https://dev4work.dressingsix.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dev4work.dressingsix.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dev3local.dressingsix.in.net/verification.google id: auto-fb2e1310eee2aaabccdca4ca0990f2e06d2461fa6b0cb07e25e4592b0ef8d8c0 status: experimental description: Detects traffic or activity related to https://dev3local.dressingsix.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dev3local.dressingsix.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dev2power.dressingsix.in.net/verification.google id: auto-08c5bcd311063fac1fe1053af4aee3c3957166c7514917218d9db93168470f3b status: experimental description: Detects traffic or activity related to https://dev2power.dressingsix.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dev2power.dressingsix.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dev1proc.dressingsix.in.net/verification.google id: auto-d29723545920d69a45a45b467c91538f54b06baba9fe925ebc1d737e495dcdb4 status: experimental description: Detects traffic or activity related to https://dev1proc.dressingsix.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dev1proc.dressingsix.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl4link.duralmanganese.in.net/verification.google id: auto-049a3ede04b1c3b8f2f0358852b2ca830aa919f981bd2c14f081ab602cc20353 status: experimental description: Detects traffic or activity related to https://cl4link.duralmanganese.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl4link.duralmanganese.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl3dev.duralmanganese.in.net/verification.google id: auto-98e46b86e964c4dfa3b9fe2eb1efa1f6e1dbc0bf327380f02b5e70d163a8ea53 status: experimental description: Detects traffic or activity related to https://cl3dev.duralmanganese.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl3dev.duralmanganese.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl2remote.duralmanganese.in.net/verification.google id: auto-3b5a8efd3ee431a53ca0498e980c707811ad0122a5031f89aa6bb889393fbb04 status: experimental description: Detects traffic or activity related to https://cl2remote.duralmanganese.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl2remote.duralmanganese.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl1store.duralmanganese.in.net/verification.google id: auto-f3adcf4f2f4fffd519883ed038e7db430d1ebf7dffffa7d5ce893e07c4f5db30 status: experimental description: Detects traffic or activity related to https://cl1store.duralmanganese.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl1store.duralmanganese.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext4sync.altruistchimes.in.net/verification.google id: auto-7455597237c78159890b6697d5d2db17de456952ba0a934600cbc5f2af2e2c0c status: experimental description: Detects traffic or activity related to https://ext4sync.altruistchimes.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext4sync.altruistchimes.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext3gate.altruistchimes.in.net/verification.google id: auto-07c9a7794926aa1ba35c934069eba4a7caaf01bda9a2a42444f81582a9eb19f7 status: experimental description: Detects traffic or activity related to https://ext3gate.altruistchimes.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext3gate.altruistchimes.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext2proc.altruistchimes.in.net/verification.google id: auto-60d7479e9255ff3c37eea07291c3a7de59172e3a5d17f4e2dfd5264502b53acf status: experimental description: Detects traffic or activity related to https://ext2proc.altruistchimes.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext2proc.altruistchimes.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext1meta.altruistchimes.in.net/verification.google id: auto-fc16b76302457dc9931905c693f97c24421aff85ccff80f2671ddd6c24cf4927 status: experimental description: Detects traffic or activity related to https://ext1meta.altruistchimes.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext1meta.altruistchimes.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc4static.pendantwhip.in.net/verification.google id: auto-ce1fa11979475c1778bded797ecff3a33c0807ebccc6db19b18111fc8a6c9696 status: experimental description: Detects traffic or activity related to https://svc4static.pendantwhip.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc4static.pendantwhip.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc3edge.pendantwhip.in.net/verification.google id: auto-8d1bdd8c1cde186b19ef0a73e2b4373c0bb3cb326029ff97d9e29237589ad3c2 status: experimental description: Detects traffic or activity related to https://svc3edge.pendantwhip.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc3edge.pendantwhip.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc2data.pendantwhip.in.net/verification.google id: auto-7a6890be03df2cd6b4c971d9d47e577936233b9c6636d77a009c8d2aa23f6cb9 status: experimental description: Detects traffic or activity related to https://svc2data.pendantwhip.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc2data.pendantwhip.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc1sync.pendantwhip.in.net/verification.google id: auto-321a839572ca2cf5e59589667dea6f114e5f55601b0a3914a400bf0a6d930053 status: experimental description: Detects traffic or activity related to https://svc1sync.pendantwhip.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc1sync.pendantwhip.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext4point.hastyraja.in.net/verification.google id: auto-a9e71139564e597713a810208d85eeaf189fabe9cbb1725c07c985439186625a status: experimental description: Detects traffic or activity related to https://ext4point.hastyraja.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext4point.hastyraja.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext3data.hastyraja.in.net/verification.google id: auto-cd13bd2c6d2e527352f0607b7d827fbcd2be3e5daca7d8f4dce9be1e766241fc status: experimental description: Detects traffic or activity related to https://ext3data.hastyraja.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext3data.hastyraja.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext2proxy.hastyraja.in.net/verification.google id: auto-b119af67d71d7929313e0775799cf8fdf080f6a4b473aa4f188a9a7fcd843a61 status: experimental description: Detects traffic or activity related to https://ext2proxy.hastyraja.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext2proxy.hastyraja.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext1infra.hastyraja.in.net/verification.google id: auto-fc4f80300a0d5ea61efd374b04e501f6f72a7d9c027b67cdcf2f2ded434440c3 status: experimental description: Detects traffic or activity related to https://ext1infra.hastyraja.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext1infra.hastyraja.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc4sat.playrevenater.in.net/verification.google id: auto-de54829b5b07aeff1f1fff80bf7575c244b8214840275c232b856eeac77a1703 status: experimental description: Detects traffic or activity related to https://svc4sat.playrevenater.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc4sat.playrevenater.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc3core.playrevenater.in.net/verification.google id: auto-976faf2393fea86f2d9644e4b77913ebd72315896ea514d59000df7b06b4442c status: experimental description: Detects traffic or activity related to https://svc3core.playrevenater.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc3core.playrevenater.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc2steel.playrevenater.in.net/verification.google id: auto-4c6c561e83f96d01f82a7793ea01cd9c5bd3a69a1844ad38517c7ba5a7d2cda5 status: experimental description: Detects traffic or activity related to https://svc2steel.playrevenater.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc2steel.playrevenater.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc1proc.playrevenater.in.net/verification.google id: auto-1d1c529b1e18c26f3a849af573d1400289a77e2d1aab87183acbc1be870ebfd5 status: experimental description: Detects traffic or activity related to https://svc1proc.playrevenater.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc1proc.playrevenater.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dev4space.controlpeople.in.net/verification.google id: auto-76ba8e06fec19bebcc8b6377363867256c6c8ebdeaa88df7e7223215dd5f741c status: experimental description: Detects traffic or activity related to https://dev4space.controlpeople.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dev4space.controlpeople.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dev3field.controlpeople.in.net/verification.google id: auto-7d1f51ccf73920b4fcd9bde516376b0d5145bc2b965b996b2e7ec21e8c55dcd6 status: experimental description: Detects traffic or activity related to https://dev3field.controlpeople.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dev3field.controlpeople.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dev2outer.controlpeople.in.net/verification.google id: auto-ad79c4dfb72d49060d6c9ffc1c4483bae3d10a39817c8d1c41de4d097a5b3dc3 status: experimental description: Detects traffic or activity related to https://dev2outer.controlpeople.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dev2outer.controlpeople.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dev1proc.controlpeople.in.net/verification.google id: auto-0f81ac0093c8942242261ebb4c99457cd472758fa14d25d6f9a751d819aedada status: experimental description: Detects traffic or activity related to https://dev1proc.controlpeople.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dev1proc.controlpeople.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl4path.mesozoicunder.in.net/verification.google id: auto-1ca46a0a8498f737b085332b82b477593e6f91509a99de3dcfe7c85753cfded0 status: experimental description: Detects traffic or activity related to https://cl4path.mesozoicunder.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl4path.mesozoicunder.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl3view.mesozoicunder.in.net/verification.google id: auto-0c91b948b4b6bcf5fcf68409fe7b0b5e891a72f6d713135b0e19cdeb1bbccc43 status: experimental description: Detects traffic or activity related to https://cl3view.mesozoicunder.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl3view.mesozoicunder.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl2point.mesozoicunder.in.net/verification.google id: auto-f0c4be8d826bdab428c33a899be481be75b762fbe03ca08b300e1677db6b8e0c status: experimental description: Detects traffic or activity related to https://cl2point.mesozoicunder.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl2point.mesozoicunder.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl1proc.mesozoicunder.in.net/verification.google id: auto-ab3bf13f5ac643c417f1c26974f3507d27310e02d2609559be51c534bd815e1b status: experimental description: Detects traffic or activity related to https://cl1proc.mesozoicunder.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl1proc.mesozoicunder.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext4view.archaicwillow.in.net/verification.google id: auto-70442180bbfd779c5f1ca765c3fece1937223180ab5b7f31c6545fd4b5907c01 status: experimental description: Detects traffic or activity related to https://ext4view.archaicwillow.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext4view.archaicwillow.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext3ghost.archaicwillow.in.net/verification.google id: auto-f4d66d49ad866563281699bf84d5ff4405c42a544d999ac71d55c589fea79266 status: experimental description: Detects traffic or activity related to https://ext3ghost.archaicwillow.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext3ghost.archaicwillow.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext2core.archaicwillow.in.net/verification.google id: auto-2b5efea47a9d41a1a13a3047dad1e439d799b6fcaa795749db4e48b32271fe39 status: experimental description: Detects traffic or activity related to https://ext2core.archaicwillow.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext2core.archaicwillow.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext1proc.archaicwillow.in.net/verification.google id: auto-188e9613bb392632d1cc404bed98c2023312968ecbb0d1ea23f49b1d81de5c1c status: experimental description: Detects traffic or activity related to https://ext1proc.archaicwillow.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext1proc.archaicwillow.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc4link.accomplicerepreh.in.net/verification.google id: auto-d980385dc02a10cfc871ed4403488edc00de36833848bfddbdbb9882556c4bf1 status: experimental description: Detects traffic or activity related to https://svc4link.accomplicerepreh.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc4link.accomplicerepreh.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc3user.accomplicerepreh.in.net/verification.google id: auto-4ed4ac887a80af859d21667afcdea0d008d668ef3627f83136619c6db39d7732 status: experimental description: Detects traffic or activity related to https://svc3user.accomplicerepreh.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc3user.accomplicerepreh.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc2base.accomplicerepreh.in.net/verification.google id: auto-e7505160b124c266706dbf49aa7f5daa60ee102a52f2d4d1dfcee149a9f084eb status: experimental description: Detects traffic or activity related to https://svc2base.accomplicerepreh.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc2base.accomplicerepreh.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc1infra.accomplicerepreh.in.net/verification.google id: auto-dd93f64e3da151914c99176452c252f8aea6717e77d17ddd2c6b55378e584f77 status: experimental description: Detects traffic or activity related to https://svc1infra.accomplicerepreh.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc1infra.accomplicerepreh.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dev4work.banchiktend.in.net/verification.google id: auto-56ce6e713d6353b0c3e4b0615723dbb09d024028c4fdbf0093728f986e00a234 status: experimental description: Detects traffic or activity related to https://dev4work.banchiktend.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dev4work.banchiktend.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dev3local.banchiktend.in.net/verification.google id: auto-cc962b10d3cce0aef3bbd7a1a215daac0330f68d42d7543520d74e6ca6b9071a status: experimental description: Detects traffic or activity related to https://dev3local.banchiktend.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dev3local.banchiktend.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dev2power.banchiktend.in.net/verification.google id: auto-6558bc21dc1a62574f720d3dc4c106b5ce0b7b29a82a3231fda4348a43b4de7b status: experimental description: Detects traffic or activity related to https://dev2power.banchiktend.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dev2power.banchiktend.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dev1proc.banchiktend.in.net/verification.google id: auto-43b956dea167909ad026d4737ff7e73e0ba56069edcb127530a77074cabd5ceb status: experimental description: Detects traffic or activity related to https://dev1proc.banchiktend.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dev1proc.banchiktend.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl4link.conditoverwinter.in.net/verification.google id: auto-0fff3d29c7190d100d693edd84295c73d4cecdd0f3f98729406914aac7dba2e4 status: experimental description: Detects traffic or activity related to https://cl4link.conditoverwinter.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl4link.conditoverwinter.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl3dev.conditoverwinter.in.net/verification.google id: auto-0aae352d802c57b29d60887b565ce52f7622dfc0688252f53b322a0bae2e7464 status: experimental description: Detects traffic or activity related to https://cl3dev.conditoverwinter.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl3dev.conditoverwinter.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl2remote.conditoverwinter.in.net/verification.google id: auto-3a2512d35dd436bf0c445a26040836d6f4695aa787475bfc29c19f788c14b1bf status: experimental description: Detects traffic or activity related to https://cl2remote.conditoverwinter.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl2remote.conditoverwinter.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl1store.conditoverwinter.in.net/verification.google id: auto-cbaeb6483d213ac6470dc735e79a64777f8c4a839e06f66420088bf1f83d1126 status: experimental description: Detects traffic or activity related to https://cl1store.conditoverwinter.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl1store.conditoverwinter.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext4sync.droolingman.in.net/verification.google id: auto-af28d10f74be5593dd67017df0b78d20f60174f6e29e2914d3c563f1706f98fe status: experimental description: Detects traffic or activity related to https://ext4sync.droolingman.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext4sync.droolingman.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext3gate.droolingman.in.net/verification.google id: auto-17372e823a36b868cdd504d273b9115cc4a903d14d6cf970e43b29f71e92b07f status: experimental description: Detects traffic or activity related to https://ext3gate.droolingman.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext3gate.droolingman.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext2proc.droolingman.in.net/verification.google id: auto-041ae36e3174a6cac8b9a4208db5c58a9fe0834398ac41c2976e97bd4f50dc5e status: experimental description: Detects traffic or activity related to https://ext2proc.droolingman.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext2proc.droolingman.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext1meta.droolingman.in.net/verification.google id: auto-11f78eb01c6c4a04d4ef72fab2837a8941f3ab9ca8fb0a1adb5660417030fa36 status: experimental description: Detects traffic or activity related to https://ext1meta.droolingman.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext1meta.droolingman.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc4static.apatitemoshka.in.net/verification.google id: auto-3283ac493d5074d0930285c75258b1683f09361bb1f1aa66612bd74c7ce112d9 status: experimental description: Detects traffic or activity related to https://svc4static.apatitemoshka.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc4static.apatitemoshka.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc3edge.apatitemoshka.in.net/verification.google id: auto-5f03aede2c418608f1c1f773c77ce5e054d952e7a11c8cf9d20bb3c4e6ec3986 status: experimental description: Detects traffic or activity related to https://svc3edge.apatitemoshka.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc3edge.apatitemoshka.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc2data.apatitemoshka.in.net/verification.google id: auto-9824eced998261001dcea74ffd271fd9338b9b3c95400289e9c1af073f4c2b15 status: experimental description: Detects traffic or activity related to https://svc2data.apatitemoshka.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc2data.apatitemoshka.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc1sync.apatitemoshka.in.net/verification.google id: auto-bbb589d53a760f6483d742f1059aa0d6d981c59fa18b4fe7978730625dd5b0df status: experimental description: Detects traffic or activity related to https://svc1sync.apatitemoshka.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc1sync.apatitemoshka.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://extendecho.keystonebloom.in.net/verification.google id: auto-fad3d88ec45fadf8aa191e725d556d5baca286be15d50d4343aeee52a7f00eb4 status: experimental description: Detects traffic or activity related to https://extendecho.keystonebloom.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://extendecho.keystonebloom.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://raildecode.radiantventure.in.net/verification.google id: auto-4cc5ce08e53898c3508d24e9b57c00ac53034948fe22dc35dc58a765f9fe9dff status: experimental description: Detects traffic or activity related to https://raildecode.radiantventure.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://raildecode.radiantventure.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://lumvenon7.echelonprosper.in.net/verification.google id: auto-45fba5c304eea3ae4dd6c1160f8db6b478e17b5a911215087f14d6d7ed77cef9 status: experimental description: Detects traffic or activity related to https://lumvenon7.echelonprosper.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://lumvenon7.echelonprosper.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://spring-notif.paragonforge.in.net/verification.google id: auto-377dd40274a619586ad25bf733cdd6229b947fd989defd9416b6335f94a6ef24 status: experimental description: Detects traffic or activity related to https://spring-notif.paragonforge.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://spring-notif.paragonforge.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://79iy.spectrumharvest.in.net/verification.google id: auto-2a04e035f942a5dedd2925266f3b353111402db1449b98a95278d3f818cc8555 status: experimental description: Detects traffic or activity related to https://79iy.spectrumharvest.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://79iy.spectrumharvest.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://4vggd.zenithpatron.in.net/verification.google id: auto-068ed446a6bb7e2391363bb8a073ff6dd1eddedcfe9a0472b966b0c3a5a9d7f4 status: experimental description: Detects traffic or activity related to https://4vggd.zenithpatron.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://4vggd.zenithpatron.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://flow-pil.covenantbloom.in.net/verification.google id: auto-75141f9bc846f4d73fdda66c33bc9dffad79fb716a4d5b5593e3317bf7528744 status: experimental description: Detects traffic or activity related to https://flow-pil.covenantbloom.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://flow-pil.covenantbloom.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://unloadalig.latticeventure.in.net/verification.google id: auto-a3bbdc4456b369333b93a70d3b5ef423821590cbfbc7d49e768df766a2b7f3cb status: experimental description: Detects traffic or activity related to https://unloadalig.latticeventure.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://unloadalig.latticeventure.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://audiodemand.momentumharbor.in.net/verification.google id: auto-9a32e731ce1ffbf11cf69258490e2bf743f99d5b1f5e91407610cb7e36d09443 status: experimental description: Detects traffic or activity related to https://audiodemand.momentumharbor.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://audiodemand.momentumharbor.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://3ep11.tr4cefox.in.net/verification.google id: auto-47af7ba252d6e47249c1c03240a29ddaef29ebffe72f8003b77425fa93e35e6a status: experimental description: Detects traffic or activity related to https://3ep11.tr4cefox.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://3ep11.tr4cefox.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://imagvalley.mirthbay.in.net/verification.google id: auto-99935cb8c6e9294ff033764a617e99c3b881e2eb30f530f3e558897a6e683c87 status: experimental description: Detects traffic or activity related to https://imagvalley.mirthbay.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://imagvalley.mirthbay.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://sort-scope.larkspin.in.net/verification.google id: auto-6d6aed54483873bcfffbb74cd99f3adab78832b1e8fde4fed1e8a69d97957f7c status: experimental description: Detects traffic or activity related to https://sort-scope.larkspin.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://sort-scope.larkspin.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://qjbtkqgb.brimvale.in.net/verification.google id: auto-9bc49dd7378086c81a3c4d9a75ebaa28d5c209af6f15057653c29fe84b979aca status: experimental description: Detects traffic or activity related to https://qjbtkqgb.brimvale.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://qjbtkqgb.brimvale.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://prairialp.n1mbleoak.in.net/verification.google id: auto-30deb9ecf0379eeaefe751fbbfc5baf8564d864716cf98ee527457fbc40bbf8c status: experimental description: Detects traffic or activity related to https://prairialp.n1mbleoak.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://prairialp.n1mbleoak.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://finalvide.duskforge.in.net/verification.google id: auto-27e23059b89fa7af2bd205dc5e067de860533ec43df88595e6e78c0ca00ae519 status: experimental description: Detects traffic or activity related to https://finalvide.duskforge.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://finalvide.duskforge.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://tipg.rivermint.in.net/verification.google id: auto-8071b69d503633b75613803265ccaf28fd0d32462a35bf4e6737472169a9e0c4 status: experimental description: Detects traffic or activity related to https://tipg.rivermint.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://tipg.rivermint.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://plasmapublic.flare-path.in.net/verification.google id: auto-99114b75a49575476c90b2057540c65390b4fba890e9fa1bef2d78b6bc623ff7 status: experimental description: Detects traffic or activity related to https://plasmapublic.flare-path.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://plasmapublic.flare-path.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ktyf9zwv.skyl0om.in.net/verification.google id: auto-66162e7df07155fae0c5d88d8dfd72d477bf5260d760c794e53952f8be0b5f75 status: experimental description: Detects traffic or activity related to https://ktyf9zwv.skyl0om.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ktyf9zwv.skyl0om.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cdecp45.graincrest.in.net/verification.google id: auto-6c5a69f981bd88e1107b085483b093099e26152db59fddf6b4781a3255afed70 status: experimental description: Detects traffic or activity related to https://cdecp45.graincrest.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cdecp45.graincrest.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://yq6zjr5.q7ravo.in.net/verification.google id: auto-171ec94c7fa2862b2e18c1d877456bd8deccae8660b019534631f0ea5cb786bc status: experimental description: Detects traffic or activity related to https://yq6zjr5.q7ravo.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://yq6zjr5.q7ravo.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://tensorecho.thistlecore.in.net/verification.google id: auto-9d9cb2b8f3eb6a6b7290391621d27fe4e4fb70f2aa469d081784b22b35797213 status: experimental description: Detects traffic or activity related to https://tensorecho.thistlecore.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://tensorecho.thistlecore.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://hhxxz.stone-blink.in.net/verification.google id: auto-0f36dfeafa584d045cd0dfe68a9ffcb5b42be21e30362b1eaf3f170674088fae status: experimental description: Detects traffic or activity related to https://hhxxz.stone-blink.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://hhxxz.stone-blink.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://invoicgran.cl0verrun.in.net/verification.google id: auto-0514d5b3efbec168849b65b20baf20e3e9fcdaddb667a953339d6bf264a18dcf status: experimental description: Detects traffic or activity related to https://invoicgran.cl0verrun.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://invoicgran.cl0verrun.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://wmwr.keystonebloom.in.net/verification.google id: auto-abd4eee64b0125d5aaefafc64ff48ea0a0ec1b94ae3b05176c1466018dbd96af status: experimental description: Detects traffic or activity related to https://wmwr.keystonebloom.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://wmwr.keystonebloom.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://storagegust.keystonebloom.in.net/verification.google id: auto-213cfbff2966ad61f261060e96f05b095f6a8e15b326af2951204ba27a516e67 status: experimental description: Detects traffic or activity related to https://storagegust.keystonebloom.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://storagegust.keystonebloom.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://5ync-branch.keystonebloom.in.net/verification.google id: auto-c6f4d5d579cea394aeff044718b253ee49caae325c85ab541d2b30a7c1e09ec3 status: experimental description: Detects traffic or activity related to https://5ync-branch.keystonebloom.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://5ync-branch.keystonebloom.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://globaledi.keystonebloom.in.net/verification.google id: auto-002c8ca10741b3b265f29d64aa428148ba2d817a0ac8294d0588dd32d0f45bc2 status: experimental description: Detects traffic or activity related to https://globaledi.keystonebloom.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://globaledi.keystonebloom.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://p1ne-cache.keystonebloom.in.net/verification.google id: auto-f3edaae1c53df372d3166c76d7433ffba7a4eed81fc4240c29913de309a907e3 status: experimental description: Detects traffic or activity related to https://p1ne-cache.keystonebloom.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://p1ne-cache.keystonebloom.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dynflux2a.radiantventure.in.net/verification.google id: auto-4ef235696376bcf8a71626ca04340df5d0a707400b526b12cd0e6aac4e534770 status: experimental description: Detects traffic or activity related to https://dynflux2a.radiantventure.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dynflux2a.radiantventure.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ho1lo0-reach.radiantventure.in.net/verification.google id: auto-4b63418613c91574d02ad13ad87380ccf7b986b7dca04f438a0a4b5df66deadb status: experimental description: Detects traffic or activity related to https://ho1lo0-reach.radiantventure.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ho1lo0-reach.radiantventure.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://vorspire5os.radiantventure.in.net/verification.google id: auto-5be63d893f77a4362f0f6ed27892fe0b2ce0476dd2511fe30349babf3b45b8a5 status: experimental description: Detects traffic or activity related to https://vorspire5os.radiantventure.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://vorspire5os.radiantventure.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://tr41l4-point.radiantventure.in.net/verification.google id: auto-1641355c24dcb23b2318d702e42555e74724ff76988348d160c53a3cf5d056d5 status: experimental description: Detects traffic or activity related to https://tr41l4-point.radiantventure.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://tr41l4-point.radiantventure.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://wl58.radiantventure.in.net/verification.google id: auto-3f22b2fe47e8498151c2be273d57da6e15bf274ff500113db69baa97c267b1a6 status: experimental description: Detects traffic or activity related to https://wl58.radiantventure.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://wl58.radiantventure.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://fqwhi8.echelonprosper.in.net/verification.google id: auto-436e5f822341360865fd23ac59eeb71e0ca6ba2fe2b0a95e6ee2bb0b014c30dc status: experimental description: Detects traffic or activity related to https://fqwhi8.echelonprosper.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://fqwhi8.echelonprosper.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://shor-mesh.echelonprosper.in.net/verification.google id: auto-1345b94a96e6c105aa7bb0b6332eef7aa35b513ccf4f68acc2b98339b26cf521 status: experimental description: Detects traffic or activity related to https://shor-mesh.echelonprosper.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://shor-mesh.echelonprosper.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://tra1-drive.echelonprosper.in.net/verification.google id: auto-4b92783dfed0aabbad7e1b297cc600df8c698c1ea9350d61fcaad862561b5827 status: experimental description: Detects traffic or activity related to https://tra1-drive.echelonprosper.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://tra1-drive.echelonprosper.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://norfluxis4.echelonprosper.in.net/verification.google id: auto-1c635030a48ab5c0414f008162e5826949128f0c721a5d2d3d0e8742e3309c85 status: experimental description: Detects traffic or activity related to https://norfluxis4.echelonprosper.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://norfluxis4.echelonprosper.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ynjrhuk4.echelonprosper.in.net/verification.google id: auto-765adee5469f6bc0cc52e411cb06e7a700237b838893266a4a69d4139ac376a4 status: experimental description: Detects traffic or activity related to https://ynjrhuk4.echelonprosper.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ynjrhuk4.echelonprosper.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://grand-optic.paragonforge.in.net/verification.google id: auto-440ff1798cb3bd98cf64e5760e1885a5a19739c7465b070aca7f0116f2cbb3b7 status: experimental description: Detects traffic or activity related to https://grand-optic.paragonforge.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://grand-optic.paragonforge.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://hyper-f4ll.paragonforge.in.net/verification.google id: auto-1e10b3f48e53d44d51caf1e03ccab402ec700279f6b6f2d337ec740d37601542 status: experimental description: Detects traffic or activity related to https://hyper-f4ll.paragonforge.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://hyper-f4ll.paragonforge.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://measure6-loop.paragonforge.in.net/verification.google id: auto-314a3fa3f6841c926a3c5dccd58601d98507bd58608b4573f2173e21ceefc383 status: experimental description: Detects traffic or activity related to https://measure6-loop.paragonforge.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://measure6-loop.paragonforge.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://qfakp.paragonforge.in.net/verification.google id: auto-fa612e29af22a31d99924c62782658401832f8c203eea6c7960bfda4fc71041a status: experimental description: Detects traffic or activity related to https://qfakp.paragonforge.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://qfakp.paragonforge.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://needlerefine.paragonforge.in.net/verification.google id: auto-c0f248ed63c8320970a411ecde876d1ae592f1341110db469c0bc9bb5f6e7cf7 status: experimental description: Detects traffic or activity related to https://needlerefine.paragonforge.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://needlerefine.paragonforge.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://vdsh.spectrumharvest.in.net/verification.google id: auto-3f3dd4b743df6579706ac1a2ad13a67364f256507cf80840d1a14c65ae75a396 status: experimental description: Detects traffic or activity related to https://vdsh.spectrumharvest.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://vdsh.spectrumharvest.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ce1l-mark.spectrumharvest.in.net/verification.google id: auto-0e5daeb9a94cef26f570c85c317c0c4e4fc1459ef1c485096610f1b2fce13a8e status: experimental description: Detects traffic or activity related to https://ce1l-mark.spectrumharvest.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ce1l-mark.spectrumharvest.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://t0ken-core.spectrumharvest.in.net/verification.google id: auto-c0028d477c895bd752af4871064d764b99851aec6188a527d1bc9635319dca76 status: experimental description: Detects traffic or activity related to https://t0ken-core.spectrumharvest.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://t0ken-core.spectrumharvest.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://r0ot-hinge.spectrumharvest.in.net/verification.google id: auto-d3f12c8347fecf6c6490247d1e4dfbaca1a6b8ef3bf31a7c54084b66935dc7be status: experimental description: Detects traffic or activity related to https://r0ot-hinge.spectrumharvest.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://r0ot-hinge.spectrumharvest.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://c0re4-grid.spectrumharvest.in.net/verification.google id: auto-c3c8fcfaeddc8e58dbb24fe0c810a81daa1b43fd1b3d6ca3ae4a5b98bca7f134 status: experimental description: Detects traffic or activity related to https://c0re4-grid.spectrumharvest.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://c0re4-grid.spectrumharvest.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://assetfilter.zenithpatron.in.net/verification.google id: auto-9c90e47e3ef75d3d86ce1d445a24a665bec4152e219af80dc25db8c75df0ad49 status: experimental description: Detects traffic or activity related to https://assetfilter.zenithpatron.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://assetfilter.zenithpatron.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://fallgateway.zenithpatron.in.net/verification.google id: auto-facf4c361e41a2223fb9a02dbe748b766f590239269ec086978312e8070aab10 status: experimental description: Detects traffic or activity related to https://fallgateway.zenithpatron.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://fallgateway.zenithpatron.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://alt-rnanif3s.zenithpatron.in.net/verification.google id: auto-097e56298f03dbf685a7f9c9b55ca1777f6dd60157930207952d9080d39ee55c status: experimental description: Detects traffic or activity related to https://alt-rnanif3s.zenithpatron.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://alt-rnanif3s.zenithpatron.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://122jtw.zenithpatron.in.net/verification.google id: auto-8a8bca8dc933660a71f64f695fb8df24f40a8fa0ce99140baa50bcf78a3f31b7 status: experimental description: Detects traffic or activity related to https://122jtw.zenithpatron.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://122jtw.zenithpatron.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://conv35-ring.zenithpatron.in.net/verification.google id: auto-612343add76cdb84616b202fa03abecdad0ef8a9c8e88cfb7cd3a630e5a458ab status: experimental description: Detects traffic or activity related to https://conv35-ring.zenithpatron.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://conv35-ring.zenithpatron.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://lumflux4um.covenantbloom.in.net/verification.google id: auto-9d7b0b53345e19a79295624a884971728674a6b6846307ae35f3eb217478d399 status: experimental description: Detects traffic or activity related to https://lumflux4um.covenantbloom.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://lumflux4um.covenantbloom.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://sandboximport.covenantbloom.in.net/verification.google id: auto-8d56a19fc3f9d078045fa3496482968066aeffc01855ea5e09580700c1b123e0 status: experimental description: Detects traffic or activity related to https://sandboximport.covenantbloom.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://sandboximport.covenantbloom.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://89bqxcn.covenantbloom.in.net/verification.google id: auto-94223fa2feeb033bcf70bca167f120a850cfa86cc5937a69add1cc962b6a1b4b status: experimental description: Detects traffic or activity related to https://89bqxcn.covenantbloom.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://89bqxcn.covenantbloom.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://wlvyadr.covenantbloom.in.net/verification.google id: auto-42ff68fec6fc6f0bff8fc998098c55fca657383717a5981f7d32addc84ffd693 status: experimental description: Detects traffic or activity related to https://wlvyadr.covenantbloom.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://wlvyadr.covenantbloom.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl1p-field.covenantbloom.in.net/verification.google id: auto-de53cd663838f4b5cab0ebd82c5152cc922a2051c3ab43016c9f5f27c0acfb67 status: experimental description: Detects traffic or activity related to https://cl1p-field.covenantbloom.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl1p-field.covenantbloom.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://y4aw3.latticeventure.in.net/verification.google id: auto-5fbc5e63511225bfb07efde6baeaf4ca512821f5bc937975ac45ea025fc2a1c9 status: experimental description: Detects traffic or activity related to https://y4aw3.latticeventure.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://y4aw3.latticeventure.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://unit-frame.latticeventure.in.net/verification.google id: auto-d7e316ceb86bda4339ec1782b1c71269a27df2e71664a54010732c01d28b524d status: experimental description: Detects traffic or activity related to https://unit-frame.latticeventure.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://unit-frame.latticeventure.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://moss-spark.latticeventure.in.net/verification.google id: auto-f1d1b601d9cf367ae11fc3a0b694f697f9a93f86e5c22ccd60eb7e39c4ba8373 status: experimental description: Detects traffic or activity related to https://moss-spark.latticeventure.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://moss-spark.latticeventure.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://serspireal.latticeventure.in.net/verification.google id: auto-b47b95dc1e0a7c66ba579b15ffdd79f90feb4924ecf9c7d04c69ac1e718624eb status: experimental description: Detects traffic or activity related to https://serspireal.latticeventure.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://serspireal.latticeventure.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://daemonclear.latticeventure.in.net/verification.google id: auto-4cd749e9255d64f9e6e96d0a4bc3281d3361ae9cc57426f545b8bc2fb3c80ac2 status: experimental description: Detects traffic or activity related to https://daemonclear.latticeventure.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://daemonclear.latticeventure.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://syigenc6.momentumharbor.in.net/verification.google id: auto-29b5bdd2332ce4375ef994fc75b0a754a8092806ee8c6b9238eabe97f18ae146 status: experimental description: Detects traffic or activity related to https://syigenc6.momentumharbor.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://syigenc6.momentumharbor.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://vor-tideet.momentumharbor.in.net/verification.google id: auto-f2081b4086c60c0f2a70d5c87e53ea16ef366e9113e8b902b8430ba564d39be4 status: experimental description: Detects traffic or activity related to https://vor-tideet.momentumharbor.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://vor-tideet.momentumharbor.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://tri-forgeix.momentumharbor.in.net/verification.google id: auto-b172fcd01c52b6dd5d45def3ef0ce63a06b03c24a2215adb5186e81bb693560c status: experimental description: Detects traffic or activity related to https://tri-forgeix.momentumharbor.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://tri-forgeix.momentumharbor.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://trares.momentumharbor.in.net/verification.google id: auto-abcc786cc427982e98d3ca583bee8bc9264117267d6da8f64cafabddf94b9dae status: experimental description: Detects traffic or activity related to https://trares.momentumharbor.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://trares.momentumharbor.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://nor-venen.momentumharbor.in.net/verification.google id: auto-8a8f0edd832957e3e1f7fdc2af2956b9f18bf6ca252185969753a2d3a90fe5da status: experimental description: Detects traffic or activity related to https://nor-venen.momentumharbor.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://nor-venen.momentumharbor.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://open-obser.dawnspire.in.net/verification.google id: auto-bdca445fbeca7017a6254820e887416c4fbd7a9078f41db2e10392e3c232f82f status: experimental description: Detects traffic or activity related to https://open-obser.dawnspire.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://open-obser.dawnspire.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://kelforgear.amber-drift.in.net/verification.google id: auto-7bde32549ae05dc0ef2a4e7a11bdbd925358e50b781ecd39c392f30b2c0d0565 status: experimental description: Detects traffic or activity related to https://kelforgear.amber-drift.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://kelforgear.amber-drift.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://vel-spireix.gl1mmeroak.in.net/verification.google id: auto-c69b2dd3d239799eb4f91a7126d85bec5161a2dbbc6c600ba2249ccdcb1b1905 status: experimental description: Detects traffic or activity related to https://vel-spireix.gl1mmeroak.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://vel-spireix.gl1mmeroak.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://re4g3-dock.crestfall.in.net/verification.google id: auto-cd4789133fc5f76b2ea40aa72b5b3f682115b60ad69f0d4feded6b1ae53bd5dd status: experimental description: Detects traffic or activity related to https://re4g3-dock.crestfall.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://re4g3-dock.crestfall.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://discov-sdk.velorune.in.net/verification.google id: auto-760c624baae06d0acb2ef01f6111cabcddf6dab61688b0a1d07aaa2135aa8806 status: experimental description: Detects traffic or activity related to https://discov-sdk.velorune.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://discov-sdk.velorune.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://flamefinal.brisklume.in.net/verification.google id: auto-27f12fb845dc75f589a6752050337e774f9200b81b5a9db4b5b9875590f8b5e5 status: experimental description: Detects traffic or activity related to https://flamefinal.brisklume.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://flamefinal.brisklume.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://sectransi.f0xharbor.in.net/verification.google id: auto-a1f451ae99d3435b7a570c2d11cdbe5d19126f408ac37746d0f0b87c402564ef status: experimental description: Detects traffic or activity related to https://sectransi.f0xharbor.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://sectransi.f0xharbor.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://whreceiverrrrrrrrr.ru/files/jar/RuntimeBroker.exe id: auto-d1f26f160885b137dd13159c80c0a7a36163f340d2eb2ae198584fd91c836027 status: experimental description: Detects traffic or activity related to https://whreceiverrrrrrrrr.ru/files/jar/RuntimeBroker.exe which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://whreceiverrrrrrrrr.ru/files/jar/RuntimeBroker.exe*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://mercore9a.cinderpeak.in.net/verification.google id: auto-6f43b7bb33f615fd2a837b9ec9922605f7ff5f3e1a3ee30c1c1d933b6f9e5235 status: experimental description: Detects traffic or activity related to https://mercore9a.cinderpeak.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://mercore9a.cinderpeak.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://pzwvu.aurorift.in.net/verification.google id: auto-c75f09ff4e55f48bec67ed70ce42b4b8fca00900685680ec9f82b86cba9dfab0 status: experimental description: Detects traffic or activity related to https://pzwvu.aurorift.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://pzwvu.aurorift.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://layer3-graph.stonemuse.in.net/verification.google id: auto-da69633d6cd9defe1d84ab1dce6ff51440014594b21a4c80d62e94e761284b80 status: experimental description: Detects traffic or activity related to https://layer3-graph.stonemuse.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://layer3-graph.stonemuse.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://partnershape.n1ghtridge.in.net/verification.google id: auto-1a31033966fc504fec157c817070dce3045b6c518591b21ad100f2d703975cb1 status: experimental description: Detects traffic or activity related to https://partnershape.n1ghtridge.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://partnershape.n1ghtridge.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ezjs.cl0udmere.in.net/verification.google id: auto-41b2b51d4ae5e1f9feaf5b6505897134157faba73b0d47fa2322a2b44822a15c status: experimental description: Detects traffic or activity related to https://ezjs.cl0udmere.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ezjs.cl0udmere.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://balan-forge.thornbyte.in.net/verification.google id: auto-14e7860093f8e6582c8f8394d8ed6b65078df50bbc9745c2482a5650fee14894 status: experimental description: Detects traffic or activity related to https://balan-forge.thornbyte.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://balan-forge.thornbyte.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://aud1-frame.fablegrove.in.net/verification.google id: auto-42a0b8793507e08096282cb9a97bfc2b73370f58a9df7768dfc26d0a8894107f status: experimental description: Detects traffic or activity related to https://aud1-frame.fablegrove.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://aud1-frame.fablegrove.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://d3m4nd-wave.z7hire.in.net/verification.google id: auto-4b51b804fb22eb68c33c829af68075cd3b4a2cb6c3cc4047a9b29e1c8375df2d status: experimental description: Detects traffic or activity related to https://d3m4nd-wave.z7hire.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://d3m4nd-wave.z7hire.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://urbanmicr.tires8f.in.net/verification.google id: auto-c2335e078503878a6f91ef7336b441024712625fed205cdcd813c7b7b874c1b5 status: experimental description: Detects traffic or activity related to https://urbanmicr.tires8f.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://urbanmicr.tires8f.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://timberbundle.cl0verbyte.in.net/verification.google id: auto-a24e86c542db99e59e8d5faf762ebc1a4ecf12bf61f6f54bff522e26813e3bbd status: experimental description: Detects traffic or activity related to https://timberbundle.cl0verbyte.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://timberbundle.cl0verbyte.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://talmark4a.foxglade.in.net/verification.google id: auto-7c15307516341d74ef7eb98c055cc6a4ca73dcc6a4d973b7ae51588daac39dc4 status: experimental description: Detects traffic or activity related to https://talmark4a.foxglade.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://talmark4a.foxglade.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://vorspireos3.bramblepath.in.net/verification.google id: auto-0a091d9bb36caf1e0d8e75fdd5497ca280e6e7e17aaf5d7a680e5e9215dc8824 status: experimental description: Detects traffic or activity related to https://vorspireos3.bramblepath.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://vorspireos3.bramblepath.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://givs1.fabledock.in.net/verification.google id: auto-d196112582b2015976f168d995a22486e5769a38b46158df8e0f2d18a0d6bffd status: experimental description: Detects traffic or activity related to https://givs1.fabledock.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://givs1.fabledock.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://mi5t-mount.x7lora.in.net/verification.google id: auto-871812abc28dfd5a2212ef1c935c96c82d09edcc1da6ed44403cde067d287e86 status: experimental description: Detects traffic or activity related to https://mi5t-mount.x7lora.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://mi5t-mount.x7lora.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://golbyte.ra8gera.in.net/verification.google id: auto-22451d18009dc06293c6ab0ac3d51e3c190b2d744a5f438b7814ce58d579a0b6 status: experimental description: Detects traffic or activity related to https://golbyte.ra8gera.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://golbyte.ra8gera.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext4point.synergybloom.in.net/verification.google id: auto-82832947f0aba83c5610a8c951bd6d41b917ed5dd770ebc99fe95d4a9a1f2ef8 status: experimental description: Detects traffic or activity related to https://ext4point.synergybloom.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext4point.synergybloom.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext3data.synergybloom.in.net/verification.google id: auto-0306b3516032f33f5207675b4e6fc4da58667e0ade3bb4836b518d7bf4174fff status: experimental description: Detects traffic or activity related to https://ext3data.synergybloom.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext3data.synergybloom.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext2proxy.synergybloom.in.net/verification.google id: auto-cfc39fb877612f6179d07c4151e440b27679a727f8c4e586e1929491a02a0ade status: experimental description: Detects traffic or activity related to https://ext2proxy.synergybloom.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext2proxy.synergybloom.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext1infra.synergybloom.in.net/verification.google id: auto-ca5530c5716ccdb79db06232c279c3a831e08beee12b112243ec049a302bd676 status: experimental description: Detects traffic or activity related to https://ext1infra.synergybloom.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext1infra.synergybloom.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc4sat.elementpatron.in.net/verification.google id: auto-d4d04c075a90d2baf3bc87a2d1adb19f1a502db964f8dd1d47e7e4f719deb945 status: experimental description: Detects traffic or activity related to https://svc4sat.elementpatron.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc4sat.elementpatron.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc3core.elementpatron.in.net/verification.google id: auto-25a44c49a9a2420dbde1af3dd75490a4ee28a3d930260f13ba4af16b1d4e9d38 status: experimental description: Detects traffic or activity related to https://svc3core.elementpatron.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc3core.elementpatron.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc2steel.elementpatron.in.net/verification.google id: auto-b6d552b660320e6231a282007c6fdea2806fd17c228d403f4804ecac1691038b status: experimental description: Detects traffic or activity related to https://svc2steel.elementpatron.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc2steel.elementpatron.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc1proc.elementpatron.in.net/verification.google id: auto-2560826ad60f935902e0fab12b8220b18c12a5959a6aaca2b5accf04988af55a status: experimental description: Detects traffic or activity related to https://svc1proc.elementpatron.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc1proc.elementpatron.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dev4space.pinnacleforge.in.net/verification.google id: auto-69afc3dcfbc538713f71f8a0e145f274925b6e5c46441f3813bc5fd32748d972 status: experimental description: Detects traffic or activity related to https://dev4space.pinnacleforge.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dev4space.pinnacleforge.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dev3field.pinnacleforge.in.net/verification.google id: auto-c2f546a0a46c1690497c9ce372f6cfc31936b40f8bb3bee3f03d7935b75bdab2 status: experimental description: Detects traffic or activity related to https://dev3field.pinnacleforge.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dev3field.pinnacleforge.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dev2outer.pinnacleforge.in.net/verification.google id: auto-12735643cd18c49f294300448a87b70b03cdd555611a97351760a7197e27fdfd status: experimental description: Detects traffic or activity related to https://dev2outer.pinnacleforge.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dev2outer.pinnacleforge.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dev1proc.pinnacleforge.in.net/verification.google id: auto-0c22c9ee35adb39a4c13e04aa577f7df9594665a03913605f03635875e98d3dd status: experimental description: Detects traffic or activity related to https://dev1proc.pinnacleforge.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dev1proc.pinnacleforge.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl4path.quantumbeacon.in.net/verification.google id: auto-7d862e70dc7d07a55209aecd43d60c73d0c4e5098f513da45be56fd00a255747 status: experimental description: Detects traffic or activity related to https://cl4path.quantumbeacon.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl4path.quantumbeacon.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl3view.quantumbeacon.in.net/verification.google id: auto-5664e2d477c299433f213461f52d253ec67610f835c4cd54f825e4ab46de5a45 status: experimental description: Detects traffic or activity related to https://cl3view.quantumbeacon.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl3view.quantumbeacon.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl2point.quantumbeacon.in.net/verification.google id: auto-8d5194fb4b182f67d88fbd691ca1171b7490ea390e0ef5e5a323cd31e049349e status: experimental description: Detects traffic or activity related to https://cl2point.quantumbeacon.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl2point.quantumbeacon.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl1proc.quantumbeacon.in.net/verification.google id: auto-76016488dd75c1d0289c90f999f95dad814cc3d9e4cce9fa72babffdbd842384 status: experimental description: Detects traffic or activity related to https://cl1proc.quantumbeacon.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl1proc.quantumbeacon.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext4view.orbitprospera.in.net/verification.google id: auto-0f29b3b1325da24e79a54f21d4868f8d08c025b2fbf43c1eca518c2d9132b932 status: experimental description: Detects traffic or activity related to https://ext4view.orbitprospera.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext4view.orbitprospera.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext3ghost.orbitprospera.in.net/verification.google id: auto-041f9322c7f2d4cabe81922d6431736b535d09c4a4e3b624fd289f93903056f8 status: experimental description: Detects traffic or activity related to https://ext3ghost.orbitprospera.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext3ghost.orbitprospera.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext2core.orbitprospera.in.net/verification.google id: auto-a810dbea68b8dd39d384598a619b58368f331db28fadfa2c11d3895bff63616d status: experimental description: Detects traffic or activity related to https://ext2core.orbitprospera.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext2core.orbitprospera.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext1proc.orbitprospera.in.net/verification.google id: auto-e7bccef03d326115bb49a590e2794d25b422cc1ff8b3cd248b18dd17c70a6b02 status: experimental description: Detects traffic or activity related to https://ext1proc.orbitprospera.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext1proc.orbitprospera.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc4link.nexusharvest.in.net/verification.google id: auto-dee32000cea4614a36b7051bba199623b9890b748089ba656e955f2c7dd81f79 status: experimental description: Detects traffic or activity related to https://svc4link.nexusharvest.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc4link.nexusharvest.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc3user.nexusharvest.in.net/verification.google id: auto-05b972959102d29ffb846f632605d1b90f9d08e62017020c6a9a62f3d3bb51d8 status: experimental description: Detects traffic or activity related to https://svc3user.nexusharvest.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc3user.nexusharvest.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc2base.nexusharvest.in.net/verification.google id: auto-3024b0ca77dc789edbaf078664be333860c809ca651cb7ac95ead1c3c5ecc820 status: experimental description: Detects traffic or activity related to https://svc2base.nexusharvest.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc2base.nexusharvest.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc1infra.nexusharvest.in.net/verification.google id: auto-15e04c60c32477ae3afa594f7932797acaa6208409d5b7a3615440bf7bcc98ba status: experimental description: Detects traffic or activity related to https://svc1infra.nexusharvest.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc1infra.nexusharvest.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dev4work.vertexpatron.in.net/verification.google id: auto-d4d940d6318527285d06d4174e9f5476bc381497c2ed8605b239f76ef8cc5fcd status: experimental description: Detects traffic or activity related to https://dev4work.vertexpatron.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dev4work.vertexpatron.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dev3local.vertexpatron.in.net/verification.google id: auto-27edfcaab088bd66deea5724cede6b9abb6480900b03414f453aeed762180bf1 status: experimental description: Detects traffic or activity related to https://dev3local.vertexpatron.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dev3local.vertexpatron.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dev2power.vertexpatron.in.net/verification.google id: auto-eaae0a8f6dd94962fa9df9e42838531501b4832afd27ada5cecfd5e08f174d0c status: experimental description: Detects traffic or activity related to https://dev2power.vertexpatron.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dev2power.vertexpatron.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dev1proc.vertexpatron.in.net/verification.google id: auto-e6721da143e6749332c688289e74a26513828a0670d86e1a8584228f7b617477 status: experimental description: Detects traffic or activity related to https://dev1proc.vertexpatron.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dev1proc.vertexpatron.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl4link.catalystbloom.in.net/verification.google id: auto-33a09f3f94664d1900febb17498c1c27a08063d69931a01f729452787b1c6ceb status: experimental description: Detects traffic or activity related to https://cl4link.catalystbloom.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl4link.catalystbloom.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl3dev.catalystbloom.in.net/verification.google id: auto-0282823e04997451763b49096f0074eac92220f3dfb9cb14f051fee2ecadc3ce status: experimental description: Detects traffic or activity related to https://cl3dev.catalystbloom.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl3dev.catalystbloom.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl2remote.catalystbloom.in.net/verification.google id: auto-c77bfc797b2728e06881a3d037c7256f11a2f9a18c5b2b9896b931ca23284923 status: experimental description: Detects traffic or activity related to https://cl2remote.catalystbloom.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl2remote.catalystbloom.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl1store.catalystbloom.in.net/verification.google id: auto-ec25e6fe44795e4cd3228551d570b9309ee3e4683b08b5900f2e1487a9c034a2 status: experimental description: Detects traffic or activity related to https://cl1store.catalystbloom.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl1store.catalystbloom.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext4sync.vectorprosper.in.net/verification.google id: auto-4d3e1189ec25adc7d963d3d46f787d8cb7fc9d44baf25b53534d31d868301916 status: experimental description: Detects traffic or activity related to https://ext4sync.vectorprosper.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext4sync.vectorprosper.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext3gate.vectorprosper.in.net/verification.google id: auto-d740a07a040150ab96706c777a93010f860771ed62a5a61ccfd5819d2e6016f1 status: experimental description: Detects traffic or activity related to https://ext3gate.vectorprosper.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext3gate.vectorprosper.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext2proc.vectorprosper.in.net/verification.google id: auto-020a851032abb06a9f80c5e4257fdae84c315b6caded0223c6b3d87b13d600b5 status: experimental description: Detects traffic or activity related to https://ext2proc.vectorprosper.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext2proc.vectorprosper.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext1meta.vectorprosper.in.net/verification.google id: auto-64425b53821f7b9b4094a0997c4db01118c849a9cc5e2ab7588b6dcd5ab1cd0f status: experimental description: Detects traffic or activity related to https://ext1meta.vectorprosper.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext1meta.vectorprosper.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc4static.fusionharvest.in.net/verification.google id: auto-c02051f7ab85464aca5ccffa07f1780a41d7e6b2ea83bea38a890efb32091ea5 status: experimental description: Detects traffic or activity related to https://svc4static.fusionharvest.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc4static.fusionharvest.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc3edge.fusionharvest.in.net/verification.google id: auto-f0238ebbbbb15bd375b8ce8112a18261bab4e40cdea04aaba079c8a49c259315 status: experimental description: Detects traffic or activity related to https://svc3edge.fusionharvest.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc3edge.fusionharvest.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc2data.fusionharvest.in.net/verification.google id: auto-e687f5583bed49f8ed11aa76dbad901de68f1bfa13ee9ce76b8164c5f2a9d9fb status: experimental description: Detects traffic or activity related to https://svc2data.fusionharvest.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc2data.fusionharvest.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc1sync.fusionharvest.in.net/verification.google id: auto-2e32cfa569f5f4e419fc98b02b17a3484866c0c956fda473e184fd2b5dfaf2c5 status: experimental description: Detects traffic or activity related to https://svc1sync.fusionharvest.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc1sync.fusionharvest.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext4point.libertystage.in.net/verification.google id: auto-d52fd5787f7037703efcc3c2b051f0bcccf0a0e4138d911fa092001360cc598d status: experimental description: Detects traffic or activity related to https://ext4point.libertystage.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext4point.libertystage.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - http://192.177.26.196/files/8434554557/X8cqVrA.exe id: auto-c41d98aa16e506067cc1bc99d9d8a0a5940ebff53f8e8e1bf75ddb7d0f63305c status: experimental description: Detects traffic or activity related to http://192.177.26.196/files/8434554557/X8cqVrA.exe which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*http://192.177.26.196/files/8434554557/X8cqVrA.exe*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext3data.libertystage.in.net/verification.google id: auto-b4320d3357cad58b472b821365353824b6948ad6ad99bece59649fe931988bbc status: experimental description: Detects traffic or activity related to https://ext3data.libertystage.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext3data.libertystage.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext2proxy.libertystage.in.net/verification.google id: auto-4ffdb390f4bc35f34a2b5f3dd4adb2317acfa04c46d93cc543fdb3fac23c6d55 status: experimental description: Detects traffic or activity related to https://ext2proxy.libertystage.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext2proxy.libertystage.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext1infra.libertystage.in.net/verification.google id: auto-23037870807266189023c540202b47415c33e775160b32936f094822f8569f6c status: experimental description: Detects traffic or activity related to https://ext1infra.libertystage.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext1infra.libertystage.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc4sat.beakprosperity.in.net/verification.google id: auto-86243c03916b20cf098ca0b81b2ad58431173a3101dafb75449863f15e2ceaa5 status: experimental description: Detects traffic or activity related to https://svc4sat.beakprosperity.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc4sat.beakprosperity.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc3core.beakprosperity.in.net/verification.google id: auto-013177ef24d94719473e7d836651b75bf11f6665722dfa2ef4987322cab47738 status: experimental description: Detects traffic or activity related to https://svc3core.beakprosperity.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc3core.beakprosperity.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc2steel.beakprosperity.in.net/verification.google id: auto-f594dc26a3528f7f68011aa9c48a09e34e9f0b3af577a2c5ca0326e9e8431195 status: experimental description: Detects traffic or activity related to https://svc2steel.beakprosperity.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc2steel.beakprosperity.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc1proc.beakprosperity.in.net/verification.google id: auto-38c86efab130c81c23a3cec3f58cb3bf2c810226ad31d931b93f03125bf6697b status: experimental description: Detects traffic or activity related to https://svc1proc.beakprosperity.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc1proc.beakprosperity.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dev4space.patronageshelk.in.net/verification.google id: auto-cee6afc4f6dbb48ab6f4167d4cbe692602c4b67f23a1ecccefa2cde2c7fba897 status: experimental description: Detects traffic or activity related to https://dev4space.patronageshelk.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dev4space.patronageshelk.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dev3field.patronageshelk.in.net/verification.google id: auto-6e0950e6d86895bc4e935605cce38b386fc601f2199a58f7efe271e136e0b2e9 status: experimental description: Detects traffic or activity related to https://dev3field.patronageshelk.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dev3field.patronageshelk.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dev2outer.patronageshelk.in.net/verification.google id: auto-e56e2177f120e6a4002b9be9ce096e2385c7a244e5c6f33792f793cac443a078 status: experimental description: Detects traffic or activity related to https://dev2outer.patronageshelk.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dev2outer.patronageshelk.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dev1proc.patronageshelk.in.net/verification.google id: auto-8699d70b0ccf59e08cf4cd953a8ed1c35c2b3471103151b4e71db975af35a0d3 status: experimental description: Detects traffic or activity related to https://dev1proc.patronageshelk.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dev1proc.patronageshelk.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl4path.diversityvent.in.net/verification.google id: auto-923abdde18bc274c4add0e87e7ebece2864dc96a956b05830de3c1b314e01be3 status: experimental description: Detects traffic or activity related to https://cl4path.diversityvent.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl4path.diversityvent.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl3view.diversityvent.in.net/verification.google id: auto-22e97e4f55b2b4f4fbca29418580e0a44c551ebf3a238c12c3871e21e2ccd82c status: experimental description: Detects traffic or activity related to https://cl3view.diversityvent.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl3view.diversityvent.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl2point.diversityvent.in.net/verification.google id: auto-c91bcdd9563f5534bd948094f6be63824fc1f10210a36d64e9078e9c4fd07879 status: experimental description: Detects traffic or activity related to https://cl2point.diversityvent.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl2point.diversityvent.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl1proc.diversityvent.in.net/verification.google id: auto-d1c88f66874de1226da64612738d37f8ec66210bfdd05b33790b1188ce9f790d status: experimental description: Detects traffic or activity related to https://cl1proc.diversityvent.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl1proc.diversityvent.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext4view.usurylocomotive.in.net/verification.google id: auto-09a7ac0e9eda457f7cab998ab461224e0004b2b4221509e87df83ce1a6c6b448 status: experimental description: Detects traffic or activity related to https://ext4view.usurylocomotive.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext4view.usurylocomotive.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext3ghost.usurylocomotive.in.net/verification.google id: auto-4587c378452028e64dbf0a33dc08bbe54d38c1478fd53f541f1f7cd13b9f6712 status: experimental description: Detects traffic or activity related to https://ext3ghost.usurylocomotive.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext3ghost.usurylocomotive.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext2core.usurylocomotive.in.net/verification.google id: auto-b7c0917d7a4512a5017f48d31db1d758f5d102707e5d2ec757c94238307c86f8 status: experimental description: Detects traffic or activity related to https://ext2core.usurylocomotive.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext2core.usurylocomotive.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext1proc.usurylocomotive.in.net/verification.google id: auto-d561b71fce19fa49549e4c3cf0b803e1647bbe021c17b6f7fe665d447331d414 status: experimental description: Detects traffic or activity related to https://ext1proc.usurylocomotive.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext1proc.usurylocomotive.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc4link.secretgeneral.in.net/verification.google id: auto-2864126b5eab5466f7cd38b4ee10dc7ecf2aab263c60452edf927c1f408fd972 status: experimental description: Detects traffic or activity related to https://svc4link.secretgeneral.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc4link.secretgeneral.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc3user.secretgeneral.in.net/verification.google id: auto-4050e9646ecbaf5d9b1c49703e6ef80792fb8c6a1cc431fa63c5153c1abe5c58 status: experimental description: Detects traffic or activity related to https://svc3user.secretgeneral.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc3user.secretgeneral.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc2base.secretgeneral.in.net/verification.google id: auto-0277968d5e57c94731a9b9ed0485ef17b5d151c9678064ce98608048f6ad7e7e status: experimental description: Detects traffic or activity related to https://svc2base.secretgeneral.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc2base.secretgeneral.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc1infra.secretgeneral.in.net/verification.google id: auto-c6bc1ec75c7434eb2e941703afbe2335cf21627f722105888e126c9fe21915be status: experimental description: Detects traffic or activity related to https://svc1infra.secretgeneral.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc1infra.secretgeneral.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dev4work.investonerous.in.net/verification.google id: auto-c73d27a49cf0be967ea6ae5e19ec2014d632d60bdf659edec378227d1773613c status: experimental description: Detects traffic or activity related to https://dev4work.investonerous.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dev4work.investonerous.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dev3local.investonerous.in.net/verification.google id: auto-d3c79d05d3aec6d76e88c4c0038e22fe2e0d87e2a7ff217012dba351819efac6 status: experimental description: Detects traffic or activity related to https://dev3local.investonerous.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dev3local.investonerous.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dev2power.investonerous.in.net/verification.google id: auto-abacebcab482dd4af17413a2b4e12ed2cc80558cfb5c503ee156c6e3e49bc3ad status: experimental description: Detects traffic or activity related to https://dev2power.investonerous.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dev2power.investonerous.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dev1proc.investonerous.in.net/verification.google id: auto-023a3b0f49c4432fef6877ec5c92566cb64b5fadb16b4ca2e24ef854131d3384 status: experimental description: Detects traffic or activity related to https://dev1proc.investonerous.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dev1proc.investonerous.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl4link.cruciferdiesel.in.net/verification.google id: auto-d88830dbda944ff5872ded15b47c55ccd52b92986be32b7550d81c89c74c1b1a status: experimental description: Detects traffic or activity related to https://cl4link.cruciferdiesel.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl4link.cruciferdiesel.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl3dev.cruciferdiesel.in.net/verification.google id: auto-0815003b2db1e01322dd85b08513172e4a91bffbaa3d65435e801018b567fb6f status: experimental description: Detects traffic or activity related to https://cl3dev.cruciferdiesel.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl3dev.cruciferdiesel.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl2remote.cruciferdiesel.in.net/verification.google id: auto-1426933d86d996ba7452664e03cf29906e76256c7fde98b28dc262351fdfe94d status: experimental description: Detects traffic or activity related to https://cl2remote.cruciferdiesel.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl2remote.cruciferdiesel.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl1store.cruciferdiesel.in.net/verification.google id: auto-0c75408691473528b8b6025faf06237fccc9e93ca2892cb595abbc74372f3a2a status: experimental description: Detects traffic or activity related to https://cl1store.cruciferdiesel.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl1store.cruciferdiesel.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext4sync.angularsilic.in.net/verification.google id: auto-cfae8c209ac652dc706f05530e17ebce52efc647066878cec7272371c8fcb810 status: experimental description: Detects traffic or activity related to https://ext4sync.angularsilic.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext4sync.angularsilic.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext3gate.angularsilic.in.net/verification.google id: auto-6c438d6344d4b0d9b2d62d6aa2fee4e0f0d315b601abb7b8c991cde7d50c049f status: experimental description: Detects traffic or activity related to https://ext3gate.angularsilic.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext3gate.angularsilic.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext2proc.angularsilic.in.net/verification.google id: auto-2cf2693300c1cf2021242fd125fb144e02aab7d877d322ef46c3425027b902c6 status: experimental description: Detects traffic or activity related to https://ext2proc.angularsilic.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext2proc.angularsilic.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext1meta.angularsilic.in.net/verification.google id: auto-6d147a69ea6f529972dce9dd72079c797a1dcbdb677dd371185c25733c94fa69 status: experimental description: Detects traffic or activity related to https://ext1meta.angularsilic.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext1meta.angularsilic.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc4static.donkeyemploy.in.net/verification.google id: auto-958ec37a2ef4fffd228260149174a73e2a6de4312fa2f01905067226ebe6117d status: experimental description: Detects traffic or activity related to https://svc4static.donkeyemploy.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc4static.donkeyemploy.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc3edge.donkeyemploy.in.net/verification.google id: auto-d80f6ddd75e58d5dd2c0cee05e0095e7070c344d78faeccd61a6232aced49c28 status: experimental description: Detects traffic or activity related to https://svc3edge.donkeyemploy.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc3edge.donkeyemploy.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc2data.donkeyemploy.in.net/verification.google id: auto-68bc36c2940196a4bcca3705b8664186ee3821ecf6a1e481019ab4798506aeee status: experimental description: Detects traffic or activity related to https://svc2data.donkeyemploy.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc2data.donkeyemploy.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc1sync.donkeyemploy.in.net/verification.google id: auto-9a68f0965e131a086dc13882bfe362029e7ec0c9f04f463f8e5a332eebff4541 status: experimental description: Detects traffic or activity related to https://svc1sync.donkeyemploy.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc1sync.donkeyemploy.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext4point.bluepointterminal.in.net/verification.google id: auto-fdc68d159d7928dd24f72dd168c0a14ed91b69414c36325aeb3f7070a9e1b78f status: experimental description: Detects traffic or activity related to https://ext4point.bluepointterminal.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext4point.bluepointterminal.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext3data.bluepointterminal.in.net/verification.google id: auto-5d181bcdbad6cb6ad4345c38fc2f9efafdcbcb90cc0525e25f480e70bc1f54f9 status: experimental description: Detects traffic or activity related to https://ext3data.bluepointterminal.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext3data.bluepointterminal.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext2proxy.bluepointterminal.in.net/verification.google id: auto-4d39ac84d783e0ddeeaca413637f502fc6dd669363143ff2d9e4b7c02fc2f598 status: experimental description: Detects traffic or activity related to https://ext2proxy.bluepointterminal.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext2proxy.bluepointterminal.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext1infra.bluepointterminal.in.net/verification.google id: auto-a4d39c84c680527fac7cf85aecefe421f4ddfe5c2b4c6c160319a6ac8d191dc0 status: experimental description: Detects traffic or activity related to https://ext1infra.bluepointterminal.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext1infra.bluepointterminal.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc4sat.darkcloudgateway.in.net/verification.google id: auto-059048dc9090c9eab8281ddb49c0f50272fe5b72ad66f5fae8950f26ba27e5ac status: experimental description: Detects traffic or activity related to https://svc4sat.darkcloudgateway.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc4sat.darkcloudgateway.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc3core.darkcloudgateway.in.net/verification.google id: auto-8d4c1a0b71175685d818726a0b2e32d095bc925d5d8185018d037f9189d531b0 status: experimental description: Detects traffic or activity related to https://svc3core.darkcloudgateway.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc3core.darkcloudgateway.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc2steel.darkcloudgateway.in.net/verification.google id: auto-a5fae22ac9063a30c41997d6f18b7b9a011c948d98ffba5e0f41ce393bd43e7d status: experimental description: Detects traffic or activity related to https://svc2steel.darkcloudgateway.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc2steel.darkcloudgateway.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc1proc.darkcloudgateway.in.net/verification.google id: auto-925a1171713f4be0ef082f537f723a029f0efb114d91dc5c5596e61939ea022b status: experimental description: Detects traffic or activity related to https://svc1proc.darkcloudgateway.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc1proc.darkcloudgateway.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dev4space.ironrootprocessor.in.net/verification.google id: auto-bd9dc5bfcf6591bd8ea10fd0ee1f2cd24c7a1f1cd63d728681f74bc13ea004ef status: experimental description: Detects traffic or activity related to https://dev4space.ironrootprocessor.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dev4space.ironrootprocessor.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dev3field.ironrootprocessor.in.net/verification.google id: auto-16d1b79797d6e1507fa8afa9de021707ec57b0352f49d1f1e0e9a5632d3c22a8 status: experimental description: Detects traffic or activity related to https://dev3field.ironrootprocessor.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dev3field.ironrootprocessor.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dev2outer.ironrootprocessor.in.net/verification.google id: auto-eec481f38a73af8fe7633e8f1ca2bcdd694b5a772713c1871a51fb149df0b053 status: experimental description: Detects traffic or activity related to https://dev2outer.ironrootprocessor.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dev2outer.ironrootprocessor.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dev1proc.ironrootprocessor.in.net/verification.google id: auto-092a78c1e861d50649c4605a26782b402c39b495d5c1c61ba56ff7bde584950b status: experimental description: Detects traffic or activity related to https://dev1proc.ironrootprocessor.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dev1proc.ironrootprocessor.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl4path.wildbranchcluster.in.net/verification.google id: auto-474c92759bdc88dcbe4d9d00e82008c29211ba3f871fa6fa05b460cbd8487451 status: experimental description: Detects traffic or activity related to https://cl4path.wildbranchcluster.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl4path.wildbranchcluster.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl3view.wildbranchcluster.in.net/verification.google id: auto-f64d412a6682732e52360f259dbeba9d9b4f851c80ee9e28c345d3bd674bd4cf status: experimental description: Detects traffic or activity related to https://cl3view.wildbranchcluster.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl3view.wildbranchcluster.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl2point.wildbranchcluster.in.net/verification.google id: auto-b28dd005b52351e513d9a8a5cb89f60d563b73e09fb93a1feed1be0c0da2d165 status: experimental description: Detects traffic or activity related to https://cl2point.wildbranchcluster.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl2point.wildbranchcluster.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl1proc.wildbranchcluster.in.net/verification.google id: auto-52a7184232625808bc7b18d1627a7793e5eaff975b7670fc0528303f1b879960 status: experimental description: Detects traffic or activity related to https://cl1proc.wildbranchcluster.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl1proc.wildbranchcluster.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext4view.coldstonemetrics.in.net/verification.google id: auto-0bcbd305d11c6ce241acbbcda9b7de0afd7e644e87f47a93188e62d56ef9e69f status: experimental description: Detects traffic or activity related to https://ext4view.coldstonemetrics.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext4view.coldstonemetrics.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext3ghost.coldstonemetrics.in.net/verification.google id: auto-579b63c241aa4e8770840431b46974c3a11f94cee28669be10416003e9b19c7d status: experimental description: Detects traffic or activity related to https://ext3ghost.coldstonemetrics.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext3ghost.coldstonemetrics.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext2core.coldstonemetrics.in.net/verification.google id: auto-b12d23cfb62d5d066deb80f241a8b8e0831ed0fdbefcff47eb23dfb132931887 status: experimental description: Detects traffic or activity related to https://ext2core.coldstonemetrics.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext2core.coldstonemetrics.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext1proc.coldstonemetrics.in.net/verification.google id: auto-6dbe2477020dbf39558cb5b41644f37186bac0eedc674528ba3873a60d361d64 status: experimental description: Detects traffic or activity related to https://ext1proc.coldstonemetrics.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext1proc.coldstonemetrics.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc4link.whitetideinterface.in.net/verification.google id: auto-0d72ed6dc8075740ae0b56c621f96040992930ae57e34661e195146eafee27e5 status: experimental description: Detects traffic or activity related to https://svc4link.whitetideinterface.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc4link.whitetideinterface.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc3user.whitetideinterface.in.net/verification.google id: auto-da1a566beb6277968b17bfd991b39b7ca782157dbf83e5a18aedcbb33c66b314 status: experimental description: Detects traffic or activity related to https://svc3user.whitetideinterface.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc3user.whitetideinterface.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc2base.whitetideinterface.in.net/verification.google id: auto-39ad80458abd799d50da8057af21ea86fae3b8d155cd595c5f5cacedb5bd6caa status: experimental description: Detects traffic or activity related to https://svc2base.whitetideinterface.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc2base.whitetideinterface.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc1infra.whitetideinterface.in.net/verification.google id: auto-2d7bef6551fc8d0d006b0008a6194e9417fda5d5777f8a52081be909a8e95393 status: experimental description: Detects traffic or activity related to https://svc1infra.whitetideinterface.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc1infra.whitetideinterface.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dev4work.blackpeakstorage.in.net/verification.google id: auto-64236413116e6aa411a8683490207c666aec878e77d1ad5187eab263da7438a3 status: experimental description: Detects traffic or activity related to https://dev4work.blackpeakstorage.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dev4work.blackpeakstorage.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dev3local.blackpeakstorage.in.net/verification.google id: auto-811ba6cda2e7d85c3199cea7dc39542c66a74d2e3a138bf56c88d39d94cae9c1 status: experimental description: Detects traffic or activity related to https://dev3local.blackpeakstorage.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dev3local.blackpeakstorage.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dev2power.blackpeakstorage.in.net/verification.google id: auto-0d5944e8553cd3cca94461e73611b34c4b9b89471245f3c6f93b69654415e715 status: experimental description: Detects traffic or activity related to https://dev2power.blackpeakstorage.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dev2power.blackpeakstorage.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dev1proc.blackpeakstorage.in.net/verification.google id: auto-5a49d6295a777da609da351d257bdd1da48d5fc3eded3aee168b3f854c3ab43e status: experimental description: Detects traffic or activity related to https://dev1proc.blackpeakstorage.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dev1proc.blackpeakstorage.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl4link.silverstreambuffer.in.net/verification.google id: auto-97b56c49a9e2eb5a5b789ef46eb608a251c4b669f16d8cdabf785736f6be323c status: experimental description: Detects traffic or activity related to https://cl4link.silverstreambuffer.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl4link.silverstreambuffer.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl3dev.silverstreambuffer.in.net/verification.google id: auto-80e2a00c36f4afadbb727ebc3682f979380e9515b652faedea53b968dd3a0237 status: experimental description: Detects traffic or activity related to https://cl3dev.silverstreambuffer.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl3dev.silverstreambuffer.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl2remote.silverstreambuffer.in.net/verification.google id: auto-0eaeabfacad863b8d9d9d2f4a4f480610596fb5a52b4a42165998aa20e6ebe83 status: experimental description: Detects traffic or activity related to https://cl2remote.silverstreambuffer.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl2remote.silverstreambuffer.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl1store.silverstreambuffer.in.net/verification.google id: auto-fc599a68826a52e339012c7bc6ea34bebab961beae6ddb8b32f73d27ae442c75 status: experimental description: Detects traffic or activity related to https://cl1store.silverstreambuffer.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl1store.silverstreambuffer.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext4sync.goldenridgesystem.in.net/verification.google id: auto-b346ac2ae9c6e307d25536018fabc5d997351e3fcef1f88dcb494e3c366cc3f7 status: experimental description: Detects traffic or activity related to https://ext4sync.goldenridgesystem.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext4sync.goldenridgesystem.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext3gate.goldenridgesystem.in.net/verification.google id: auto-9094a9823c2046732419f282f78979ae902b9958f04e67f4262685502936ce96 status: experimental description: Detects traffic or activity related to https://ext3gate.goldenridgesystem.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext3gate.goldenridgesystem.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext2proc.goldenridgesystem.in.net/verification.google id: auto-820583de8351e5c8d13b0bf160ad4c4b0fefcc86851abfb5a2c460896b9b51eb status: experimental description: Detects traffic or activity related to https://ext2proc.goldenridgesystem.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext2proc.goldenridgesystem.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext1meta.goldenridgesystem.in.net/verification.google id: auto-19d3211e7bef1394f19904944b72965660c23e184cc619c2e33f9c258138b34c status: experimental description: Detects traffic or activity related to https://ext1meta.goldenridgesystem.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext1meta.goldenridgesystem.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc4static.frozenleafnetwork.in.net/verification.google id: auto-e5e615e32a519b6984a78c1f072e51ec5b9a69cd8d24e2b5d9696ec25bc4fba5 status: experimental description: Detects traffic or activity related to https://svc4static.frozenleafnetwork.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc4static.frozenleafnetwork.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc3edge.frozenleafnetwork.in.net/verification.google id: auto-a3d307a4ff7d1ccec6e5c911fc0dff365a9b81b8aa93d167fcdcc50a564bea0d status: experimental description: Detects traffic or activity related to https://svc3edge.frozenleafnetwork.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc3edge.frozenleafnetwork.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc2data.frozenleafnetwork.in.net/verification.google id: auto-9949379a7033a06cb99b11230529148e740a8c8c0926d653302975bf9ac12bd0 status: experimental description: Detects traffic or activity related to https://svc2data.frozenleafnetwork.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc2data.frozenleafnetwork.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc1sync.frozenleafnetwork.in.net/verification.google id: auto-05a4f392378e3eb72e377b06c5f8d1be3e6c77bda4d1fbc4b7ac37e1611b5441 status: experimental description: Detects traffic or activity related to https://svc1sync.frozenleafnetwork.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc1sync.frozenleafnetwork.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://gu4r2-field.cl0verbyte.in.net/verification.google id: auto-23df097229692c090edd1da63185526fca640afcbe1891f9b4655155ce852615 status: experimental description: Detects traffic or activity related to https://gu4r2-field.cl0verbyte.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://gu4r2-field.cl0verbyte.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://geo-4mp.cl0verbyte.in.net/verification.google id: auto-3e386d5ecec58281cd546db6f347ccda95730d43b980d8eddbbf74e2ad762c30 status: experimental description: Detects traffic or activity related to https://geo-4mp.cl0verbyte.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://geo-4mp.cl0verbyte.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://tar973lz.cl0verbyte.in.net/verification.google id: auto-65bf05a85e66c39df2a0983bfc1c947f3275efcbe3f1b59f405010860742c699 status: experimental description: Detects traffic or activity related to https://tar973lz.cl0verbyte.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://tar973lz.cl0verbyte.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://fjordhard.cl0verbyte.in.net/verification.google id: auto-416243f77e3c4a6294b47f6328fe8da7fa04679238ae5ea409fcda09814ba086 status: experimental description: Detects traffic or activity related to https://fjordhard.cl0verbyte.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://fjordhard.cl0verbyte.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://demandnod.cl0verbyte.in.net/verification.google id: auto-64971a6c40ae9a20a02c7dfb9b18b9b037a69d9b150483b4cf7bf9c8b3ec0871 status: experimental description: Detects traffic or activity related to https://demandnod.cl0verbyte.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://demandnod.cl0verbyte.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://5p4r2-forge.foxglade.in.net/verification.google id: auto-97f54f442de5d1ca4b97d91e04cf7b540f0a676dcac5b61e6904f114ecb7742b status: experimental description: Detects traffic or activity related to https://5p4r2-forge.foxglade.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://5p4r2-forge.foxglade.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://op3n-bridge.foxglade.in.net/verification.google id: auto-ce8e4a041e63c9edab062357ec0f2758bfc47041cfd2014bad2460c5cdca0903 status: experimental description: Detects traffic or activity related to https://op3n-bridge.foxglade.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://op3n-bridge.foxglade.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://uppxbwm.foxglade.in.net/verification.google id: auto-78e0c656ef8a1b90f9ae53a6c849239c4469febaa9c64cf50f0b078798facfac status: experimental description: Detects traffic or activity related to https://uppxbwm.foxglade.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://uppxbwm.foxglade.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ekdt78.foxglade.in.net/verification.google id: auto-d9be257216e926021e9002e4a87da6020bd50d8999b62fb56196e6e060463c10 status: experimental description: Detects traffic or activity related to https://ekdt78.foxglade.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ekdt78.foxglade.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://0islm.foxglade.in.net/verification.google id: auto-13a592f424074cb811035e939cb4e89b5cc116e454daabca6b9bae34ec2e6d4e status: experimental description: Detects traffic or activity related to https://0islm.foxglade.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://0islm.foxglade.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://river-fle.bramblepath.in.net/verification.google id: auto-37bcc0371ca7975aefdc50ab49ff1f58ac0a84a5f1ba03515a8b44f048cd4ba2 status: experimental description: Detects traffic or activity related to https://river-fle.bramblepath.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://river-fle.bramblepath.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://v3ct4-loop.bramblepath.in.net/verification.google id: auto-e93edd0e8b9f836f50c88a96a36c04b78910cdce2a7a27b8b1e1939e1fbe65dd status: experimental description: Detects traffic or activity related to https://v3ct4-loop.bramblepath.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://v3ct4-loop.bramblepath.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://mertide3on.bramblepath.in.net/verification.google id: auto-4b20981fd4964c61a4656c9f3fa1cf37303d8b38bb737b50570ad2befa75a384 status: experimental description: Detects traffic or activity related to https://mertide3on.bramblepath.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://mertide3on.bramblepath.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://inkchec.bramblepath.in.net/verification.google id: auto-9064beb50037ddbcde1669f3de74c84cde05644d2aefd919814723c603eec0f7 status: experimental description: Detects traffic or activity related to https://inkchec.bramblepath.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://inkchec.bramblepath.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://55wmwoni.bramblepath.in.net/verification.google id: auto-0c8e4396835d283a8930d6bd55e71fcd140c36103180d8c9349a2a64526f92d6 status: experimental description: Detects traffic or activity related to https://55wmwoni.bramblepath.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://55wmwoni.bramblepath.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://rendfie.fabledock.in.net/verification.google id: auto-627e21583182cd1dce545b592474b068fbaaaa7e582ebeee8c149e4e571fc5de status: experimental description: Detects traffic or activity related to https://rendfie.fabledock.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://rendfie.fabledock.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://kernmetri.fabledock.in.net/verification.google id: auto-33b2ee571985914ce39a4a77c926bca27965fcefee8581aa31fdbb15e7e188e4 status: experimental description: Detects traffic or activity related to https://kernmetri.fabledock.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://kernmetri.fabledock.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://5sxuqx.fabledock.in.net/verification.google id: auto-27132868a2b6672a036c693fd0af7e1482a661500c153c4b44d9d67f0098adef status: experimental description: Detects traffic or activity related to https://5sxuqx.fabledock.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://5sxuqx.fabledock.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ewdgyl.fabledock.in.net/verification.google id: auto-bdead111a02036ee35b8d2a5064b14a7ce2375131171ea2fa505ff44c9f52208 status: experimental description: Detects traffic or activity related to https://ewdgyl.fabledock.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ewdgyl.fabledock.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ffzt1.fabledock.in.net/verification.google id: auto-02de748082e123c7b37981a3c6a5f65afbcbb7d13f84acf4a6776314ec577492 status: experimental description: Detects traffic or activity related to https://ffzt1.fabledock.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ffzt1.fabledock.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://otter-aut.x7lora.in.net/verification.google id: auto-6cea9f6e10d11a5d988effd52894789929850014d7a2c790571a5ac7ed193690 status: experimental description: Detects traffic or activity related to https://otter-aut.x7lora.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://otter-aut.x7lora.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://royalgla.x7lora.in.net/verification.google id: auto-371768f1c7fee9ce84a3fee5a78575ef2112832b3296ddc1b0cffb86a7f75fb7 status: experimental description: Detects traffic or activity related to https://royalgla.x7lora.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://royalgla.x7lora.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://bridgecampa.x7lora.in.net/verification.google id: auto-f8a79a835aea580152c926c92fb171cada4235761a0e8e31a1c0fc9dec200d01 status: experimental description: Detects traffic or activity related to https://bridgecampa.x7lora.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://bridgecampa.x7lora.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://unload6-gate.x7lora.in.net/verification.google id: auto-27bf5a66ee8a6f3fb688ebeb7f196a66d611e9a205e7efcdae7bd2d33f89be75 status: experimental description: Detects traffic or activity related to https://unload6-gate.x7lora.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://unload6-gate.x7lora.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://tricrest7ar.x7lora.in.net/verification.google id: auto-de019dd49acf9c71485c067c7b18a2497dd62c972a8d1e99537d6877fcb2f683 status: experimental description: Detects traffic or activity related to https://tricrest7ar.x7lora.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://tricrest7ar.x7lora.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://plas2-graph.ra8gera.in.net/verification.google id: auto-cbb1ee52090a600bf33c61b8d1a9227b20cd9f5a5af84e50cc6d2b29df7bdb8e status: experimental description: Detects traffic or activity related to https://plas2-graph.ra8gera.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://plas2-graph.ra8gera.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://nimb3-reach.ra8gera.in.net/verification.google id: auto-118d7583a03ad68fa6c31af03b5b6a73d6061ad75b8b8156adaf78f4fe8fad51 status: experimental description: Detects traffic or activity related to https://nimb3-reach.ra8gera.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://nimb3-reach.ra8gera.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://tal-markal.ra8gera.in.net/verification.google id: auto-2e816ef197a78bd14bf4777473c5a896b687b1278a82741e1607bd55cb5bb110 status: experimental description: Detects traffic or activity related to https://tal-markal.ra8gera.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://tal-markal.ra8gera.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://5hff.ra8gera.in.net/verification.google id: auto-0952a2762189bc10d7af84760bb3e8a2478d6129bad86ba7e6711970883af3dc status: experimental description: Detects traffic or activity related to https://5hff.ra8gera.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://5hff.ra8gera.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://eastretainer.ra8gera.in.net/verification.google id: auto-835dc0f7ee274347b5bdc8fae85b9a4bbb0c633115f0c6b2ed084c721fa7db4b status: experimental description: Detects traffic or activity related to https://eastretainer.ra8gera.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://eastretainer.ra8gera.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://velcrest4is.z7hire.in.net/verification.google id: auto-cf5369c9be2b463edd7fb229b1151aac7828fffbb9fd6d8e6a4b50050313bf0c status: experimental description: Detects traffic or activity related to https://velcrest4is.z7hire.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://velcrest4is.z7hire.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://r1ch-node.z7hire.in.net/verification.google id: auto-b917fc8daea12c65d7e438072d4bef42f7e3cb4946901dd0ec2031ae123835ee status: experimental description: Detects traffic or activity related to https://r1ch-node.z7hire.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://r1ch-node.z7hire.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://torship.velorune.in.net/verification.google id: auto-94283a929e394c799cdcaf848ad975e1692dbe304e7fad87ef5f2929fadfa86d status: experimental description: Detects traffic or activity related to https://torship.velorune.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://torship.velorune.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://sket-stack.velorune.in.net/verification.google id: auto-76da8339731f754c9eae4f90c2b0e7834929f4de9224f195ee0431c5a34d7dcd status: experimental description: Detects traffic or activity related to https://sket-stack.velorune.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://sket-stack.velorune.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://6u0py.tires8f.in.net/verification.google id: auto-76c40e7139546a9a548fb43e6caeb4cccd23ae64dbd9d522bc55aec78c19e5e7 status: experimental description: Detects traffic or activity related to https://6u0py.tires8f.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://6u0py.tires8f.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://sign-live.tires8f.in.net/verification.google id: auto-22c472d6e5954cec4b4ff6d29c94545e3e2fe808500d30d31621736ce9bf5413 status: experimental description: Detects traffic or activity related to https://sign-live.tires8f.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://sign-live.tires8f.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://fuddj2yd.thornbyte.in.net/verification.google id: auto-80b07b32cd02c95756641479b842f0df5edcf66f52949a2fb01e00177477e97b status: experimental description: Detects traffic or activity related to https://fuddj2yd.thornbyte.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://fuddj2yd.thornbyte.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://fj0r-stream.thornbyte.in.net/verification.google id: auto-a4bf62415f423eb119b90d70add21c9fa2f541ca486d8eef10c0404224bbb6d7 status: experimental description: Detects traffic or activity related to https://fj0r-stream.thornbyte.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://fj0r-stream.thornbyte.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cedargri.stonemuse.in.net/verification.google id: auto-4978169c0f030b291b87de541424f3ba5e8ed1aba90db40ac5d35374d7acd779 status: experimental description: Detects traffic or activity related to https://cedargri.stonemuse.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cedargri.stonemuse.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://irgss.stonemuse.in.net/verification.google id: auto-d4b3efb28c0a64825d399174fdc6a8458cd039861c066cddd823992b7268d5d4 status: experimental description: Detects traffic or activity related to https://irgss.stonemuse.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://irgss.stonemuse.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://p0lar-mark.n1ghtridge.in.net/verification.google id: auto-4ba9d8ab6927905f6a5fcb3f418e3193ee154777dcbe97fce47727b1493ae554 status: experimental description: Detects traffic or activity related to https://p0lar-mark.n1ghtridge.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://p0lar-mark.n1ghtridge.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://vel-tideal.n1ghtridge.in.net/verification.google id: auto-2988d80a787fc2aa5b494f60f279cb6398fd17eb5c7808847fd15e4acfe05419 status: experimental description: Detects traffic or activity related to https://vel-tideal.n1ghtridge.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://vel-tideal.n1ghtridge.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://orchestheo.gl1mmeroak.in.net/verification.google id: auto-912d386b57368a3e157a36568eb465e0ffeeb6c16a1b355eb6ae70678a8b577b status: experimental description: Detects traffic or activity related to https://orchestheo.gl1mmeroak.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://orchestheo.gl1mmeroak.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://shelldecode.gl1mmeroak.in.net/verification.google id: auto-838bc3ef9370bf3e6567ee73e88dcd61123b256945cb82039b7a9437f1e2a79a status: experimental description: Detects traffic or activity related to https://shelldecode.gl1mmeroak.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://shelldecode.gl1mmeroak.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://stocforg.fablegrove.in.net/verification.google id: auto-8ca581b0de798cbcb219e79a917e999bd6aa8df93ccc57b08cbdc0489e9b1bff status: experimental description: Detects traffic or activity related to https://stocforg.fablegrove.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://stocforg.fablegrove.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://xr71purq.fablegrove.in.net/verification.google id: auto-3fb7a1c1d29570afe01ae6ea1a92c190a052ce1ffb8640ee7c22e650fe302466 status: experimental description: Detects traffic or activity related to https://xr71purq.fablegrove.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://xr71purq.fablegrove.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://solidmount.f0xharbor.in.net/verification.google id: auto-c4d853c7032a130c915c47faaa9e08edf01dcda9542be76b5937b5c8ebb82441 status: experimental description: Detects traffic or activity related to https://solidmount.f0xharbor.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://solidmount.f0xharbor.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ultrbird.f0xharbor.in.net/verification.google id: auto-6f83e61db0cf3c54886aa877f04fbc67c39082b9fbf8c4c1b7f0e970d9bcf1ad status: experimental description: Detects traffic or activity related to https://ultrbird.f0xharbor.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ultrbird.f0xharbor.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ultra-5un.dawnspire.in.net/verification.google id: auto-2bc4fe6f6a8d6ee0774ac2794ab0569a3a0bc7ef83a1d3f90d332d7ba45673f8 status: experimental description: Detects traffic or activity related to https://ultra-5un.dawnspire.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ultra-5un.dawnspire.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://meta-5udde.dawnspire.in.net/verification.google id: auto-53bb189c6e5a42c44e77cb9adaf78dd2dc8bd99767a2b151e68a918a112d6163 status: experimental description: Detects traffic or activity related to https://meta-5udde.dawnspire.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://meta-5udde.dawnspire.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://zen-valeet.crestfall.in.net/verification.google id: auto-067bb1fb4ccf5d78e9fbe3e9deef3301a3ea157826e13d72975c3d0f857eeddb status: experimental description: Detects traffic or activity related to https://zen-valeet.crestfall.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://zen-valeet.crestfall.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://plain-ivo.crestfall.in.net/verification.google id: auto-b75caf2b3d1ffb5a7787f2ebc8d334555066b601c07aefa69aa541377e12425b status: experimental description: Detects traffic or activity related to https://plain-ivo.crestfall.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://plain-ivo.crestfall.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://tricorear4.cl0udmere.in.net/verification.google id: auto-02a38c8fff1a9226c0678100639ed885a91f0c3d0050d57bc3dca9029320fc67 status: experimental description: Detects traffic or activity related to https://tricorear4.cl0udmere.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://tricorear4.cl0udmere.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://proxyspe.cl0udmere.in.net/verification.google id: auto-80285222dadbecd4979ae4965b49f0b45349e14d9e5beb62523c19a7bd6fc56f status: experimental description: Detects traffic or activity related to https://proxyspe.cl0udmere.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://proxyspe.cl0udmere.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://27tjfer7.cinderpeak.in.net/verification.google id: auto-4c0c47161ea97a5fe61917ed29dcdec26b759b930fc8b399125125504a9ec984 status: experimental description: Detects traffic or activity related to https://27tjfer7.cinderpeak.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://27tjfer7.cinderpeak.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://rnolecu0-drive.cinderpeak.in.net/verification.google id: auto-a3e2b944f17474b17d29ccaac70ee9d2dee1ad36a8cd8084c6bce8ddef294480 status: experimental description: Detects traffic or activity related to https://rnolecu0-drive.cinderpeak.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://rnolecu0-drive.cinderpeak.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://runw-maj.brisklume.in.net/verification.google id: auto-70eb46175b4c5d330bfb04e0bc8419a02d8a02d1d3d7902ae060c6fd30443c94 status: experimental description: Detects traffic or activity related to https://runw-maj.brisklume.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://runw-maj.brisklume.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://scantermin.brisklume.in.net/verification.google id: auto-9a55abff23b771c61caf2f5099028fe4c2ec01c75f3f348020b8c256edc2ce43 status: experimental description: Detects traffic or activity related to https://scantermin.brisklume.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://scantermin.brisklume.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://0sta343.aurorift.in.net/verification.google id: auto-3dc85ef38d3a8568ff1ff9f66c7a625464f55d89a25704d849d592212067514f status: experimental description: Detects traffic or activity related to https://0sta343.aurorift.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://0sta343.aurorift.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://quanpuls.aurorift.in.net/verification.google id: auto-3541cd275a77f65d7b59fd609436335e62df6d951972bbb2f14ca18148fb31aa status: experimental description: Detects traffic or activity related to https://quanpuls.aurorift.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://quanpuls.aurorift.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://mer-spireis.amber-drift.in.net/verification.google id: auto-1c4afcabdd3cb2b5f7a3966c807bd611e6ffe3dc814985752cf4ae849e328b55 status: experimental description: Detects traffic or activity related to https://mer-spireis.amber-drift.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://mer-spireis.amber-drift.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://crystal-bridge.amber-drift.in.net/verification.google id: auto-ffb5a0855036471f245d4d709a6ab65c3fe968752431af74d8da5ed42711bd93 status: experimental description: Detects traffic or activity related to https://crystal-bridge.amber-drift.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://crystal-bridge.amber-drift.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://smaton.z7hire.in.net/verification.google id: auto-e7ca03a18870b2aa4acacb4e7a1ba633cb3ea630e9090509234e5b7c22eae515 status: experimental description: Detects traffic or activity related to https://smaton.z7hire.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://smaton.z7hire.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://mermarkal5.velorune.in.net/verification.google id: auto-e2cf8f5a37691ad9b06c24b239eaca84780aa57f54084990feed16b4f4e59c5a status: experimental description: Detects traffic or activity related to https://mermarkal5.velorune.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://mermarkal5.velorune.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://peta-cre.tires8f.in.net/verification.google id: auto-0a5fbab31a465485b508f200bfd380d84a11a3669388fca83009483fd105796a status: experimental description: Detects traffic or activity related to https://peta-cre.tires8f.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://peta-cre.tires8f.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://buildwar.thornbyte.in.net/verification.google id: auto-d037786d9888b0e22ea05d3aa5bed1beb9129acdbfcd26a07b5dba0b3685097a status: experimental description: Detects traffic or activity related to https://buildwar.thornbyte.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://buildwar.thornbyte.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://s75g160.stonemuse.in.net/verification.google id: auto-8ba3b4434c241e530864bf0cef897d4a968fb88cc9c465bf76ed88b21af29c11 status: experimental description: Detects traffic or activity related to https://s75g160.stonemuse.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://s75g160.stonemuse.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://clie-zone.n1ghtridge.in.net/verification.google id: auto-623b1715d208f2da935c2f5d186c24a3f608f105683151b67baee1b54a43609e status: experimental description: Detects traffic or activity related to https://clie-zone.n1ghtridge.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://clie-zone.n1ghtridge.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://4jv9.gl1mmeroak.in.net/verification.google id: auto-cb65ac18abe42e912426947a047e77033c15530a960437a0dba82e9cad2e0769 status: experimental description: Detects traffic or activity related to https://4jv9.gl1mmeroak.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://4jv9.gl1mmeroak.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://looseoak.fablegrove.in.net/verification.google id: auto-f8e66245796de158616df8bcfc1b688a5ae82bef7b0e59c1ffe6dbb03f10ad55 status: experimental description: Detects traffic or activity related to https://looseoak.fablegrove.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://looseoak.fablegrove.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://nfqbq5.f0xharbor.in.net/verification.google id: auto-5e6fa8826c5149d6d57a71bf8022c4839bb73530be48e355178c97402f44dac4 status: experimental description: Detects traffic or activity related to https://nfqbq5.f0xharbor.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://nfqbq5.f0xharbor.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://c0rte8-flow.dawnspire.in.net/verification.google id: auto-7dc3fe42c2689a162deb6160c9e973d7822bd742c5e8ef937e29bef9dda1a5b6 status: experimental description: Detects traffic or activity related to https://c0rte8-flow.dawnspire.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://c0rte8-flow.dawnspire.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://daemon6-logic.crestfall.in.net/verification.google id: auto-a9ed63ef828c8413c9bf59b02f935d66e2ef95118a00b9714e8da7e8cfea0a5b status: experimental description: Detects traffic or activity related to https://daemon6-logic.crestfall.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://daemon6-logic.crestfall.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://pten.cl0udmere.in.net/verification.google id: auto-2b90acc03f710a7f3f7eae0f68ac9b77393d4bb17bafc4c61f37402bcd92c49f status: experimental description: Detects traffic or activity related to https://pten.cl0udmere.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://pten.cl0udmere.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://glacier3-signal.cinderpeak.in.net/verification.google id: auto-a8e6ea2c1453be6e227a97d964fc8ca5a8806bfdf110fadce43dc3a2eaa8486e status: experimental description: Detects traffic or activity related to https://glacier3-signal.cinderpeak.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://glacier3-signal.cinderpeak.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ampsyst.brisklume.in.net/verification.google id: auto-749d2b328f39b3082ca9042496f23d29d75f69e46e826ede2135954401d511eb status: experimental description: Detects traffic or activity related to https://ampsyst.brisklume.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ampsyst.brisklume.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://narr9-vector.aurorift.in.net/verification.google id: auto-9e01ec9162339cfa16ff4dab748c70985bfa3d97088d1e23e5e72f4d5142b4e6 status: experimental description: Detects traffic or activity related to https://narr9-vector.aurorift.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://narr9-vector.aurorift.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://depdea.amber-drift.in.net/verification.google id: auto-77e9ca3e1732d6f0e8a16e966421c13633d3600f362f52035df510d6dc47770f status: experimental description: Detects traffic or activity related to https://depdea.amber-drift.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://depdea.amber-drift.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://tr1g-cache.blugrid.in.net/verification.google id: auto-61f91e32f4f70667d0a1c3a42d1974cb6a93a600a1ccfe11b636c648bde5c3b0 status: experimental description: Detects traffic or activity related to https://tr1g-cache.blugrid.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://tr1g-cache.blugrid.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://l0ad-mark.redbyte.in.net/verification.google id: auto-1115ab18cf3f31860c1e0b3b190cccdd3ac677a37c089d4bccc775989cc43bf8 status: experimental description: Detects traffic or activity related to https://l0ad-mark.redbyte.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://l0ad-mark.redbyte.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://zen-fluxex.oakcore.in.net/verification.google id: auto-e6871341dde422f29c4fc008531970ca16305d32e2700e803c55db74c891a28c status: experimental description: Detects traffic or activity related to https://zen-fluxex.oakcore.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://zen-fluxex.oakcore.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://sercresta3.sunnode.in.net/verification.google id: auto-c00484322dbf8be9d07432c9d8ec585acb9a40817ffb50e9c00198c4d78488d8 status: experimental description: Detects traffic or activity related to https://sercresta3.sunnode.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://sercresta3.sunnode.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://velg.deepoak.in.net/verification.google id: auto-fec218b946615ac575764bf6c08ab7d405aff89aa58e0aa4fe7b1ff16a405b25 status: experimental description: Detects traffic or activity related to https://velg.deepoak.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://velg.deepoak.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://akl1.northoak.in.net/verification.google id: auto-85b866a643f1d09f94bf3bab322dbd7e688d5ece75879480b882d2130ac4d2fa status: experimental description: Detects traffic or activity related to https://akl1.northoak.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://akl1.northoak.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://vdyrne1g.westpit.in.net/verification.google id: auto-7ff4b236eb47e9c390057dc30c7324dd72da3046c1aaccabdf6c48fb3a1dab7b status: experimental description: Detects traffic or activity related to https://vdyrne1g.westpit.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://vdyrne1g.westpit.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://suddencul.greenpit.in.net/verification.google id: auto-2f45519bfeabf59af3fb0e87dca5bbebe16bbc90ff76cbe037b40c1bd7d39a1b status: experimental description: Detects traffic or activity related to https://suddencul.greenpit.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://suddencul.greenpit.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://freightvalley.darkbay.in.net/verification.google id: auto-7d5d67d29b075429dff4bd4c12434414e02662f875134d6a5708ea1f9fe30391 status: experimental description: Detects traffic or activity related to https://freightvalley.darkbay.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://freightvalley.darkbay.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://0rrpdvc.blueoak.in.net/verification.google id: auto-0dded3938f5ff8db76948fc03706dd0e8ad0c6d058e45ad5f46bdfdd4aa2cef2 status: experimental description: Detects traffic or activity related to https://0rrpdvc.blueoak.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://0rrpdvc.blueoak.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://directdrive.blugrid.in.net/verification.google id: auto-bf52a20fdad507ce6961c7c792233e9cd9675f463dd36e3cdba7a46e2cfd7248 status: experimental description: Detects traffic or activity related to https://directdrive.blugrid.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://directdrive.blugrid.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://5par-stream.blugrid.in.net/verification.google id: auto-b27bb6fe37d9096e4ed19196d406a8ed45c21913f8e4e1189f7207c90ff602dd status: experimental description: Detects traffic or activity related to https://5par-stream.blugrid.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://5par-stream.blugrid.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://woonort.redbyte.in.net/verification.google id: auto-c349e8119cf361d51a55bf57ac0683d94c4622572f54b93ec3077333db8159b2 status: experimental description: Detects traffic or activity related to https://woonort.redbyte.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://woonort.redbyte.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://xun7.redbyte.in.net/verification.google id: auto-06926176230d3c3e03bcefb898389d9d18f43a59d3278d3130552cc1c5286103 status: experimental description: Detects traffic or activity related to https://xun7.redbyte.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://xun7.redbyte.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://d34l5-well.oakcore.in.net/verification.google id: auto-913c084062f98b8cddedc8bc4cd4ac6aafce1be4c6842dbe2e4efb8b339c3d57 status: experimental description: Detects traffic or activity related to https://d34l5-well.oakcore.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://d34l5-well.oakcore.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://rain-wave.oakcore.in.net/verification.google id: auto-f8d1327240835826085a31fe153a4750ec8ccad5ace3ba391b674199a281c56a status: experimental description: Detects traffic or activity related to https://rain-wave.oakcore.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://rain-wave.oakcore.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://storapowe.sunnode.in.net/verification.google id: auto-329bc6377c7b63deb689679deffae41f8dd7ff747463dd41b9e87a12029fe7d3 status: experimental description: Detects traffic or activity related to https://storapowe.sunnode.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://storapowe.sunnode.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://crypt0-vector.sunnode.in.net/verification.google id: auto-aaf133b955a577d541aab643cbb2a4aaea22e0ac6dc6cdfb5e32c986f09b5ed1 status: experimental description: Detects traffic or activity related to https://crypt0-vector.sunnode.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://crypt0-vector.sunnode.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cav33-phase.deepoak.in.net/verification.google id: auto-1180c962b4cab500b2eac6615fdf5ad2098f9a373424f634d23826a79b3b2971 status: experimental description: Detects traffic or activity related to https://cav33-phase.deepoak.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cav33-phase.deepoak.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://railvalidator.deepoak.in.net/verification.google id: auto-369ff6034a8ca8dc5ed90e733057148e03cb4b0221227eb7d3c4bdcf9e1d44cd status: experimental description: Detects traffic or activity related to https://railvalidator.deepoak.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://railvalidator.deepoak.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ic3-frame.westpit.in.net/verification.google id: auto-228392d0fcba336018b994d1c1362b4010cf4c043448472db72fa17e2beccd8a status: experimental description: Detects traffic or activity related to https://ic3-frame.westpit.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ic3-frame.westpit.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://trans5-ring.westpit.in.net/verification.google id: auto-6c75bb53919fe42a8dc47d07884f4de5a91489b5c618c32a11db5d30b90b294e status: experimental description: Detects traffic or activity related to https://trans5-ring.westpit.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://trans5-ring.westpit.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://quorcresta.northoak.in.net/verification.google id: auto-9bd67a27ba619ac720eae20a87c4acd7301d8580eca32ff113ab5caad80a9c63 status: experimental description: Detects traffic or activity related to https://quorcresta.northoak.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://quorcresta.northoak.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://tritideor3.northoak.in.net/verification.google id: auto-8c1e122e77080411c56c9914998057183bfa6defc1be7dd38e075b6e1d147a8c status: experimental description: Detects traffic or activity related to https://tritideor3.northoak.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://tritideor3.northoak.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://58edm.greenpit.in.net/verification.google id: auto-524461cd05bb4312bb2ba62e776e4c7f9306974229b2d7d60bbec909c7c42862 status: experimental description: Detects traffic or activity related to https://58edm.greenpit.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://58edm.greenpit.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://vaul5-vault.greenpit.in.net/verification.google id: auto-ea46a6bfdf03f74e97377a999fa5ee2beda8693ee3ccbb7711926c255789366d status: experimental description: Detects traffic or activity related to https://vaul5-vault.greenpit.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://vaul5-vault.greenpit.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://pubserv.darkbay.in.net/verification.google id: auto-3405f7318d4b2be01b4d30e87d1b9d6fdb4f02e799afbfaf51c822351eb03466 status: experimental description: Detects traffic or activity related to https://pubserv.darkbay.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://pubserv.darkbay.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://neuron-graph.darkbay.in.net/verification.google id: auto-2153f22aa9bbfff3cfcf1db4668d2c9492b335ced66d0a8ad7e0a1a222773930 status: experimental description: Detects traffic or activity related to https://neuron-graph.darkbay.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://neuron-graph.darkbay.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://w8nzz58.blueoak.in.net/verification.google id: auto-e070b25a94744da8ca55d73b82701a922125ad0cbc7145892eb039dbe30c4d47 status: experimental description: Detects traffic or activity related to https://w8nzz58.blueoak.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://w8nzz58.blueoak.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://flamemarket.blueoak.in.net/verification.google id: auto-05a93e037b6602e1f13cf1efbea74627287efb2eeb36ac26e97b11ab2bf84ecc status: experimental description: Detects traffic or activity related to https://flamemarket.blueoak.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://flamemarket.blueoak.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext4point.blugrid.in.net/verification.google id: auto-ede94d788f2defd5fc5b1499a71b07f3a67b26ce727717f8fb4dbd04910373db status: experimental description: Detects traffic or activity related to https://ext4point.blugrid.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext4point.blugrid.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext3data.blugrid.in.net/verification.google id: auto-83266c49ca2366c5f86629df7a5ce66382362462e2da99bc6bd6bddd8545241a status: experimental description: Detects traffic or activity related to https://ext3data.blugrid.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext3data.blugrid.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext2proxy.blugrid.in.net/verification.google id: auto-47ee7fd058643fd9fc959b731d24e3de10c62e20a2326a583a8bca753ba73313 status: experimental description: Detects traffic or activity related to https://ext2proxy.blugrid.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext2proxy.blugrid.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext1infra.blugrid.in.net/verification.google id: auto-535f8af3f833f2b98b51187d0024ee4f94cef3dfb926b5fa8ae054fa4c2111df status: experimental description: Detects traffic or activity related to https://ext1infra.blugrid.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext1infra.blugrid.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc4sat.redbyte.in.net/verification.google id: auto-195f5c7941433c71e14cdea635b7bbe756dafa65d37d828a77e097b93da7874f status: experimental description: Detects traffic or activity related to https://svc4sat.redbyte.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc4sat.redbyte.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc3core.redbyte.in.net/verification.google id: auto-d6a1cb24547082e74f50a498ac7b436b103dd8cd2bec3fe60ebc800e9867755b status: experimental description: Detects traffic or activity related to https://svc3core.redbyte.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc3core.redbyte.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc2steel.redbyte.in.net/verification.google id: auto-ce5d4ec8930439013aab585ae4e7c74fb87092b0626807dfbb0796fa6b87b986 status: experimental description: Detects traffic or activity related to https://svc2steel.redbyte.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc2steel.redbyte.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc1proc.redbyte.in.net/verification.google id: auto-6855d3dc3e3e1c32736147946337cb40b5eaee2e338b440f775ac0798c5aeda8 status: experimental description: Detects traffic or activity related to https://svc1proc.redbyte.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc1proc.redbyte.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dev4space.oakcore.in.net/verification.google id: auto-b976dcc30ef5525fce132a77aa8db9b824724e4877075b6ce2ee67df7f48301b status: experimental description: Detects traffic or activity related to https://dev4space.oakcore.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dev4space.oakcore.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dev3field.oakcore.in.net/verification.google id: auto-f7ea0e5dbb84770e005c8fa2b729ef26624445f7d4f80c11d8ab43184ed5570d status: experimental description: Detects traffic or activity related to https://dev3field.oakcore.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dev3field.oakcore.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dev2outer.oakcore.in.net/verification.google id: auto-4f1b8ac9b37333b8fae073a449db914f0e05ec47118f571479f80066cd5d09f5 status: experimental description: Detects traffic or activity related to https://dev2outer.oakcore.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dev2outer.oakcore.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dev1proc.oakcore.in.net/verification.google id: auto-ec866f195c85c8c8d44a57083926d4b9c0b9f0d31718ccf66de3439202f50506 status: experimental description: Detects traffic or activity related to https://dev1proc.oakcore.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dev1proc.oakcore.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl4path.sunnode.in.net/verification.google id: auto-61f7487a695eaef57ad9da19eb291f5cabfc5ba9a07132b7af8eb24889fa5867 status: experimental description: Detects traffic or activity related to https://cl4path.sunnode.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl4path.sunnode.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl3view.sunnode.in.net/verification.google id: auto-ea4eedbcb940f7b093c5f3db764892a3f13d376cb24c6d1875704b531191170e status: experimental description: Detects traffic or activity related to https://cl3view.sunnode.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl3view.sunnode.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl2point.sunnode.in.net/verification.google id: auto-3fcfeeb0d68588c77c5a013a0ed2f5a4b2baa90b271098ec6bae4add2549ae48 status: experimental description: Detects traffic or activity related to https://cl2point.sunnode.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl2point.sunnode.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - http://158.94.208.168/files/7281753217/vArWrE8.exe id: auto-a90430e9a51c61d08e422634cdec328532039da4d13b35ceaddfaf186d3e39f0 status: experimental description: Detects traffic or activity related to http://158.94.208.168/files/7281753217/vArWrE8.exe which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*http://158.94.208.168/files/7281753217/vArWrE8.exe*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl1proc.sunnode.in.net/verification.google id: auto-36b7cd2cb4fc8b5b0136acd007981be94f053d12089ce9b1cda72bc6f0005ded status: experimental description: Detects traffic or activity related to https://cl1proc.sunnode.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl1proc.sunnode.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext4view.deepoak.in.net/verification.google id: auto-3df0dfdb271c87c17322a73ebb2f080415186685ca6a0c7fe452df5ca60a5f32 status: experimental description: Detects traffic or activity related to https://ext4view.deepoak.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext4view.deepoak.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext3ghost.deepoak.in.net/verification.google id: auto-196001307afa5cae5beb59d5425c97a3f0069b75a13a197a3bb6259bd87446df status: experimental description: Detects traffic or activity related to https://ext3ghost.deepoak.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext3ghost.deepoak.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext2core.deepoak.in.net/verification.google id: auto-a2ba929ef011e4d243c228f4d27c614b3a83c79a0a1296ccf3e702a8d63f3575 status: experimental description: Detects traffic or activity related to https://ext2core.deepoak.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext2core.deepoak.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext1proc.deepoak.in.net/verification.google id: auto-1e87dd068ee3d1e427bcba498f64c077de3a18c252135333f64b7582b8c91ca0 status: experimental description: Detects traffic or activity related to https://ext1proc.deepoak.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext1proc.deepoak.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc4link.westpit.in.net/verification.google id: auto-990274b8c4fe3c9af510e275e1ec21af5b799709d82bd28db330edc2e281e7ba status: experimental description: Detects traffic or activity related to https://svc4link.westpit.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc4link.westpit.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc3user.westpit.in.net/verification.google id: auto-3ce3aa888dd82ae3f770a781d6e981fe7d6c3637d30bfdfddf0a034e89a34a37 status: experimental description: Detects traffic or activity related to https://svc3user.westpit.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc3user.westpit.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc2base.westpit.in.net/verification.google id: auto-c6bdb57b7c97b3e19a8befedde603956cc117e2071665b20549da2ac97a83393 status: experimental description: Detects traffic or activity related to https://svc2base.westpit.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc2base.westpit.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc1infra.westpit.in.net/verification.google id: auto-1d172f87767cca413d1636f13ef350ba3dc92e7644907af0b99c087c5eb5c82d status: experimental description: Detects traffic or activity related to https://svc1infra.westpit.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc1infra.westpit.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dev4work.northoak.in.net/verification.google id: auto-d2398a5b16bad95b517e42acc2d805776d5f840324e66c2182b06864b2b26e21 status: experimental description: Detects traffic or activity related to https://dev4work.northoak.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dev4work.northoak.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dev3local.northoak.in.net/verification.google id: auto-ae5939656407f111f75dbc1343a3dbe4fba8de2cc210e125689873a493b61354 status: experimental description: Detects traffic or activity related to https://dev3local.northoak.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dev3local.northoak.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dev2power.northoak.in.net/verification.google id: auto-a8aab01f073c70cfc9a4670d572be729e4b9d910ec9615e18d04720cc2b4e70d status: experimental description: Detects traffic or activity related to https://dev2power.northoak.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dev2power.northoak.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dev1proc.northoak.in.net/verification.google id: auto-7e260eb249ea0d47b7af0f5ceab52afc7c924e79f6e4c317ac6e6079988cd8e3 status: experimental description: Detects traffic or activity related to https://dev1proc.northoak.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dev1proc.northoak.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl4link.greenpit.in.net/verification.google id: auto-4c12b26ea0f1df2587641831c7b33aeea0dc402aad7fe64e12aec13aa0200caa status: experimental description: Detects traffic or activity related to https://cl4link.greenpit.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl4link.greenpit.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl3dev.greenpit.in.net/verification.google id: auto-cc170d55d1be9f6c542356e486fbabaff289fa11d5fa2db629a68b65e88752d1 status: experimental description: Detects traffic or activity related to https://cl3dev.greenpit.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl3dev.greenpit.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl2remote.greenpit.in.net/verification.google id: auto-764a55e2c92988b89ac7f726f95194eb4f398e3ce5cbcd28c975eb1d4a9e27c0 status: experimental description: Detects traffic or activity related to https://cl2remote.greenpit.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl2remote.greenpit.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl1store.greenpit.in.net/verification.google id: auto-a242c314df6f93b78968fa9c3636646c15f9eec2545c3555e8b7cd1fdeceb500 status: experimental description: Detects traffic or activity related to https://cl1store.greenpit.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl1store.greenpit.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext4sync.darkbay.in.net/verification.google id: auto-c2320000fb11d3ea96a3c5ed0789147ec07d59618125b8b153b5c3727bb6fe9b status: experimental description: Detects traffic or activity related to https://ext4sync.darkbay.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext4sync.darkbay.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext3gate.darkbay.in.net/verification.google id: auto-fb5ffd8db895c649fbf365a30c2c465a73cf6aa380020f493b72624266bfde04 status: experimental description: Detects traffic or activity related to https://ext3gate.darkbay.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext3gate.darkbay.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext2proc.darkbay.in.net/verification.google id: auto-b9655bf981bb2d74771a40d0d9333d1972dfe6e4cacd393c56ac6722b91cc80a status: experimental description: Detects traffic or activity related to https://ext2proc.darkbay.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext2proc.darkbay.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext1meta.darkbay.in.net/verification.google id: auto-5716d055cf08e59b682479f974aa00bc6cffb9e2f02928d6568dd17f33d82d10 status: experimental description: Detects traffic or activity related to https://ext1meta.darkbay.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext1meta.darkbay.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc4static.blueoak.in.net/verification.google id: auto-86fe3a5fc747b24712700fbd8e8204dae1eb5442d34087f648a6376fc1df8c1b status: experimental description: Detects traffic or activity related to https://svc4static.blueoak.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc4static.blueoak.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc3edge.blueoak.in.net/verification.google id: auto-51e708ca56a211173bf0a5090e89892f940ab8f7deda95a14e24845cb0c2d6d1 status: experimental description: Detects traffic or activity related to https://svc3edge.blueoak.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc3edge.blueoak.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc2data.blueoak.in.net/verification.google id: auto-e1459f1b1b372c96f888389c7a5d860fc9321df236048305e3b84f5eab479447 status: experimental description: Detects traffic or activity related to https://svc2data.blueoak.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc2data.blueoak.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc1sync.blueoak.in.net/verification.google id: auto-59b6e7d5442b892323f459f3cbc9f8248d5bb3377a68e6461e58a0f6d79c2cd9 status: experimental description: Detects traffic or activity related to https://svc1sync.blueoak.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc1sync.blueoak.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://xo5q.dawnspire.in.net/verification.google id: auto-f08bec8317ff69fcbb07ea7058c9ff1cb08964c4ad041b503be3cb41b4763cec status: experimental description: Detects traffic or activity related to https://xo5q.dawnspire.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://xo5q.dawnspire.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://zkgvelgx.amber-drift.in.net/verification.google id: auto-b223dda65d7fd8311cd8c1efae576b30a1a93c108b844df82e8a010bcf8183eb status: experimental description: Detects traffic or activity related to https://zkgvelgx.amber-drift.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://zkgvelgx.amber-drift.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://gustorganize.gl1mmeroak.in.net/verification.google id: auto-883c26d5c56692227f94137f653423e2452d3a75e1feb772a68a8c99b2ca88c6 status: experimental description: Detects traffic or activity related to https://gustorganize.gl1mmeroak.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://gustorganize.gl1mmeroak.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://g8uxn2.crestfall.in.net/verification.google id: auto-76b6382b23cecd576a204c70eb8e18abe3976a9b94952abc052623b0d554a00c status: experimental description: Detects traffic or activity related to https://g8uxn2.crestfall.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://g8uxn2.crestfall.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ultra-s1ow.velorune.in.net/verification.google id: auto-6908a418a855842d88e493cb86676d1438fe8171e8b9d9176558c82465a84219 status: experimental description: Detects traffic or activity related to https://ultra-s1ow.velorune.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ultra-s1ow.velorune.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ducond.brisklume.in.net/verification.google id: auto-97f4d8f8c94388b68e34e0b9757a114da656c95dc4f581cd00224f1071c6b3f2 status: experimental description: Detects traffic or activity related to https://ducond.brisklume.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ducond.brisklume.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://export-array.f0xharbor.in.net/verification.google id: auto-40cd3db51593c9aba4386658581f8bb649ea0ab960004213006f381a8d33e0de status: experimental description: Detects traffic or activity related to https://export-array.f0xharbor.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://export-array.f0xharbor.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://nor-crestum.cinderpeak.in.net/verification.google id: auto-c40e2c867d9b9aa94dfe1bef598c394c28addc2ead2fbdfcc82393560de85699 status: experimental description: Detects traffic or activity related to https://nor-crestum.cinderpeak.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://nor-crestum.cinderpeak.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://scan-trans.aurorift.in.net/verification.google id: auto-4a0fd2c5aa4d8105ed3ec749c087353f3481f5ff7f0ae645a0e584aba5ddec60 status: experimental description: Detects traffic or activity related to https://scan-trans.aurorift.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://scan-trans.aurorift.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://rout34-point.stonemuse.in.net/verification.google id: auto-4ec2dbd435dcbb61f695c8fccd0f9bfbfb6c80d5d1366c301329014be408f18d status: experimental description: Detects traffic or activity related to https://rout34-point.stonemuse.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://rout34-point.stonemuse.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://hyper-tr4c.n1ghtridge.in.net/verification.google id: auto-ff30b2c8522ace7982c7f1b18baa1ee060e2f3a183f1e2c7b2bc380edba9bd9f status: experimental description: Detects traffic or activity related to https://hyper-tr4c.n1ghtridge.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://hyper-tr4c.n1ghtridge.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dr4w9-drive.cl0udmere.in.net/verification.google id: auto-2cc142aeb33fbdef4ee20b439392f489a7848a3f7a7b9b82ab642d90b75316c7 status: experimental description: Detects traffic or activity related to https://dr4w9-drive.cl0udmere.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dr4w9-drive.cl0udmere.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dynlithar4.thornbyte.in.net/verification.google id: auto-1d18605e77a4433db75c74bdf1ff69996b50c14bd208a7f1ba64feabef0a1d04 status: experimental description: Detects traffic or activity related to https://dynlithar4.thornbyte.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dynlithar4.thornbyte.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://9yc1.fablegrove.in.net/verification.google id: auto-9ba71455a3ca4ead6ab394e4c2c814abc2c1384a753058e497af341301bab138 status: experimental description: Detects traffic or activity related to https://9yc1.fablegrove.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://9yc1.fablegrove.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://hyp3-track.z7hire.in.net/verification.google id: auto-8a048fcd61bfcd8eb31b62c0a52b6ab87a87f374b50792a323db69e00d6f1d34 status: experimental description: Detects traffic or activity related to https://hyp3-track.z7hire.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://hyp3-track.z7hire.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://soldra1ar.tires8f.in.net/verification.google id: auto-ac67c8bc4d6faf30b13eedf3461c7431d8cd9dca45155f834bc57e966b7428cb status: experimental description: Detects traffic or activity related to https://soldra1ar.tires8f.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://soldra1ar.tires8f.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://modernbranc.cl0udmere.in.net/verification.google id: auto-2c5eb79dd324fbaaa0e233735a4c61374d342c0306963ba5ac2f534be48f5498 status: experimental description: Detects traffic or activity related to https://modernbranc.cl0udmere.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://modernbranc.cl0udmere.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dyntideet6.cl0udmere.in.net/verification.google id: auto-ab243f898d98da9369a890525054285c17f4b768835007d418374f8dcca38559 status: experimental description: Detects traffic or activity related to https://dyntideet6.cl0udmere.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dyntideet6.cl0udmere.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://geo-tr4c.cl0udmere.in.net/verification.google id: auto-0a2102c64657560314ce9e8d623d25f1cebdbe74b160d6fce3dc4de26d7200be status: experimental description: Detects traffic or activity related to https://geo-tr4c.cl0udmere.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://geo-tr4c.cl0udmere.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://talmark9et.cl0udmere.in.net/verification.google id: auto-1a1bdb4a133dc50e5c44a6731eb0d9c650e2c394251f0ddf73847d006fca5070 status: experimental description: Detects traffic or activity related to https://talmark9et.cl0udmere.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://talmark9et.cl0udmere.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://delta-span.cl0udmere.in.net/verification.google id: auto-c6a647b64c31b7c08b59da985113b7dd0b70dee5ee2f936f7677f8d62617ab70 status: experimental description: Detects traffic or activity related to https://delta-span.cl0udmere.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://delta-span.cl0udmere.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://kzta8dl.thornbyte.in.net/verification.google id: auto-da85128d9e32350b409bd44333221e791cf938fb9ac8500e083d514cf26b2a99 status: experimental description: Detects traffic or activity related to https://kzta8dl.thornbyte.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://kzta8dl.thornbyte.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cr4ft-vector.thornbyte.in.net/verification.google id: auto-1b8709686343e6c323cc9888036066b5cd3388b35a5fa9a2900cba3630b16832 status: experimental description: Detects traffic or activity related to https://cr4ft-vector.thornbyte.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cr4ft-vector.thornbyte.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://stit6-sync.thornbyte.in.net/verification.google id: auto-1b757952b01859a500cd07a12bb3431ab8d264f81a57e1bea695b898e3fbf8a6 status: experimental description: Detects traffic or activity related to https://stit6-sync.thornbyte.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://stit6-sync.thornbyte.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://rolzq.thornbyte.in.net/verification.google id: auto-990a108e97747a1b4413ad52383213b02b0cab96eb06933a4c619a50bd74a357 status: experimental description: Detects traffic or activity related to https://rolzq.thornbyte.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://rolzq.thornbyte.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://proto-d0ck.thornbyte.in.net/verification.google id: auto-b9ba3443a7f32583b2828de3e507765fc41965b3fa15ffaa4a71d17849dfccd6 status: experimental description: Detects traffic or activity related to https://proto-d0ck.thornbyte.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://proto-d0ck.thornbyte.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://4dau.fablegrove.in.net/verification.google id: auto-19233e43779fadbc9f0e20207e05a428c33248d29928d12c7aa16de0cb361fce status: experimental description: Detects traffic or activity related to https://4dau.fablegrove.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://4dau.fablegrove.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://colotone.fablegrove.in.net/verification.google id: auto-58659a30c7644c5060bc8ec784f4e37033a4cb9737155907526e67ba1a29f796 status: experimental description: Detects traffic or activity related to https://colotone.fablegrove.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://colotone.fablegrove.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dyn-coreen.fablegrove.in.net/verification.google id: auto-19d640045d6b5fe7c6d5ffbd15e3005d71489e667741c9bb640ce419e6c377f7 status: experimental description: Detects traffic or activity related to https://dyn-coreen.fablegrove.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dyn-coreen.fablegrove.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://wolfreel.fablegrove.in.net/verification.google id: auto-76d350498b62a46d16c3533f52804cf7ef232a3f7de59fe6e8227078c909b233 status: experimental description: Detects traffic or activity related to https://wolfreel.fablegrove.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://wolfreel.fablegrove.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://qu4r-bridge.fablegrove.in.net/verification.google id: auto-ff5bc5d4536931629b0aaf720b19431f7bf7166d2979e5a2f8f3b29c7e365bca status: experimental description: Detects traffic or activity related to https://qu4r-bridge.fablegrove.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://qu4r-bridge.fablegrove.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ion0-frame.z7hire.in.net/verification.google id: auto-8e2e0f5bc57f53b4a766689932f4bf25da3e38dfd01c1cdf378544cf9e90a1a9 status: experimental description: Detects traffic or activity related to https://ion0-frame.z7hire.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ion0-frame.z7hire.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://balanciphe.z7hire.in.net/verification.google id: auto-854825a82d93a89c827fbe2195b099afea6e85092769db9dc65e4581255c35dd status: experimental description: Detects traffic or activity related to https://balanciphe.z7hire.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://balanciphe.z7hire.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - http://158.94.208.168/files/7281753217/CxF0lwD.exe id: auto-d37bc2e8c21d58a70a9d00cfac42f6b64debf2e064d8632cf9f79480f734e2b0 status: experimental description: Detects traffic or activity related to http://158.94.208.168/files/7281753217/CxF0lwD.exe which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*http://158.94.208.168/files/7281753217/CxF0lwD.exe*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://rl90o.z7hire.in.net/verification.google id: auto-8b7f1130cdde638f185dca781ef13f781e27ab07c9c7612878c9433d922b5258 status: experimental description: Detects traffic or activity related to https://rl90o.z7hire.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://rl90o.z7hire.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://zennexis3.z7hire.in.net/verification.google id: auto-1f34d795527e19272f708a5a595f191ee78393ed907faaea28902b339c7346a2 status: experimental description: Detects traffic or activity related to https://zennexis3.z7hire.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://zennexis3.z7hire.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://t0rr3-phase.z7hire.in.net/verification.google id: auto-6c8b632e33092212fd4861428d8c43a60bc0a7e553c31a78d060ab23d0e2653b status: experimental description: Detects traffic or activity related to https://t0rr3-phase.z7hire.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://t0rr3-phase.z7hire.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://5wgvh3.tires8f.in.net/verification.google id: auto-1c26d7a31287d165b177c264435a4a2d3750a57c10141f12639f0425466d7f4d status: experimental description: Detects traffic or activity related to https://5wgvh3.tires8f.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://5wgvh3.tires8f.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://sub-c0ve.tires8f.in.net/verification.google id: auto-84615831e2e490ead3429b6f66e5ff2942853c37c686feedac0050eeb2df57d3 status: experimental description: Detects traffic or activity related to https://sub-c0ve.tires8f.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://sub-c0ve.tires8f.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://castfox.tires8f.in.net/verification.google id: auto-0da3048e7f4f055e13f05ea409b50255bd177213713599755aaa2d8d650f4216 status: experimental description: Detects traffic or activity related to https://castfox.tires8f.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://castfox.tires8f.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://jhculxyr.tires8f.in.net/verification.google id: auto-a2d24e4bb284b5a29b2e2f3b00080208974d3cd6c4df02bd603734bc2f0e548b status: experimental description: Detects traffic or activity related to https://jhculxyr.tires8f.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://jhculxyr.tires8f.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://arklithum.tires8f.in.net/verification.google id: auto-75ca54ebb961f79b32478a6741d9071cf48e278033fd05048612dc05dc6fcc41 status: experimental description: Detects traffic or activity related to https://arklithum.tires8f.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://arklithum.tires8f.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://bran-crest.f0xharbor.in.net/verification.google id: auto-2b706f5ad201bd1cb5c25eeec753512a7fe4efb07bec0054d73966ab430075ef status: experimental description: Detects traffic or activity related to https://bran-crest.f0xharbor.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://bran-crest.f0xharbor.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://arraybirc.f0xharbor.in.net/verification.google id: auto-aa4ec7f7b52fd862f64dafe08e0bdf0f70f4b6164fa9505bb6917c18cebe4adc status: experimental description: Detects traffic or activity related to https://arraybirc.f0xharbor.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://arraybirc.f0xharbor.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://harvestsmart.f0xharbor.in.net/verification.google id: auto-85c7371363e9cf9becf64c27783cd9d4671c24daec1287d9fb18887008f9cb93 status: experimental description: Detects traffic or activity related to https://harvestsmart.f0xharbor.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://harvestsmart.f0xharbor.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://velmarken4.cinderpeak.in.net/verification.google id: auto-ea4c66ee5aa436ab977a5abdf1b8744b103927cdfdd5d77699eb404220da3df5 status: experimental description: Detects traffic or activity related to https://velmarken4.cinderpeak.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://velmarken4.cinderpeak.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://r3bate-frame.cinderpeak.in.net/verification.google id: auto-225432c69f6f290d5547f7a0a7595770092871ae414ae93e894b1f1235fd8b18 status: experimental description: Detects traffic or activity related to https://r3bate-frame.cinderpeak.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://r3bate-frame.cinderpeak.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://asse7-panel.cinderpeak.in.net/verification.google id: auto-874f8493914faa1767873f47c49646f269e0a1c22360f92eff2d24bad29aa31e status: experimental description: Detects traffic or activity related to https://asse7-panel.cinderpeak.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://asse7-panel.cinderpeak.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://arkdraa4.aurorift.in.net/verification.google id: auto-ef76a0842fd5781416fe816e002c70339154e582e74c12f75cec9caae69264d9 status: experimental description: Detects traffic or activity related to https://arkdraa4.aurorift.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://arkdraa4.aurorift.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://lwlal3.aurorift.in.net/verification.google id: auto-b802dbe97bf8fef4b6fac3070a2823e62259b529e218db448232f9b0367ce553 status: experimental description: Detects traffic or activity related to https://lwlal3.aurorift.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://lwlal3.aurorift.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://norvenix8.aurorift.in.net/verification.google id: auto-ff1baa571e4c5415536293fae751b2237cdc306ff5297250dcadb6aa92276e69 status: experimental description: Detects traffic or activity related to https://norvenix8.aurorift.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://norvenix8.aurorift.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://sub-r3ef.stonemuse.in.net/verification.google id: auto-7c075c2047eb5377fca727c7a8d93577c3abb7ba5e46f59504769e6471156aa6 status: experimental description: Detects traffic or activity related to https://sub-r3ef.stonemuse.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://sub-r3ef.stonemuse.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ddhvaj4.stonemuse.in.net/verification.google id: auto-18f4a45fb3c82928e31e0d2313fd36f7356c5163a6c2d873aac94551e99f0e64 status: experimental description: Detects traffic or activity related to https://ddhvaj4.stonemuse.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ddhvaj4.stonemuse.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://vp6copu.stonemuse.in.net/verification.google id: auto-a9e37ab10915318609fcb7e2e408792a6c91211a1866ab026ee10f311cf3cc8a status: experimental description: Detects traffic or activity related to https://vp6copu.stonemuse.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://vp6copu.stonemuse.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://zenline5or.n1ghtridge.in.net/verification.google id: auto-986af2f319d9f8b369148353d7cd074cb6faf4f3f4d694ffb8fbe65bf81ae064 status: experimental description: Detects traffic or activity related to https://zenline5or.n1ghtridge.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://zenline5or.n1ghtridge.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://nirnb6-sheet.n1ghtridge.in.net/verification.google id: auto-bcf3026e962201ff1875b28dfe3f92f575796054ff75ffdceb468a243fead01d status: experimental description: Detects traffic or activity related to https://nirnb6-sheet.n1ghtridge.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://nirnb6-sheet.n1ghtridge.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://protereb.n1ghtridge.in.net/verification.google id: auto-97aa62eae418ddd94c1f1087f447820a4833259af83f41ab9c7c6c66df681723 status: experimental description: Detects traffic or activity related to https://protereb.n1ghtridge.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://protereb.n1ghtridge.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://suddensales.brisklume.in.net/verification.google id: auto-0981a86971eff29b322b0df0e670153a1007504e88f9dabb23df3876453ed61d status: experimental description: Detects traffic or activity related to https://suddensales.brisklume.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://suddensales.brisklume.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://crypto-daem.brisklume.in.net/verification.google id: auto-422853f31d0d94606fd57c1599d75bb407bf1d8aa37eb82113b8f3838fe6759e status: experimental description: Detects traffic or activity related to https://crypto-daem.brisklume.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://crypto-daem.brisklume.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://s10w-pulse.brisklume.in.net/verification.google id: auto-0d45c6c1d016a1f821a2ca50db7b91b2ca4869aed997a557f1c298dabc54956e status: experimental description: Detects traffic or activity related to https://s10w-pulse.brisklume.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://s10w-pulse.brisklume.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://2350.velorune.in.net/verification.google id: auto-96d8ca796106128da1a0990eed05d8c55af5d8fac21d69cfd1e45b5345508d99 status: experimental description: Detects traffic or activity related to https://2350.velorune.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://2350.velorune.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://veri-hidd.velorune.in.net/verification.google id: auto-f7ba5e49c6df73b8e6df2b82985a1e98cffe673c16f3091cc17882207cd69f6b status: experimental description: Detects traffic or activity related to https://veri-hidd.velorune.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://veri-hidd.velorune.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://nhko.velorune.in.net/verification.google id: auto-f33c0c44976ee715d48299af4a657dacfd30804fa5833c437b5527fc9ef4733d status: experimental description: Detects traffic or activity related to https://nhko.velorune.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://nhko.velorune.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cinemagarden.crestfall.in.net/verification.google id: auto-3b809da0cd7a5ff94a28c5da615124623a58fd88b56a839db1e0301a0eb51193 status: experimental description: Detects traffic or activity related to https://cinemagarden.crestfall.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cinemagarden.crestfall.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://geo-cornpr.crestfall.in.net/verification.google id: auto-d632fae90b089d61de3b95166b913bf5b94d6e18f66236645e5ac50e42659328 status: experimental description: Detects traffic or activity related to https://geo-cornpr.crestfall.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://geo-cornpr.crestfall.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://pxcnax.crestfall.in.net/verification.google id: auto-2d65f7487194459fff49f5ae73d2105c1450846cca635eb661917ad42b8a325c status: experimental description: Detects traffic or activity related to https://pxcnax.crestfall.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://pxcnax.crestfall.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://rurswitch.gl1mmeroak.in.net/verification.google id: auto-738e3ff16bcf0d57c1f70c6c324bfe28c0b17099196ef31647bd51fed153284d status: experimental description: Detects traffic or activity related to https://rurswitch.gl1mmeroak.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://rurswitch.gl1mmeroak.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://disp-vector.gl1mmeroak.in.net/verification.google id: auto-365deb44c141678f02ef89a7256c0b2f59619b885475e8e3eb7f8eae81f34de4 status: experimental description: Detects traffic or activity related to https://disp-vector.gl1mmeroak.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://disp-vector.gl1mmeroak.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://o4sis4-signal.gl1mmeroak.in.net/verification.google id: auto-965cce3aed45bc7393a24be158fdea1b9c337efedbc7b0081ace6af52efd9ddc status: experimental description: Detects traffic or activity related to https://o4sis4-signal.gl1mmeroak.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://o4sis4-signal.gl1mmeroak.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://hyper-r3agent.amber-drift.in.net/verification.google id: auto-84fdcd006deed5502d7c37f10c74b2b5aa62b52d9c6cf0fdcde7d2b5ce02029e status: experimental description: Detects traffic or activity related to https://hyper-r3agent.amber-drift.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://hyper-r3agent.amber-drift.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://quorlith5um.amber-drift.in.net/verification.google id: auto-b932728be569571fcf58f65dc2acde56b9375ca12da70a17c398cc4de632ddf2 status: experimental description: Detects traffic or activity related to https://quorlith5um.amber-drift.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://quorlith5um.amber-drift.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://vordraar8.amber-drift.in.net/verification.google id: auto-11cd787a02305777f3091e654d6e79a7bee3f5402bab9ccc89b128ac717b5247 status: experimental description: Detects traffic or activity related to https://vordraar8.amber-drift.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://vordraar8.amber-drift.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://wwc02c.dawnspire.in.net/verification.google id: auto-b85d2f7a75f9fe85d174383299f65ea1ab244e7bea449ec23c905055400ab9e1 status: experimental description: Detects traffic or activity related to https://wwc02c.dawnspire.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://wwc02c.dawnspire.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://agentscript.dawnspire.in.net/verification.google id: auto-6f67b64d666c6f668c2002c7b4825d193fcc198a53efdf47be141d68780a3d9e status: experimental description: Detects traffic or activity related to https://agentscript.dawnspire.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://agentscript.dawnspire.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://oexe.dawnspire.in.net/verification.google id: auto-a13faec6e5af564e029344e5103638054a86305e3bf5a01b99db823f6beeee7f status: experimental description: Detects traffic or activity related to https://oexe.dawnspire.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://oexe.dawnspire.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://sap3-route.f0xharbor.in.net/verification.google id: auto-7c336053467213a5fbd2fe57eac744a558866ab19a9331e7553758634bb18cf0 status: experimental description: Detects traffic or activity related to https://sap3-route.f0xharbor.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://sap3-route.f0xharbor.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://stagesandbo.f0xharbor.in.net/verification.google id: auto-e88cce91ca56653e5b949ce8cb02cc34bac31817ac0b2d0a66aba0704f6da2da status: experimental description: Detects traffic or activity related to https://stagesandbo.f0xharbor.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://stagesandbo.f0xharbor.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://4ggo.f0xharbor.in.net/verification.google id: auto-0cde9b471074c6cef8a6eaa2560c01a17aaefa0c5af1fea7d57e18ded66d266d status: experimental description: Detects traffic or activity related to https://4ggo.f0xharbor.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://4ggo.f0xharbor.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://wcslrl.f0xharbor.in.net/verification.google id: auto-4df44dcaf6b955b8722e0c2ac9b356c9b1e21853e8e661775dbfccfed8bef2a3 status: experimental description: Detects traffic or activity related to https://wcslrl.f0xharbor.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://wcslrl.f0xharbor.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://rn0dul-grid.f0xharbor.in.net/verification.google id: auto-7e3467c7648b491f4f2fcdf81c5512ebbb0e0b131e8f31f09c04a80569b54a97 status: experimental description: Detects traffic or activity related to https://rn0dul-grid.f0xharbor.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://rn0dul-grid.f0xharbor.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://globalgri.cinderpeak.in.net/verification.google id: auto-4c88af3399c75a3b1349638f8289cb90968d1ad3a1b6d6ae657b4d8fb4d67175 status: experimental description: Detects traffic or activity related to https://globalgri.cinderpeak.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://globalgri.cinderpeak.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://5fzltr.cinderpeak.in.net/verification.google id: auto-4daac67b7c4bb854487dd935f6e6f1b5abea96461550607a029cf5593e3fe904 status: experimental description: Detects traffic or activity related to https://5fzltr.cinderpeak.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://5fzltr.cinderpeak.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://sales-oas.cinderpeak.in.net/verification.google id: auto-d223e256e4bbe4938f4390a015305472190ea93416eb8f6fbf9ef3626ba5b11d status: experimental description: Detects traffic or activity related to https://sales-oas.cinderpeak.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://sales-oas.cinderpeak.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://thic-bridge.cinderpeak.in.net/verification.google id: auto-af6995dbf143b16e738059162dd4231ad4f4d415d81c110db4b27363dffe02f9 status: experimental description: Detects traffic or activity related to https://thic-bridge.cinderpeak.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://thic-bridge.cinderpeak.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://jfkwjd.cinderpeak.in.net/verification.google id: auto-bd708849a8a5eaa69fdc8ea91f3482bee5a4bfdaa1ea4b46bb93ea040c031e10 status: experimental description: Detects traffic or activity related to https://jfkwjd.cinderpeak.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://jfkwjd.cinderpeak.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ark-lineor.aurorift.in.net/verification.google id: auto-fe8efe3f0309d1bf5c2273662e9381e6eeebe50e9bb2137c92a0e199d940f8a8 status: experimental description: Detects traffic or activity related to https://ark-lineor.aurorift.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ark-lineor.aurorift.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://traglyph.aurorift.in.net/verification.google id: auto-a482d5afefb27f2ad5537cbd5901e293dda49a978ddbbc29b9a38cb2e3658dd1 status: experimental description: Detects traffic or activity related to https://traglyph.aurorift.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://traglyph.aurorift.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://moduleneedle.aurorift.in.net/verification.google id: auto-03201368110bf4644169318c2678388f1d00ff382ab88aad6466ea3e01c4b5fb status: experimental description: Detects traffic or activity related to https://moduleneedle.aurorift.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://moduleneedle.aurorift.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://meta-1ivel.aurorift.in.net/verification.google id: auto-5879369ed253a53647b5fb70764a40a89edce25f74e975b1e1116714d01b7332 status: experimental description: Detects traffic or activity related to https://meta-1ivel.aurorift.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://meta-1ivel.aurorift.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ink-mar.aurorift.in.net/verification.google id: auto-b50cc7c9de80edc68de804babb4070e369663c198915c3b70bd6f33a62d8d984 status: experimental description: Detects traffic or activity related to https://ink-mar.aurorift.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ink-mar.aurorift.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://6l3ri.stonemuse.in.net/verification.google id: auto-a41df3e3eb0c964a1e6a49bd7a24f4285bea7ceb8a1d8b1c05330bb09e16a875 status: experimental description: Detects traffic or activity related to https://6l3ri.stonemuse.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://6l3ri.stonemuse.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://0xr5c.stonemuse.in.net/verification.google id: auto-d3984fc0b2df0d00552b5cc8106f226445a4f20672d9e740423d03a6fed5a5bc status: experimental description: Detects traffic or activity related to https://0xr5c.stonemuse.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://0xr5c.stonemuse.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://zenlithum5.stonemuse.in.net/verification.google id: auto-cc78ea3cf6dcbc8b7b5e806e300d5ef139b4c36e0ecc2faa06ce5d196994f11d status: experimental description: Detects traffic or activity related to https://zenlithum5.stonemuse.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://zenlithum5.stonemuse.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://reagengate.stonemuse.in.net/verification.google id: auto-67c4d231d648c72e6932aebf3ab3449a0d85b60cd578493267e8f2305bdd7f2c status: experimental description: Detects traffic or activity related to https://reagengate.stonemuse.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://reagengate.stonemuse.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://029g1.stonemuse.in.net/verification.google id: auto-8a95a4f508019b5f8e8049ea4e2dcff5ec94d59beb9b115058ca933131d44304 status: experimental description: Detects traffic or activity related to https://029g1.stonemuse.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://029g1.stonemuse.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://tritidear7.n1ghtridge.in.net/verification.google id: auto-e2b319bac0167467af567b8e3a5f35fdfcca29733169f1b8dc24f6d962613e8f status: experimental description: Detects traffic or activity related to https://tritidear7.n1ghtridge.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://tritidear7.n1ghtridge.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://sprofrost.n1ghtridge.in.net/verification.google id: auto-63eb85e30778aea9ae77bfba00022f70e43db48f2593953070ac0bef1732b952 status: experimental description: Detects traffic or activity related to https://sprofrost.n1ghtridge.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://sprofrost.n1ghtridge.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://edzgpr.n1ghtridge.in.net/verification.google id: auto-07dbea91f74691efe2d28d4a010d3b44a13d2af26983bb73340cf2d07d930c7e status: experimental description: Detects traffic or activity related to https://edzgpr.n1ghtridge.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://edzgpr.n1ghtridge.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ser-tideos.n1ghtridge.in.net/verification.google id: auto-82bbeaa7e9edcd85fb3cb051956ec7fbc7b38c99e19dcb4433cfa89d42d35164 status: experimental description: Detects traffic or activity related to https://ser-tideos.n1ghtridge.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ser-tideos.n1ghtridge.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://velmarka.velorune.in.net/verification.google id: auto-31f678052b5a23da7f064e54781f0a7b6a2647d7708c160bbb0d1cb1bb3c1ebc status: experimental description: Detects traffic or activity related to https://velmarka.velorune.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://velmarka.velorune.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://timbe-well.velorune.in.net/verification.google id: auto-9eebc390d230466b1ea502a017496a1b8aa20ab7014712144726624b520fc98d status: experimental description: Detects traffic or activity related to https://timbe-well.velorune.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://timbe-well.velorune.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://payloadcinema.crestfall.in.net/verification.google id: auto-df042f58d84b9b721fd61987c51e7de3a927d5829a039c1f21087a1fb7cdae5d status: experimental description: Detects traffic or activity related to https://payloadcinema.crestfall.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://payloadcinema.crestfall.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://patte-span.crestfall.in.net/verification.google id: auto-a4ea5f1991c289523b271b922dd2f57d2cf6839a9e2464e76d8226b9ac3bf52f status: experimental description: Detects traffic or activity related to https://patte-span.crestfall.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://patte-span.crestfall.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://solarpri.crestfall.in.net/verification.google id: auto-a5f9d5b6eb3f6f91590fe35a996f640e6203d7d03fdab0e228e6bbfcd80fb90b status: experimental description: Detects traffic or activity related to https://solarpri.crestfall.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://solarpri.crestfall.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://transdea.crestfall.in.net/verification.google id: auto-6bd5d75581d4338b22c2a40f1efb4fbef2087c7c04f0e5f09ed3db3ad9621da8 status: experimental description: Detects traffic or activity related to https://transdea.crestfall.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://transdea.crestfall.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://neo-5un.crestfall.in.net/verification.google id: auto-ed004862ece8a987a63308e81eb93756838b3f9c295225b1722aee3adb7c796c status: experimental description: Detects traffic or activity related to https://neo-5un.crestfall.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://neo-5un.crestfall.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://arkfluxos9.gl1mmeroak.in.net/verification.google id: auto-2f0b8f388aef8ba6f09c4c9abe78d225a06cf5b2067f9be687ebfc92c27115d1 status: experimental description: Detects traffic or activity related to https://arkfluxos9.gl1mmeroak.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://arkfluxos9.gl1mmeroak.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://vorfluxet.gl1mmeroak.in.net/verification.google id: auto-530eb0fba2134c2fa2c71d90b69b6be00e4074c23d402911a187979b6cd4e2f7 status: experimental description: Detects traffic or activity related to https://vorfluxet.gl1mmeroak.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://vorfluxet.gl1mmeroak.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://qfvn0y.gl1mmeroak.in.net/verification.google id: auto-28d815d13e66966731f6bd7ff6c0b6fe4e0dff6e95683c13af7fc7cfcb1f5c68 status: experimental description: Detects traffic or activity related to https://qfvn0y.gl1mmeroak.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://qfvn0y.gl1mmeroak.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://glyph-panel.gl1mmeroak.in.net/verification.google id: auto-569dbe47b3f76af31a530ccebe611daae46f87d0d8c3a519407a389e7875b011 status: experimental description: Detects traffic or activity related to https://glyph-panel.gl1mmeroak.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://glyph-panel.gl1mmeroak.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://designtrigger.gl1mmeroak.in.net/verification.google id: auto-bc0fc431dad211fc1ebf9d7b1744a48c3faefb38f72772b377ccfc992cfb1f74 status: experimental description: Detects traffic or activity related to https://designtrigger.gl1mmeroak.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://designtrigger.gl1mmeroak.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://3urg2biz.amber-drift.in.net/verification.google id: auto-fd4f732ffc2f56890a5dad5235e7d59050fdc00423792a2141966dde71e4418c status: experimental description: Detects traffic or activity related to https://3urg2biz.amber-drift.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://3urg2biz.amber-drift.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://d3ep-cast.amber-drift.in.net/verification.google id: auto-f8141b04f602f7f6e457b6a6a0008987e8206d7ef8c9335f25811a0764f4e88d status: experimental description: Detects traffic or activity related to https://d3ep-cast.amber-drift.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://d3ep-cast.amber-drift.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://wwklydao.amber-drift.in.net/verification.google id: auto-ca2ff1a16d8562d8c59f980ad3c10f3e95c9d25ad16b64423d1fcfd5c46b3996 status: experimental description: Detects traffic or activity related to https://wwklydao.amber-drift.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://wwklydao.amber-drift.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://quot-isle.amber-drift.in.net/verification.google id: auto-5c52002b14a8b94b4b58bf72be1034dc8e0b96bbd0f2f8fcea9e578af5aafa35 status: experimental description: Detects traffic or activity related to https://quot-isle.amber-drift.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://quot-isle.amber-drift.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://nabfk.amber-drift.in.net/verification.google id: auto-d0f3e7eff1af9f3f34bd62bc488491f7f04b2e9575718eb9e24979f95a68adbc status: experimental description: Detects traffic or activity related to https://nabfk.amber-drift.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://nabfk.amber-drift.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://m0nit7-layer.dawnspire.in.net/verification.google id: auto-7378c0e4c6b3b9e33182c625cf39998c780be87da8173af01e63329febe9a446 status: experimental description: Detects traffic or activity related to https://m0nit7-layer.dawnspire.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://m0nit7-layer.dawnspire.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://vorvenen2.dawnspire.in.net/verification.google id: auto-82eb5cba040c7eaecebea053e36d86d5735357f02a09875bcf92f93d17c3e361 status: experimental description: Detects traffic or activity related to https://vorvenen2.dawnspire.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://vorvenen2.dawnspire.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://survebroa.dawnspire.in.net/verification.google id: auto-38cf7831361e76396dda2d2fc95ec10924f59e2a6b2ba31f887c6b4629f0bdad status: experimental description: Detects traffic or activity related to https://survebroa.dawnspire.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://survebroa.dawnspire.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://lidx4.dawnspire.in.net/verification.google id: auto-592897db986e468107f5128a654450073ff99260a3b09d772d8c5e845d7fca0d status: experimental description: Detects traffic or activity related to https://lidx4.dawnspire.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://lidx4.dawnspire.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://qiauhat.dawnspire.in.net/verification.google id: auto-bd12fcb551e986b8eeebd30beb725a756fffaabcfc92e68964d84f28501f6f94 status: experimental description: Detects traffic or activity related to https://qiauhat.dawnspire.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://qiauhat.dawnspire.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://29rtrlv.cl0verrun.in.net/verification.google id: auto-c581af56f70b69b98035ffedb9d96b49e1f5403adff476e47aece078f824526b status: experimental description: Detects traffic or activity related to https://29rtrlv.cl0verrun.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://29rtrlv.cl0verrun.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ashtes.cl0verrun.in.net/verification.google id: auto-4cfc1ba138dc0945c289e502f4a6acfb4ea35c895577addc6677c008d552ee85 status: experimental description: Detects traffic or activity related to https://ashtes.cl0verrun.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ashtes.cl0verrun.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://oqtxen.stone-blink.in.net/verification.google id: auto-17b607bcd1b90cb0f8dd1997ac03bed5f98ab91d056e36b4062f94e6261828e2 status: experimental description: Detects traffic or activity related to https://oqtxen.stone-blink.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://oqtxen.stone-blink.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://offvisual.stone-blink.in.net/verification.google id: auto-cf994836d5489f0aa7836e8f48c8d1574bdbe91b099fb076eee5977cb5df7c1f status: experimental description: Detects traffic or activity related to https://offvisual.stone-blink.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://offvisual.stone-blink.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://6slp.thistlecore.in.net/verification.google id: auto-e7b2bfaaf806f91a00d38661ca4af13da73921a31945592a59782aeb3d49a491 status: experimental description: Detects traffic or activity related to https://6slp.thistlecore.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://6slp.thistlecore.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://quorcoreix1.thistlecore.in.net/verification.google id: auto-ee19ff63d06c849cae441177b6b8cfa36e543cc4395e69ba2a6136380139c328 status: experimental description: Detects traffic or activity related to https://quorcoreix1.thistlecore.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://quorcoreix1.thistlecore.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://f1xegu.q7ravo.in.net/verification.google id: auto-ad92388c937e79fb75744e9ece9142ed1eeb98e4c99bb12c8e93daf6da15a3e1 status: experimental description: Detects traffic or activity related to https://f1xegu.q7ravo.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://f1xegu.q7ravo.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://talven8ex.q7ravo.in.net/verification.google id: auto-7d04ee222a27a83a4e85ffbbe802fed585d77a8635047713d29ded4b07310e0c status: experimental description: Detects traffic or activity related to https://talven8ex.q7ravo.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://talven8ex.q7ravo.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://1502u.frost-echo.in.net/verification.google id: auto-7502206ed7e64c52bb1e89c8915f0e65efe235499080187f10058bac8ae2ffa7 status: experimental description: Detects traffic or activity related to https://1502u.frost-echo.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://1502u.frost-echo.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://gu8xe.frost-echo.in.net/verification.google id: auto-8e73380aa90fef46969ebcb741216f8cc25c9ddab4179db8e84d9ee475021cf5 status: experimental description: Detects traffic or activity related to https://gu8xe.frost-echo.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://gu8xe.frost-echo.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://shape-mesh.graincrest.in.net/verification.google id: auto-0d1eb07de74cc6944aa1581bf3c2278f03f178ab707cb544c69a4c27b1dabdae status: experimental description: Detects traffic or activity related to https://shape-mesh.graincrest.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://shape-mesh.graincrest.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://quantbin.graincrest.in.net/verification.google id: auto-5fec77c9e7bc02485a9d6123f35768e8903989ec70f58bead8592c7fc34a0194 status: experimental description: Detects traffic or activity related to https://quantbin.graincrest.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://quantbin.graincrest.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://2ubum.skyl0om.in.net/verification.google id: auto-01f4e83e549b342acd4ea844ece2fd509c67edd18b297f84511629c9ca91261b status: experimental description: Detects traffic or activity related to https://2ubum.skyl0om.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://2ubum.skyl0om.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://rout3-glow.skyl0om.in.net/verification.google id: auto-ceadbfb564e85faf314866138f6c58f0a5a98bbde8d0a31ad9c628fc4bb75338 status: experimental description: Detects traffic or activity related to https://rout3-glow.skyl0om.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://rout3-glow.skyl0om.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://e3t525.flare-path.in.net/verification.google id: auto-7abc8c91fa7b353a1161f7b07c88a23344e4d96922a4eb134354a9b57f3dcb83 status: experimental description: Detects traffic or activity related to https://e3t525.flare-path.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://e3t525.flare-path.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://extractwho.flare-path.in.net/verification.google id: auto-15f45b760b0610d9f23b9dfe95a2acaa34c00bb30a6d34d0cef2beac18fd6410 status: experimental description: Detects traffic or activity related to https://extractwho.flare-path.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://extractwho.flare-path.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://rende6-trace.rivermint.in.net/verification.google id: auto-a0e840415eb7b51aad39117afe85e4c8ad70859d636c87e00ca43a50f73985a7 status: experimental description: Detects traffic or activity related to https://rende6-trace.rivermint.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://rende6-trace.rivermint.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://mer-nexal.rivermint.in.net/verification.google id: auto-3f75d095978df78a77964164c4e8b6ca1ce3e96235c4b0c2036b7ad38033e057 status: experimental description: Detects traffic or activity related to https://mer-nexal.rivermint.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://mer-nexal.rivermint.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://pxmghr.duskforge.in.net/verification.google id: auto-393ba246b99666de527bcb8ad7ac0d2ee4ccc0c1de0c4ffce3ac9116d917da68 status: experimental description: Detects traffic or activity related to https://pxmghr.duskforge.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://pxmghr.duskforge.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://f4ith-chain.duskforge.in.net/verification.google id: auto-ea8bd95524b8b470e99ba18edd98d3dff1f8e2359b3271fcf25a9e2034aa8377 status: experimental description: Detects traffic or activity related to https://f4ith-chain.duskforge.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://f4ith-chain.duskforge.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://7lluqhl.hollow-spark.in.net/verification.google id: auto-3915d4f001e64bcefe7c6f4b1e494bbdcdcb46e91a861d3e2b6477d4a95c6a9e status: experimental description: Detects traffic or activity related to https://7lluqhl.hollow-spark.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://7lluqhl.hollow-spark.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://50qfdh.hollow-spark.in.net/verification.google id: auto-5af22fd2affd98024479b4534b8eb014ebedbcc6cacf5f93f8c8e607b52cc7a9 status: experimental description: Detects traffic or activity related to https://50qfdh.hollow-spark.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://50qfdh.hollow-spark.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://sub-vv1ld.n1mbleoak.in.net/verification.google id: auto-bdea17e3ff2cdc8d7d3ab748e77d083a2220fd8ace52dd8b7739e616fbd72daf status: experimental description: Detects traffic or activity related to https://sub-vv1ld.n1mbleoak.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://sub-vv1ld.n1mbleoak.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://f1er6-lab.n1mbleoak.in.net/verification.google id: auto-97d0279bd0b6763c398e0654d170ce4dcde241613eaf3fc76f20eaf79de12c2e status: experimental description: Detects traffic or activity related to https://f1er6-lab.n1mbleoak.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://f1er6-lab.n1mbleoak.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://sermark0um.brimvale.in.net/verification.google id: auto-2bb326ba281c46178ab5af471e7faa213522a95ff18fa542ceaf2785694c6330 status: experimental description: Detects traffic or activity related to https://sermark0um.brimvale.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://sermark0um.brimvale.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://the0-drive.brimvale.in.net/verification.google id: auto-ae38d3058c6a97d86ba408c05ac79ac1757d47f022640378c1dc9f917376cb8a status: experimental description: Detects traffic or activity related to https://the0-drive.brimvale.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://the0-drive.brimvale.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://neuralclip.larkspin.in.net/verification.google id: auto-932373b0097b0a6ec2611d598dc377c8b0778af55093a44671c736a3ab98d22f status: experimental description: Detects traffic or activity related to https://neuralclip.larkspin.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://neuralclip.larkspin.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://qclju.larkspin.in.net/verification.google id: auto-4c305d06d2c1de68ae9cef1c33296a94f606445272301d8a923b6bc92d123d95 status: experimental description: Detects traffic or activity related to https://qclju.larkspin.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://qclju.larkspin.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://brandpackage.cobalt-ridge.in.net/verification.google id: auto-432695beb98b86bafbb9e88f285c2aff2713c0d576b69c0af4f337fa9233c65a status: experimental description: Detects traffic or activity related to https://brandpackage.cobalt-ridge.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://brandpackage.cobalt-ridge.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://5pectra-plate.cobalt-ridge.in.net/verification.google id: auto-06b6a9ac69c0357f797efa313bae61eca75bc88cef89a51cecb4959925bf0feb status: experimental description: Detects traffic or activity related to https://5pectra-plate.cobalt-ridge.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://5pectra-plate.cobalt-ridge.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://neo-cany0n.mirthbay.in.net/verification.google id: auto-e2132d79f1d0d6d3d710fb082ea878ff7000dc939b6b8e76a367061af8ff5a5d status: experimental description: Detects traffic or activity related to https://neo-cany0n.mirthbay.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://neo-cany0n.mirthbay.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ooj9q4.mirthbay.in.net/verification.google id: auto-f8ec02067fb096f31e1e69f17048788d2c3d73cc92ea1c6288bd85943beeb9b7 status: experimental description: Detects traffic or activity related to https://ooj9q4.mirthbay.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ooj9q4.mirthbay.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ph0to3-stack.tr4cefox.in.net/verification.google id: auto-b5746cd59f7fccdfb983fe1d6d43461751e163c3f94146d215e34b15693c28c2 status: experimental description: Detects traffic or activity related to https://ph0to3-stack.tr4cefox.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ph0to3-stack.tr4cefox.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://c1ea7-hinge.tr4cefox.in.net/verification.google id: auto-86cc8d8b873662d0bf5db4c2273335c71be49de65ffcd635049f65483615a520 status: experimental description: Detects traffic or activity related to https://c1ea7-hinge.tr4cefox.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://c1ea7-hinge.tr4cefox.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ficjog.velvet-dune.in.net/verification.google id: auto-ade93a100c95d0dd75fbf32496f572f97fb10eec3bbb7b92c37f9a55f7c4222f status: experimental description: Detects traffic or activity related to https://ficjog.velvet-dune.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ficjog.velvet-dune.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://mermeshor.velvet-dune.in.net/verification.google id: auto-92dddd2ac3763d3f6d68aafd640801ef517728ada2a14613afcbd8a7b02e7122 status: experimental description: Detects traffic or activity related to https://mermeshor.velvet-dune.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://mermeshor.velvet-dune.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext4point.stratagraphic.in.net/verification.google id: auto-11f086b5e1d2904000a998350ad3c00212a60f99707fa2c0c4b8647abcd78ce9 status: experimental description: Detects traffic or activity related to https://ext4point.stratagraphic.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext4point.stratagraphic.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext3data.stratagraphic.in.net/verification.google id: auto-212b9976c21d0869263690a4ef7f67eae2b2e31ab7e73dd435f0048637287610 status: experimental description: Detects traffic or activity related to https://ext3data.stratagraphic.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext3data.stratagraphic.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext2proxy.stratagraphic.in.net/verification.google id: auto-65256460d8c6b92a481242a6bf6384dd03ca5ca43d2c88fa2dbc0e92d0e19c98 status: experimental description: Detects traffic or activity related to https://ext2proxy.stratagraphic.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext2proxy.stratagraphic.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext1infra.stratagraphic.in.net/verification.google id: auto-7f6fe72958e30006088f3d796e11586dbf2548c14e5122cd77b9e4583da727c5 status: experimental description: Detects traffic or activity related to https://ext1infra.stratagraphic.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext1infra.stratagraphic.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc4sat.rhyolitenodehub.in.net/verification.google id: auto-cbd467dab59f2289d0f24ab9e30b90736817bb91a8140fff50d376e45291dd31 status: experimental description: Detects traffic or activity related to https://svc4sat.rhyolitenodehub.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc4sat.rhyolitenodehub.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc3core.rhyolitenodehub.in.net/verification.google id: auto-ccb3e09bcbb68261f4aaf6e7495dd62f875f24fb9a11d5f351a2256b5268c7f6 status: experimental description: Detects traffic or activity related to https://svc3core.rhyolitenodehub.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc3core.rhyolitenodehub.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc2steel.rhyolitenodehub.in.net/verification.google id: auto-252e0a4ac94a0f2212f401bfa7beda8b24038cba34cd9eb5a211b923339031d4 status: experimental description: Detects traffic or activity related to https://svc2steel.rhyolitenodehub.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc2steel.rhyolitenodehub.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc1proc.rhyolitenodehub.in.net/verification.google id: auto-a9982a6fc1ac51f8605b7db4feed23e638b04cf7dae540bea817e0d704bf3c14 status: experimental description: Detects traffic or activity related to https://svc1proc.rhyolitenodehub.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc1proc.rhyolitenodehub.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dev4space.pyroxenetrace.in.net/verification.google id: auto-0db7942fe74f08b6f42d147b3043e17f17586ce30da7e32860bf0bd1a9f93535 status: experimental description: Detects traffic or activity related to https://dev4space.pyroxenetrace.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dev4space.pyroxenetrace.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dev2outer.pyroxenetrace.in.net/verification.google id: auto-0126f973cfffad6e089521fbd10c4a0b83656a83e289a0eb7198dc78181bef91 status: experimental description: Detects traffic or activity related to https://dev2outer.pyroxenetrace.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dev2outer.pyroxenetrace.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dev1proc.pyroxenetrace.in.net/verification.google id: auto-4dca42702f9ed076f0f90ba060aa3a288b3af1df3f2ee59f39002d5a589647df status: experimental description: Detects traffic or activity related to https://dev1proc.pyroxenetrace.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dev1proc.pyroxenetrace.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl4path.obsidianmatrix.in.net/verification.google id: auto-fcbc3f34ef7f5ba72e66e704920b059cb0a48e9a2893b20a9d4ee4507e61aa68 status: experimental description: Detects traffic or activity related to https://cl4path.obsidianmatrix.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl4path.obsidianmatrix.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl3view.obsidianmatrix.in.net/verification.google id: auto-1a4f62ba853f8fb08edef0c09bacb7b368e9dcdee44c8b11730d2807ec28e4bd status: experimental description: Detects traffic or activity related to https://cl3view.obsidianmatrix.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl3view.obsidianmatrix.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl2point.obsidianmatrix.in.net/verification.google id: auto-c83ee7a24cd737b24c5f00ef05af27e9b9294ef103e7adc182e10e2936e38b4e status: experimental description: Detects traffic or activity related to https://cl2point.obsidianmatrix.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl2point.obsidianmatrix.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl1proc.obsidianmatrix.in.net/verification.google id: auto-7951e1b7e5c5f1fdbe91f51003ae67740bef4d3a0407a340a3941fe3115cc285 status: experimental description: Detects traffic or activity related to https://cl1proc.obsidianmatrix.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl1proc.obsidianmatrix.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext4view.feldspargateway.in.net/verification.google id: auto-be4f3a5c8c41b35ff272f6756cba2c43952214e2040ba9b212023672bb29cb53 status: experimental description: Detects traffic or activity related to https://ext4view.feldspargateway.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext4view.feldspargateway.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext3ghost.feldspargateway.in.net/verification.google id: auto-f9cfa562a738eff7b7577af66362d8ab13e9d4853651d9ed5a61194e364ee419 status: experimental description: Detects traffic or activity related to https://ext3ghost.feldspargateway.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext3ghost.feldspargateway.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext2core.feldspargateway.in.net/verification.google id: auto-2021062656a66442dfe62befcf29a09c67656a621cab451967dd615549507580 status: experimental description: Detects traffic or activity related to https://ext2core.feldspargateway.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext2core.feldspargateway.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext1proc.feldspargateway.in.net/verification.google id: auto-347e27a74fae3380e928ea4afe806ab5b452e01ba5824f2ad9eff0bb33649ae3 status: experimental description: Detects traffic or activity related to https://ext1proc.feldspargateway.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext1proc.feldspargateway.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc4link.magmaticbuffer.in.net/verification.google id: auto-d15c16957b6479b511725f78c96f428ab0a9229f3f3b15f3f2dd18da9a5b4d4f status: experimental description: Detects traffic or activity related to https://svc4link.magmaticbuffer.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc4link.magmaticbuffer.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc3user.magmaticbuffer.in.net/verification.google id: auto-a6a2dc317de268f4585df01a7b2cd01c21d209af1e90d3001fd8d48ce7163497 status: experimental description: Detects traffic or activity related to https://svc3user.magmaticbuffer.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc3user.magmaticbuffer.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc2base.magmaticbuffer.in.net/verification.google id: auto-66e4814c06d1ad1cf603721ebbd9f4b3785fb517b0e977827c3d3f49c3517d13 status: experimental description: Detects traffic or activity related to https://svc2base.magmaticbuffer.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc2base.magmaticbuffer.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc1infra.magmaticbuffer.in.net/verification.google id: auto-32154d7814b53d972480f2243b51271cb536c467cada1bd2f53f62bdaf28b6d6 status: experimental description: Detects traffic or activity related to https://svc1infra.magmaticbuffer.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc1infra.magmaticbuffer.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dev4work.tectonicstream.in.net/verification.google id: auto-4c729944fc4ef6dd05133e7b27b4cbaba5013e22bd73746e170b94f92f411cf7 status: experimental description: Detects traffic or activity related to https://dev4work.tectonicstream.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dev4work.tectonicstream.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dev3local.tectonicstream.in.net/verification.google id: auto-c0056b2b47baec09806f41d4c7f39b71a13355e870829bfe517a2d3eed04b875 status: experimental description: Detects traffic or activity related to https://dev3local.tectonicstream.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dev3local.tectonicstream.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dev2power.tectonicstream.in.net/verification.google id: auto-93d2572731a62e2bc3d4baf1ffdbd81d78f8f2d373956c0f2fc3688fbc2e8d43 status: experimental description: Detects traffic or activity related to https://dev2power.tectonicstream.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dev2power.tectonicstream.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dev1proc.tectonicstream.in.net/verification.google id: auto-e1348e4b312a55358a222e06bdf303b3435e2b3705ea00254f1d7a15cbb32d29 status: experimental description: Detects traffic or activity related to https://dev1proc.tectonicstream.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dev1proc.tectonicstream.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl4link.sedimentmetrics.in.net/verification.google id: auto-b607f6e26df7476560d11144c88675f259cf9d93a64ffa1071b48b287910a3f9 status: experimental description: Detects traffic or activity related to https://cl4link.sedimentmetrics.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl4link.sedimentmetrics.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl3dev.sedimentmetrics.in.net/verification.google id: auto-a991166ef6ac80fdcb3d3eaf0ebb3616c8b6d7938ed2610ea59fd75260903ab3 status: experimental description: Detects traffic or activity related to https://cl3dev.sedimentmetrics.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl3dev.sedimentmetrics.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl2remote.sedimentmetrics.in.net/verification.google id: auto-24bed32db8eaa3f49bb321fec610442b4b995fa882537a15c5327915d66d7dc2 status: experimental description: Detects traffic or activity related to https://cl2remote.sedimentmetrics.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl2remote.sedimentmetrics.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl1store.sedimentmetrics.in.net/verification.google id: auto-1a588ae4bf1f9bc06bcce46d608284e271d20167bf5b0ab4d9dda7bcadd78b47 status: experimental description: Detects traffic or activity related to https://cl1store.sedimentmetrics.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl1store.sedimentmetrics.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext4sync.lithosphereduct.in.net/verification.google id: auto-7ab2d90c15a52dc7ddb3ef448917e0f87055be7105b8ce8cf8519c901507a870 status: experimental description: Detects traffic or activity related to https://ext4sync.lithosphereduct.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext4sync.lithosphereduct.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext3gate.lithosphereduct.in.net/verification.google id: auto-a74e7bbc085ce7a563d56c17ce54ef2ee3b89923212d1a1404b41dd3ba07b721 status: experimental description: Detects traffic or activity related to https://ext3gate.lithosphereduct.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext3gate.lithosphereduct.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext2proc.lithosphereduct.in.net/verification.google id: auto-6c95851388dc1edaa3c9f95dfabb884d63127ee6a47548f63e14cdd35cf4ade0 status: experimental description: Detects traffic or activity related to https://ext2proc.lithosphereduct.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext2proc.lithosphereduct.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext1meta.lithosphereduct.in.net/verification.google id: auto-b870c1c932358ad9cb67779a07436a6dcd024feb4c3c3dcb76ae82dfffa6abd3 status: experimental description: Detects traffic or activity related to https://ext1meta.lithosphereduct.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext1meta.lithosphereduct.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc4static.petrographyflow.in.net/verification.google id: auto-6bcbe00741c668a0bbabd6586182d40b971a679ff1cb59b37f4edc86ce0ea9db status: experimental description: Detects traffic or activity related to https://svc4static.petrographyflow.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc4static.petrographyflow.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc3edge.petrographyflow.in.net/verification.google id: auto-95ce1c191eb42edf6883e376da334e4123ff0791eb51f7ea37ffdb8208c7b1f8 status: experimental description: Detects traffic or activity related to https://svc3edge.petrographyflow.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc3edge.petrographyflow.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc2data.petrographyflow.in.net/verification.google id: auto-ed0b281db5789801ae661b32291ba7acc743f578b0035e02e28593c2aaceb718 status: experimental description: Detects traffic or activity related to https://svc2data.petrographyflow.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc2data.petrographyflow.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc1sync.petrographyflow.in.net/verification.google id: auto-9172eafc8e24b4b0d5ce9866668aad50a57a83a251d45337ca6b9aa1efd64da7 status: experimental description: Detects traffic or activity related to https://svc1sync.petrographyflow.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc1sync.petrographyflow.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext4point.chordatamatrix.in.net/verification.google id: auto-f4b91c5abb2b7d1224253323a93295b4f0a7fd5b2de30fa1a7de44b877310b7b status: experimental description: Detects traffic or activity related to https://ext4point.chordatamatrix.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext4point.chordatamatrix.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext3data.chordatamatrix.in.net/verification.google id: auto-b723d5299aec44a098ed0a72add0f8c1cf41b0853f206ad9201a1a2fe43fdf0b status: experimental description: Detects traffic or activity related to https://ext3data.chordatamatrix.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext3data.chordatamatrix.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext2proxy.chordatamatrix.in.net/verification.google id: auto-6474f06dda04055ff69302c2662aa50d82db3c568ca8107dc1c456f426b7483a status: experimental description: Detects traffic or activity related to https://ext2proxy.chordatamatrix.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext2proxy.chordatamatrix.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext1infra.chordatamatrix.in.net/verification.google id: auto-807cdc86b3ccc74ce11b69758066e3fecfc23ca3ce9d1948ceaf6f17d9627c66 status: experimental description: Detects traffic or activity related to https://ext1infra.chordatamatrix.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext1infra.chordatamatrix.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc4sat.nematodastream.in.net/verification.google id: auto-afce539efd74d17671290cee6b3e984c8b272f67a5224f2fb23a399aad352fae status: experimental description: Detects traffic or activity related to https://svc4sat.nematodastream.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc4sat.nematodastream.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc3core.nematodastream.in.net/verification.google id: auto-8ede787f7ecd04d689a9fc16a0d60a37ce43c9c13e6cd555cb6dc85133780d19 status: experimental description: Detects traffic or activity related to https://svc3core.nematodastream.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc3core.nematodastream.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc2steel.nematodastream.in.net/verification.google id: auto-aad3c152a35a44a0edb2489b18fd839fe0e27cc91d8f4d6a84e8feaa2149afbd status: experimental description: Detects traffic or activity related to https://svc2steel.nematodastream.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc2steel.nematodastream.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc1proc.nematodastream.in.net/verification.google id: auto-5c336f0d3c25e5870082d8670dc4cfbbea28ca810e5047176635530dee37d49a status: experimental description: Detects traffic or activity related to https://svc1proc.nematodastream.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc1proc.nematodastream.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dev4space.platyhelminth.in.net/verification.google id: auto-a283abe22f33eaccd81dabf13efdc3afcb56b2f1c65808ad76b42a7345d47321 status: experimental description: Detects traffic or activity related to https://dev4space.platyhelminth.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dev4space.platyhelminth.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dev3field.platyhelminth.in.net/verification.google id: auto-4239481a994619fb491b63fd226cf878505cc257b5638c01402a733ff3a4b64c status: experimental description: Detects traffic or activity related to https://dev3field.platyhelminth.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dev3field.platyhelminth.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dev2outer.platyhelminth.in.net/verification.google id: auto-d33807c47dd3c6c04db7e7c5c6c8516f5b8c5074e0725672e620195f596ed1d9 status: experimental description: Detects traffic or activity related to https://dev2outer.platyhelminth.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dev2outer.platyhelminth.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dev1proc.platyhelminth.in.net/verification.google id: auto-a1458646a99b75e96824fe04f9460f002587f6415261c8438783f2a5db556cf4 status: experimental description: Detects traffic or activity related to https://dev1proc.platyhelminth.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dev1proc.platyhelminth.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl4path.bryozoametrics.in.net/verification.google id: auto-8964212cd73ea6533ab0700046e3f0094320206d16dcf8b229c7c8e44c96c782 status: experimental description: Detects traffic or activity related to https://cl4path.bryozoametrics.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl4path.bryozoametrics.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl3view.bryozoametrics.in.net/verification.google id: auto-e63d9dc7fe08eb44e3af04923a489ac31b7363d1d659590913650ee37c9e198a status: experimental description: Detects traffic or activity related to https://cl3view.bryozoametrics.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl3view.bryozoametrics.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl2point.bryozoametrics.in.net/verification.google id: auto-a4f8117fd37297ef77a6e9ab792cd2cc42ded88e9900f68677635e09c9dc141a status: experimental description: Detects traffic or activity related to https://cl2point.bryozoametrics.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl2point.bryozoametrics.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl1proc.bryozoametrics.in.net/verification.google id: auto-3fab211ce270ee393b18249966113b72d555f77dd46afacacf3e4fc16020ec41 status: experimental description: Detects traffic or activity related to https://cl1proc.bryozoametrics.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl1proc.bryozoametrics.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext4view.poriferabuffer.in.net/verification.google id: auto-426ceded55b1d1501b8df6fb40b579ab59cb031a94e0ec4bad3dfdb6207f454c status: experimental description: Detects traffic or activity related to https://ext4view.poriferabuffer.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext4view.poriferabuffer.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext3ghost.poriferabuffer.in.net/verification.google id: auto-7ffa5df6600435202e9aa7aefe170e2fa962a4f00b8ae9db6ebed33986e6de01 status: experimental description: Detects traffic or activity related to https://ext3ghost.poriferabuffer.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext3ghost.poriferabuffer.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext2core.poriferabuffer.in.net/verification.google id: auto-e45ee922dd37de9a7a1a5e8571aea81e3aacd0860bc5418b49b48c24c4e1023e status: experimental description: Detects traffic or activity related to https://ext2core.poriferabuffer.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext2core.poriferabuffer.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext1proc.poriferabuffer.in.net/verification.google id: auto-8a0c9de9aa908c09a83aa99e2a0277061c00bb8a27c15bd64202d02583004c0c status: experimental description: Detects traffic or activity related to https://ext1proc.poriferabuffer.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext1proc.poriferabuffer.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc4link.arthropodameta.in.net/verification.google id: auto-58e9989fbc37fdd292daf700aefe9f8598f4eacc77664bed9120761967d781a3 status: experimental description: Detects traffic or activity related to https://svc4link.arthropodameta.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc4link.arthropodameta.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc3user.arthropodameta.in.net/verification.google id: auto-38839eb1983da9da9172d3cc07e058d00f0e8b30f4aef9b46dfd828be216b948 status: experimental description: Detects traffic or activity related to https://svc3user.arthropodameta.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc3user.arthropodameta.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc2base.arthropodameta.in.net/verification.google id: auto-71890a4297b57ac8e6fc06227f20edb6e838f8d456a6f2ccbac0479a615116ab status: experimental description: Detects traffic or activity related to https://svc2base.arthropodameta.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc2base.arthropodameta.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc1infra.arthropodameta.in.net/verification.google id: auto-2a8f65a137e2122ccf450f7a2b4f5c750165496ba133d7ac2c9818aab4a59083 status: experimental description: Detects traffic or activity related to https://svc1infra.arthropodameta.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc1infra.arthropodameta.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dev4work.annelidatrace.in.net/verification.google id: auto-ee9d4afa3ba40f8d153f4f318d7136b697f8c776a3a63bc1d1465389259a80bb status: experimental description: Detects traffic or activity related to https://dev4work.annelidatrace.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dev4work.annelidatrace.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dev3local.annelidatrace.in.net/verification.google id: auto-4237f3c32f57a6e91ddddee744300065f97437aeeadf9d0f0c3d8de6ed351a41 status: experimental description: Detects traffic or activity related to https://dev3local.annelidatrace.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dev3local.annelidatrace.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dev2power.annelidatrace.in.net/verification.google id: auto-ad7621417bc73a2c0093e7fd0c7e66e580fddad674ae97866d9fd443552e5038 status: experimental description: Detects traffic or activity related to https://dev2power.annelidatrace.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dev2power.annelidatrace.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dev1proc.annelidatrace.in.net/verification.google id: auto-ed7726edd226aa382fc7b7d18ce3dfec3c819020faeff56956941b09fc7e60d8 status: experimental description: Detects traffic or activity related to https://dev1proc.annelidatrace.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dev1proc.annelidatrace.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl4link.echinodermgate.in.net/verification.google id: auto-0b05f9dec79b041abe55ed3a99d37353f7b1886d97734e298b601d1886628e15 status: experimental description: Detects traffic or activity related to https://cl4link.echinodermgate.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl4link.echinodermgate.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl3dev.echinodermgate.in.net/verification.google id: auto-638441733c03d182bbf1df781c9f059ded68043b23696bc3965a92bd60390194 status: experimental description: Detects traffic or activity related to https://cl3dev.echinodermgate.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl3dev.echinodermgate.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl2remote.echinodermgate.in.net/verification.google id: auto-d8e33f31a8edf79045b56ee93ed40c08b589b7103233bfb2651145b677733659 status: experimental description: Detects traffic or activity related to https://cl2remote.echinodermgate.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl2remote.echinodermgate.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl1store.echinodermgate.in.net/verification.google id: auto-31f88b7970fc6e3b6c972d4b2369e589fb135c5bb80664162000c01057206149 status: experimental description: Detects traffic or activity related to https://cl1store.echinodermgate.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl1store.echinodermgate.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext4sync.molluskflowlink.in.net/verification.google id: auto-6fcd8aa206df8ad8000e6a590a96abb0bc3a3450cf98985c1ae1a3ab58467d66 status: experimental description: Detects traffic or activity related to https://ext4sync.molluskflowlink.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext4sync.molluskflowlink.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext3gate.molluskflowlink.in.net/verification.google id: auto-31be49cbdfc3f364120fee157563e5a8320311b8a15f11e0d8e5d263a132b4b5 status: experimental description: Detects traffic or activity related to https://ext3gate.molluskflowlink.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext3gate.molluskflowlink.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext2proc.molluskflowlink.in.net/verification.google id: auto-814375d77de185a1bca17a1058d072afccd7c2bf9486fb72da5de076537d5838 status: experimental description: Detects traffic or activity related to https://ext2proc.molluskflowlink.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext2proc.molluskflowlink.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext1meta.molluskflowlink.in.net/verification.google id: auto-ea40f4b7dfc4ad3a996a6f2b913c8bdfe382cd533be0ad4a25522e661dde9e77 status: experimental description: Detects traffic or activity related to https://ext1meta.molluskflowlink.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext1meta.molluskflowlink.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc4static.crustaceanode.in.net/verification.google id: auto-b1263624b1212520d98ab959edf915b0ea87f2acae0d3114ba310a2c06b844ec status: experimental description: Detects traffic or activity related to https://svc4static.crustaceanode.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc4static.crustaceanode.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc3edge.crustaceanode.in.net/verification.google id: auto-a903dc192c170d52c11de46f09ad55569940ad91f601bd2b31197c459af1288f status: experimental description: Detects traffic or activity related to https://svc3edge.crustaceanode.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc3edge.crustaceanode.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc2data.crustaceanode.in.net/verification.google id: auto-d2b9200a5947f75c55a51c8f7152d96be9f3ccdbb725a186386930e03d8b607e status: experimental description: Detects traffic or activity related to https://svc2data.crustaceanode.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc2data.crustaceanode.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc1sync.crustaceanode.in.net/verification.google id: auto-6266661a766569c713426c5ee108f9256c14332c643e44e38993144baabb9368 status: experimental description: Detects traffic or activity related to https://svc1sync.crustaceanode.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc1sync.crustaceanode.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://grid-mesh.thistlecore.in.net/verification.google id: auto-af4ca428547a2e88ff35b6727058a95147c2aa9ffff22620d863b3f11fc0bda6 status: experimental description: Detects traffic or activity related to https://grid-mesh.thistlecore.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://grid-mesh.thistlecore.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://coralmotif.graincrest.in.net/verification.google id: auto-cec4dd390e69402f61ecc126011862da0889334b94005cb3e90b52c518f52a17 status: experimental description: Detects traffic or activity related to https://coralmotif.graincrest.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://coralmotif.graincrest.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://4qaxpshj.flare-path.in.net/verification.google id: auto-e15beec63a2cfc3fe6aea4642257682ad1263f4245e1a5eeb90249729478305b status: experimental description: Detects traffic or activity related to https://4qaxpshj.flare-path.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://4qaxpshj.flare-path.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://j3b873.duskforge.in.net/verification.google id: auto-6fac0e5e0deca89b8bec94d98aa89e92efdded7027ec452f5a2d3a824a95816a status: experimental description: Detects traffic or activity related to https://j3b873.duskforge.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://j3b873.duskforge.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://lmwfj4.brimvale.in.net/verification.google id: auto-d777e627eb17ce07d7c2084e9f07022106d9be3aedb085e664c1480990900a3f status: experimental description: Detects traffic or activity related to https://lmwfj4.brimvale.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://lmwfj4.brimvale.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ovdtt.larkspin.in.net/verification.google id: auto-8c2344d92018ed98504451228f9bc003aee6adbb63a539aed62f8843980b22bf status: experimental description: Detects traffic or activity related to https://ovdtt.larkspin.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ovdtt.larkspin.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://tensorout.cobalt-ridge.in.net/verification.google id: auto-352ba50f78c3ff0e1faf792ef64d04b3ae18609c53b0d60de9504e0089aa2d19 status: experimental description: Detects traffic or activity related to https://tensorout.cobalt-ridge.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://tensorout.cobalt-ridge.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://lypl54.mirthbay.in.net/verification.google id: auto-e0c7ade166ce0671e5849c781f8aeadcbd72b20f5343373976b5cc69f8d7bb8c status: experimental description: Detects traffic or activity related to https://lypl54.mirthbay.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://lypl54.mirthbay.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://fyuu.tr4cefox.in.net/verification.google id: auto-1ef0747d6a116cfe7fe748d4a2a8eae52d0f12196ee5666a102dd23353121523 status: experimental description: Detects traffic or activity related to https://fyuu.tr4cefox.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://fyuu.tr4cefox.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://arkforge8os.velvet-dune.in.net/verification.google id: auto-bb1730d55fc057edd9a03dc1702c4db5bcd7e7802da486db31768018082a5e0d status: experimental description: Detects traffic or activity related to https://arkforge8os.velvet-dune.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://arkforge8os.velvet-dune.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://51ogg4fa.cl0verrun.in.net/verification.google id: auto-a82efe78ceb8f00c31b70e79fce1effc7e5070c23aebc5845b8124374cf63049 status: experimental description: Detects traffic or activity related to https://51ogg4fa.cl0verrun.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://51ogg4fa.cl0verrun.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ser-draos.cl0verrun.in.net/verification.google id: auto-b5e4595cf517a81791a54c44b0df1c09f4de838e87e90e30ea6fc3f1c4fdb102 status: experimental description: Detects traffic or activity related to https://ser-draos.cl0verrun.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ser-draos.cl0verrun.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://1vyf96o.cl0verrun.in.net/verification.google id: auto-68cbab2df443ec97e29a526ddb14ed8b1809f83f9bc827c98647fdc0e2bd3074 status: experimental description: Detects traffic or activity related to https://1vyf96o.cl0verrun.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://1vyf96o.cl0verrun.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://traceglo.cl0verrun.in.net/verification.google id: auto-70edbdb1b9e3d07b11f472f934d48efc833e8f8a934bec6dc9aeb27d79dc49ef status: experimental description: Detects traffic or activity related to https://traceglo.cl0verrun.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://traceglo.cl0verrun.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://vinetrade.cl0verrun.in.net/verification.google id: auto-27ecf01619ec6b7a83180b9a8cbfed40f227096bd96978bdbd7f0d5d669c32c9 status: experimental description: Detects traffic or activity related to https://vinetrade.cl0verrun.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://vinetrade.cl0verrun.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://fwnc6xm.stone-blink.in.net/verification.google id: auto-47aa4c4cbf000679ae9329998b32c0ffd843e9c41c2204712205a2e50018b13e status: experimental description: Detects traffic or activity related to https://fwnc6xm.stone-blink.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://fwnc6xm.stone-blink.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://mercrest3on.stone-blink.in.net/verification.google id: auto-0e960dfa88f304e3dc2a23932cb7cb4d319a4f3c4ac4e683c3a5d6389414c559 status: experimental description: Detects traffic or activity related to https://mercrest3on.stone-blink.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://mercrest3on.stone-blink.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://podcastridg.stone-blink.in.net/verification.google id: auto-e6b0a0d15a7c18667181dcee003884e7fca68c2cf6a5f4caf49cb0e2e2481d4b status: experimental description: Detects traffic or activity related to https://podcastridg.stone-blink.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://podcastridg.stone-blink.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://5cript-branch.stone-blink.in.net/verification.google id: auto-e04d1b08c31d3708f0488c98d905b038a742a44cfcdb8d98a27de3149080f1cc status: experimental description: Detects traffic or activity related to https://5cript-branch.stone-blink.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://5cript-branch.stone-blink.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://knjecym.stone-blink.in.net/verification.google id: auto-a0883248dcf348e5e98c3133a62cecb486ce7c56cf1c9e338511ff04b829784c status: experimental description: Detects traffic or activity related to https://knjecym.stone-blink.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://knjecym.stone-blink.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://gmabpncp.thistlecore.in.net/verification.google id: auto-e1628c38e7eb5114d8b4bb06f7945452645c4fad603b2cd30e32e90585dd785f status: experimental description: Detects traffic or activity related to https://gmabpncp.thistlecore.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://gmabpncp.thistlecore.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://75rlme.thistlecore.in.net/verification.google id: auto-3f4a44e827967e72b99f816bb463c1f2512a4b7edbf0baecf1a577e59f392f76 status: experimental description: Detects traffic or activity related to https://75rlme.thistlecore.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://75rlme.thistlecore.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://neur0n-forge.thistlecore.in.net/verification.google id: auto-5f1feff50d95ef31a09a5f3234fbb8a57e21835b0490cfabec91fd2ab26f3393 status: experimental description: Detects traffic or activity related to https://neur0n-forge.thistlecore.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://neur0n-forge.thistlecore.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://nordraum7.thistlecore.in.net/verification.google id: auto-e484950a6732a7bc053c00e6d8f73181ba894c3cc472c83c315491dc2f3b28b9 status: experimental description: Detects traffic or activity related to https://nordraum7.thistlecore.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://nordraum7.thistlecore.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://hvxpnc.thistlecore.in.net/verification.google id: auto-406b9c6e43aea28d320dad67f867afdf133ea3d94d06cfb233494e1cc9e1572c status: experimental description: Detects traffic or activity related to https://hvxpnc.thistlecore.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://hvxpnc.thistlecore.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://pricehub.q7ravo.in.net/verification.google id: auto-51704e10ef16c7c3376c7618840b12d929a4ebe0136491df5c53c55895cc31bf status: experimental description: Detects traffic or activity related to https://pricehub.q7ravo.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://pricehub.q7ravo.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://merlineon6.q7ravo.in.net/verification.google id: auto-c732525b4c83fda636a22ab9630e799b8c878e1403bb958f8a16a784a5a0af3b status: experimental description: Detects traffic or activity related to https://merlineon6.q7ravo.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://merlineon6.q7ravo.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://rjl2hgy.q7ravo.in.net/verification.google id: auto-0556f37af0872d70f215904a3a4f88400c6b32af79f68b00c1df65f3d4c8716d status: experimental description: Detects traffic or activity related to https://rjl2hgy.q7ravo.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://rjl2hgy.q7ravo.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://steri-node.q7ravo.in.net/verification.google id: auto-94e2aa81fbe36b356b51539ae9b690436e4da94aa27e991468d43acb5d4a4525 status: experimental description: Detects traffic or activity related to https://steri-node.q7ravo.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://steri-node.q7ravo.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://winterpipeline.q7ravo.in.net/verification.google id: auto-88dfb6923b354ce812f37d014581d4262166f5ef46b6a1178ca2efc3cc239b90 status: experimental description: Detects traffic or activity related to https://winterpipeline.q7ravo.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://winterpipeline.q7ravo.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://vel-lineix.frost-echo.in.net/verification.google id: auto-4364fe48f94fd9ca6335963ea483c2792fa1582159a89a457f49c789a4764fd8 status: experimental description: Detects traffic or activity related to https://vel-lineix.frost-echo.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://vel-lineix.frost-echo.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://5jiyuz.frost-echo.in.net/verification.google id: auto-adddc688414d79fc0ede73b39b689324af698136f73f6b938d011ab3e76a1243 status: experimental description: Detects traffic or activity related to https://5jiyuz.frost-echo.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://5jiyuz.frost-echo.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://solcrestor8.frost-echo.in.net/verification.google id: auto-fcd8f8717c1a4bd7ed8bcb3fbfa122356eb55be7bb33850ba4af160c115864ec status: experimental description: Detects traffic or activity related to https://solcrestor8.frost-echo.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://solcrestor8.frost-echo.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://light1-scope.frost-echo.in.net/verification.google id: auto-650d5ffc1cba8091b61aa52f7d609b812d5e13891652bc351aa156a5b9954669 status: experimental description: Detects traffic or activity related to https://light1-scope.frost-echo.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://light1-scope.frost-echo.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://1ce2-port.frost-echo.in.net/verification.google id: auto-63df8b99e2554df5a68deedff86270c115f67f1dbe9880b85cbde88f50a32d82 status: experimental description: Detects traffic or activity related to https://1ce2-port.frost-echo.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://1ce2-port.frost-echo.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://node-track.graincrest.in.net/verification.google id: auto-d279043380da6a3e2403c470887ab7a210d271be5e2cb15b674788ea425da389 status: experimental description: Detects traffic or activity related to https://node-track.graincrest.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://node-track.graincrest.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ehqkl.graincrest.in.net/verification.google id: auto-c0aa774753366fb6313bfece1671fa695312620e25f4e0b0c8b7dcdbc69dd003 status: experimental description: Detects traffic or activity related to https://ehqkl.graincrest.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ehqkl.graincrest.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://r0ut-route.graincrest.in.net/verification.google id: auto-f20a80e462e907e64d87858673afdd0202584d19d98b268f4a26fc9677d1e54f status: experimental description: Detects traffic or activity related to https://r0ut-route.graincrest.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://r0ut-route.graincrest.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://sol-nexex.graincrest.in.net/verification.google id: auto-e804202a50d2599b9bacd487892a31c160039fc47d73bf918f6dc7f224dbe715 status: experimental description: Detects traffic or activity related to https://sol-nexex.graincrest.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://sol-nexex.graincrest.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://kzreic.graincrest.in.net/verification.google id: auto-bcdbe766c86558a109896dd2eea5e598e2ba9d2b146616613107cfa2657560c7 status: experimental description: Detects traffic or activity related to https://kzreic.graincrest.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://kzreic.graincrest.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://vendorshadow.skyl0om.in.net/verification.google id: auto-4257d43af9906e6c4eb62d4fc4a76a95b5fef1820b4d1c20f8af635fe8dea268 status: experimental description: Detects traffic or activity related to https://vendorshadow.skyl0om.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://vendorshadow.skyl0om.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://jjgeingz.skyl0om.in.net/verification.google id: auto-06994ce60a89abbbe8c69a92e345de8e5e8af796e5a66a3c9e8f87a85a0c7051 status: experimental description: Detects traffic or activity related to https://jjgeingz.skyl0om.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://jjgeingz.skyl0om.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://norven5ar.skyl0om.in.net/verification.google id: auto-a34c12524e871df041519e9a929f01836eb04ad6e2e2e6a1db36a305a7deb522 status: experimental description: Detects traffic or activity related to https://norven5ar.skyl0om.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://norven5ar.skyl0om.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ste4dy0-graph.skyl0om.in.net/verification.google id: auto-0a0ba7cc328a3b68de4ac049842c190dbe17ad7f208cdecad92a3c02e1f781b6 status: experimental description: Detects traffic or activity related to https://ste4dy0-graph.skyl0om.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ste4dy0-graph.skyl0om.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://shore-dee.flare-path.in.net/verification.google id: auto-6f4a4534f48733dcb158768643629a4bf2005f7df36f168991daa85657756b18 status: experimental description: Detects traffic or activity related to https://shore-dee.flare-path.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://shore-dee.flare-path.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://o3hpy.flare-path.in.net/verification.google id: auto-54ebaccb532c6ac5ce7621d69112de0d16f75211e7d5f4196b4a7dc6208c8c64 status: experimental description: Detects traffic or activity related to https://o3hpy.flare-path.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://o3hpy.flare-path.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://convoyprofit.flare-path.in.net/verification.google id: auto-28742bc5757e1663597549c1bf479583aefb18e6a7cbe24f74f9e1c6bb6f15cd status: experimental description: Detects traffic or activity related to https://convoyprofit.flare-path.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://convoyprofit.flare-path.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://parcloud.rivermint.in.net/verification.google id: auto-2007fd4999d735b873fdb641518e994b6d0b31ab8a4f1a8d7b23bd8ee0578ee3 status: experimental description: Detects traffic or activity related to https://parcloud.rivermint.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://parcloud.rivermint.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://iatw.rivermint.in.net/verification.google id: auto-cdaa155205c315ed8e5985cc1afb5174efbc7ea61a383d0c484cafd2e02b4038 status: experimental description: Detects traffic or activity related to https://iatw.rivermint.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://iatw.rivermint.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://qn5igmm.rivermint.in.net/verification.google id: auto-2d5302ae6c88075e6432b1e4196dc056f45d8f75e6d6257f1e7851d781b51cb0 status: experimental description: Detects traffic or activity related to https://qn5igmm.rivermint.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://qn5igmm.rivermint.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://activetermin.rivermint.in.net/verification.google id: auto-9aed3e9cea5c17346dfa4a3ebd3a6e78c9833f25860e74594b06f2c92f238b67 status: experimental description: Detects traffic or activity related to https://activetermin.rivermint.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://activetermin.rivermint.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://pitc-mesh.rivermint.in.net/verification.google id: auto-815d0d02db6096209e59c977a9eea00bd76255a0dfdb54faa749dc14d99ba44e status: experimental description: Detects traffic or activity related to https://pitc-mesh.rivermint.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://pitc-mesh.rivermint.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://offerleaf.duskforge.in.net/verification.google id: auto-2421ade2c5d6e610a5884c4e8a56faa4e122c11578dfd9877fd94fe431ec321f status: experimental description: Detects traffic or activity related to https://offerleaf.duskforge.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://offerleaf.duskforge.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ikqeopdh.duskforge.in.net/verification.google id: auto-0787307c069b6c6e9d9c44492d13c51692bc39fcf673eff15a07d4a18111f49b status: experimental description: Detects traffic or activity related to https://ikqeopdh.duskforge.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ikqeopdh.duskforge.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://5un-line.duskforge.in.net/verification.google id: auto-221ef2c5ce3ef4b038b3a7555d0acb574f07c832e06dfa0ff55dc2158e71d785 status: experimental description: Detects traffic or activity related to https://5un-line.duskforge.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://5un-line.duskforge.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://rnedia-field.duskforge.in.net/verification.google id: auto-2e4067e40369389955e3d545f3c3ad72536a7847bd7e10edef384328ac6dd1b1 status: experimental description: Detects traffic or activity related to https://rnedia-field.duskforge.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://rnedia-field.duskforge.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://nr7808j.duskforge.in.net/verification.google id: auto-b37abe077830fba4fae2ee52ef61d0690ea232b53e695623af81ba7a70d183c0 status: experimental description: Detects traffic or activity related to https://nr7808j.duskforge.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://nr7808j.duskforge.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://majorpeak.hollow-spark.in.net/verification.google id: auto-817fd29efa7a1b154bcfb0296758e6cda280ead034ebd9d54083d80376290ce1 status: experimental description: Detects traffic or activity related to https://majorpeak.hollow-spark.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://majorpeak.hollow-spark.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://vor-lithum.hollow-spark.in.net/verification.google id: auto-b54f19a39c0fcfc00f1a8770e1b50c212937fcba5f6abbbfcb897d604745eed7 status: experimental description: Detects traffic or activity related to https://vor-lithum.hollow-spark.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://vor-lithum.hollow-spark.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://rich-stabi.hollow-spark.in.net/verification.google id: auto-1b08e31ede9a41b0b0dfba38c53b64cf18e7479835d9a4166fdc1e644b0a0919 status: experimental description: Detects traffic or activity related to https://rich-stabi.hollow-spark.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://rich-stabi.hollow-spark.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://mosssou.hollow-spark.in.net/verification.google id: auto-b11d29e393c347ff5a34266077edcfb7fb01368b03c7da93af065a3165bbe938 status: experimental description: Detects traffic or activity related to https://mosssou.hollow-spark.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://mosssou.hollow-spark.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://saifjord.hollow-spark.in.net/verification.google id: auto-9a6e2064117ad9ad103499bc6d9578b006b69005cc5a3ca85f05eae09d6bfbc8 status: experimental description: Detects traffic or activity related to https://saifjord.hollow-spark.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://saifjord.hollow-spark.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://tri-coreon.n1mbleoak.in.net/verification.google id: auto-bbb6d38de25de8032235f8d5e3c8178c1ceb692569b5baceb2936293049a2537 status: experimental description: Detects traffic or activity related to https://tri-coreon.n1mbleoak.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://tri-coreon.n1mbleoak.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://freig-vault.n1mbleoak.in.net/verification.google id: auto-75196b4876cb84d206845de1bdbd396c97650d704bf700144d07c7fd8785b284 status: experimental description: Detects traffic or activity related to https://freig-vault.n1mbleoak.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://freig-vault.n1mbleoak.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://urb4n-frame.n1mbleoak.in.net/verification.google id: auto-9dde78fc089c4cd0288d6ae6d9219b45707c17ec6f80ecc6a2cbda1cbbc7fb77 status: experimental description: Detects traffic or activity related to https://urb4n-frame.n1mbleoak.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://urb4n-frame.n1mbleoak.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://alt-ech0.n1mbleoak.in.net/verification.google id: auto-afdb16676b290063b70a0fc251c47c20219035df63bc3ad2ceeb4f713e0cbdab status: experimental description: Detects traffic or activity related to https://alt-ech0.n1mbleoak.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://alt-ech0.n1mbleoak.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://catalogsca.n1mbleoak.in.net/verification.google id: auto-d6464f9e3a14b05368fdb58be1c4fbb170b1a85fc53f4465abe6f670f91eab67 status: experimental description: Detects traffic or activity related to https://catalogsca.n1mbleoak.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://catalogsca.n1mbleoak.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://messteady.brimvale.in.net/verification.google id: auto-83213b9ed776344451e383e7f20ff8ff60101dcbc31f2364e6b90edb96f0ffed status: experimental description: Detects traffic or activity related to https://messteady.brimvale.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://messteady.brimvale.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://w346.brimvale.in.net/verification.google id: auto-dd2722b52260445118063b1709c405e222f178d0492a25ec1f7aab11a419d681 status: experimental description: Detects traffic or activity related to https://w346.brimvale.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://w346.brimvale.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://neo-th0rn.brimvale.in.net/verification.google id: auto-2ed40edd44e60fe13dbae751b4cf72f7f2e28358364c986f2d097adc78ee6e0f status: experimental description: Detects traffic or activity related to https://neo-th0rn.brimvale.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://neo-th0rn.brimvale.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://kotg.brimvale.in.net/verification.google id: auto-ada9c31ddd102824a47211c988fdb7026d163afccb6926ab6c9a885c5e053da2 status: experimental description: Detects traffic or activity related to https://kotg.brimvale.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://kotg.brimvale.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://n0tif-beam.brimvale.in.net/verification.google id: auto-1207669abafcc9945d1cd4bfa0b677216acb968c30a4e34f9f714f73ef0a7cf5 status: experimental description: Detects traffic or activity related to https://n0tif-beam.brimvale.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://n0tif-beam.brimvale.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://shoremerge.larkspin.in.net/verification.google id: auto-8f80b8c1e4bc2fdceaf49c47340c1589face0ce80eda7ed732a460ed72fba145 status: experimental description: Detects traffic or activity related to https://shoremerge.larkspin.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://shoremerge.larkspin.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://roufor.larkspin.in.net/verification.google id: auto-5bff286dec1ee398be8f3e0231585512dec084fcaadacea3d45e232446b69ef1 status: experimental description: Detects traffic or activity related to https://roufor.larkspin.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://roufor.larkspin.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://yci9.larkspin.in.net/verification.google id: auto-f3171fab956ccbab5c7bd6646652d57155fc0108292b41c2f41c8bd757d8047a status: experimental description: Detects traffic or activity related to https://yci9.larkspin.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://yci9.larkspin.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://tarcanv.larkspin.in.net/verification.google id: auto-e6267b44e3b8779998a58be3bd8ab4de1fdd9c6c912aaf6cdb6700a177c780c8 status: experimental description: Detects traffic or activity related to https://tarcanv.larkspin.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://tarcanv.larkspin.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://zennexen.larkspin.in.net/verification.google id: auto-e22fc3c7c58b0e743e15b45acf3cfc634029db25ab39e649e5ce2a3e5807f946 status: experimental description: Detects traffic or activity related to https://zennexen.larkspin.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://zennexen.larkspin.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://iumdbd.cobalt-ridge.in.net/verification.google id: auto-539f9463ead80ff12c1f77a3e9aec070ba4b3cb3014fadb341b0fcbf42d3807a status: experimental description: Detects traffic or activity related to https://iumdbd.cobalt-ridge.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://iumdbd.cobalt-ridge.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://a5say-spool.cobalt-ridge.in.net/verification.google id: auto-e8084f876d8204a79177cc147d26d8030f098b52c877d667ab3d273c0bc88ca5 status: experimental description: Detects traffic or activity related to https://a5say-spool.cobalt-ridge.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://a5say-spool.cobalt-ridge.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://t0k3n0-drive.cobalt-ridge.in.net/verification.google id: auto-b6aa295e0fda4442b106ebcfef7cce3322ef86364acea0d34030fe70a99e6d4a status: experimental description: Detects traffic or activity related to https://t0k3n0-drive.cobalt-ridge.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://t0k3n0-drive.cobalt-ridge.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://qu4nt-point.cobalt-ridge.in.net/verification.google id: auto-1f68810d8bba28c52974ad36c6fdc3af435a3269e9d1aff2f1cb40a092b131d4 status: experimental description: Detects traffic or activity related to https://qu4nt-point.cobalt-ridge.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://qu4nt-point.cobalt-ridge.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://72i62f.cobalt-ridge.in.net/verification.google id: auto-f740069984aab32363db2427d483ecf26a35be4d211f9f567ac1d2e6e95f2fbe status: experimental description: Detects traffic or activity related to https://72i62f.cobalt-ridge.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://72i62f.cobalt-ridge.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://phopatt.mirthbay.in.net/verification.google id: auto-6422eb3cbc48fceaff2912b6e70cfa3229c38f98098166bad211c7dc07e0f301 status: experimental description: Detects traffic or activity related to https://phopatt.mirthbay.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://phopatt.mirthbay.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://77gfk.mirthbay.in.net/verification.google id: auto-94f02d8a486c8fc168c87078b4f3e8b74edfb8888d7351acf80cea0094add0c4 status: experimental description: Detects traffic or activity related to https://77gfk.mirthbay.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://77gfk.mirthbay.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://sub-t3rnpo.mirthbay.in.net/verification.google id: auto-6cbfbd01bf8365e402b283b53e9a5c43520197fb6eb0ab63e33d9dfb0fa82942 status: experimental description: Detects traffic or activity related to https://sub-t3rnpo.mirthbay.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://sub-t3rnpo.mirthbay.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ultrdra.mirthbay.in.net/verification.google id: auto-e37e371906fb3994e9924049ca361a1c56d2f21d78f3287d2554b4b55982f6fd status: experimental description: Detects traffic or activity related to https://ultrdra.mirthbay.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ultrdra.mirthbay.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://watchletter.mirthbay.in.net/verification.google id: auto-263fc389ce9c317c1e0aabd8d1f19715beda3f0e99c00383ab232103468c0fab status: experimental description: Detects traffic or activity related to https://watchletter.mirthbay.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://watchletter.mirthbay.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://vqdph.tr4cefox.in.net/verification.google id: auto-c6673154fcfa2307a1f5e0094efa1e50f9cb3c6c4c7fc66d2d125cedda477275 status: experimental description: Detects traffic or activity related to https://vqdph.tr4cefox.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://vqdph.tr4cefox.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://s1ovv-cast.tr4cefox.in.net/verification.google id: auto-41312d6c0bd13731f644cc0bf35a04f6c266873c0ecf1d4d3fb6d811c72a89d2 status: experimental description: Detects traffic or activity related to https://s1ovv-cast.tr4cefox.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://s1ovv-cast.tr4cefox.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ruoqyu9r.tr4cefox.in.net/verification.google id: auto-bba9bd9cd24fdee18f75aa84bc146a69b19865f5f80a9919d3d454c87823db5f status: experimental description: Detects traffic or activity related to https://ruoqyu9r.tr4cefox.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ruoqyu9r.tr4cefox.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://qaur150.tr4cefox.in.net/verification.google id: auto-a93cda84312005570579140d27334a48e1d1d664d775bd7d69bbbbdd9e7ec67f status: experimental description: Detects traffic or activity related to https://qaur150.tr4cefox.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://qaur150.tr4cefox.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://5h1f-grid.tr4cefox.in.net/verification.google id: auto-36f2fa36a1769155aabfa3aa6254eb746c80523f8eb90e95e24872e555e8d2a3 status: experimental description: Detects traffic or activity related to https://5h1f-grid.tr4cefox.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://5h1f-grid.tr4cefox.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dcq3oaq.velvet-dune.in.net/verification.google id: auto-0afe5eafd4cf62cee49db3bd35113e81e541436aee6b8abf5088a6cf1bab172e status: experimental description: Detects traffic or activity related to https://dcq3oaq.velvet-dune.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dcq3oaq.velvet-dune.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://voiceamp.velvet-dune.in.net/verification.google id: auto-a09da94ea0a25be87be2fe786338ce2365361fa9e67ebb91a7464663492c2c3b status: experimental description: Detects traffic or activity related to https://voiceamp.velvet-dune.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://voiceamp.velvet-dune.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://e5754.velvet-dune.in.net/verification.google id: auto-cabc171f6cdbbeba7a094244fc720a28e7f757a6b23f2b217cc00ea5d1fb065e status: experimental description: Detects traffic or activity related to https://e5754.velvet-dune.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://e5754.velvet-dune.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://golde-loose.velvet-dune.in.net/verification.google id: auto-be141a8c471c206c87a9d732c43df7165a653bc8341e9c3a5f53b088beaa3f42 status: experimental description: Detects traffic or activity related to https://golde-loose.velvet-dune.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://golde-loose.velvet-dune.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://kerneldelive.velvet-dune.in.net/verification.google id: auto-d9d8717e71ed8d7d465ff427b1bdccbfcc189614a729fcfcb6a1a00f52a28ad9 status: experimental description: Detects traffic or activity related to https://kerneldelive.velvet-dune.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://kerneldelive.velvet-dune.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc4sat.exuviaestreamnet.in.net/verification.google id: auto-186d09abc970f0595f4109b10247ae422931675420b7285c168f7d94e52a8db6 status: experimental description: Detects traffic or activity related to https://svc4sat.exuviaestreamnet.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc4sat.exuviaestreamnet.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc3core.exuviaestreamnet.in.net/verification.google id: auto-949bbc00878ce2dd9fa071b82c2ce2f7b92749871e695437ee9341a06e181cfc status: experimental description: Detects traffic or activity related to https://svc3core.exuviaestreamnet.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc3core.exuviaestreamnet.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://enotbanknoti.co/stabber id: auto-805c9920831fe1d2a539296f00c2237bd50003cb289dd80aca9b01b69e218b22 status: experimental description: Detects traffic or activity related to https://enotbanknoti.co/stabber which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://enotbanknoti.co/stabber*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc2steel.exuviaestreamnet.in.net/verification.google id: auto-c59e232b6c37e8164aaf0e214d869e715598645380b63d936f36215503fa0771 status: experimental description: Detects traffic or activity related to https://svc2steel.exuviaestreamnet.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc2steel.exuviaestreamnet.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc1proc.exuviaestreamnet.in.net/verification.google id: auto-d998a265f21f3427e1949cdb0ba3e2a4460f429e97bc5c8b344f604c3f91db91 status: experimental description: Detects traffic or activity related to https://svc1proc.exuviaestreamnet.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc1proc.exuviaestreamnet.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dev4space.ovipositortrace.in.net/verification.google id: auto-c3d18222a1472d6353394462137931eed2779a4924f400d515a318db4660e97f status: experimental description: Detects traffic or activity related to https://dev4space.ovipositortrace.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dev4space.ovipositortrace.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dev3field.ovipositortrace.in.net/verification.google id: auto-c3c0ce2e8d7dfd123a167aa86894a49b2a5b48796055aad1f48229f326bc1ae8 status: experimental description: Detects traffic or activity related to https://dev3field.ovipositortrace.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dev3field.ovipositortrace.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dev2outer.ovipositortrace.in.net/verification.google id: auto-8bbdb5bdf2d423bded1531b609ef6f4bf5495f00559dac0e3f770e1e80b005e6 status: experimental description: Detects traffic or activity related to https://dev2outer.ovipositortrace.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dev2outer.ovipositortrace.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dev1proc.ovipositortrace.in.net/verification.google id: auto-c6b440aecd9ab0f7365ed32af4fb1e7e68f560e03ced5905dcfc6d6f8f42024a status: experimental description: Detects traffic or activity related to https://dev1proc.ovipositortrace.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dev1proc.ovipositortrace.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl4path.tarsusdatagate.in.net/verification.google id: auto-477b657e73280915576ebedf2a423996d67f038211a941a15a417bdb88e2ec0c status: experimental description: Detects traffic or activity related to https://cl4path.tarsusdatagate.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl4path.tarsusdatagate.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl3view.tarsusdatagate.in.net/verification.google id: auto-cd1c24a8a2c26b92645bea43a6c60c40efb7170e6c0a1a41f12c160474f1d169 status: experimental description: Detects traffic or activity related to https://cl3view.tarsusdatagate.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl3view.tarsusdatagate.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl2point.tarsusdatagate.in.net/verification.google id: auto-6af30c7676fcc573550a665dc451192dfa6c939fd6d1e992d452520eb7bcf67e status: experimental description: Detects traffic or activity related to https://cl2point.tarsusdatagate.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl2point.tarsusdatagate.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl1proc.tarsusdatagate.in.net/verification.google id: auto-47345def4df958296f2380ab60231690f86e435c18f4092deb81072def25722f status: experimental description: Detects traffic or activity related to https://cl1proc.tarsusdatagate.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl1proc.tarsusdatagate.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext4view.spiraclelinkhub.in.net/verification.google id: auto-244e83210c21fef7989799af2bd5880623ff01f4d6c13d9708f355145b2760b8 status: experimental description: Detects traffic or activity related to https://ext4view.spiraclelinkhub.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext4view.spiraclelinkhub.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext2core.spiraclelinkhub.in.net/verification.google id: auto-f812e843f9393d4a32368987ac1edde87e3b2966acc013098bf1aff32cc5deb2 status: experimental description: Detects traffic or activity related to https://ext2core.spiraclelinkhub.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext2core.spiraclelinkhub.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc4link.scutellummatrix.in.net/verification.google id: auto-7e1c553c0f81dfa8631dccd947a434a0920156e8611c74e8c59234b5e3c4ea2a status: experimental description: Detects traffic or activity related to https://svc4link.scutellummatrix.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc4link.scutellummatrix.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc3user.scutellummatrix.in.net/verification.google id: auto-0ea2e2aac966d0253f691a8804b7a67e5551d8840e530760745650993655e18c status: experimental description: Detects traffic or activity related to https://svc3user.scutellummatrix.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc3user.scutellummatrix.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc2base.scutellummatrix.in.net/verification.google id: auto-6d8d97dbe5ca0590fc3c0a854d198a813e5e2f6c9e3c5efd3b2528b72f1cdeec status: experimental description: Detects traffic or activity related to https://svc2base.scutellummatrix.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc2base.scutellummatrix.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc1infra.scutellummatrix.in.net/verification.google id: auto-db2cf0e24960aeaa942148fa432545dd4b9230a64b8befb79e78f654fb132d2c status: experimental description: Detects traffic or activity related to https://svc1infra.scutellummatrix.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc1infra.scutellummatrix.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dev4work.elytrapointnode.in.net/verification.google id: auto-2a1f8a2b2d8d81a95a3d50b5ef6cf0be4048c7c448bc3a02d833877e0ec46e2e status: experimental description: Detects traffic or activity related to https://dev4work.elytrapointnode.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dev4work.elytrapointnode.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dev3local.elytrapointnode.in.net/verification.google id: auto-e11fab5e608e778c4b9ffa0756838a34a98e97a4d1e67da7241ffaa1787f80c3 status: experimental description: Detects traffic or activity related to https://dev3local.elytrapointnode.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dev3local.elytrapointnode.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dev2power.elytrapointnode.in.net/verification.google id: auto-3dc7a235f00f3634eac5975336bab89412f144bbef92f0379df2ea826a2759e2 status: experimental description: Detects traffic or activity related to https://dev2power.elytrapointnode.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dev2power.elytrapointnode.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dev1proc.elytrapointnode.in.net/verification.google id: auto-98872f418313b6d285eea27f6c3fc8316af12cb3d52d638d99a85887d6303a79 status: experimental description: Detects traffic or activity related to https://dev1proc.elytrapointnode.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dev1proc.elytrapointnode.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl3dev.chrysalisbuffer.in.net/verification.google id: auto-ab0fa1b0c2c5326536d44e85cd0f67e492765c58ef1ea86b2c6a96e5dc8cc9a0 status: experimental description: Detects traffic or activity related to https://cl3dev.chrysalisbuffer.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl3dev.chrysalisbuffer.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl2remote.chrysalisbuffer.in.net/verification.google id: auto-dc03df010dbd8d4779e3a4d99ffd1bf0fd45cbde9a10dff36639485b47bb647f status: experimental description: Detects traffic or activity related to https://cl2remote.chrysalisbuffer.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl2remote.chrysalisbuffer.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl1store.chrysalisbuffer.in.net/verification.google id: auto-58cf0783499d422434aaff733b479f3f8ad728ac5b8b4df7a6adc0080e6686f0 status: experimental description: Detects traffic or activity related to https://cl1store.chrysalisbuffer.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl1store.chrysalisbuffer.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext4sync.mandibulateflow.in.net/verification.google id: auto-fedacc83fe8d75a7f7fb44d67f25652c6e6f7e4131f1cf2b949bb9aa519ac165 status: experimental description: Detects traffic or activity related to https://ext4sync.mandibulateflow.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext4sync.mandibulateflow.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext3gate.mandibulateflow.in.net/verification.google id: auto-e476d20c4af1ded3db72c236f9dfbf8d78946517c9f7182e2fbf4c5b86964f9f status: experimental description: Detects traffic or activity related to https://ext3gate.mandibulateflow.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext3gate.mandibulateflow.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext2proc.mandibulateflow.in.net/verification.google id: auto-3c0b4180b3c1dd410daca66c83b5898c717aa4dcc4e47fe120173ff979d23757 status: experimental description: Detects traffic or activity related to https://ext2proc.mandibulateflow.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext2proc.mandibulateflow.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext1meta.mandibulateflow.in.net/verification.google id: auto-0409c7014a211189669e8fd1498aa9b0752d23fc96ee8799edf0f98fa1465ae0 status: experimental description: Detects traffic or activity related to https://ext1meta.mandibulateflow.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext1meta.mandibulateflow.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc4static.formicidavortex.in.net/verification.google id: auto-e70e0e74478b1984273544b91c424125ca73c2c1fa0c699e3c7c72b3bf3a5123 status: experimental description: Detects traffic or activity related to https://svc4static.formicidavortex.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc4static.formicidavortex.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc3edge.formicidavortex.in.net/verification.google id: auto-7b66293f8e8f0339f7f2b4e85ae430987d853b6ddf14654fe2c03f58f983dff2 status: experimental description: Detects traffic or activity related to https://svc3edge.formicidavortex.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc3edge.formicidavortex.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc2data.formicidavortex.in.net/verification.google id: auto-651105322fadb2f771a81f6eb191dc5b1f6ed32b0018621ec74ae0b0c249288a status: experimental description: Detects traffic or activity related to https://svc2data.formicidavortex.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc2data.formicidavortex.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc1sync.formicidavortex.in.net/verification.google id: auto-6c38d4a66e13c67c4d3697f386ca480b46ec2e055cb637203a31ef839e4ed414 status: experimental description: Detects traffic or activity related to https://svc1sync.formicidavortex.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc1sync.formicidavortex.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl4static.inertialstreamhub.in.net/verification.google id: auto-a89f0bfb45d12b801aebdf15bf47503422741723b7d719952effc33ee2b21fe3 status: experimental description: Detects traffic or activity related to https://cl4static.inertialstreamhub.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl4static.inertialstreamhub.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl3edge.inertialstreamhub.in.net/verification.google id: auto-4def4c727414fb9fb10d4d833df0a98a47d444da38d206d695d94322146d3543 status: experimental description: Detects traffic or activity related to https://cl3edge.inertialstreamhub.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl3edge.inertialstreamhub.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl2data.inertialstreamhub.in.net/verification.google id: auto-7cab1bebc95ace938ed499de04e3b2a055d136944115140d4ff1a52a8eada1de status: experimental description: Detects traffic or activity related to https://cl2data.inertialstreamhub.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl2data.inertialstreamhub.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl1sync.inertialstreamhub.in.net/verification.google id: auto-3b4993187bd885993e55c443b1ea3d64bb9a0663396a1313808d82238b92e6be status: experimental description: Detects traffic or activity related to https://cl1sync.inertialstreamhub.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl1sync.inertialstreamhub.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext4point.fractalrelaypoint.in.net/verification.google id: auto-dd46e5752010871beb35e4b145b257a115784aafdd2413dd5e42ec590d516c11 status: experimental description: Detects traffic or activity related to https://ext4point.fractalrelaypoint.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext4point.fractalrelaypoint.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext3data.fractalrelaypoint.in.net/verification.google id: auto-e3354c9949d4960bff1fb46d2a333b1d2439048792707ae9762c9aa6638ba578 status: experimental description: Detects traffic or activity related to https://ext3data.fractalrelaypoint.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext3data.fractalrelaypoint.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext2proxy.fractalrelaypoint.in.net/verification.google id: auto-d6a57f7e3808221388e3a671fc8caa03bff30e4a1bcc3cddfd0dc1c1bd99f249 status: experimental description: Detects traffic or activity related to https://ext2proxy.fractalrelaypoint.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext2proxy.fractalrelaypoint.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext1infra.fractalrelaypoint.in.net/verification.google id: auto-1f5b3d96a1c14df7f5e3a870323234ea0202349077f9fd7983ce9145524d731c status: experimental description: Detects traffic or activity related to https://ext1infra.fractalrelaypoint.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext1infra.fractalrelaypoint.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc4sat.viscositydataloop.in.net/verification.google id: auto-5025302d325564a5cad84c74daf9e51b85866f563401b18b86d255a58f7c4d13 status: experimental description: Detects traffic or activity related to https://svc4sat.viscositydataloop.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc4sat.viscositydataloop.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc3core.viscositydataloop.in.net/verification.google id: auto-15cd4629708b13f4dddd7cbd467f45c84b069b5ac779a2a4049734f7e73fddbe status: experimental description: Detects traffic or activity related to https://svc3core.viscositydataloop.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc3core.viscositydataloop.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc2steel.viscositydataloop.in.net/verification.google id: auto-5e2f1652810e5fe74ee86851baced51ca1810e67d23c44df1b614535dc3e2c0e status: experimental description: Detects traffic or activity related to https://svc2steel.viscositydataloop.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc2steel.viscositydataloop.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc1proc.viscositydataloop.in.net/verification.google id: auto-5225b2072908a9c3e360e14555f0c7e71cc0c88636f98e792f8d33de01071566 status: experimental description: Detects traffic or activity related to https://svc1proc.viscositydataloop.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc1proc.viscositydataloop.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dev4space.atomiclogichub.in.net/verification.google id: auto-a52769bdae2d613087222e01dee8af56962a7ae83544c1204cb34d8b8dd7bc69 status: experimental description: Detects traffic or activity related to https://dev4space.atomiclogichub.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dev4space.atomiclogichub.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dev3field.atomiclogichub.in.net/verification.google id: auto-a45a7f8f96fea448dcce476d3149cdbee1da126e5b501f649ca3c2b4fdd8159b status: experimental description: Detects traffic or activity related to https://dev3field.atomiclogichub.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dev3field.atomiclogichub.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dev2outer.atomiclogichub.in.net/verification.google id: auto-a4cb257ae973ea90a36250e2f8dbf7f9df2a47152fd94fde8d917b156ab1a313 status: experimental description: Detects traffic or activity related to https://dev2outer.atomiclogichub.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dev2outer.atomiclogichub.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dev1proc.atomiclogichub.in.net/verification.google id: auto-e6820468dcff621802dc29f07e8e24e83ec2f9ded3c196e987b15dfa14add891 status: experimental description: Detects traffic or activity related to https://dev1proc.atomiclogichub.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dev1proc.atomiclogichub.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl4path.kineticmatrixduct.in.net/verification.google id: auto-54ae16b039a324a43003b9e530cd3893a3bd58162a4343d28f77ac0425e9800a status: experimental description: Detects traffic or activity related to https://cl4path.kineticmatrixduct.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl4path.kineticmatrixduct.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl3view.kineticmatrixduct.in.net/verification.google id: auto-4f3e16e88d51c8fc3b48b97dbbb6c2d1483604a2c10cc7775fcdfd5b3df85842 status: experimental description: Detects traffic or activity related to https://cl3view.kineticmatrixduct.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl3view.kineticmatrixduct.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl2point.kineticmatrixduct.in.net/verification.google id: auto-fc1c0aa0ca5f1d9f2d92e12e41a22ae3360635f903569e6fb57033ee680a8dfa status: experimental description: Detects traffic or activity related to https://cl2point.kineticmatrixduct.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl2point.kineticmatrixduct.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl1proc.kineticmatrixduct.in.net/verification.google id: auto-73906adba425e374682d7385ed293e92c8b14f65070f54f9d63cdec51f105876 status: experimental description: Detects traffic or activity related to https://cl1proc.kineticmatrixduct.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl1proc.kineticmatrixduct.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext4view.nebularpointtrace.in.net/verification.google id: auto-15421d8d68ee81b3962af64cfcaec1c9aaac493e3f6cb75bfdd8a2025489b0ac status: experimental description: Detects traffic or activity related to https://ext4view.nebularpointtrace.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext4view.nebularpointtrace.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext3ghost.nebularpointtrace.in.net/verification.google id: auto-2fac9970d34d059e5a5e7ac8ee8af48d0bbf51eff760f85b0328e775e55e674d status: experimental description: Detects traffic or activity related to https://ext3ghost.nebularpointtrace.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext3ghost.nebularpointtrace.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext1proc.nebularpointtrace.in.net/verification.google id: auto-49d54058e30fcdf50b5693d4919179ed244c8212c5481f2e0bfb970d56d20642 status: experimental description: Detects traffic or activity related to https://ext1proc.nebularpointtrace.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext1proc.nebularpointtrace.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc4link.coherentmetricunit.in.net/verification.google id: auto-b6c062ba013c95497c89eb6cf4d6df2b1b5cefcc11bbffcf7ade0a34874aa60d status: experimental description: Detects traffic or activity related to https://svc4link.coherentmetricunit.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc4link.coherentmetricunit.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc3user.coherentmetricunit.in.net/verification.google id: auto-629a519bd958d455861d73dcf9b4b8093f9d3aed1ad9173b3f9e714d74d5e2eb status: experimental description: Detects traffic or activity related to https://svc3user.coherentmetricunit.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc3user.coherentmetricunit.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc2base.coherentmetricunit.in.net/verification.google id: auto-46784711c1fd8395c994ab03f1cf881a46d845d0bf8cf9ae953aec38ef0067c1 status: experimental description: Detects traffic or activity related to https://svc2base.coherentmetricunit.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc2base.coherentmetricunit.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc1infra.coherentmetricunit.in.net/verification.google id: auto-420ba884fea40ee99b69fe7e2381c875e306989e4053df752320ba52582a7a5f status: experimental description: Detects traffic or activity related to https://svc1infra.coherentmetricunit.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc1infra.coherentmetricunit.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dev4work.tensorvortexlink.in.net/verification.google id: auto-e5d44a6bfdce69c12fd11878fda8ec4d99b9e01f15948d23e37fb71203f80c01 status: experimental description: Detects traffic or activity related to https://dev4work.tensorvortexlink.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dev4work.tensorvortexlink.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dev3local.tensorvortexlink.in.net/verification.google id: auto-3f97f5a241f5f4c66472693b89e73639e4687682842dff4e8362c840b95e5bab status: experimental description: Detects traffic or activity related to https://dev3local.tensorvortexlink.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dev3local.tensorvortexlink.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dev2power.tensorvortexlink.in.net/verification.google id: auto-d6dcbee141e3f1a81f77fe1d765adbfcf82a283441f742d1a3347ff05154ca5a status: experimental description: Detects traffic or activity related to https://dev2power.tensorvortexlink.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dev2power.tensorvortexlink.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dev1proc.tensorvortexlink.in.net/verification.google id: auto-df2116c1d33691e349cc699b1ce08a5ceac5ce93249f3d1671aea21116fe546c status: experimental description: Detects traffic or activity related to https://dev1proc.tensorvortexlink.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dev1proc.tensorvortexlink.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl4link.entropicbuffergate.in.net/verification.google id: auto-a6e5d410e2dff6a6305c8e615aabe4bc114b6c90713a30fc3897b72e6d588288 status: experimental description: Detects traffic or activity related to https://cl4link.entropicbuffergate.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl4link.entropicbuffergate.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl3dev.entropicbuffergate.in.net/verification.google id: auto-d545a635dcc13ed62c7f842639310e9dad7801209fab2fe6bf7a197a4c70633e status: experimental description: Detects traffic or activity related to https://cl3dev.entropicbuffergate.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl3dev.entropicbuffergate.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl2remote.entropicbuffergate.in.net/verification.google id: auto-b520c0f1dd33419c93ee82f830514791bd5a53d4b337bf4db839490301923b37 status: experimental description: Detects traffic or activity related to https://cl2remote.entropicbuffergate.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl2remote.entropicbuffergate.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl1store.entropicbuffergate.in.net/verification.google id: auto-afc4c267bb1c7a9982dc95d3c43b4f9066f00aef7ccf11972f7e270138cee58f status: experimental description: Detects traffic or activity related to https://cl1store.entropicbuffergate.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl1store.entropicbuffergate.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext4sync.isotopeflowbridge.in.net/verification.google id: auto-cab4e19e6b5f5d0f061040f9cd432474d0b9c6dfabe8b023e3d005ff61d93f03 status: experimental description: Detects traffic or activity related to https://ext4sync.isotopeflowbridge.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext4sync.isotopeflowbridge.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext3gate.isotopeflowbridge.in.net/verification.google id: auto-3e963dee4dd3445bf91706aca4b53810c4f96c5f8fac0b329a37c4b89f85b0c8 status: experimental description: Detects traffic or activity related to https://ext3gate.isotopeflowbridge.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext3gate.isotopeflowbridge.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext2proc.isotopeflowbridge.in.net/verification.google id: auto-d8f1ff08f76dbde24c62656a68d8e6fdea867edd92173b72ab2c47b17028e278 status: experimental description: Detects traffic or activity related to https://ext2proc.isotopeflowbridge.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext2proc.isotopeflowbridge.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext1meta.isotopeflowbridge.in.net/verification.google id: auto-c2990b6ecaa9b300166d58cbf946bac6953af0d006e16401dd97ea9ecf47e170 status: experimental description: Detects traffic or activity related to https://ext1meta.isotopeflowbridge.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext1meta.isotopeflowbridge.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc4static.primordialfluxnode.in.net/verification.google id: auto-4946403bc11338111c55ea907b37d086ef0ee95160f58a8847854ead3254e522 status: experimental description: Detects traffic or activity related to https://svc4static.primordialfluxnode.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc4static.primordialfluxnode.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc3edge.primordialfluxnode.in.net/verification.google id: auto-727119795a45d00f41512397174de83f81cc5ce22821fe008294ddac16d6ed78 status: experimental description: Detects traffic or activity related to https://svc3edge.primordialfluxnode.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc3edge.primordialfluxnode.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc2data.primordialfluxnode.in.net/verification.google id: auto-863794bbb33d03a830828d3ad214566ece2deff3e0c810e7b7b50952041cd892 status: experimental description: Detects traffic or activity related to https://svc2data.primordialfluxnode.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc2data.primordialfluxnode.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext4point.modularpathfinder.in.net/verification.google id: auto-7d0761b14a6d906c4c00fa74dfe1e7acd94bc3d706bc0b1ebd9e77a549df6cd2 status: experimental description: Detects traffic or activity related to https://ext4point.modularpathfinder.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext4point.modularpathfinder.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext3data.modularpathfinder.in.net/verification.google id: auto-66bb8bea109b33d1c41be3db1b20bf8919f22ce9062d38665898b0abbbfe2398 status: experimental description: Detects traffic or activity related to https://ext3data.modularpathfinder.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext3data.modularpathfinder.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext2proxy.modularpathfinder.in.net/verification.google id: auto-bca08a0be9da1b92522d348915b2c51f148f39738cf0eebbef80598efb0a276b status: experimental description: Detects traffic or activity related to https://ext2proxy.modularpathfinder.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext2proxy.modularpathfinder.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext1infra.modularpathfinder.in.net/verification.google id: auto-ae904c8737c6e052eda9562719d2583e6d8047670d1079686fd6c2bb15f9c826 status: experimental description: Detects traffic or activity related to https://ext1infra.modularpathfinder.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext1infra.modularpathfinder.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc4sat.activestaticsync.in.net/verification.google id: auto-ff9a6a15a3625186c4254ba75927ff2a77f7edb742f54ca6c263f7e1e66df5f7 status: experimental description: Detects traffic or activity related to https://svc4sat.activestaticsync.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc4sat.activestaticsync.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc3core.activestaticsync.in.net/verification.google id: auto-b45a257e723b7dafb147a2805a3733bde8c1ae5536ada085d56792c5a024b991 status: experimental description: Detects traffic or activity related to https://svc3core.activestaticsync.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc3core.activestaticsync.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc2steel.activestaticsync.in.net/verification.google id: auto-a24a6a349c8628368814dcb8622f056ac5c6cc6c57fed414248f601994e0c742 status: experimental description: Detects traffic or activity related to https://svc2steel.activestaticsync.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc2steel.activestaticsync.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc1proc.activestaticsync.in.net/verification.google id: auto-d2c26317a0e2b1176752725ae2905049c93422b3fa027616e8df5444fa361a70 status: experimental description: Detects traffic or activity related to https://svc1proc.activestaticsync.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc1proc.activestaticsync.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dev3field.linearprocessnode.in.net/verification.google id: auto-1939fe3a5e41b3203f445436f4b0a8b7fb6f804f6210779846b271777a16f588 status: experimental description: Detects traffic or activity related to https://dev3field.linearprocessnode.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dev3field.linearprocessnode.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dev2outer.linearprocessnode.in.net/verification.google id: auto-231debe94ca17730b546c386268976c6b944dfaa3d2ae8004bef8bd782dbb7fc status: experimental description: Detects traffic or activity related to https://dev2outer.linearprocessnode.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dev2outer.linearprocessnode.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dev1proc.linearprocessnode.in.net/verification.google id: auto-d71843ce4d724eb1b32216403fab129c093589584ef4963ce1e33fad2759bded status: experimental description: Detects traffic or activity related to https://dev1proc.linearprocessnode.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dev1proc.linearprocessnode.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl4path.synchrometrixbox.in.net/verification.google id: auto-d924ae8e26f7b7066ff49511847cd089968bf9726734020a35a625e053d1aee1 status: experimental description: Detects traffic or activity related to https://cl4path.synchrometrixbox.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl4path.synchrometrixbox.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl3view.synchrometrixbox.in.net/verification.google id: auto-beaca2ac99ac77ce5e05ae7511f1fc80ad27e7ecd26c0fdcef72f2edec4452c7 status: experimental description: Detects traffic or activity related to https://cl3view.synchrometrixbox.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl3view.synchrometrixbox.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl2point.synchrometrixbox.in.net/verification.google id: auto-7f50c933767c9169489c174117fd812d1ad4e767ddd9adb8b13abb349877a1bc status: experimental description: Detects traffic or activity related to https://cl2point.synchrometrixbox.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl2point.synchrometrixbox.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl1proc.synchrometrixbox.in.net/verification.google id: auto-d3e834f428912aafbcb817c319092e659822ee5d59ce1412d3904936c854b74f status: experimental description: Detects traffic or activity related to https://cl1proc.synchrometrixbox.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl1proc.synchrometrixbox.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext4view.vectordiffusion.in.net/verification.google id: auto-86a81e17731d6897bd9d07c5fcd84cda5b00408f028f540244cafdcb8edbd133 status: experimental description: Detects traffic or activity related to https://ext4view.vectordiffusion.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext4view.vectordiffusion.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext3ghost.vectordiffusion.in.net/verification.google id: auto-22cc138a1c5db3f02b45c9acb83574329a41cd38ae583f40eb2f7656880225f4 status: experimental description: Detects traffic or activity related to https://ext3ghost.vectordiffusion.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext3ghost.vectordiffusion.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext2core.vectordiffusion.in.net/verification.google id: auto-1a41a5fff61cdb4bad6aa67f23ff294352aad2eebc4a9920526d839609c922cd status: experimental description: Detects traffic or activity related to https://ext2core.vectordiffusion.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext2core.vectordiffusion.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext1proc.vectordiffusion.in.net/verification.google id: auto-0a79acb1565cdbe9ce03459ca3465da507ba73ca76f48b7875432a09af22350c status: experimental description: Detects traffic or activity related to https://ext1proc.vectordiffusion.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext1proc.vectordiffusion.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc4link.dynamicshubpoint.in.net/verification.google id: auto-f2d888f6b768077b7ddcee5a6adc17b27466e9f087c047ffbf181339787d0836 status: experimental description: Detects traffic or activity related to https://svc4link.dynamicshubpoint.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc4link.dynamicshubpoint.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc3user.dynamicshubpoint.in.net/verification.google id: auto-fd274f1c3d9b68ced2936210a050d5a5867fbba5837f4753e1162e87f06bfd1a status: experimental description: Detects traffic or activity related to https://svc3user.dynamicshubpoint.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc3user.dynamicshubpoint.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc2base.dynamicshubpoint.in.net/verification.google id: auto-5fbb3b661579ef6d497057a4733add1e51b8e0dae6640fa992b222b7ccfb9b98 status: experimental description: Detects traffic or activity related to https://svc2base.dynamicshubpoint.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc2base.dynamicshubpoint.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc1infra.dynamicshubpoint.in.net/verification.google id: auto-095b3ba9ff7d3dd40d2560b2d67f8b82ed86624e51626a44ae17c53581ddabec status: experimental description: Detects traffic or activity related to https://svc1infra.dynamicshubpoint.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc1infra.dynamicshubpoint.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dev4work.thermalpulserelay.in.net/verification.google id: auto-917e6c8d4a39f64f10da1ee2483d85ccb40dfaf16ce595294823951150b09c05 status: experimental description: Detects traffic or activity related to https://dev4work.thermalpulserelay.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dev4work.thermalpulserelay.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dev3local.thermalpulserelay.in.net/verification.google id: auto-13ce7cd834abc19a5d1ae87e8e173f3da4ca26f1880bde32aa938b5ab430b6da status: experimental description: Detects traffic or activity related to https://dev3local.thermalpulserelay.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dev3local.thermalpulserelay.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dev2power.thermalpulserelay.in.net/verification.google id: auto-fed509f8a2419197e6cf29377bc4ccd1afb2d57b9c633e55ea2e72757e71d268 status: experimental description: Detects traffic or activity related to https://dev2power.thermalpulserelay.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dev2power.thermalpulserelay.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dev1proc.thermalpulserelay.in.net/verification.google id: auto-9cc6ac26f4768f272234e7a87be309766a9f96c42b14cd12f76c19e7a42c07e6 status: experimental description: Detects traffic or activity related to https://dev1proc.thermalpulserelay.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dev1proc.thermalpulserelay.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl4link.industrialmetric.in.net/verification.google id: auto-1bfc837f2f6d6616278d330b1adc035b11a7203f0bae731c36fe3687af6dddef status: experimental description: Detects traffic or activity related to https://cl4link.industrialmetric.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl4link.industrialmetric.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl3dev.industrialmetric.in.net/verification.google id: auto-d60769948ed215e544765b8ba551366b1ed231407e0163066b31866fb50c132b status: experimental description: Detects traffic or activity related to https://cl3dev.industrialmetric.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl3dev.industrialmetric.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl2remote.industrialmetric.in.net/verification.google id: auto-fc7213cdfc4d32490aba607b72959eb7a840e81e04882c6d2bbda80c035ccaa5 status: experimental description: Detects traffic or activity related to https://cl2remote.industrialmetric.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl2remote.industrialmetric.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cl1store.industrialmetric.in.net/verification.google id: auto-14fe1870a3e072ad8d403b6da5045dd222126e28cff7b5cf1dc9791a912a1c72 status: experimental description: Detects traffic or activity related to https://cl1store.industrialmetric.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cl1store.industrialmetric.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext4sync.wavefrontgateway.in.net/verification.google id: auto-087f368d9dbe155bd1a9d5de868bed47e4a62992bdd7aad6346b4d0b57c2f557 status: experimental description: Detects traffic or activity related to https://ext4sync.wavefrontgateway.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext4sync.wavefrontgateway.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext3gate.wavefrontgateway.in.net/verification.google id: auto-03fd2de099792b7e61906a2c3f5c39d8c4215f8d98a0b7128246426936e026c6 status: experimental description: Detects traffic or activity related to https://ext3gate.wavefrontgateway.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext3gate.wavefrontgateway.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext2proc.wavefrontgateway.in.net/verification.google id: auto-2af710b987d18b76678e6850dbf87ea2bee27d31e1100cd84f283cab8582f3e4 status: experimental description: Detects traffic or activity related to https://ext2proc.wavefrontgateway.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext2proc.wavefrontgateway.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ext1meta.wavefrontgateway.in.net/verification.google id: auto-ea5a1640bf5512b56e8411fb488f84d34092c64fb895d7f2ce083af4f86cbd07 status: experimental description: Detects traffic or activity related to https://ext1meta.wavefrontgateway.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ext1meta.wavefrontgateway.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc4static.kinematicflowunit.in.net/verification.google id: auto-bf4c4e490111d7d55ce2e2b99b6b44533e2b540396e81bc43cb424b8a246c6f2 status: experimental description: Detects traffic or activity related to https://svc4static.kinematicflowunit.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc4static.kinematicflowunit.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc3edge.kinematicflowunit.in.net/verification.google id: auto-d9c81adaa60b793972871ade43f12f0fac72802493841bd72b7d78a7e1d93f0b status: experimental description: Detects traffic or activity related to https://svc3edge.kinematicflowunit.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc3edge.kinematicflowunit.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc2data.kinematicflowunit.in.net/verification.google id: auto-fc98df664937f33d73d4e78461bcb888a9553d6cf0d8458a8e14c3994a52a001 status: experimental description: Detects traffic or activity related to https://svc2data.kinematicflowunit.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc2data.kinematicflowunit.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svc1sync.kinematicflowunit.in.net/verification.google id: auto-f736d33d67d2da136ac8755d546c218686f95b9a248ec2dfcd4db7d98ff3051c status: experimental description: Detects traffic or activity related to https://svc1sync.kinematicflowunit.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svc1sync.kinematicflowunit.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://pvjm75x.silver-dock.in.net/verification.google id: auto-a1228ab591e244d170aa339dba53abcd1961e39fcfaf7a1b89b14d74d8ee25fe status: experimental description: Detects traffic or activity related to https://pvjm75x.silver-dock.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://pvjm75x.silver-dock.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://trail-vector.silver-dock.in.net/verification.google id: auto-c0787e8cb63e68c0c92570d7f22a82019e0a0526b46f92770ecebab816ee05b4 status: experimental description: Detects traffic or activity related to https://trail-vector.silver-dock.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://trail-vector.silver-dock.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://organizegat.silver-dock.in.net/verification.google id: auto-a954ba7a52743988107153083a0a1c1f1cb963e909f47a3c49cc31372778d182 status: experimental description: Detects traffic or activity related to https://organizegat.silver-dock.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://organizegat.silver-dock.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ixtl.silver-dock.in.net/verification.google id: auto-18de3318a0ad630f56d5d84ff6e44106392803bd661af91be4848b8c943c7f87 status: experimental description: Detects traffic or activity related to https://ixtl.silver-dock.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ixtl.silver-dock.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://v4lle-route.silver-dock.in.net/verification.google id: auto-f0c08c4159ecad6caa6ab4591e020643dd7ca1ffdad9f1103b928375257c3ab0 status: experimental description: Detects traffic or activity related to https://v4lle-route.silver-dock.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://v4lle-route.silver-dock.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://kelnexa.cr4ftlane.in.net/verification.google id: auto-d8d776c097dbeb8424f19e820b73ab062fcf93a1128e6e35f73e2c63000be0fd status: experimental description: Detects traffic or activity related to https://kelnexa.cr4ftlane.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://kelnexa.cr4ftlane.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://lumspire8os.cr4ftlane.in.net/verification.google id: auto-a7c35e29f7c2ea05a405c7ece33ddd23f805b59ee8b6fadd356a91a7f5b008e6 status: experimental description: Detects traffic or activity related to https://lumspire8os.cr4ftlane.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://lumspire8os.cr4ftlane.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://fernprim.cr4ftlane.in.net/verification.google id: auto-69c099e15acad25e73d611f61102548950c8e71495248dd2d11f67dcfd250035 status: experimental description: Detects traffic or activity related to https://fernprim.cr4ftlane.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://fernprim.cr4ftlane.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://tensorparticle.cr4ftlane.in.net/verification.google id: auto-173aa35611cf00e40c41b321e0bc93c547730e04704e1212900403654fb1b57f status: experimental description: Detects traffic or activity related to https://tensorparticle.cr4ftlane.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://tensorparticle.cr4ftlane.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://voicetrusted.cr4ftlane.in.net/verification.google id: auto-26979840f5e2837f6b8dda1763521d1aaade5c32872de3b5d2b65b0b7f0fcadd status: experimental description: Detects traffic or activity related to https://voicetrusted.cr4ftlane.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://voicetrusted.cr4ftlane.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://0pen-cache.thornbay.in.net/verification.google id: auto-a5ec6afe45026ac13fdb9217dcc9ec5fd4c195a0b410bd7fa472be8e00660903 status: experimental description: Detects traffic or activity related to https://0pen-cache.thornbay.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://0pen-cache.thornbay.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://vaultauth.thornbay.in.net/verification.google id: auto-d46c61254efa88b7a9bb20fd0aff4869ee19b8ca536691ccafff9e157f3bf91b status: experimental description: Detects traffic or activity related to https://vaultauth.thornbay.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://vaultauth.thornbay.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://sewvyh.thornbay.in.net/verification.google id: auto-a43ce61f5bf327827272eeeea2b4483d19945922971d76ab6d629f64421bc3ad status: experimental description: Detects traffic or activity related to https://sewvyh.thornbay.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://sewvyh.thornbay.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://wdpoqr.thornbay.in.net/verification.google id: auto-2654409f9717fe8cd7dbb25a8f6b58ecbb08a36576bca0d5a0bcc792bfd7346b status: experimental description: Detects traffic or activity related to https://wdpoqr.thornbay.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://wdpoqr.thornbay.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://0twkb.thornbay.in.net/verification.google id: auto-4ffdf0d5d404128831aaecc2c27899d5e52be3e317c2fbce7ceb9322d6295a8a status: experimental description: Detects traffic or activity related to https://0twkb.thornbay.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://0twkb.thornbay.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://uz1gap10.ember-grid.in.net/verification.google id: auto-85069c32e6b1082b37f03f46ce8676785fe0d20ba615c3e2e265653fb1705bf2 status: experimental description: Detects traffic or activity related to https://uz1gap10.ember-grid.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://uz1gap10.ember-grid.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dr4w-trail.ember-grid.in.net/verification.google id: auto-260d6c1deffa1a89b6c72bfc7490ad213b997526a51f8389fe23e7db5a8c46a3 status: experimental description: Detects traffic or activity related to https://dr4w-trail.ember-grid.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dr4w-trail.ember-grid.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://r4il-stack.ember-grid.in.net/verification.google id: auto-3270b523f1e0ac91b2477ffe662b68229c1715905f3eb2796ec6a4f164b4fd0d status: experimental description: Detects traffic or activity related to https://r4il-stack.ember-grid.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://r4il-stack.ember-grid.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://hard7-beam.ember-grid.in.net/verification.google id: auto-59f0b1098853803ec479d91d9f51ef5305c64a25243544301bec57ce29525733 status: experimental description: Detects traffic or activity related to https://hard7-beam.ember-grid.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://hard7-beam.ember-grid.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://watc2-crest.ember-grid.in.net/verification.google id: auto-d6bbb8bdb1a4d277ba7a00efde0afff359cc8d369608f2d41b2b8b9dddbf9f8d status: experimental description: Detects traffic or activity related to https://watc2-crest.ember-grid.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://watc2-crest.ember-grid.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://73dwi.vividfox.in.net/verification.google id: auto-6398863e427adf623c7e3b8b308a187596b66c106633f20b5dc006c8fecc655e status: experimental description: Detects traffic or activity related to https://73dwi.vividfox.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://73dwi.vividfox.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://di5pat-ring.prowinserv.in.net/verification.google id: auto-c8466e00a0ab8fcb4c27abc125cc7858cf29b8b89a9104a4e807178ea429a218 status: experimental description: Detects traffic or activity related to https://di5pat-ring.prowinserv.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://di5pat-ring.prowinserv.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://chilloutvrhub.com/Chilloutvrmod_Setup.zip id: auto-fd6640845f560c597326e4a4f7a5bd406242790379ded73e49cd37f1c61fc9d6 status: experimental description: Detects traffic or activity related to https://chilloutvrhub.com/Chilloutvrmod_Setup.zip which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://chilloutvrhub.com/Chilloutvrmod_Setup.zip*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - http://185.222.160.157/files/7268244560/PHl2Bgd.exe id: auto-ccd838ae3f87e9a98fff6bc81a609ded07df76cfe0b3368edc7e01f815d49d81 status: experimental description: Detects traffic or activity related to http://185.222.160.157/files/7268244560/PHl2Bgd.exe which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*http://185.222.160.157/files/7268244560/PHl2Bgd.exe*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - http://5.252.21.239/files/7782139129/ZSZfFtn.exe id: auto-54eb37812b42e84742fab49ea3ac489e0ff92cca8133fc84f20109b73031b7ae status: experimental description: Detects traffic or activity related to http://5.252.21.239/files/7782139129/ZSZfFtn.exe which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*http://5.252.21.239/files/7782139129/ZSZfFtn.exe*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://quickstep.fluxobase.info/culpableheadache id: auto-bb8c042051460b0f23ccdf45dd0cf62fe279c789c089bb9b334c9175ae059044 status: experimental description: Detects traffic or activity related to https://quickstep.fluxobase.info/culpableheadache which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://quickstep.fluxobase.info/culpableheadache*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://repost.punto-viva.info/firewall_policy.conf id: auto-900a082cab551e8c5048c46b57120a6abdf8dcd75f32c45ad95bb790ada37ba7 status: experimental description: Detects traffic or activity related to https://repost.punto-viva.info/firewall_policy.conf which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://repost.punto-viva.info/firewall_policy.conf*' condition: selection level: high tags: - attack.t1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://www.dropbox.com/scl/fi/yltrmpfsxc2jyxxm84ncc/18c695e53103a5b1.exe?rlkey=110pap7hysyafcov26l8z20lw&st=yhqy3ufv&dl=1 id: auto-718dd052299cbc4c5739bd50193bcb0b609471a8dbd0c7a08ccd25d1518183e3 status: experimental description: Detects traffic or activity related to https://www.dropbox.com/scl/fi/yltrmpfsxc2jyxxm84ncc/18c695e53103a5b1.exe?rlkey=110pap7hysyafcov26l8z20lw&st=yhqy3ufv&dl=1 which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://www.dropbox.com/scl/fi/yltrmpfsxc2jyxxm84ncc/18c695e53103a5b1.exe?rlkey=110pap7hysyafcov26l8z20lw&st=yhqy3ufv&dl=1*' condition: selection level: high tags: - attack.t1204.002 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - http://158.94.208.7/files/8434554557/X8cqVrA.exe id: auto-d81a98911f26148ca1307fc8f9d68157686312038ea398538e0c33d1adeb775e status: experimental description: Detects traffic or activity related to http://158.94.208.7/files/8434554557/X8cqVrA.exe which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*http://158.94.208.7/files/8434554557/X8cqVrA.exe*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://pnt4space.connectivitybuffer.in.net/verification.google id: auto-93a7347ca55caa984ee99a0088fce29f6993f6e67ecbcd8fafb38caea00a4bbb status: experimental description: Detects traffic or activity related to https://pnt4space.connectivitybuffer.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://pnt4space.connectivitybuffer.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://pnt3field.connectivitybuffer.in.net/verification.google id: auto-6fdd013d6af0ceb77162594bc552fe25d8a6fc29a6439a1c17b91690c47a9882 status: experimental description: Detects traffic or activity related to https://pnt3field.connectivitybuffer.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://pnt3field.connectivitybuffer.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://pnt2outer.connectivitybuffer.in.net/verification.google id: auto-8fbab34b8cfbe89971d7069545d6ec4694d09a318165933fd70675f85e03bf0a status: experimental description: Detects traffic or activity related to https://pnt2outer.connectivitybuffer.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://pnt2outer.connectivitybuffer.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://pnt1proc.connectivitybuffer.in.net/verification.google id: auto-7ef62e8c1ea0492bcd5fa34193cd27a61712ff487faaf9acac0e56e3d261b04e status: experimental description: Detects traffic or activity related to https://pnt1proc.connectivitybuffer.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://pnt1proc.connectivitybuffer.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://res4path.operationalgateway.in.net/verification.google id: auto-f14ea75c97c0319d3989a1f9deec53cde4cb8c31a8078d83b546fc9ca9cada23 status: experimental description: Detects traffic or activity related to https://res4path.operationalgateway.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://res4path.operationalgateway.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://res3view.operationalgateway.in.net/verification.google id: auto-15c3ee3fb667526d8d5a344f372d3b223f5bd642fe87bb68809fbf2b60cb36ff status: experimental description: Detects traffic or activity related to https://res3view.operationalgateway.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://res3view.operationalgateway.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://res2point.operationalgateway.in.net/verification.google id: auto-d80c380dfc6603894d2418fde348600a6dd25458f924745ad20094ca87e8019a status: experimental description: Detects traffic or activity related to https://res2point.operationalgateway.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://res2point.operationalgateway.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://res1proc.operationalgateway.in.net/verification.google id: auto-fbfb1e1ab2e1b7d8471c1a996a96f3051a255e47556616ca286486a233fe8bd9 status: experimental description: Detects traffic or activity related to https://res1proc.operationalgateway.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://res1proc.operationalgateway.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://loc4view.managementresource.in.net/verification.google id: auto-9f07da053c0c0dbea295355d7217e4c22ca64d33b47e88171882972e5a335790 status: experimental description: Detects traffic or activity related to https://loc4view.managementresource.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://loc4view.managementresource.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://loc2core.managementresource.in.net/verification.google id: auto-76c061b51b8ab72a67333d9c3f8f28a24db7e4b38ae5edc73f81c98cfb106b2b status: experimental description: Detects traffic or activity related to https://loc2core.managementresource.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://loc2core.managementresource.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://loc1proc.managementresource.in.net/verification.google id: auto-e66ce68d1bdba887df8aa06dee173aed18bd7cb0afb9ede5fffc42818798a4a6 status: experimental description: Detects traffic or activity related to https://loc1proc.managementresource.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://loc1proc.managementresource.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://pnt4link.diagnosticendpoint.in.net/verification.google id: auto-c24a03a3880813111d40d9babe9de85f2cb5206cf9dc060d78a2fd70211fdcff status: experimental description: Detects traffic or activity related to https://pnt4link.diagnosticendpoint.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://pnt4link.diagnosticendpoint.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://pnt3user.diagnosticendpoint.in.net/verification.google id: auto-f1ff1bf1ddcb6383b3bcc1e78280fb098e375bba8ca0d088a28993ffadad513c status: experimental description: Detects traffic or activity related to https://pnt3user.diagnosticendpoint.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://pnt3user.diagnosticendpoint.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://pnt2base.diagnosticendpoint.in.net/verification.google id: auto-dff1b9542b93884c1f1286b3f885355f3c850d78fe8bc11db3e569a4b09a7851 status: experimental description: Detects traffic or activity related to https://pnt2base.diagnosticendpoint.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://pnt2base.diagnosticendpoint.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://pnt1infra.diagnosticendpoint.in.net/verification.google id: auto-0b7a9bb83dd4ccf17c1c216ad879a5bcfa8c9f2ea2bab44b71d32b74f4f098e2 status: experimental description: Detects traffic or activity related to https://pnt1infra.diagnosticendpoint.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://pnt1infra.diagnosticendpoint.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://res4work.platformcontroller.in.net/verification.google id: auto-e885793d736d7a12c44c243cc3959c4c5d531077d7d64ebae27887fa5676fbe2 status: experimental description: Detects traffic or activity related to https://res4work.platformcontroller.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://res4work.platformcontroller.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://res3local.platformcontroller.in.net/verification.google id: auto-843a33762ca08a1fdff992c06abd2de05d9b0e41de52fcd2c82613b9edd22162 status: experimental description: Detects traffic or activity related to https://res3local.platformcontroller.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://res3local.platformcontroller.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://res2power.platformcontroller.in.net/verification.google id: auto-80a84de07d0048968483cca87b8b499a37acc0cccd9ec02248b9c2eb96cb54f1 status: experimental description: Detects traffic or activity related to https://res2power.platformcontroller.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://res2power.platformcontroller.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://res1proc.platformcontroller.in.net/verification.google id: auto-0c2fb2b541aa27747e94889e26b7fc48e8db1e75b9fcef16304d4b9353a75dc1 status: experimental description: Detects traffic or activity related to https://res1proc.platformcontroller.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://res1proc.platformcontroller.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://loc3dev.telemetryinterface.in.net/verification.google id: auto-c5dd86ea083a6627503a84044fec31d366284e0acf305f6be162441b63c25c32 status: experimental description: Detects traffic or activity related to https://loc3dev.telemetryinterface.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://loc3dev.telemetryinterface.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://loc4link.telemetryinterface.in.net/verification.google id: auto-3ea24df1fe7828669b12403fd0c04c7ed84f97eef10631eeef863a1db76f72bb status: experimental description: Detects traffic or activity related to https://loc4link.telemetryinterface.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://loc4link.telemetryinterface.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://loc2remote.telemetryinterface.in.net/verification.google id: auto-6221d12c969484b27b632c90729521efa266b1f827a27da2af7b12f25d19b2f3 status: experimental description: Detects traffic or activity related to https://loc2remote.telemetryinterface.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://loc2remote.telemetryinterface.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://loc1store.telemetryinterface.in.net/verification.google id: auto-42653a9d3a198e50d82f714fb6caee74cca043750e6f93718b03b66ee4787ca5 status: experimental description: Detects traffic or activity related to https://loc1store.telemetryinterface.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://loc1store.telemetryinterface.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - http://158.94.208.7/files/8074464496/Fu4sGxz.exe id: auto-d9abf7c2ed96ed816e5890d3e802ad59897db08df0fac45392a2c06617983eca status: experimental description: Detects traffic or activity related to http://158.94.208.7/files/8074464496/Fu4sGxz.exe which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*http://158.94.208.7/files/8074464496/Fu4sGxz.exe*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://pnt4sync.infrastructurecloud.in.net/verification.google id: auto-13356b07fb7dd304f9ad217865b27a9fb7492b63da78af0547a8cd96fe15ec13 status: experimental description: Detects traffic or activity related to https://pnt4sync.infrastructurecloud.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://pnt4sync.infrastructurecloud.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://pnt3gate.infrastructurecloud.in.net/verification.google id: auto-10ba672e91cd4b2ddb7c561dc3aa22af00e9717b8694a7b4354c17d0771448a8 status: experimental description: Detects traffic or activity related to https://pnt3gate.infrastructurecloud.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://pnt3gate.infrastructurecloud.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://pnt2proc.infrastructurecloud.in.net/verification.google id: auto-f30d520135e23ec28860f10805748795c126733b151788db85d146380b15eb93 status: experimental description: Detects traffic or activity related to https://pnt2proc.infrastructurecloud.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://pnt2proc.infrastructurecloud.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://pnt1meta.infrastructurecloud.in.net/verification.google id: auto-cbc4e25fb50d32db4ed906a8d9f52c9fcf8e85ce61c334b6c156bca5f4b85632 status: experimental description: Detects traffic or activity related to https://pnt1meta.infrastructurecloud.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://pnt1meta.infrastructurecloud.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://res4static.analyticsprocessing.in.net/verification.google id: auto-78d8f49468b7338f707d4b27a9505d22028b713453594be1b9383623450c754c status: experimental description: Detects traffic or activity related to https://res4static.analyticsprocessing.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://res4static.analyticsprocessing.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://res3edge.analyticsprocessing.in.net/verification.google id: auto-7432f6e704ebe345a21e30f6ad2ee1d1b8411c3dd295a2cfdf117b1fbe8f2d72 status: experimental description: Detects traffic or activity related to https://res3edge.analyticsprocessing.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://res3edge.analyticsprocessing.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://res2data.analyticsprocessing.in.net/verification.google id: auto-c7e57eee865f0eb4482f96c5f01eef21bf62ff3ccb115f100f95042831f6f06b status: experimental description: Detects traffic or activity related to https://res2data.analyticsprocessing.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://res2data.analyticsprocessing.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://res1sync.analyticsprocessing.in.net/verification.google id: auto-862f731e131fa54feaa582c01f8ddc7cc92c540edcd40ee1feec4c421db22839 status: experimental description: Detects traffic or activity related to https://res1sync.analyticsprocessing.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://res1sync.analyticsprocessing.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dc4point.applicationbuffer.in.net/verification.google id: auto-d123f763b7eddd8bd3f79dac06e38d21ec3bd899393ce995b6eefe3b1e5c64fe status: experimental description: Detects traffic or activity related to https://dc4point.applicationbuffer.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dc4point.applicationbuffer.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dc3data.applicationbuffer.in.net/verification.google id: auto-b59ac6448863b4d330ff3b5172374f361b602fa219c0ce6b6d4920bc428f4617 status: experimental description: Detects traffic or activity related to https://dc3data.applicationbuffer.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dc3data.applicationbuffer.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dc2proxy.applicationbuffer.in.net/verification.google id: auto-1361850724d5e85a98664e858f987dda8f17377a63955621f23ee0831ae7e684 status: experimental description: Detects traffic or activity related to https://dc2proxy.applicationbuffer.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dc2proxy.applicationbuffer.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dc1infra.applicationbuffer.in.net/verification.google id: auto-87494ae2c52a298ea9cb02a00b6b1cc58e274ed3e25eb40ebc3110a90cab4f7e status: experimental description: Detects traffic or activity related to https://dc1infra.applicationbuffer.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dc1infra.applicationbuffer.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://app4sat.distributedmatrix.in.net/verification.google id: auto-543d3981b8d9497abc708fbdab7fb71bc6bb72a33bbdd3d853f0f3658112761b status: experimental description: Detects traffic or activity related to https://app4sat.distributedmatrix.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://app4sat.distributedmatrix.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://app3core.distributedmatrix.in.net/verification.google id: auto-9a79c81ee379539f2b0c49647a7f44b70a9582d42af3a45ddbdb8493df64dfe8 status: experimental description: Detects traffic or activity related to https://app3core.distributedmatrix.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://app3core.distributedmatrix.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://app2steel.distributedmatrix.in.net/verification.google id: auto-6f1e7fdc95f9356a6a173e40f5eec244c9569e9bad07204ed3b7cb8f8d17f141 status: experimental description: Detects traffic or activity related to https://app2steel.distributedmatrix.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://app2steel.distributedmatrix.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://app1proc.distributedmatrix.in.net/verification.google id: auto-c4386ad602064aef2f1ac2a269fbe86ea57d5aa0434e90072879c6e0bd826bfd status: experimental description: Detects traffic or activity related to https://app1proc.distributedmatrix.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://app1proc.distributedmatrix.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://vol4space.connectivitynode.in.net/verification.google id: auto-c309dfd866447e3b4b12a681001e307273401e4ff375711a7950053b1a4bebb6 status: experimental description: Detects traffic or activity related to https://vol4space.connectivitynode.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://vol4space.connectivitynode.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://vol3field.connectivitynode.in.net/verification.google id: auto-31bdc94606ca2278a98c84bd42f1b321db26053f8ed53f51638df3e4ec9c8f86 status: experimental description: Detects traffic or activity related to https://vol3field.connectivitynode.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://vol3field.connectivitynode.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://vol2outer.connectivitynode.in.net/verification.google id: auto-bb11d692a3b4f7821acdf1de4f185e767728ed2e4311d3d210555cb007327966 status: experimental description: Detects traffic or activity related to https://vol2outer.connectivitynode.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://vol2outer.connectivitynode.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://vol1proc.connectivitynode.in.net/verification.google id: auto-f88e06a828dc5a1fc80b897c6215fe08c6103313f1f872834bab5e18b9a87e73 status: experimental description: Detects traffic or activity related to https://vol1proc.connectivitynode.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://vol1proc.connectivitynode.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dc4path.operationalsystem.in.net/verification.google id: auto-556d89fff9a1da235b0d8cfe638b47ba2dab52578537ea44f3d40d5be2183eee status: experimental description: Detects traffic or activity related to https://dc4path.operationalsystem.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dc4path.operationalsystem.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dc2point.operationalsystem.in.net/verification.google id: auto-47693dee9c5c31f14fbe842c4d3aeb1efe29242414efd718111868b827ed72a9 status: experimental description: Detects traffic or activity related to https://dc2point.operationalsystem.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dc2point.operationalsystem.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dc1proc.operationalsystem.in.net/verification.google id: auto-941eea5530825fc8f55cf053b347b9fdcb97b81ffb5f06cea5ad06912709dfbb status: experimental description: Detects traffic or activity related to https://dc1proc.operationalsystem.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dc1proc.operationalsystem.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://app4view.managementgateway.in.net/verification.google id: auto-62ea116a82adb15cc6181a18c14c5a376617361b5c850ae73594481d3c900640 status: experimental description: Detects traffic or activity related to https://app4view.managementgateway.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://app4view.managementgateway.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://app3ghost.managementgateway.in.net/verification.google id: auto-6075c7e83c71e53244c48984703d5b25a0722301cdda18274d45e3c34fa4b6dd status: experimental description: Detects traffic or activity related to https://app3ghost.managementgateway.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://app3ghost.managementgateway.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://app2core.managementgateway.in.net/verification.google id: auto-b86ab84759c824d65db19e041799a89b037b9328a13178ebe35385d4d7787f4e status: experimental description: Detects traffic or activity related to https://app2core.managementgateway.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://app2core.managementgateway.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://app1proc.managementgateway.in.net/verification.google id: auto-0f3d47400c3a879edaaf19952bc694c16305f901705c246c7d98d82b941618ba status: experimental description: Detects traffic or activity related to https://app1proc.managementgateway.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://app1proc.managementgateway.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://vol4link.diagnosticresource.in.net/verification.google id: auto-c4cb679735b5cdbc517d1b8f3c7aa5e0edc1529f30bfe7e8ad65d5e352a4dc63 status: experimental description: Detects traffic or activity related to https://vol4link.diagnosticresource.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://vol4link.diagnosticresource.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://vol3user.diagnosticresource.in.net/verification.google id: auto-40bd969b167040d10f6fed739520aa0880c0e9a4d8225488d0aaf7b480b27ac1 status: experimental description: Detects traffic or activity related to https://vol3user.diagnosticresource.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://vol3user.diagnosticresource.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://vol2base.diagnosticresource.in.net/verification.google id: auto-b0208c1770b61efdeb0dac550cd1ae25b4b025c150175143e0d230493f5bf287 status: experimental description: Detects traffic or activity related to https://vol2base.diagnosticresource.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://vol2base.diagnosticresource.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://vol1infra.diagnosticresource.in.net/verification.google id: auto-371d91d0230f7b06d6c0e43e55b5b2cf56e5467fe546c3c003b36cfe803ec4c7 status: experimental description: Detects traffic or activity related to https://vol1infra.diagnosticresource.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://vol1infra.diagnosticresource.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dc4work.platformendpoint.in.net/verification.google id: auto-f8138d37aaae8b1c8c6744c6d1026d23b5359a40b824f6c6c736970dd4b49a93 status: experimental description: Detects traffic or activity related to https://dc4work.platformendpoint.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dc4work.platformendpoint.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dc3local.platformendpoint.in.net/verification.google id: auto-10830617d6ead4e288b3aee3eaf505052db77ddc135e4ba7a41df4249204a976 status: experimental description: Detects traffic or activity related to https://dc3local.platformendpoint.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dc3local.platformendpoint.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dc2power.platformendpoint.in.net/verification.google id: auto-6cbc56043c835318ba8c8717ce83248bac59f39ed90eaf4c742e054822fc2465 status: experimental description: Detects traffic or activity related to https://dc2power.platformendpoint.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dc2power.platformendpoint.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dc1proc.platformendpoint.in.net/verification.google id: auto-5d6353e10c5a49ee60c1eb5f8d4e31aca73e90d7fc02d63f340ccb21c95fbaa3 status: experimental description: Detects traffic or activity related to https://dc1proc.platformendpoint.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dc1proc.platformendpoint.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://app4link.telemetryservice.in.net/verification.google id: auto-6388dc7b64df658e48275705fbbf56eda011eb4bf63c596f260815b25dbd7f1d status: experimental description: Detects traffic or activity related to https://app4link.telemetryservice.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://app4link.telemetryservice.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://app3dev.telemetryservice.in.net/verification.google id: auto-5664df2fe498ffd5fec3b21a18d524c4e1897c163a044c488f1de4936d9ecf56 status: experimental description: Detects traffic or activity related to https://app3dev.telemetryservice.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://app3dev.telemetryservice.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://app2remote.telemetryservice.in.net/verification.google id: auto-d5127796df31fba2d21c82c4961c1e7b33131f4516e3eb9834c9d1a8cc510eec status: experimental description: Detects traffic or activity related to https://app2remote.telemetryservice.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://app2remote.telemetryservice.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://app1store.telemetryservice.in.net/verification.google id: auto-2af20831db46d962420e8666333c777c889f95195b518c0cb921b8cffce513bf status: experimental description: Detects traffic or activity related to https://app1store.telemetryservice.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://app1store.telemetryservice.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://vol4sync.infrastructurebase.in.net/verification.google id: auto-67e2757729bf2ee22ae492b0bb2cae47735bddf1f5360ef01852f7abba9efe37 status: experimental description: Detects traffic or activity related to https://vol4sync.infrastructurebase.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://vol4sync.infrastructurebase.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://vol3gate.infrastructurebase.in.net/verification.google id: auto-337373ce97a3bd50ac44755fa07f1e0b34e8fbee948baa5689129ad16145d658 status: experimental description: Detects traffic or activity related to https://vol3gate.infrastructurebase.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://vol3gate.infrastructurebase.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://vol2proc.infrastructurebase.in.net/verification.google id: auto-66d013230c0a098e90713f65f1ae0d39d83d5e94ebb127297c7033213d2dfc3b status: experimental description: Detects traffic or activity related to https://vol2proc.infrastructurebase.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://vol2proc.infrastructurebase.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://vol1meta.infrastructurebase.in.net/verification.google id: auto-eb9238a8d8b64e6e8a64d597e4d00dc3ae2f835b966d2845b8db84c99998fac3 status: experimental description: Detects traffic or activity related to https://vol1meta.infrastructurebase.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://vol1meta.infrastructurebase.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dc4static.analyticspoint.in.net/verification.google id: auto-941f1d06166b04beed0dd0b1ff16694f7e1987ba6241c42085616e94f30a19d4 status: experimental description: Detects traffic or activity related to https://dc4static.analyticspoint.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dc4static.analyticspoint.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dc2data.analyticspoint.in.net/verification.google id: auto-aed64bddf1af7381b8f3d4d20c9aeb7e4e2b8d4bb0c3caeb3dc61868f948bd5e status: experimental description: Detects traffic or activity related to https://dc2data.analyticspoint.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dc2data.analyticspoint.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dc1sync.analyticspoint.in.net/verification.google id: auto-da9643c48ade0c6b6bb45d43f508eacb3ecd27d4e84b7997dcba3c70b80472da status: experimental description: Detects traffic or activity related to https://dc1sync.analyticspoint.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dc1sync.analyticspoint.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://s1gna1-track.plotsafe.in.net/verification.google id: auto-960c0a3f5d3ef5b08f298e3b4229f0fc2623505470c2168634f3a0bfbc3941c5 status: experimental description: Detects traffic or activity related to https://s1gna1-track.plotsafe.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://s1gna1-track.plotsafe.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://d3fen-cache.infosafe.in.net/verification.google id: auto-4cf9c21f0c4c04ef2c27a43ab02234bb0ec671ef3d838085c34a6872afb9db86 status: experimental description: Detects traffic or activity related to https://d3fen-cache.infosafe.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://d3fen-cache.infosafe.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://illumewholes.capslock.in.net/verification.google id: auto-cf00bd5f0fbd8b98fa8ffaaff82ad93c5645c436ebeb3679428c9ad5797d5a16 status: experimental description: Detects traffic or activity related to https://illumewholes.capslock.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://illumewholes.capslock.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://mewmm.trueflow.in.net/verification.google id: auto-26b6df6d48778e335d3ba9a28e42791a59502e60044e30db7124bdb663734fed status: experimental description: Detects traffic or activity related to https://mewmm.trueflow.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://mewmm.trueflow.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://sensorsupp.trueslak.in.net/verification.google id: auto-82a0f050287aaecba58476961f009b55227b55443a97a0a35763a512d086316a status: experimental description: Detects traffic or activity related to https://sensorsupp.trueslak.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://sensorsupp.trueslak.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://nlcygd.withregw.in.net/verification.google id: auto-f08e7641e066b37a637bf2f66695f70b4564ffa1379c715c4b528496889e06ea status: experimental description: Detects traffic or activity related to https://nlcygd.withregw.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://nlcygd.withregw.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://arkcrest7is.currvers.in.net/verification.google id: auto-8569f833a3737fd8e3062b1ee754b312f10a3469a704e4a5617da374e9ec6592 status: experimental description: Detects traffic or activity related to https://arkcrest7is.currvers.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://arkcrest7is.currvers.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://trac-glade.doabove.in.net/verification.google id: auto-856be3140184b188eebfd59851f26247b17eaeeffebb0ef9ee2eb8c2ca903f4a status: experimental description: Detects traffic or activity related to https://trac-glade.doabove.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://trac-glade.doabove.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://flerai.dombove.in.net/verification.google id: auto-35c3bada25c50df049f8962bbed9cde70b683bb5d7b3a161c1c4ec5c6215c3ba status: experimental description: Detects traffic or activity related to https://flerai.dombove.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://flerai.dombove.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://normarkal9.gothrough.in.net/verification.google id: auto-b8f2c95abbc99dee74712091a3a1d0a06694ebb3af6a88b6ca8c8aca4e197376 status: experimental description: Detects traffic or activity related to https://normarkal9.gothrough.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://normarkal9.gothrough.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://proto-h4ul.withregw.in.net/verification.google id: auto-3c6d3984bd686931cedc53817114f9f4f5bd618d2f948bd5dab7c626763c0627 status: experimental description: Detects traffic or activity related to https://proto-h4ul.withregw.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://proto-h4ul.withregw.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://neo-rnount.withregw.in.net/verification.google id: auto-bcfd8f8d4c6cfed4d93087838bce3ae04c890df4a3578883f10bbafa92678bc3 status: experimental description: Detects traffic or activity related to https://neo-rnount.withregw.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://neo-rnount.withregw.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://anch0-bridge.withregw.in.net/verification.google id: auto-5df6cad5c18cedf99041d9db6f8e45f2aa2f735411dcefa4618db702fc58bd66 status: experimental description: Detects traffic or activity related to https://anch0-bridge.withregw.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://anch0-bridge.withregw.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://opticsval.withregw.in.net/verification.google id: auto-7ad8a3496c1cda1be663c96faf0268af647f9bd78735e4512f9af016abfa3c7a status: experimental description: Detects traffic or activity related to https://opticsval.withregw.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://opticsval.withregw.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ravenreview.currvers.in.net/verification.google id: auto-f0613ec3b52e978164260fffdc9ec08705e5228a63a2dbd8901cc7eb1c85b140 status: experimental description: Detects traffic or activity related to https://ravenreview.currvers.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ravenreview.currvers.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ndakntj.currvers.in.net/verification.google id: auto-4344e4c416e1070d6e40ff2acc4efff48aef2e32fa8dc2b932832c74d1466d9f status: experimental description: Detects traffic or activity related to https://ndakntj.currvers.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ndakntj.currvers.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://frozenlayout.currvers.in.net/verification.google id: auto-2cb2a2b425d0e85b5b96c4b0f582adb655e2a2a9ffccf08b80530fe8fe937f02 status: experimental description: Detects traffic or activity related to https://frozenlayout.currvers.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://frozenlayout.currvers.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://kel-nexis.currvers.in.net/verification.google id: auto-134f3a10a57a8f02275c8128e81220eb59f4ec5f90929cf3f25cf9f9a83786a8 status: experimental description: Detects traffic or activity related to https://kel-nexis.currvers.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://kel-nexis.currvers.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://trilineix.doabove.in.net/verification.google id: auto-23e614b7c7e3d81fc51215ed0983e48cf50f301c6acef9150283bc8b796bcd47 status: experimental description: Detects traffic or activity related to https://trilineix.doabove.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://trilineix.doabove.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://mercoreet5.doabove.in.net/verification.google id: auto-b8f5f557f62a5f77e46dd44509defb85135ac1817111bd6c4d8c017823818a50 status: experimental description: Detects traffic or activity related to https://mercoreet5.doabove.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://mercoreet5.doabove.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://reef-dat.doabove.in.net/verification.google id: auto-7a1d054ffdfefc07b400aabb1368fa6ab2c7af1048ac40f0f323dddef32e129b status: experimental description: Detects traffic or activity related to https://reef-dat.doabove.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://reef-dat.doabove.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://harvestedit.doabove.in.net/verification.google id: auto-857bb660d5c86cbd9cc62f45778697707a8b9c7957e286fa29a73eb0386fd5fb status: experimental description: Detects traffic or activity related to https://harvestedit.doabove.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://harvestedit.doabove.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://visualfier.dombove.in.net/verification.google id: auto-ff4d77652f5b27ea13e813bb354919171a369ccd48f7a95a28f09e3b98837499 status: experimental description: Detects traffic or activity related to https://visualfier.dombove.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://visualfier.dombove.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://fsrwr05.dombove.in.net/verification.google id: auto-38a9923894a02063be83434f972c00fa96a8351823dd645ded654e49e74acf51 status: experimental description: Detects traffic or activity related to https://fsrwr05.dombove.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://fsrwr05.dombove.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dusdyna.dombove.in.net/verification.google id: auto-fd4b830a4a590cbc4798b8a46d32351f6da26f3d86e3a60137ba25d73af35790 status: experimental description: Detects traffic or activity related to https://dusdyna.dombove.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dusdyna.dombove.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://arktideix1.dombove.in.net/verification.google id: auto-764d954da48306c4f9a3430f2e1f2e0b0102bd5c216949df16a05899a3e0c694 status: experimental description: Detects traffic or activity related to https://arktideix1.dombove.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://arktideix1.dombove.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://iwug.gothrough.in.net/verification.google id: auto-8df28d5cc51ff691f7af74ee327a09738d83d5e1e5752a44b9e09b11c3b8de30 status: experimental description: Detects traffic or activity related to https://iwug.gothrough.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://iwug.gothrough.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://rav3n-span.gothrough.in.net/verification.google id: auto-4463ff12e2f37e75979d746e4fa0af86fd3da537b0ae06626a2ec42ade6de939 status: experimental description: Detects traffic or activity related to https://rav3n-span.gothrough.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://rav3n-span.gothrough.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://delivergolden.gothrough.in.net/verification.google id: auto-a02f5ab31c8e8f352cb6bc23bb85a6c23be4606b6b4b8bcfd45fb0cef0e4893f status: experimental description: Detects traffic or activity related to https://delivergolden.gothrough.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://delivergolden.gothrough.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://streamnoble.gothrough.in.net/verification.google id: auto-98508982933eecea6b5b593ff7ae82a591c636b66045c1d4fcb67d61f6269266 status: experimental description: Detects traffic or activity related to https://streamnoble.gothrough.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://streamnoble.gothrough.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://streamglo.plotsafe.in.net/verification.google id: auto-1d3703270033833ae55110296f3347b501f3cfb87694f722341f76ac0a01cfa6 status: experimental description: Detects traffic or activity related to https://streamglo.plotsafe.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://streamglo.plotsafe.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dynfluxon.plotsafe.in.net/verification.google id: auto-c7f6c6757ba2a542466f0cc3b91f133a37b8391a427715a3bc22369580209217 status: experimental description: Detects traffic or activity related to https://dynfluxon.plotsafe.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dynfluxon.plotsafe.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://innultra.plotsafe.in.net/verification.google id: auto-fb4491b671b5a50264f7eea6eb32c41652fca85c69afb8e0c9fe35fa3c062aca status: experimental description: Detects traffic or activity related to https://innultra.plotsafe.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://innultra.plotsafe.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://qczcgd.plotsafe.in.net/verification.google id: auto-1c21dc1551782f8fd47a019aaa78725c5b75008d2550ff78045355ff61f9cf7b status: experimental description: Detects traffic or activity related to https://qczcgd.plotsafe.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://qczcgd.plotsafe.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://soltideis9.infosafe.in.net/verification.google id: auto-076fefc4a562c4163c8b74f06290f579f246669774feab4c3fc8d5df7856e4cf status: experimental description: Detects traffic or activity related to https://soltideis9.infosafe.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://soltideis9.infosafe.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://proto-patt3r.infosafe.in.net/verification.google id: auto-373ec4e9df3b305926ad45081850886d6c5b0b580e7fc9804b6b8810987e3626 status: experimental description: Detects traffic or activity related to https://proto-patt3r.infosafe.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://proto-patt3r.infosafe.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://nefnpr.infosafe.in.net/verification.google id: auto-3fe455566c30e7f8c00ffac30fc8e6079d934b6bac5cf8394b30a6b311eaaa13 status: experimental description: Detects traffic or activity related to https://nefnpr.infosafe.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://nefnpr.infosafe.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://hxfpc.infosafe.in.net/verification.google id: auto-cb4ea57b4f9119f532bf3f73fd11d8ae4820bc6d9dd2162395823f9d4a8f1eee status: experimental description: Detects traffic or activity related to https://hxfpc.infosafe.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://hxfpc.infosafe.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://arkcrestex4.capslock.in.net/verification.google id: auto-e932e1f39c14bdf6b70787f0a0e50a7213c912be5338d266d6d4499aa1dffcc2 status: experimental description: Detects traffic or activity related to https://arkcrestex4.capslock.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://arkcrestex4.capslock.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://embdark.capslock.in.net/verification.google id: auto-db229451387964bf277b8df47a69e6fa0abe03f96c6df4a69d9bd3cbc602738e status: experimental description: Detects traffic or activity related to https://embdark.capslock.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://embdark.capslock.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://arkspire4ex.capslock.in.net/verification.google id: auto-1fbed11161d36cce624118dcb66fb1d925c04b1ec34bcd37150851bed7e79bb5 status: experimental description: Detects traffic or activity related to https://arkspire4ex.capslock.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://arkspire4ex.capslock.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://opt1c8-core.capslock.in.net/verification.google id: auto-219af6751c987f94cec09958b0d0fe2d3bdb3251624580b9be2451cb9ce0f4e6 status: experimental description: Detects traffic or activity related to https://opt1c8-core.capslock.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://opt1c8-core.capslock.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://meta-sh0re.trueflow.in.net/verification.google id: auto-88163c60daaffe4a082463beda4b298e125e326592089e3ba66dacdd73950cf5 status: experimental description: Detects traffic or activity related to https://meta-sh0re.trueflow.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://meta-sh0re.trueflow.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://summeinn.trueflow.in.net/verification.google id: auto-8b689e08da7223e12e9cd470cacfdbf93ce141c35b50c0da5fe3164f6a0dc098 status: experimental description: Detects traffic or activity related to https://summeinn.trueflow.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://summeinn.trueflow.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://solcorea.trueflow.in.net/verification.google id: auto-42e1bf32e22dfbace6c510b8ceee21389935c3c3e724a251487fe26245ea18e1 status: experimental description: Detects traffic or activity related to https://solcorea.trueflow.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://solcorea.trueflow.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://taldraen.trueflow.in.net/verification.google id: auto-2a6f4d90f2d033b933f6c32eda599861b3e9f32b0643d9babbce744bc01edb22 status: experimental description: Detects traffic or activity related to https://taldraen.trueflow.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://taldraen.trueflow.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://za7lvsc.trueslak.in.net/verification.google id: auto-06b13ac759ee19f56edfcce8d5971dea56773da803ddb507d2e718a90c356873 status: experimental description: Detects traffic or activity related to https://za7lvsc.trueslak.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://za7lvsc.trueslak.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://neo-c1iff.trueslak.in.net/verification.google id: auto-2886e4dcd04aadd874f5ca9342d200cb2f74c94dce25ebe70c32dde05f871390 status: experimental description: Detects traffic or activity related to https://neo-c1iff.trueslak.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://neo-c1iff.trueslak.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://merlithar1.trueslak.in.net/verification.google id: auto-afbe6ececdc81e29e0fcac886e45595e14bf2dd161213b5fd4b56884317f3674 status: experimental description: Detects traffic or activity related to https://merlithar1.trueslak.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://merlithar1.trueslak.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://adzpzg.trueslak.in.net/verification.google id: auto-ac4af2e0e53110dd6e347a63ad911337fd7e1d53ca265760f85cfdf9dd4812d5 status: experimental description: Detects traffic or activity related to https://adzpzg.trueslak.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://adzpzg.trueslak.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://main4point.metrichandler.in.net/verification.google id: auto-125fb065d46508b0284e87711c6e6b869b87fe3623dbec421c0f8ecaec719fc5 status: experimental description: Detects traffic or activity related to https://main4point.metrichandler.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://main4point.metrichandler.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://main3data.metrichandler.in.net/verification.google id: auto-65c3b5fa4915333975460ef8fa7152de6435234ce63b881a9836884ef7852ad5 status: experimental description: Detects traffic or activity related to https://main3data.metrichandler.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://main3data.metrichandler.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://main2proxy.metrichandler.in.net/verification.google id: auto-ef1298e3e6c62f5879a200a3e352040de28cd36175102c4a32a94ca3830c8607 status: experimental description: Detects traffic or activity related to https://main2proxy.metrichandler.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://main2proxy.metrichandler.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://main1infra.metrichandler.in.net/verification.google id: auto-d3a5ae9f319c125cdf07950865cc3ab8c1ddefb1623b3aa8ceeca60da5810f08 status: experimental description: Detects traffic or activity related to https://main1infra.metrichandler.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://main1infra.metrichandler.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://repost.optico-voda.info/denyexorcist id: auto-0c1b0524e3375f7ccd87f4c09ab63172453bdd0b589d68ce4ffb9224a4a9db90 status: experimental description: Detects traffic or activity related to https://repost.optico-voda.info/denyexorcist which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://repost.optico-voda.info/denyexorcist*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://orbit4sat.terminalvariable.in.net/verification.google id: auto-2f25b1de25f935407aa6cb5426b8f2fb9329d67bb7513d877505a7f0a3be1579 status: experimental description: Detects traffic or activity related to https://orbit4sat.terminalvariable.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://orbit4sat.terminalvariable.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://orbit3core.terminalvariable.in.net/verification.google id: auto-59eb5d240074a6a640cae662aade5cbfcbf286342cfd22816e15eff750e0fa58 status: experimental description: Detects traffic or activity related to https://orbit3core.terminalvariable.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://orbit3core.terminalvariable.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://orbit2steel.terminalvariable.in.net/verification.google id: auto-2a0627a96552eb300d4e4bbd48d9c77462bc1726f2b1d7eb7af57bfe72ba377e status: experimental description: Detects traffic or activity related to https://orbit2steel.terminalvariable.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://orbit2steel.terminalvariable.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://orbit1proc.terminalvariable.in.net/verification.google id: auto-57b7a04abc5f2454d41ec45b9bb662d592854d8b0fcad8a44a8ec9ca3bf4b367 status: experimental description: Detects traffic or activity related to https://orbit1proc.terminalvariable.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://orbit1proc.terminalvariable.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://area4space.boundarygateway.in.net/verification.google id: auto-9ee605e3081f89cdc0ef6c0b978bc255410d1ecee77905d31558520a79a3a1b8 status: experimental description: Detects traffic or activity related to https://area4space.boundarygateway.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://area4space.boundarygateway.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://area3field.boundarygateway.in.net/verification.google id: auto-5334740d65bf13d3e96e6e4453ceed6ed25a0b4f4253e9a1a0d6abe372ce13f7 status: experimental description: Detects traffic or activity related to https://area3field.boundarygateway.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://area3field.boundarygateway.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://area2outer.boundarygateway.in.net/verification.google id: auto-2530ff8dc848e368c14a8a682f8f64542ad5c488e755c3833fb1cd1346b631c9 status: experimental description: Detects traffic or activity related to https://area2outer.boundarygateway.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://area2outer.boundarygateway.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://area1proc.boundarygateway.in.net/verification.google id: auto-54a4ce46ddc52cb9ae46dc85a71ae427d53ac57e305e46a9832ce899d133de7e status: experimental description: Detects traffic or activity related to https://area1proc.boundarygateway.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://area1proc.boundarygateway.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dark4path.remotediagnostic.in.net/verification.google id: auto-fba2ff9b3e067a20ce341901a871f68fb9e3b70afa901cc7e808f8014cc3fd80 status: experimental description: Detects traffic or activity related to https://dark4path.remotediagnostic.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dark4path.remotediagnostic.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dark3view.remotediagnostic.in.net/verification.google id: auto-1fae65de2301024e0044aee9adfe06d90ebc16ec4d85c22ef410e2c4a4b291a6 status: experimental description: Detects traffic or activity related to https://dark3view.remotediagnostic.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dark3view.remotediagnostic.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dark2point.remotediagnostic.in.net/verification.google id: auto-63b7264e3a7507a424d80615439108576ea4ecc8664fe2765059dd27467c98c5 status: experimental description: Detects traffic or activity related to https://dark2point.remotediagnostic.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dark2point.remotediagnostic.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dark1proc.remotediagnostic.in.net/verification.google id: auto-c3e7684c4ff219ced3029f915f3b3d74a9b1d94ed27d72b1a0561d8aab575797 status: experimental description: Detects traffic or activity related to https://dark1proc.remotediagnostic.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dark1proc.remotediagnostic.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://alpha4view.cloudfoundation.in.net/verification.google id: auto-08593da9eec464d9f7be2bf3121e2045973b245b8f03d341ee36afd5fe94dbd5 status: experimental description: Detects traffic or activity related to https://alpha4view.cloudfoundation.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://alpha4view.cloudfoundation.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://alpha3ghost.cloudfoundation.in.net/verification.google id: auto-98f43d2ef254cbed01b83390c90519937884dc0730f582c4a73c9c30ed150bd3 status: experimental description: Detects traffic or activity related to https://alpha3ghost.cloudfoundation.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://alpha3ghost.cloudfoundation.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://alpha2core.cloudfoundation.in.net/verification.google id: auto-782542d498ed36b3e491783a0087ff905701aaad5412323fe3db7ff70ea42978 status: experimental description: Detects traffic or activity related to https://alpha2core.cloudfoundation.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://alpha2core.cloudfoundation.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://alpha1proc.cloudfoundation.in.net/verification.google id: auto-875c60d7bf5d6fec07441ceedefedc9bdcb9fb20a1d54760870216f1c4dabd20 status: experimental description: Detects traffic or activity related to https://alpha1proc.cloudfoundation.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://alpha1proc.cloudfoundation.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://core4link.systeminterface.in.net/verification.google id: auto-153fef9fc599d046d7c126beea7153efe909bb547b9568adad1f3339ab08a21c status: experimental description: Detects traffic or activity related to https://core4link.systeminterface.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://core4link.systeminterface.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://core3user.systeminterface.in.net/verification.google id: auto-aa41e6e7b5ea13e5f53aeee3c07d429c7792087c96ce3f216df036483b1ffaac status: experimental description: Detects traffic or activity related to https://core3user.systeminterface.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://core3user.systeminterface.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://core2base.systeminterface.in.net/verification.google id: auto-30af76c0fcfd6bed912e900b38fd50c84e77628506c25bdbe69f4eef27964c65 status: experimental description: Detects traffic or activity related to https://core2base.systeminterface.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://core2base.systeminterface.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://core1infra.systeminterface.in.net/verification.google id: auto-848ab5de08724c9af0a55015f5d6d1b30e61b12db30a444247aca948eb4d4734 status: experimental description: Detects traffic or activity related to https://core1infra.systeminterface.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://core1infra.systeminterface.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://point4work.virtualresource.in.net/verification.google id: auto-3b852fc120f270d8f1c3285088f036f7316dc5c95e697a035594fe37d39a3450 status: experimental description: Detects traffic or activity related to https://point4work.virtualresource.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://point4work.virtualresource.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://point3local.virtualresource.in.net/verification.google id: auto-885f8995d808415c61c9862a6c5483c4077f6b4801af86e8b4e9ec23b096a2e0 status: experimental description: Detects traffic or activity related to https://point3local.virtualresource.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://point3local.virtualresource.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://point2power.virtualresource.in.net/verification.google id: auto-e4074d53dd1fb0b90d568ddbe35dff9de650735d0cd7eacc791ffe14234f3d24 status: experimental description: Detects traffic or activity related to https://point2power.virtualresource.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://point2power.virtualresource.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://point1proc.virtualresource.in.net/verification.google id: auto-6b9b9c96b08d5dc77a323afb3b8eb6d994b0b05cd717c1f57ebceaa58182f177 status: experimental description: Detects traffic or activity related to https://point1proc.virtualresource.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://point1proc.virtualresource.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://host4link.datacentricnode.in.net/verification.google id: auto-67c24a5f83199ecfc73abea02a404861888d3d7a451f898f9cc1372b7fb3470e status: experimental description: Detects traffic or activity related to https://host4link.datacentricnode.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://host4link.datacentricnode.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://host3dev.datacentricnode.in.net/verification.google id: auto-2ed84dca511ce5ce802ed4a39b42da9fcfaed23173c4a2b84eb0b84a3e31806a status: experimental description: Detects traffic or activity related to https://host3dev.datacentricnode.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://host3dev.datacentricnode.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://host2remote.datacentricnode.in.net/verification.google id: auto-da49c6030712824aa637d6fa31f981abbc9ea3722cb9c12eb3373afd46b1761a status: experimental description: Detects traffic or activity related to https://host2remote.datacentricnode.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://host2remote.datacentricnode.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://host1store.datacentricnode.in.net/verification.google id: auto-836e7f92d072e425ea00ca4fc3a31dcd6255048e8e8a19695ad05c73c4798147 status: experimental description: Detects traffic or activity related to https://host1store.datacentricnode.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://host1store.datacentricnode.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://unit4sync.securityprotocol.in.net/verification.google id: auto-2f84ce679ffb8846f8dc6991955a146e9e9dad0ba9495dfd8bd8fa7faae5aec5 status: experimental description: Detects traffic or activity related to https://unit4sync.securityprotocol.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://unit4sync.securityprotocol.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://unit3gate.securityprotocol.in.net/verification.google id: auto-551bc863e653187a44bc4c8ae48f8ee5bdaeb96137bf711a6217d5bb40b9d78e status: experimental description: Detects traffic or activity related to https://unit3gate.securityprotocol.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://unit3gate.securityprotocol.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://unit2proc.securityprotocol.in.net/verification.google id: auto-5201590deb5595a718e3de9a2d65d253222eede11aeeb683574cb885b83e1c4e status: experimental description: Detects traffic or activity related to https://unit2proc.securityprotocol.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://unit2proc.securityprotocol.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://unit1meta.securityprotocol.in.net/verification.google id: auto-99aad5b7c97c565177cff056c1d0caf8133cc024816d002ed9e8d5df667a0cc3 status: experimental description: Detects traffic or activity related to https://unit1meta.securityprotocol.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://unit1meta.securityprotocol.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://node4static.networkobserver.in.net/verification.google id: auto-74448828eefb31ad15f4e9783da3ea74b0d419726a1fb3eecd953aaae82b3654 status: experimental description: Detects traffic or activity related to https://node4static.networkobserver.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://node4static.networkobserver.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://node3edge.networkobserver.in.net/verification.google id: auto-ea6f9d0b2f598a06a08c82e3b3ce84794e29cbb02d7a2b94ebeff3d3527f3fb5 status: experimental description: Detects traffic or activity related to https://node3edge.networkobserver.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://node3edge.networkobserver.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://node2data.networkobserver.in.net/verification.google id: auto-c2b376119933b935ed6b3a5c68f7690a1ec2fad25b87d1b02cd635ab62774ac8 status: experimental description: Detects traffic or activity related to https://node2data.networkobserver.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://node2data.networkobserver.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://node1sync.networkobserver.in.net/verification.google id: auto-60c5c70e88d69f1d23902cfbe0dfa44d77a63e0d995220f91ed62c4fd3719662 status: experimental description: Detects traffic or activity related to https://node1sync.networkobserver.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://node1sync.networkobserver.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://main4point.secureterminal.in.net/verification.google id: auto-a587218b79cb104f150308e13a55728a27cafb58b25ed18ac3a8668cdd28fba3 status: experimental description: Detects traffic or activity related to https://main4point.secureterminal.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://main4point.secureterminal.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://load3data.secureterminal.in.net/verification.google id: auto-3a3ff1925f481bcbdf595fde1af03c1154f3555a3ba189d1e8fa8fcd5f107178 status: experimental description: Detects traffic or activity related to https://load3data.secureterminal.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://load3data.secureterminal.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://entry2proxy.secureterminal.in.net/verification.google id: auto-8c9ca3c623d09f28502ba33f956ed8b85161bc992fe9cb13086727ae7be77911 status: experimental description: Detects traffic or activity related to https://entry2proxy.secureterminal.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://entry2proxy.secureterminal.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://proc1infra.secureterminal.in.net/verification.google id: auto-a68c44026110e6996032aa5c751fd59684a52f796db70a0e3550324f310ea1a2 status: experimental description: Detects traffic or activity related to https://proc1infra.secureterminal.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://proc1infra.secureterminal.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://sat4link.infravariable.in.net/verification.google id: auto-4b6d9918beaace9b52023e84c012dce230b74e1c26b4ade5055194d2b5d5ed4f status: experimental description: Detects traffic or activity related to https://sat4link.infravariable.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://sat4link.infravariable.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://load3core.infravariable.in.net/verification.google id: auto-c0c42ed3b41c509538948dd4ff7d0927022f7764eb65f75f52909ba8b427ca90 status: experimental description: Detects traffic or activity related to https://load3core.infravariable.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://load3core.infravariable.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://entry2steel.infravariable.in.net/verification.google id: auto-d2408ae6d7151511eeeab361f15bc5231de1d629fdaa2d2bcc5c0e31813af6ab status: experimental description: Detects traffic or activity related to https://entry2steel.infravariable.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://entry2steel.infravariable.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://proc1orbit.infravariable.in.net/verification.google id: auto-3a89a571bdd2dee28a92208fa652be6f2bf873c8d80a721852d7386784bda310 status: experimental description: Detects traffic or activity related to https://proc1orbit.infravariable.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://proc1orbit.infravariable.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://open4space.staticboundary.in.net/verification.google id: auto-c474738b59b8cb90ea58b2e3b2add32cda66e17e23469abc4bbac99128235c86 status: experimental description: Detects traffic or activity related to https://open4space.staticboundary.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://open4space.staticboundary.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://load3field.staticboundary.in.net/verification.google id: auto-9981c5c4711db90004cbbc86da3804a6e40358540159cd2b31695e2e0e2daa76 status: experimental description: Detects traffic or activity related to https://load3field.staticboundary.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://load3field.staticboundary.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://entry2area.staticboundary.in.net/verification.google id: auto-d77521d633e3282454b707e3c9c78dfb325cbd682731a77aff92353aacb7cc88 status: experimental description: Detects traffic or activity related to https://entry2area.staticboundary.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://entry2area.staticboundary.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://proc1outer.staticboundary.in.net/verification.google id: auto-6d5d21dafd9dbb14b02ba2456d2e58fae8caf34ef92bef9db950e2a9b0979c66 status: experimental description: Detects traffic or activity related to https://proc1outer.staticboundary.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://proc1outer.staticboundary.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://gate4path.remotenetwork.in.net/verification.google id: auto-b46914c7ef6e002f97c1f056512438f86a53ab7cc2f3b10475d66feeb93dd189 status: experimental description: Detects traffic or activity related to https://gate4path.remotenetwork.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://gate4path.remotenetwork.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://load3view.remotenetwork.in.net/verification.google id: auto-d4653ee75020629f1fb64a0f22d5ceccd5790cf6dba186fc6355eb6490ed293a status: experimental description: Detects traffic or activity related to https://load3view.remotenetwork.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://load3view.remotenetwork.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://entry2point.remotenetwork.in.net/verification.google id: auto-2257fa6de2d6a49038c67414a75530a588af2455978ed09c687403b2f3bb094b status: experimental description: Detects traffic or activity related to https://entry2point.remotenetwork.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://entry2point.remotenetwork.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://proc1dark.remotenetwork.in.net/verification.google id: auto-89b86cd637179576dc143cf5ec0d9a94e9b77be6cc0980c6e425ef36f33009cf status: experimental description: Detects traffic or activity related to https://proc1dark.remotenetwork.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://proc1dark.remotenetwork.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://view4sync.activegateway.in.net/verification.google id: auto-690192dc887616a628f15d42f43acbd6868b20a6d6477801e2c16a961cef3f6c status: experimental description: Detects traffic or activity related to https://view4sync.activegateway.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://view4sync.activegateway.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://load3ghost.activegateway.in.net/verification.google id: auto-bb1f2471cca36e5e78d96e3bbaf6e073379cb5621191301b968d695b8f5da6be status: experimental description: Detects traffic or activity related to https://load3ghost.activegateway.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://load3ghost.activegateway.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://entry2core.activegateway.in.net/verification.google id: auto-3baa690b6accee497a15cdd61b947e4b842ce64d447cafe4729e05803cbca5ac status: experimental description: Detects traffic or activity related to https://entry2core.activegateway.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://entry2core.activegateway.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://proc1alpha.activegateway.in.net/verification.google id: auto-e6ba52d6127fa8f1218e21a5c3aa2afb115276e38002f6b2fd5a213055d6fbaa status: experimental description: Detects traffic or activity related to https://proc1alpha.activegateway.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://proc1alpha.activegateway.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://access4link.digitalfoundry.in.net/verification.google id: auto-8b960f8123e2214e3389352a7d6bf8c2a647f0636983ef40524f0004295e51bf status: experimental description: Detects traffic or activity related to https://access4link.digitalfoundry.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://access4link.digitalfoundry.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://entry2base.digitalfoundry.in.net/verification.google id: auto-ccab72ead2359cbd744a6a26807e392184e59869dd089c4a359fc2127c988454 status: experimental description: Detects traffic or activity related to https://entry2base.digitalfoundry.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://entry2base.digitalfoundry.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://load3user.digitalfoundry.in.net/verification.google id: auto-36a8a5ef2d9c06f5c25eb74f4d9735bd02e26e414fed64850e780709940b3d43 status: experimental description: Detects traffic or activity related to https://load3user.digitalfoundry.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://load3user.digitalfoundry.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://work4flow.systemresource.in.net/verification.google id: auto-a200d4d45350722a31c99b287646f7a2981321933c0a3e1929b82985fe4a6ff9 status: experimental description: Detects traffic or activity related to https://work4flow.systemresource.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://work4flow.systemresource.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://proc1infra.digitalfoundry.in.net/verification.google id: auto-f15b12ab178b13b9fab60d9854f39bc2d130107be1a07db58994980cb3a35ed9 status: experimental description: Detects traffic or activity related to https://proc1infra.digitalfoundry.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://proc1infra.digitalfoundry.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://load3local.systemresource.in.net/verification.google id: auto-7d4a4e018f818d88ad3e9b44819e2da2f61da3665ebcfa858ac1c7bc5ada54c2 status: experimental description: Detects traffic or activity related to https://load3local.systemresource.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://load3local.systemresource.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://entry2power.systemresource.in.net/verification.google id: auto-58f4de750a5ab555c23a16aff400f84dab1189037e096b43b2d938058dc9f7e2 status: experimental description: Detects traffic or activity related to https://entry2power.systemresource.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://entry2power.systemresource.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://proc1point.systemresource.in.net/verification.google id: auto-4a04e47cf8e2d0cf39e950a06e43164bf6a5b25ec2f8b1c6aeb33378ae0ce784 status: experimental description: Detects traffic or activity related to https://proc1point.systemresource.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://proc1point.systemresource.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://load3host.vectorstorage.in.net/verification.google id: auto-42c251aa864617e6f6dd7250d4c838814c1b3f6e3edaaf0de86ce6fca752f819 status: experimental description: Detects traffic or activity related to https://load3host.vectorstorage.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://load3host.vectorstorage.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://link4entry.vectorstorage.in.net/verification.google id: auto-8344313a89b81a5dfeea555a170c556955559d58ee6fae70a7cc075bdd3482f2 status: experimental description: Detects traffic or activity related to https://link4entry.vectorstorage.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://link4entry.vectorstorage.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://entry2remote.vectorstorage.in.net/verification.google id: auto-3507198ddc3328f14b9a71052d544d6563c0c3ec369cde32abf544041d247062 status: experimental description: Detects traffic or activity related to https://entry2remote.vectorstorage.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://entry2remote.vectorstorage.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://proc1store.vectorstorage.in.net/verification.google id: auto-1227fb29063c19c543b7d8b1b205abef9d3e022238132c82cefb630f6050cb50 status: experimental description: Detects traffic or activity related to https://proc1store.vectorstorage.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://proc1store.vectorstorage.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://gate4sync.globalprotocol.in.net/verification.google id: auto-4edd53fc5ad691f588c4b569f1e9eba96c964e9afb816aded64c995d9ea9f342 status: experimental description: Detects traffic or activity related to https://gate4sync.globalprotocol.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://gate4sync.globalprotocol.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://load3proxy.globalprotocol.in.net/verification.google id: auto-ffad03bca0a1f62057ad8aebaef437bcf14b3000e3373842d5f58ca5b0b6c7ac status: experimental description: Detects traffic or activity related to https://load3proxy.globalprotocol.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://load3proxy.globalprotocol.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://entry2data.globalprotocol.in.net/verification.google id: auto-1aea84f5aaf51e96672d413d1e984d5539c3c4e8e19d6ca4c2bd1f03f616ff4e status: experimental description: Detects traffic or activity related to https://entry2data.globalprotocol.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://entry2data.globalprotocol.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://proc1meta.globalprotocol.in.net/verification.google id: auto-fc1e64962b8ab8ec4a14ea0416bbd861f23453499655b48f532a4ed96b6b1c37 status: experimental description: Detects traffic or activity related to https://proc1meta.globalprotocol.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://proc1meta.globalprotocol.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://data4static.centralmetric.in.net/verification.google id: auto-7de9ba2efea00119e7e9595f9e2a801a6f259ce646c6cb3fba3527960bcda60d status: experimental description: Detects traffic or activity related to https://data4static.centralmetric.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://data4static.centralmetric.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://load3edge.centralmetric.in.net/verification.google id: auto-e654336e79bf1108d658d8c6b11c0d315709a039f7ba12d250cb1d087828d98f status: experimental description: Detects traffic or activity related to https://load3edge.centralmetric.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://load3edge.centralmetric.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://entry2sync.centralmetric.in.net/verification.google id: auto-23e3872f2dde61929ce59725eb3ccd3a32938915c348a2601efde6eeb6fab2f5 status: experimental description: Detects traffic or activity related to https://entry2sync.centralmetric.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://entry2sync.centralmetric.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://proc1node.centralmetric.in.net/verification.google id: auto-b3b7249ac21b9ac3b2e128cfdaef8f7f1f93c1ef32ffb0d5d8bf8484d0b773ac status: experimental description: Detects traffic or activity related to https://proc1node.centralmetric.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://proc1node.centralmetric.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://main4point.boreasync.in.net/verification.google id: auto-7446be33ec9184375e59336857cdf7970961cc00fa2c9d918f64647667de5879 status: experimental description: Detects traffic or activity related to https://main4point.boreasync.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://main4point.boreasync.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://data3sync.boreasync.in.net/verification.google id: auto-1edb41aaee25b017ba193cfe2ad23a4e272a9682760801b908f70c002a891aa3 status: experimental description: Detects traffic or activity related to https://data3sync.boreasync.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://data3sync.boreasync.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://lb2proxy.boreasync.in.net/verification.google id: auto-24e53e60406ee778903971cbf795175e137d183f2453c6dc2a4c592a6df0d9c0 status: experimental description: Detects traffic or activity related to https://lb2proxy.boreasync.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://lb2proxy.boreasync.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://rack1infra.boreasync.in.net/verification.google id: auto-44d7f834788931e113286b4fe36cbc4fa34228c33a1d1a04bc3dc62e689607b0 status: experimental description: Detects traffic or activity related to https://rack1infra.boreasync.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://rack1infra.boreasync.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://core3rock.muralink.in.net/verification.google id: auto-0f7d12e8dda4dd89df9728541b56377579d5185ec28d53be192a99ab1899b5af status: experimental description: Detects traffic or activity related to https://core3rock.muralink.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://core3rock.muralink.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://lb2steel.muralink.in.net/verification.google id: auto-ab398167b65862a27f16e00a0a2c7e1d8025ffead5fd38e5b6bbd5f29802b3b8 status: experimental description: Detects traffic or activity related to https://lb2steel.muralink.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://lb2steel.muralink.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://rack1orbit.muralink.in.net/verification.google id: auto-cbd0b9a8b2d6830499e038826bd53b4f00b250a86a307ab1dd94f865db3d8d06 status: experimental description: Detects traffic or activity related to https://rack1orbit.muralink.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://rack1orbit.muralink.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://open4space.silicanet.in.net/verification.google id: auto-26255f8c50caf8a9f54a375457383dc43dc8b7b754ba85992988894143500fc3 status: experimental description: Detects traffic or activity related to https://open4space.silicanet.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://open4space.silicanet.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://vast3field.silicanet.in.net/verification.google id: auto-dc442f4f77f24974e4bbf6d8376d65c5288dc73eca0cb441f5cf5b1ed08b1090 status: experimental description: Detects traffic or activity related to https://vast3field.silicanet.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://vast3field.silicanet.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://lb2area.silicanet.in.net/verification.google id: auto-5cc2538d209d79784cc1a0677fce4d7880e8b6afe7b747532309189973e0e82d status: experimental description: Detects traffic or activity related to https://lb2area.silicanet.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://lb2area.silicanet.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://rack1outer.silicanet.in.net/verification.google id: auto-4856228dd115d3a6a3c158404420b704491552cd4605e7d516bd11b58b19079a status: experimental description: Detects traffic or activity related to https://rack1outer.silicanet.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://rack1outer.silicanet.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://gate4path.cryptasol.in.net/verification.google id: auto-58c567843f76be3978f8ddf42e942fbad2fbe6da848e6f22928c3454e8ecffcd status: experimental description: Detects traffic or activity related to https://gate4path.cryptasol.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://gate4path.cryptasol.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://sync3view.cryptasol.in.net/verification.google id: auto-86e3ab4b415fde0bcb2763ed6d877488cf9669163d6b76fad8ea28b39ffd64ef status: experimental description: Detects traffic or activity related to https://sync3view.cryptasol.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://sync3view.cryptasol.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://lb2point.cryptasol.in.net/verification.google id: auto-dc96c5a69f194540a3587872ded0f9ad4abdcaf23914a0058944e2a8810e7bd9 status: experimental description: Detects traffic or activity related to https://lb2point.cryptasol.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://lb2point.cryptasol.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://rack1dark.cryptasol.in.net/verification.google id: auto-a8622290b2bf637730f3f83f5b9828e1ae7684afdf8cc123bc18db11038ed385 status: experimental description: Detects traffic or activity related to https://rack1dark.cryptasol.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://rack1dark.cryptasol.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://vis4sync.ventaserv.in.net/verification.google id: auto-94b32e9b13d0002130f7e8cd64732145e2ef434021bd8aab9e57547a9a3ab78e status: experimental description: Detects traffic or activity related to https://vis4sync.ventaserv.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://vis4sync.ventaserv.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://node3ghost.ventaserv.in.net/verification.google id: auto-cfce7971a119f6be3fd5b3b2c10a5c72fbf61b7520793479631cd2635a0d0ac8 status: experimental description: Detects traffic or activity related to https://node3ghost.ventaserv.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://node3ghost.ventaserv.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://lb2core.ventaserv.in.net/verification.google id: auto-0e50521a6248354125d81faf31bae4948c8ce3deecfd3a335298f4f6f9090227 status: experimental description: Detects traffic or activity related to https://lb2core.ventaserv.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://lb2core.ventaserv.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://rack1alpha.ventaserv.in.net/verification.google id: auto-cc5cd6060258feb0d1ea3f1f0c6de296afa281372ed3cbc991e304ac09031ca3 status: experimental description: Detects traffic or activity related to https://rack1alpha.ventaserv.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://rack1alpha.ventaserv.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://acc4link.fondoviva.in.net/verification.google id: auto-0d8621b6aa9fe353daed1f35d4eaa8ad5b461886f138294e25b3c7cd8f15428c status: experimental description: Detects traffic or activity related to https://acc4link.fondoviva.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://acc4link.fondoviva.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://auth3user.fondoviva.in.net/verification.google id: auto-9e3309f9d4e8f5f9f676c3be379e61a1814fed1e5e9abbad5edadcf479a1e73c status: experimental description: Detects traffic or activity related to https://auth3user.fondoviva.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://auth3user.fondoviva.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://lb2base.fondoviva.in.net/verification.google id: auto-34f08a4093a757e65de2e053e9cddb3087e65cc2d1a46185f975b1e9d99fb0b3 status: experimental description: Detects traffic or activity related to https://lb2base.fondoviva.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://lb2base.fondoviva.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://rack1infra.fondoviva.in.net/verification.google id: auto-1b5ef127b29089ce8a1ed4cb980152cdf2cb6565ec5ca7d3f295794904493150 status: experimental description: Detects traffic or activity related to https://rack1infra.fondoviva.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://rack1infra.fondoviva.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://work4flow.orbitunit.in.net/verification.google id: auto-fef64c02b2690d6a3a49f103b8e6ea82179d55e8224f9b1dadc6d4bf1cb8680d status: experimental description: Detects traffic or activity related to https://work4flow.orbitunit.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://work4flow.orbitunit.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://loc3net.orbitunit.in.net/verification.google id: auto-187ef5327389c84df189f7dab8d35b342179f0a77a67fead4410a53c94a6f746 status: experimental description: Detects traffic or activity related to https://loc3net.orbitunit.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://loc3net.orbitunit.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://lb2power.orbitunit.in.net/verification.google id: auto-739d821c902151a3cc4ca208e9b068e984bc37c55145fd424edf954932806b78 status: experimental description: Detects traffic or activity related to https://lb2power.orbitunit.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://lb2power.orbitunit.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://rack1point.orbitunit.in.net/verification.google id: auto-63c6e7a6922c63f5b6b2ce589880b110895d6e19a05ed93f892b82cb7254da16 status: experimental description: Detects traffic or activity related to https://rack1point.orbitunit.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://rack1point.orbitunit.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://link4entry.quarzbase.in.net/verification.google id: auto-44a4121d2c650ce235c2aa4112665350b4cd66e6c48627096fc85288e3b7479a status: experimental description: Detects traffic or activity related to https://link4entry.quarzbase.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://link4entry.quarzbase.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://lb2remote.quarzbase.in.net/verification.google id: auto-ab1f48d229114e11abf3d27d33093031685960dbdc148bf8870520ad2a39fdcc status: experimental description: Detects traffic or activity related to https://lb2remote.quarzbase.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://lb2remote.quarzbase.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://rack1store.quarzbase.in.net/verification.google id: auto-d5ff74b354aa2d44f601948bb39398a6ee80e99da467bba0949ea44dd6747a62 status: experimental description: Detects traffic or activity related to https://rack1store.quarzbase.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://rack1store.quarzbase.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://hub4sync.marisnode.in.net/verification.google id: auto-b9b7305d9c7539a8f4f163feec8915f6ad7fb9edebe89f4327117b5f2b082920 status: experimental description: Detects traffic or activity related to https://hub4sync.marisnode.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://hub4sync.marisnode.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://prox3gate.marisnode.in.net/verification.google id: auto-85321067e4b82fd15736fec0953cf5a7294f22cb1eebf8227b8a17bed22a2eb5 status: experimental description: Detects traffic or activity related to https://prox3gate.marisnode.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://prox3gate.marisnode.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://lb2data.marisnode.in.net/verification.google id: auto-be4cbf634ded04cac65b05435c8dd982811fbe5d5d66ad5834eeb14318f55b4e status: experimental description: Detects traffic or activity related to https://lb2data.marisnode.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://lb2data.marisnode.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://rack1meta.marisnode.in.net/verification.google id: auto-e0e5eac5e06f2c49fb0ebc627104e71dca5e56271da1b937dad4c42040b7c2e0 status: experimental description: Detects traffic or activity related to https://rack1meta.marisnode.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://rack1meta.marisnode.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://stor4static.astropoint.in.net/verification.google id: auto-d18e122b90dfab6d1e17ed6a232caeb3291246ab50e7de28138e4840075622f7 status: experimental description: Detects traffic or activity related to https://stor4static.astropoint.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://stor4static.astropoint.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://lb2sync.astropoint.in.net/verification.google id: auto-f7b4d5ae0029c6cca5d0a2a9199700aeb78f1db5c4d2b3db33eea0cc41188e8f status: experimental description: Detects traffic or activity related to https://lb2sync.astropoint.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://lb2sync.astropoint.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://rack1node.astropoint.in.net/verification.google id: auto-bcfe4d02d5bb954af566faec6e682595199599fe917378f6c09a6903c865b1da status: experimental description: Detects traffic or activity related to https://rack1node.astropoint.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://rack1node.astropoint.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://data3sync.lumenlabs.in.net/verification.google id: auto-8ff52b61a143a76982a0d8eb28c10468b2d3cea133c1b03ae125f3141a53f471 status: experimental description: Detects traffic or activity related to https://data3sync.lumenlabs.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://data3sync.lumenlabs.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://main4point.lumenlabs.in.net/verification.google id: auto-e377cee32809f1ca180f5aeb709189443b7798e542dbeb0b025518ae1b667a7a status: experimental description: Detects traffic or activity related to https://main4point.lumenlabs.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://main4point.lumenlabs.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://gate2proxy.lumenlabs.in.net/verification.google id: auto-2fe65a5b9c0713853bd7d061695096b78fa43d14c4fb26c5f3e3651d648284cb status: experimental description: Detects traffic or activity related to https://gate2proxy.lumenlabs.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://gate2proxy.lumenlabs.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://web1infra.lumenlabs.in.net/verification.google id: auto-6234bc9d076483b009a47926ada43c85ca327689acf935fa8e7ab8de82af5cf7 status: experimental description: Detects traffic or activity related to https://web1infra.lumenlabs.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://web1infra.lumenlabs.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://sat4link.terracore.in.net/verification.google id: auto-676cca34cbb003bbbdb138fd0b1c65d01137221781e69d9d685cf233a200154b status: experimental description: Detects traffic or activity related to https://sat4link.terracore.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://sat4link.terracore.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://rock3core.terracore.in.net/verification.google id: auto-1737c29d599ecd99f5fad831a48fb41e823a21ee79ed2f53786c2b646250e6d4 status: experimental description: Detects traffic or activity related to https://rock3core.terracore.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://rock3core.terracore.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://moon1orbit.terracore.in.net/verification.google id: auto-4c1982f752900176c411daed6945348ca41468b328ac7d49e45fac5e70a86e3a status: experimental description: Detects traffic or activity related to https://moon1orbit.terracore.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://moon1orbit.terracore.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://open4space.nuxflow.in.net/verification.google id: auto-49df14d61593f630ee0457a53d93a08f7dc1dcba902541959768f30e0207e563 status: experimental description: Detects traffic or activity related to https://open4space.nuxflow.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://open4space.nuxflow.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://vast3field.nuxflow.in.net/verification.google id: auto-a2c377a160534312a3f4e3813adbee96719b0c8d3dbd8ccadd7f8cbbf34f0824 status: experimental description: Detects traffic or activity related to https://vast3field.nuxflow.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://vast3field.nuxflow.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://zone2area.nuxflow.in.net/verification.google id: auto-fd9b7a491013cd55114e14209b90b30d8ebcc7249b883444f95d39ade811202d status: experimental description: Detects traffic or activity related to https://zone2area.nuxflow.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://zone2area.nuxflow.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://rim1outer.nuxflow.in.net/verification.google id: auto-21590a7b3b6a06f3bf3ec64cd76bcbc4b4e7e269b86c222a9ba37000e828349c status: experimental description: Detects traffic or activity related to https://rim1outer.nuxflow.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://rim1outer.nuxflow.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://path4gate.altopoint.in.net/verification.google id: auto-64886e2db30fd30d8040dedfd1173a8bc9af6a4936a51ff9ade148a38eb98316 status: experimental description: Detects traffic or activity related to https://path4gate.altopoint.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://path4gate.altopoint.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://view3sync.altopoint.in.net/verification.google id: auto-43bd4aae1222124b1df015cb410eb75a690f7a86a8a6959b8dadef7b3cf99734 status: experimental description: Detects traffic or activity related to https://view3sync.altopoint.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://view3sync.altopoint.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://room1dark.altopoint.in.net/verification.google id: auto-f70b307d0dd23862e21966455abbfa6c8eb00606ed240a9cef2c58e015670d1c status: experimental description: Detects traffic or activity related to https://room1dark.altopoint.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://room1dark.altopoint.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://scan2point.altopoint.in.net/verification.google id: auto-39f1ee5a21bfba551f5e9b6d2525f17a8a8a71c8faefc6bc51c3b07bcabea6c6 status: experimental description: Detects traffic or activity related to https://scan2point.altopoint.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://scan2point.altopoint.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://sync4vision.veloxsite.in.net/verification.google id: auto-e7999ebbd597036073aa82cee723b55b0d819af9d7078265ec82f9e57d5ae053 status: experimental description: Detects traffic or activity related to https://sync4vision.veloxsite.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://sync4vision.veloxsite.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ghost3node.veloxsite.in.net/verification.google id: auto-5ff498d96e929670a27d2d39d713b118a33ccfe516650169302aeb85a42afa59 status: experimental description: Detects traffic or activity related to https://ghost3node.veloxsite.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ghost3node.veloxsite.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://shell2core.veloxsite.in.net/verification.google id: auto-43db9f0f0245e2a0c5fd0aaf23b2ac87ad729505ede799b2e3c3dded2266b758 status: experimental description: Detects traffic or activity related to https://shell2core.veloxsite.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://shell2core.veloxsite.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://trace1alpha.veloxsite.in.net/verification.google id: auto-fbe69f011201f9336f13e4891cc9fc07ea97b308e8307f562cc764534a5930aa status: experimental description: Detects traffic or activity related to https://trace1alpha.veloxsite.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://trace1alpha.veloxsite.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://link4access.durogrid.in.net/verification.google id: auto-3987abd7e71fbfde9fb0ced67ef5d31ef44f6030a606483fe54190ffc82c561f status: experimental description: Detects traffic or activity related to https://link4access.durogrid.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://link4access.durogrid.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://auth3user.durogrid.in.net/verification.google id: auto-42cba433f4ff3979ed391c315cd7544c4fa2e51efdc59c74b5fb938fd31cb3c0 status: experimental description: Detects traffic or activity related to https://auth3user.durogrid.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://auth3user.durogrid.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://base2point.durogrid.in.net/verification.google id: auto-3f2202cb2a52da442cde783b5fa218025a2df25b15304a9647445adf883d0240 status: experimental description: Detects traffic or activity related to https://base2point.durogrid.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://base2point.durogrid.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://glob1infra.durogrid.in.net/verification.google id: auto-4bbf22c696e790cc95aae100f48a9442e03022d0e1b4c89029bf06d565c78674 status: experimental description: Detects traffic or activity related to https://glob1infra.durogrid.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://glob1infra.durogrid.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://flow4work.sinapsov.in.net/verification.google id: auto-91e592528bc1433c1c0411668a59fd5a587ff3dd988ac78594af7d915040f442 status: experimental description: Detects traffic or activity related to https://flow4work.sinapsov.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://flow4work.sinapsov.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://net3local.sinapsov.in.net/verification.google id: auto-d65bd5e99c63f3704cbe9f98321128d9b41a05dd39017407471a15380aa0ba80 status: experimental description: Detects traffic or activity related to https://net3local.sinapsov.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://net3local.sinapsov.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://sys2power.sinapsov.in.net/verification.google id: auto-dca2f806eb0feb42d4bc8c81f0e3e80497eda634ca17bc8e45da78132080f3db status: experimental description: Detects traffic or activity related to https://sys2power.sinapsov.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://sys2power.sinapsov.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://mon1point.sinapsov.in.net/verification.google id: auto-45b4b8f58d6c1a4835bb951a2245d10545e89b94018018a90339f3f577ef9384 status: experimental description: Detects traffic or activity related to https://mon1point.sinapsov.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://mon1point.sinapsov.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://entry4link.metravolta.in.net/verification.google id: auto-80304b4bd6e32c6a6c23a996d57ef7f77252301cb1347f80e77e17bb623c9a02 status: experimental description: Detects traffic or activity related to https://entry4link.metravolta.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://entry4link.metravolta.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dev3host.metravolta.in.net/verification.google id: auto-f680f4bc15f78520e8c6367b43e450c89ebccbb28d71f6c3fe4a3389abf26446 status: experimental description: Detects traffic or activity related to https://dev3host.metravolta.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dev3host.metravolta.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://rpc2remote.metravolta.in.net/verification.google id: auto-eb4c283b6e2b5a4c6176ec6ed477d87f967d9aee19a89f07434a7b75e579f9cf status: experimental description: Detects traffic or activity related to https://rpc2remote.metravolta.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://rpc2remote.metravolta.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cloud1store.metravolta.in.net/verification.google id: auto-588fddd81905e5ae6741092ea76b38714bdf6646c1f4945dc96f536ff7c11f8c status: experimental description: Detects traffic or activity related to https://cloud1store.metravolta.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cloud1store.metravolta.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://hub4sync.fluxobase.in.net/verification.google id: auto-c479a241e80ed311418eb7f3b99b46f82efe56f3acf2a441f0de38e86121a6d0 status: experimental description: Detects traffic or activity related to https://hub4sync.fluxobase.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://hub4sync.fluxobase.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://gate3proxy.fluxobase.in.net/verification.google id: auto-a5faf55d3834db752d54cdc6a39c391ac107bf8f6cf82ad012d941ca53211abc status: experimental description: Detects traffic or activity related to https://gate3proxy.fluxobase.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://gate3proxy.fluxobase.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://app2data.fluxobase.in.net/verification.google id: auto-6d511bbee1329e89c3983ab9fbc506921510fbf09436aa33c33096dea628e141 status: experimental description: Detects traffic or activity related to https://app2data.fluxobase.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://app2data.fluxobase.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://web1meta.fluxobase.in.net/verification.google id: auto-c136fb3ec709ebacd136cd61b568cde9a373f5d151b8110d11de2b072d40d05b status: experimental description: Detects traffic or activity related to https://web1meta.fluxobase.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://web1meta.fluxobase.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://db4static.primanode.in.net/verification.google id: auto-72ee382a073cc45221d5a8f5957dad39a1e957ba8ec82a178d8334e86cb51222 status: experimental description: Detects traffic or activity related to https://db4static.primanode.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://db4static.primanode.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cdn3dist.primanode.in.net/verification.google id: auto-75347707f15fdbcf9b2715ecb39cfbb444bb2288f14dff5e4cff9a8f32b228a5 status: experimental description: Detects traffic or activity related to https://cdn3dist.primanode.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cdn3dist.primanode.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://api2edge.primanode.in.net/verification.google id: auto-406cb150e570ab4dfdc435053347eefe2afb62c5ae80a26446d200e1f80fafb4 status: experimental description: Detects traffic or activity related to https://api2edge.primanode.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://api2edge.primanode.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ryv5wl.dashcloud.in.net/verification.google id: auto-1c04bbada685e7555a78dce7673ab19a759c55e3af4ee14c555379070a30f834 status: experimental description: Detects traffic or activity related to https://ryv5wl.dashcloud.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ryv5wl.dashcloud.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://m0pfvcb.dashcloud.in.net/verification.google id: auto-7440106853885b60cb19641e165a98dd73d61c8d280c0fb28bcdfbb46ea79574 status: experimental description: Detects traffic or activity related to https://m0pfvcb.dashcloud.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://m0pfvcb.dashcloud.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://azurpri.dashcloud.in.net/verification.google id: auto-e67b35410298d13b5d8cae6cad8dd8685c46ac76cf0fb4e646a7b402ec4b2fc6 status: experimental description: Detects traffic or activity related to https://azurpri.dashcloud.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://azurpri.dashcloud.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://talxpn.closell.in.net/verification.google id: auto-3df2a92f20bb2c03e716e17005640594283e3540872ad84ed93678ee826e64f2 status: experimental description: Detects traffic or activity related to https://talxpn.closell.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://talxpn.closell.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://trust-deep.closell.in.net/verification.google id: auto-4f7c7c73aa1ef8f3babac9099e8368c9a42ed596c5048c8797b872625614e06f status: experimental description: Detects traffic or activity related to https://trust-deep.closell.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://trust-deep.closell.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://r4v3-beam.closell.in.net/verification.google id: auto-2e200c11f14e1f6c7ee7539642000861a5335c2c44fc22e1e19b7b3d59b9639b status: experimental description: Detects traffic or activity related to https://r4v3-beam.closell.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://r4v3-beam.closell.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://alt-dyn4m.closell.in.net/verification.google id: auto-1e12a170bf41bf363a48654c30e355e16b6ed4e82bf53344ee96865f8355f5d0 status: experimental description: Detects traffic or activity related to https://alt-dyn4m.closell.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://alt-dyn4m.closell.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://extendbuild.gatedale.in.net/verification.google id: auto-d4bb0ccb6fff3c703865d364b1496d7e023dd9e51b25472d48d8d037124686b5 status: experimental description: Detects traffic or activity related to https://extendbuild.gatedale.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://extendbuild.gatedale.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://lsjnhprm.gatedale.in.net/verification.google id: auto-40b7bb07afe960ece4ae73f75a11ee4b9df1a518c7c3bfb522ce3881a4b74506 status: experimental description: Detects traffic or activity related to https://lsjnhprm.gatedale.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://lsjnhprm.gatedale.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://twlbqqt.gatedale.in.net/verification.google id: auto-2638bf7c36147562cf5d3b8d53f9a90165378a0ffc6c18e9e1e63975bd1676a0 status: experimental description: Detects traffic or activity related to https://twlbqqt.gatedale.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://twlbqqt.gatedale.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://jyllmoqw.worldwde.in.net/verification.google id: auto-a8799348747841b7c8a878db112e466d8939e842422adf51f3bf5e583d0c3ae4 status: experimental description: Detects traffic or activity related to https://jyllmoqw.worldwde.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://jyllmoqw.worldwde.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://nort-leaf.worldwde.in.net/verification.google id: auto-9f2662bf0ca4d0cb886502bc844b885ed8d60cef17bd2310c622b114e05df123 status: experimental description: Detects traffic or activity related to https://nort-leaf.worldwde.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://nort-leaf.worldwde.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://kellineal.worldwde.in.net/verification.google id: auto-70b034fd33f48e2d9b42202a65d12227e3123cbf306892ea1d388e1535ec575c status: experimental description: Detects traffic or activity related to https://kellineal.worldwde.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://kellineal.worldwde.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://runwayanc.worldwde.in.net/verification.google id: auto-8eb6d96d39155338bdb09ad226df0aa95cd76ec1ce4fb76e9d5e5375e81288e1 status: experimental description: Detects traffic or activity related to https://runwayanc.worldwde.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://runwayanc.worldwde.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ncjajduq.registar.in.net/verification.google id: auto-b668ad7c560288b28eba02b8398c6a58f0bb93998244f545b8ea674f4b54b802 status: experimental description: Detects traffic or activity related to https://ncjajduq.registar.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ncjajduq.registar.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://gr1d-dock.registar.in.net/verification.google id: auto-04613d2d5f279dfa8a49b492d401ac926f402830a4a637f2f53c1cb036d035da status: experimental description: Detects traffic or activity related to https://gr1d-dock.registar.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://gr1d-dock.registar.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://shad6-scope.registar.in.net/verification.google id: auto-39ce2c6eed560154528d129f7441446de65952681a54fa3cb4a4805b3ad01dea status: experimental description: Detects traffic or activity related to https://shad6-scope.registar.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://shad6-scope.registar.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://bc39pv.registar.in.net/verification.google id: auto-b7f266573c15cc1fb1c9c0ccbe33d4854f0d381ecdeddd138ae1c40e3797f419 status: experimental description: Detects traffic or activity related to https://bc39pv.registar.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://bc39pv.registar.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://trail5-trace.domprot.in.net/verification.google id: auto-739d979a4cfe489b74ee055aae731eb96f98b7e2280b8528417dcb1986d10a96 status: experimental description: Detects traffic or activity related to https://trail5-trace.domprot.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://trail5-trace.domprot.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://vellithos5.domprot.in.net/verification.google id: auto-c8a0ebb70b91eed4621f73e002f320b75c3119f2ad61953a2c30d680c054cd7e status: experimental description: Detects traffic or activity related to https://vellithos5.domprot.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://vellithos5.domprot.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://chec-deliv.domprot.in.net/verification.google id: auto-1cf98372a01683dcef1a03d9d420907e9502c1e99e82186dae2797b0a96e8e16 status: experimental description: Detects traffic or activity related to https://chec-deliv.domprot.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://chec-deliv.domprot.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://sercore9et.domprot.in.net/verification.google id: auto-a796e0ecb93da7305e4e7550cd555fe126bdf1298c3fa0899a739116b2d456ab status: experimental description: Detects traffic or activity related to https://sercore9et.domprot.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://sercore9et.domprot.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://rend-velve.commonit.in.net/verification.google id: auto-96303112f2644fe7e4d0666cde335e347f0c054c8fc89101a13c65dc307466bd status: experimental description: Detects traffic or activity related to https://rend-velve.commonit.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://rend-velve.commonit.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://5ibfhk.commonit.in.net/verification.google id: auto-c9879bbb7a3a36f4c8347c31bc8c1c54bf513afb3d3dae9884fd10451ae4f3cf status: experimental description: Detects traffic or activity related to https://5ibfhk.commonit.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://5ibfhk.commonit.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://zenvale1ex.commonit.in.net/verification.google id: auto-2eda557237369793286c2ce7ddddf790dfce12a1c2df24e343d8797b87fc14bc status: experimental description: Detects traffic or activity related to https://zenvale1ex.commonit.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://zenvale1ex.commonit.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - http://43.228.157.123/oqqqqoa.mp3 id: auto-8effd8449257118d48caa3171ff715d44904e10ed6e3a9e77401985ff5f2c48f status: experimental description: Detects traffic or activity related to http://43.228.157.123/oqqqqoa.mp3 which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*http://43.228.157.123/oqqqqoa.mp3*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://meta-co1u.commonit.in.net/verification.google id: auto-c427c1099b00eafa389c2565b8946e8309ca8ca55c947cc7dde0937fdddef81e status: experimental description: Detects traffic or activity related to https://meta-co1u.commonit.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://meta-co1u.commonit.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dark-stre.dartvar.in.net/verification.google id: auto-9cf623bf4c182ecc766ed2a7b2d2ab7d5588d818ab9fe2909cbc82cd59a6e9fa status: experimental description: Detects traffic or activity related to https://dark-stre.dartvar.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dark-stre.dartvar.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://tinfre.dartvar.in.net/verification.google id: auto-9394138217c1cf2daf2819d9f179093ff0a995b94193cebfb7f132f60c1022dc status: experimental description: Detects traffic or activity related to https://tinfre.dartvar.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://tinfre.dartvar.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://mernex0or.dartvar.in.net/verification.google id: auto-d47d4b7e517991320b3d832cacf8aa6542c6bde338552a666b723585b5a0c42a status: experimental description: Detects traffic or activity related to https://mernex0or.dartvar.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://mernex0or.dartvar.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://proto-4dapter.dartvar.in.net/verification.google id: auto-f515a8457d0b8075a266e3b8f6a7890ccd39f46efb5d4f01a9142e3d3d8a5d87 status: experimental description: Detects traffic or activity related to https://proto-4dapter.dartvar.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://proto-4dapter.dartvar.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://adaptver.sanfloor.in.net/verification.google id: auto-ed9c8eca9d6cc988a067204db866e6ab944f710ddf7c6c8ebf53cdb9df40f164 status: experimental description: Detects traffic or activity related to https://adaptver.sanfloor.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://adaptver.sanfloor.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://quot-neu.sanfloor.in.net/verification.google id: auto-6c43175b11bc5b155f395b6f9b96a98a9d5226dd04905ae1f2b92323268eca4d status: experimental description: Detects traffic or activity related to https://quot-neu.sanfloor.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://quot-neu.sanfloor.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ahrgh87.sanfloor.in.net/verification.google id: auto-0284b05ff87076ede367754b6f2952a14d4a3d7d7bc7203afc13d27238e024c4 status: experimental description: Detects traffic or activity related to https://ahrgh87.sanfloor.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ahrgh87.sanfloor.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://4kz9lzv.sanfloor.in.net/verification.google id: auto-f7e1b5dc07ef3648457cbe5195f144f42ac5a4ec791451bfd19b1446ccae5b4c status: experimental description: Detects traffic or activity related to https://4kz9lzv.sanfloor.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://4kz9lzv.sanfloor.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://deepasset.stabletu.in.net/verification.google id: auto-9137665ef83c6343650ca5b5aa73e8e03f9a9174a2912635bd6975047cd2bb38 status: experimental description: Detects traffic or activity related to https://deepasset.stabletu.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://deepasset.stabletu.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://arraynimb.stabletu.in.net/verification.google id: auto-c1e183d17b935cad53e1513ba8c89510ea0024fedde66b6ed750af4872f2080d status: experimental description: Detects traffic or activity related to https://arraynimb.stabletu.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://arraynimb.stabletu.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://breezeraven.stabletu.in.net/verification.google id: auto-d9624fb280ce1fabb051a8f74680c7c5a4b0d7c2ad5b5a738fe9433eb51e68e6 status: experimental description: Detects traffic or activity related to https://breezeraven.stabletu.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://breezeraven.stabletu.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://s71frp.stabletu.in.net/verification.google id: auto-c8b2d0d59879add4d9aaaad4fccbb44d5e5b37c3aaff3dfb634801d8df7188b4 status: experimental description: Detects traffic or activity related to https://s71frp.stabletu.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://s71frp.stabletu.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://planstoc.cloudhost.in.net/verification.google id: auto-c916a34630e281d9af980a41385fe66b0a11712dffd7d9ed6e0408b04a016c80 status: experimental description: Detects traffic or activity related to https://planstoc.cloudhost.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://planstoc.cloudhost.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://pasdusk.cloudhost.in.net/verification.google id: auto-085f600a75de4e4819e7a9973610497778d09ae7098ee58203289e28bbdf6984 status: experimental description: Detects traffic or activity related to https://pasdusk.cloudhost.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://pasdusk.cloudhost.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://5zfna.cloudhost.in.net/verification.google id: auto-8dc7376ad997fd9ba1d1e786782ae8e35d1fe3cc160356546aba4a7d9b127cb3 status: experimental description: Detects traffic or activity related to https://5zfna.cloudhost.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://5zfna.cloudhost.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://testrapid.cloudhost.in.net/verification.google id: auto-e9e8a2e9772ca09c4bae03bedbba93424769cdb7ba8ed607a480a0be834f3230 status: experimental description: Detects traffic or activity related to https://testrapid.cloudhost.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://testrapid.cloudhost.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://3pqw.farjoran.in.net/verification.google id: auto-2de7e213a999411754bc5bb4db08789d60031977f8c3cc23efa9b4f1e33510d5 status: experimental description: Detects traffic or activity related to https://3pqw.farjoran.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://3pqw.farjoran.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dr4vv-forge.farjoran.in.net/verification.google id: auto-51d3307ba058b077950d0aa8ff773f6751d32255188d3b6ed6bf2ce39729276d status: experimental description: Detects traffic or activity related to https://dr4vv-forge.farjoran.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dr4vv-forge.farjoran.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://valebyte.farjoran.in.net/verification.google id: auto-bc204fd9b62d62deea4eba3b9b7e609bbc26c1176546184073b8e03916716763 status: experimental description: Detects traffic or activity related to https://valebyte.farjoran.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://valebyte.farjoran.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://rich-vector.farjoran.in.net/verification.google id: auto-2e81f9564f3f08d07d50a43964208a34625f5a8b2ab24a21bedadb9e52c7028e status: experimental description: Detects traffic or activity related to https://rich-vector.farjoran.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://rich-vector.farjoran.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://yk97w.bejont.in.net/verification.google id: auto-38fd7da25ec51edbf7186c9471b218fce9e39ada684df6ed463bbe01fbe1dc56 status: experimental description: Detects traffic or activity related to https://yk97w.bejont.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://yk97w.bejont.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://p4rcel-grid.bejont.in.net/verification.google id: auto-a2889717e17031df0e66f1a1640e37dd58d66ddd477a10603a6593263e374ad4 status: experimental description: Detects traffic or activity related to https://p4rcel-grid.bejont.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://p4rcel-grid.bejont.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://xedbu.bejont.in.net/verification.google id: auto-88c8b31c08bca6a1376c593550e0468f752cb992824e8985f2266762821c35b2 status: experimental description: Detects traffic or activity related to https://xedbu.bejont.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://xedbu.bejont.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://qzrxbp.bejont.in.net/verification.google id: auto-5c2142c2faccd77f8f2eceb639e2652a837197e24db31ffa3b0cec065ad237e9 status: experimental description: Detects traffic or activity related to https://qzrxbp.bejont.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://qzrxbp.bejont.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://lettercompi.aspdos.in.net/verification.google id: auto-100baccbcd14d96a0027de821f676ce30a81a4c0ed186fe16011631a44a069e6 status: experimental description: Detects traffic or activity related to https://lettercompi.aspdos.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://lettercompi.aspdos.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://4lign-mount.aspdos.in.net/verification.google id: auto-efff555425aefa1a97825f743d1bcd2077b3dbb630bae8542131d3aa224f0845 status: experimental description: Detects traffic or activity related to https://4lign-mount.aspdos.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://4lign-mount.aspdos.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://hidden-panel.aspdos.in.net/verification.google id: auto-e469c1dbe4f8591f296445c3ade567c10b8a8aaf16c4dabf7fd03275a0bf99a9 status: experimental description: Detects traffic or activity related to https://hidden-panel.aspdos.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://hidden-panel.aspdos.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://memorybay.aspdos.in.net/verification.google id: auto-80e14b18f005d6b3d8daa7656245d2848291bc2801fa708e3a5d92b434590dd1 status: experimental description: Detects traffic or activity related to https://memorybay.aspdos.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://memorybay.aspdos.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://124vm6or.scrollnft.in.net/verification.google id: auto-e198c218728d13aa08bf80f6e276f5b60dfc5766cc83224adbd3793da0083008 status: experimental description: Detects traffic or activity related to https://124vm6or.scrollnft.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://124vm6or.scrollnft.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://solcrest2a.scrollnft.in.net/verification.google id: auto-94809530c2523e1f49bcbebddc501410c7946babb581595f7854e3d423a225f4 status: experimental description: Detects traffic or activity related to https://solcrest2a.scrollnft.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://solcrest2a.scrollnft.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://8lyw.scrollnft.in.net/verification.google id: auto-bd341430e3d4b8c42685d7ba6e83c601c4ceec925829b70948f8bf879f9273f9 status: experimental description: Detects traffic or activity related to https://8lyw.scrollnft.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://8lyw.scrollnft.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://load-leaf.scrollnft.in.net/verification.google id: auto-84f1f4ce51d06277dd38f52951e9d75eb69df46e1af75a55e0b4fddc864c7622 status: experimental description: Detects traffic or activity related to https://load-leaf.scrollnft.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://load-leaf.scrollnft.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dynnexet.tatneft.in.net/verification.google id: auto-7999939075dd7084d5693efb8cabf7e6ed670f4f9e67a4b742df0c98cf3a3514 status: experimental description: Detects traffic or activity related to https://dynnexet.tatneft.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dynnexet.tatneft.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://alt-qu1c.tatneft.in.net/verification.google id: auto-e31c9135312677f45e8a2a4058266bef394c5348e63c6418187f0b6e839b90f6 status: experimental description: Detects traffic or activity related to https://alt-qu1c.tatneft.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://alt-qu1c.tatneft.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://0v6nu.tatneft.in.net/verification.google id: auto-34519102dc3866dd3a2dd064c5f0585967875319f80cf208afa20e6394c76623 status: experimental description: Detects traffic or activity related to https://0v6nu.tatneft.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://0v6nu.tatneft.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - http://158.94.208.7/files/7782139129/ZSZfFtn.exe id: auto-d14d948079b717b42771661ede2b2ff491692ab0748fbc4b3a9b5cc6111aa82f status: experimental description: Detects traffic or activity related to http://158.94.208.7/files/7782139129/ZSZfFtn.exe which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*http://158.94.208.7/files/7782139129/ZSZfFtn.exe*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dyncorear9.tatneft.in.net/verification.google id: auto-3a71f27a99026122aed222ebd56dc90a2a0364b755cd0abfd5c69705b859e5f8 status: experimental description: Detects traffic or activity related to https://dyncorear9.tatneft.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dyncorear9.tatneft.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://sol-tideor.fotestat.in.net/verification.google id: auto-10ff99a69f1cd6183d2916ebdc82f433afa433b504f267df9cf2aeac45b72989 status: experimental description: Detects traffic or activity related to https://sol-tideor.fotestat.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://sol-tideor.fotestat.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://vorspireum1.fotestat.in.net/verification.google id: auto-cd4cf061f99802a6ab02ab6dfbd1c6eaef00e7949245324b323b732fc90ad2ad status: experimental description: Detects traffic or activity related to https://vorspireum1.fotestat.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://vorspireum1.fotestat.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://meta-5har.fotestat.in.net/verification.google id: auto-2646d2e86388a4c271cf2e1b1350f947e5d3dbcc1c329843691d331fa6cfdad6 status: experimental description: Detects traffic or activity related to https://meta-5har.fotestat.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://meta-5har.fotestat.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://r1ver-mark.fotestat.in.net/verification.google id: auto-02737c1b0a342ce5b9c507d6045f777abebcb49aa5dcceec934fb4e26c128bbc status: experimental description: Detects traffic or activity related to https://r1ver-mark.fotestat.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://r1ver-mark.fotestat.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://70x2ky.veloxunit.in.net/verification.google id: auto-4b22c1d6d29231302290a19d17cd9aa1cfa360cdd95162fee279929d5a7bbada status: experimental description: Detects traffic or activity related to https://70x2ky.veloxunit.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://70x2ky.veloxunit.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://nnzyf2.veloxunit.in.net/verification.google id: auto-f59ed22e1801ff409ea94b7218aab5075228c15f8707e28628a1bba0ba856d29 status: experimental description: Detects traffic or activity related to https://nnzyf2.veloxunit.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://nnzyf2.veloxunit.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://bloomsilen.veloxunit.in.net/verification.google id: auto-2397a0ab58c7fec7b0f08f5670d7c4cc05d44166e21757f490992134f5a6e65c status: experimental description: Detects traffic or activity related to https://bloomsilen.veloxunit.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://bloomsilen.veloxunit.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://alt-5torag.termocenter.in.net/verification.google id: auto-057499d1b9f20d2c41db1c7cb97438f2867d108300ec4aa12698571fd2026a6b status: experimental description: Detects traffic or activity related to https://alt-5torag.termocenter.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://alt-5torag.termocenter.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ju80r.termocenter.in.net/verification.google id: auto-affe46b6496735d0c7e4a0a83d3bdf679711667dd75de30639f1922dfdbfde8d status: experimental description: Detects traffic or activity related to https://ju80r.termocenter.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ju80r.termocenter.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://loya-cache.termocenter.in.net/verification.google id: auto-b410ae2ba73c7c4f20cf23192f90af455d35a3bd8265dd6d3a84998abbda1f8f status: experimental description: Detects traffic or activity related to https://loya-cache.termocenter.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://loya-cache.termocenter.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://specime7-layer.bonflac.in.net/verification.google id: auto-bfcffc430157cbd781b42a2efbd3480b0c56072006c39dc146d25b9bae4875e6 status: experimental description: Detects traffic or activity related to https://specime7-layer.bonflac.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://specime7-layer.bonflac.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://gu1d-phase.bonflac.in.net/verification.google id: auto-6ef93b9a688c9d279771c6831d58c7e2557603863fc10ff8abec2a22fa6e2712 status: experimental description: Detects traffic or activity related to https://gu1d-phase.bonflac.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://gu1d-phase.bonflac.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://hyper-guid3.botslap.in.net/verification.google id: auto-f8bd2ff8047ddac25fe52accdb1f4f0a9a7e24928ae98cc36fa16ef05067e43e status: experimental description: Detects traffic or activity related to https://hyper-guid3.botslap.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://hyper-guid3.botslap.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://watc5-field.botslap.in.net/verification.google id: auto-3b05ba5374db5180df9ebd37e536e236cc0e1e7bd7d1d48d096d18057de783e5 status: experimental description: Detects traffic or activity related to https://watc5-field.botslap.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://watc5-field.botslap.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://jijbgf8.regwan.in.net/verification.google id: auto-3f0cdbde96d626a40286b8c8904a672400b38c79ef0617a50b3e78e61d22402c status: experimental description: Detects traffic or activity related to https://jijbgf8.regwan.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://jijbgf8.regwan.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://294asm.regwan.in.net/verification.google id: auto-996ccb985ce6c45d65b9afcd79f736d4ef7853d30ef019d21c9a3fd89b81cbe1 status: experimental description: Detects traffic or activity related to https://294asm.regwan.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://294asm.regwan.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://theorfier.yardnext.in.net/verification.google id: auto-a1a3ce24554be4a1dddffc87fe45ae7b768be0690661b02078f2d9c955fec72e status: experimental description: Detects traffic or activity related to https://theorfier.yardnext.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://theorfier.yardnext.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://4agat.yardnext.in.net/verification.google id: auto-505a914ebd849c2b93bec395853aa0d624b5b65fa96485e45b913adf4b32845f status: experimental description: Detects traffic or activity related to https://4agat.yardnext.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://4agat.yardnext.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://mntdtg1.runfast.in.net/verification.google id: auto-40ca1d8c44772612c1761cd4703aaf672c517db7ca764702ee38d2f43fb2b93b status: experimental description: Detects traffic or activity related to https://mntdtg1.runfast.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://mntdtg1.runfast.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://geo-d3p1.runfast.in.net/verification.google id: auto-2ad60efd3ee82740a4c2d3d712183040002cde1daae9b1b152d60ee782c6e0a9 status: experimental description: Detects traffic or activity related to https://geo-d3p1.runfast.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://geo-d3p1.runfast.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://publishbrigh.devopsn.in.net/verification.google id: auto-067b6139e657e4d1de3f0940b5b0034f1daab286a256cef30cd43e69bb9e5504 status: experimental description: Detects traffic or activity related to https://publishbrigh.devopsn.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://publishbrigh.devopsn.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://teiafnhz.gramsup.in.net/verification.google id: auto-6ac65643648697b9a65203a6aa3b343e70dd8d39bdbaf8f2416b4374ff79122f status: experimental description: Detects traffic or activity related to https://teiafnhz.gramsup.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://teiafnhz.gramsup.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://trivaleor.gramsup.in.net/verification.google id: auto-62bf56e653d9bfbf9a29fa66f208ed1e0a28a17e59a0b01126e3577de6ccdb7d status: experimental description: Detects traffic or activity related to https://trivaleor.gramsup.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://trivaleor.gramsup.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://pricescene.vouayger.in.net/verification.google id: auto-6834341820677a80e1ff9a8bd71ed2c118e89083c1eda876ace49d0fe4dc271f status: experimental description: Detects traffic or activity related to https://pricescene.vouayger.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://pricescene.vouayger.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://gladetrusted.vouayger.in.net/verification.google id: auto-706230a2af60730ec0c1aff3e552677da3f0f9807f7ba9db1e0f08b112d20a48 status: experimental description: Detects traffic or activity related to https://gladetrusted.vouayger.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://gladetrusted.vouayger.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://4w9jp.checkbro.in.net/verification.google id: auto-3387567c9e9b1bde766229edecb7ca5ae24cc97c9d843ddfc9462a0430560667 status: experimental description: Detects traffic or activity related to https://4w9jp.checkbro.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://4w9jp.checkbro.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://vcp61.checkbro.in.net/verification.google id: auto-782ec41cf7d60e5d792d49da421ec68a61814174a9b03b8e0a863801aae7e5f9 status: experimental description: Detects traffic or activity related to https://vcp61.checkbro.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://vcp61.checkbro.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://railcon.woodflo.in.net/verification.google id: auto-df10c88847965a29097055fb3ad3a04762aaa58a0346127cd2c58097b693d880 status: experimental description: Detects traffic or activity related to https://railcon.woodflo.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://railcon.woodflo.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://learntiny.woodflo.in.net/verification.google id: auto-d4c83a5ccda88aaf6aba80e95d14402517304c424548ff8ee75a4e311e72a9dd status: experimental description: Detects traffic or activity related to https://learntiny.woodflo.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://learntiny.woodflo.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ternp3-watch.goodwork.in.net/verification.google id: auto-9f528b4aba13db68e70c9ddee622e992343db8e21124619d2ddcbc918e6dd614 status: experimental description: Detects traffic or activity related to https://ternp3-watch.goodwork.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ternp3-watch.goodwork.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://patternpilot.goodwork.in.net/verification.google id: auto-3088889aff2e5eda03bcaacc292b684bc6d31bf932d0fb0853b47af99d72b0ac status: experimental description: Detects traffic or activity related to https://patternpilot.goodwork.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://patternpilot.goodwork.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://hyperdrift.besthire.in.net/verification.google id: auto-d51b6aeb7a88ce39ecc6e1da2c50ebd40d4a4c8d8a435382c0ab0f1a15622ccc status: experimental description: Detects traffic or activity related to https://hyperdrift.besthire.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://hyperdrift.besthire.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://p9vpxaz1.besthire.in.net/verification.google id: auto-57662367ca4403b7cc0d97c4412e58c62962dcb8db2173a768f82c6ea3ed0e7a status: experimental description: Detects traffic or activity related to https://p9vpxaz1.besthire.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://p9vpxaz1.besthire.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ips.goodwork.in.net/verification.google id: auto-82f08786fe15df8d29d7f19e525831d1e3e20acc7f5d4fbfde5c3389ba40c37b status: experimental description: Detects traffic or activity related to https://ips.goodwork.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ips.goodwork.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://meta.veloxunit.in.net/verification.google id: auto-25c91d34a1137136e586f2dd5bb9dcd7810ce07af36ef2ba17276325f803a6d0 status: experimental description: Detects traffic or activity related to https://meta.veloxunit.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://meta.veloxunit.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://t1me.checkbro.in.net/verification.google id: auto-f90a6f098667c5e919f30fc75e7754e3577d95cb07bffd8bb1fdfb735aafba4d status: experimental description: Detects traffic or activity related to https://t1me.checkbro.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://t1me.checkbro.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://mona.termocenter.in.net/verification.google id: auto-eaac785515f75b2eed64adee2d0ec15f3139948dccabf1cad23fbfb2d292464c status: experimental description: Detects traffic or activity related to https://mona.termocenter.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://mona.termocenter.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://35x53u.yardnext.in.net/verification.google id: auto-a24f8230390c3f5fb232f31a99dee49353d447bcafd923b11e761c699e1456ae status: experimental description: Detects traffic or activity related to https://35x53u.yardnext.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://35x53u.yardnext.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://c0mpi-branch.runfast.in.net/verification.google id: auto-c76edd5ef65619dba87e3d07495e284dcfa6459dd5dc753c2f29fb4423cd573e status: experimental description: Detects traffic or activity related to https://c0mpi-branch.runfast.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://c0mpi-branch.runfast.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://uwk7hxy.devopsn.in.net/verification.google id: auto-c4efba224a8f94b09f18cc8cbed8d905e7394deff1c9dd8af9bc3650f3d496fc status: experimental description: Detects traffic or activity related to https://uwk7hxy.devopsn.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://uwk7hxy.devopsn.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://trivaleis6.gramsup.in.net/verification.google id: auto-8ecbcf9fc3bf65cbb30a85af4e8ca64def21a7c82e414af8161342e1a6395da8 status: experimental description: Detects traffic or activity related to https://trivaleis6.gramsup.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://trivaleis6.gramsup.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://scr14-sync.vouayger.in.net/verification.google id: auto-fe0afa7013bd6bf78de024a02edb0517b4c7e050da26d99a28982c1e341e1162 status: experimental description: Detects traffic or activity related to https://scr14-sync.vouayger.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://scr14-sync.vouayger.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://tideruntime.checkbro.in.net/verification.google id: auto-6ec02d3f3a0affe07bbf53d7a78a8e75e415f43dbda22bf2647bd3d3f7237e32 status: experimental description: Detects traffic or activity related to https://tideruntime.checkbro.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://tideruntime.checkbro.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://4wm0.woodflo.in.net/verification.google id: auto-f79e824318c6b42758ed2549123bb30048568bc4106e41a653fa9d6209046cb7 status: experimental description: Detects traffic or activity related to https://4wm0.woodflo.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://4wm0.woodflo.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://unitmed.goodwork.in.net/verification.google id: auto-753a659c2c5e93b952a2e513d9d6e54fe9c25ce97436de2d0ce3883303bdebaa status: experimental description: Detects traffic or activity related to https://unitmed.goodwork.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://unitmed.goodwork.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://checkcipher.besthire.in.net/verification.google id: auto-af5945543add69c97f67dbc5793b3055734d4d0ffde5da96665eba3a36325fba status: experimental description: Detects traffic or activity related to https://checkcipher.besthire.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://checkcipher.besthire.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://serv4base.veloxunit.in.net/verification.google id: auto-6e332dc92aa1cff27b9425bbd181b7e9d872c3a97c54933d7f7436947a669d5d status: experimental description: Detects traffic or activity related to https://serv4base.veloxunit.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://serv4base.veloxunit.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://edge3dist.veloxunit.in.net/verification.google id: auto-4ab71346cb9deed3a5a0b8b2e49a4fd93927f73cb965f827872651accdfbb4a2 status: experimental description: Detects traffic or activity related to https://edge3dist.veloxunit.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://edge3dist.veloxunit.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://node2flow.veloxunit.in.net/verification.google id: auto-a56f4739160bc8e92cdb7620718727c729d0426414851cefc57bf1e6b1975ec2 status: experimental description: Detects traffic or activity related to https://node2flow.veloxunit.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://node2flow.veloxunit.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://unit1meta.veloxunit.in.net/verification.google id: auto-ff4448034e047029feedf9d68bacb88ff44da7a5161fc23ef75d9e84dbd9fc40 status: experimental description: Detects traffic or activity related to https://unit1meta.veloxunit.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://unit1meta.veloxunit.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://main4point.nuxbase.in.net/verification.google id: auto-fd21fca026a85a7c058c70e092a93426ab28cdafc613323c6b71d194620b63bf status: experimental description: Detects traffic or activity related to https://main4point.nuxbase.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://main4point.nuxbase.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://data3sync.nuxbase.in.net/verification.google id: auto-a9cdd0d2e00c374c75866c85fd09942f6439fc335231017b1a6920bf80fe70c2 status: experimental description: Detects traffic or activity related to https://data3sync.nuxbase.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://data3sync.nuxbase.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://gate2proxy.nuxbase.in.net/verification.google id: auto-bb7ecd55686d16cb13e6fb352a862d67a619ca8db7e3031e4df5229ee9462fde status: experimental description: Detects traffic or activity related to https://gate2proxy.nuxbase.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://gate2proxy.nuxbase.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://web1infra.nuxbase.in.net/verification.google id: auto-dae61f844579d2c254ca41c611f097697bd8373d46c1a32d6e4e334032ed6311 status: experimental description: Detects traffic or activity related to https://web1infra.nuxbase.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://web1infra.nuxbase.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://sat4link.termocenter.in.net/verification.google id: auto-e749d136d7815cc19b2f0a96ebd542f6b62787286da1efda07708a76916996f7 status: experimental description: Detects traffic or activity related to https://sat4link.termocenter.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://sat4link.termocenter.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://rock3core.termocenter.in.net/verification.google id: auto-23d094c15f23d4e7c222b978a007ac3ec347147177472d9d256517b62c63cd6b status: experimental description: Detects traffic or activity related to https://rock3core.termocenter.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://rock3core.termocenter.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://base2steel.termocenter.in.net/verification.google id: auto-d306a3889980df6ebd3fccdf0f1ce9146f82dfa08db845381bc5d52f7a6fad29 status: experimental description: Detects traffic or activity related to https://base2steel.termocenter.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://base2steel.termocenter.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://moon1orbit.termocenter.in.net/verification.google id: auto-b45df6a63786acd18577fdd3170ca9f8a71d835e27b67285d35c942ee1305439 status: experimental description: Detects traffic or activity related to https://moon1orbit.termocenter.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://moon1orbit.termocenter.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://open4space.altasync.in.net/verification.google id: auto-0464a64022a892ba494135f4cbf6d8180d47ae3e786bce255a54071300049575 status: experimental description: Detects traffic or activity related to https://open4space.altasync.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://open4space.altasync.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://vast3field.altasync.in.net/verification.google id: auto-b587fc9640c60ef34825e270658f066b0dbdf36dc6b56b3b376abc3a9907c5da status: experimental description: Detects traffic or activity related to https://vast3field.altasync.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://vast3field.altasync.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://zone2area.altasync.in.net/verification.google id: auto-5b821b1333fd389825108d5227779da8138887e64f638c9a90057eaf8860cfcd status: experimental description: Detects traffic or activity related to https://zone2area.altasync.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://zone2area.altasync.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://rim1outer.altasync.in.net/verification.google id: auto-5e8b6fa03c7c502a2e31b0bc9dd335c26f7ab1396155477c84fc2cc352ccb2ce status: experimental description: Detects traffic or activity related to https://rim1outer.altasync.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://rim1outer.altasync.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://path4gate.protovoda.in.net/verification.google id: auto-1410d39a39447f6fd25c28db7cc6b9aa6ca9358a5d5ce2bc2ea966adcfeba87c status: experimental description: Detects traffic or activity related to https://path4gate.protovoda.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://path4gate.protovoda.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://view3sync.protovoda.in.net/verification.google id: auto-4436ae84b3bd65861caab4c41d345f38a7dcc78f648b950ee7bbc411c5dc15c3 status: experimental description: Detects traffic or activity related to https://view3sync.protovoda.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://view3sync.protovoda.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://scan2point.protovoda.in.net/verification.google id: auto-404b892272804e448310e4354d4b9dd40e6fe574f42732da3926933e4df90aa9 status: experimental description: Detects traffic or activity related to https://scan2point.protovoda.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://scan2point.protovoda.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://room1dark.protovoda.in.net/verification.google id: auto-461b74d25898aa966cfb1951703c2f3069ca3677568f89d5d6304b0b65e23c0d status: experimental description: Detects traffic or activity related to https://room1dark.protovoda.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://room1dark.protovoda.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://sync4vision.luxalabs.in.net/verification.google id: auto-c02c185cc943f67b5a30922ab163fa58835877a60e95327cf5d71ea1dfe8bf7f status: experimental description: Detects traffic or activity related to https://sync4vision.luxalabs.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://sync4vision.luxalabs.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ghost3node.luxalabs.in.net/verification.google id: auto-02bad5932a0b8d8b318a38442f2a45e3c1e3f5e55ead6f55e47a4d4c2ad87313 status: experimental description: Detects traffic or activity related to https://ghost3node.luxalabs.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ghost3node.luxalabs.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://shell2core.luxalabs.in.net/verification.google id: auto-024367caad8478fb5df8029bc6895d0c27252d01459136c08c7c3a45d55c08ac status: experimental description: Detects traffic or activity related to https://shell2core.luxalabs.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://shell2core.luxalabs.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://trace1alpha.luxalabs.in.net/verification.google id: auto-158d037d723ea621dac8a6f39676a5dc2cf5c6dcae143448a2a69efaed32e17f status: experimental description: Detects traffic or activity related to https://trace1alpha.luxalabs.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://trace1alpha.luxalabs.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://link4access.optigrid.in.net/verification.google id: auto-b04f10cd6723ec6e7f78b8754f5282cdc9cbb50561c8bcaa45d8b087fafdf10b status: experimental description: Detects traffic or activity related to https://link4access.optigrid.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://link4access.optigrid.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://auth3user.optigrid.in.net/verification.google id: auto-90a3d17dd29c9d5a055af574ad1b6901709c48ec1993c5b00427f173b5555ead status: experimental description: Detects traffic or activity related to https://auth3user.optigrid.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://auth3user.optigrid.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://base2point.optigrid.in.net/verification.google id: auto-62187eb9bbc8152db1687ac2c67723a4395f9ecc8229bc4c46f76453c4933c86 status: experimental description: Detects traffic or activity related to https://base2point.optigrid.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://base2point.optigrid.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://glob1infra.optigrid.in.net/verification.google id: auto-c7d5768dd72ccb13530a87a691857cab67a3c70f7062f1b1bed5503ad66ac9b0 status: experimental description: Detects traffic or activity related to https://glob1infra.optigrid.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://glob1infra.optigrid.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://flow4work.densapoint.in.net/verification.google id: auto-90062a316952972f0c48ec8f4632f7ff044a4cbab930a3170c9b3629712009f3 status: experimental description: Detects traffic or activity related to https://flow4work.densapoint.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://flow4work.densapoint.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://net3local.densapoint.in.net/verification.google id: auto-9c45aa2e4502884ae9ce78780e0ce779a0f446285deb630598aa800d13c287e4 status: experimental description: Detects traffic or activity related to https://net3local.densapoint.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://net3local.densapoint.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://github.com/kakunovegorik-bit/bbvb/raw/refs/heads/main/vpn.exe id: auto-f3ac52a04b4abffa5ca752417b2f6d62e4746a2f25e628a028e58983a772957a status: experimental description: Detects traffic or activity related to https://github.com/kakunovegorik-bit/bbvb/raw/refs/heads/main/vpn.exe which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://github.com/kakunovegorik-bit/bbvb/raw/refs/heads/main/vpn.exe*' condition: selection level: high tags: - attack.t1204.002 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://raw.githubusercontent.com/kakunovegorik-bit/bbvb/refs/heads/main/vpn.exe id: auto-99ee0bba446f9f5fffe883538b3572f2be22062baa21bf3d51cbdcdd78a79821 status: experimental description: Detects traffic or activity related to https://raw.githubusercontent.com/kakunovegorik-bit/bbvb/refs/heads/main/vpn.exe which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://raw.githubusercontent.com/kakunovegorik-bit/bbvb/refs/heads/main/vpn.exe*' condition: selection level: high tags: - attack.t1204.002 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://sys2power.densapoint.in.net/verification.google id: auto-d30609b8a76fd78123636b2e9fe43faea85a1e669f453adcf1110cb69693e351 status: experimental description: Detects traffic or activity related to https://sys2power.densapoint.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://sys2power.densapoint.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://mon1point.densapoint.in.net/verification.google id: auto-cafae1b2f7961426de18c8324a236b7ebc4a3b1f6740bcdd9c6b5778fb9b713b status: experimental description: Detects traffic or activity related to https://mon1point.densapoint.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://mon1point.densapoint.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://entry4link.metracore.in.net/verification.google id: auto-abc512a820ac3c61b92d509ddbd0abcee3a74a2dac5b34917fe453ccffc7183a status: experimental description: Detects traffic or activity related to https://entry4link.metracore.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://entry4link.metracore.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dev3host.metracore.in.net/verification.google id: auto-932ac32c926d0d116179841747826daddf531389c4b8729ea87e8367b28302f4 status: experimental description: Detects traffic or activity related to https://dev3host.metracore.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dev3host.metracore.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://rpc2remote.metracore.in.net/verification.google id: auto-b8febafbeeec300ab091913b19f674795eb11398b137f6031532ef8a1d3b68c0 status: experimental description: Detects traffic or activity related to https://rpc2remote.metracore.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://rpc2remote.metracore.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cloud1store.metracore.in.net/verification.google id: auto-4cbc2093d5b5badcb068fa4c6902e498c462359e0f58237a6492e60ee0ba130d status: experimental description: Detects traffic or activity related to https://cloud1store.metracore.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cloud1store.metracore.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://hub4sync.vivaflux.in.net/verification.google id: auto-8eb5cb589148cf91657075f8c6ca7493fe27bc5b79ab5374e06b9e2ca168a22a status: experimental description: Detects traffic or activity related to https://hub4sync.vivaflux.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://hub4sync.vivaflux.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://gate3proxy.vivaflux.in.net/verification.google id: auto-8345940796ce11dc271a19e6d3171ec344aa1ef8ddc6f1d2169dc8a9e6a57ed9 status: experimental description: Detects traffic or activity related to https://gate3proxy.vivaflux.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://gate3proxy.vivaflux.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://app2data.vivaflux.in.net/verification.google id: auto-87c1f152d6bd8580d9debd1e924fce69e9e01213e9b65be05e980eb7ff63ae17 status: experimental description: Detects traffic or activity related to https://app2data.vivaflux.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://app2data.vivaflux.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://web1meta.vivaflux.in.net/verification.google id: auto-080f0103d1f2edb85d59c697bab747f5f9641b64f0d651933e7a8c39a195d667 status: experimental description: Detects traffic or activity related to https://web1meta.vivaflux.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://web1meta.vivaflux.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://db4static.flexonode.in.net/verification.google id: auto-66612049e3ba1f0cb6e89b5ee08bb971d58d01703e44e203f192f7b555fe3f52 status: experimental description: Detects traffic or activity related to https://db4static.flexonode.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://db4static.flexonode.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cdn3edge.flexonode.in.net/verification.google id: auto-000c12fe40050f62d37b1a7edf24b6f737f9a8c0ff2e964cada4308012073d5c status: experimental description: Detects traffic or activity related to https://cdn3edge.flexonode.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cdn3edge.flexonode.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://api2sync.flexonode.in.net/verification.google id: auto-20c82676f4810978d7a58d45da315936453ecca668e898a192417087b5e8f050 status: experimental description: Detects traffic or activity related to https://api2sync.flexonode.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://api2sync.flexonode.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://srv1node.flexonode.in.net/verification.google id: auto-2e3c14ffdf0be62ddfe9e01f0d6f37262428e2410c083ffc5e3f0707a4bfa87b status: experimental description: Detects traffic or activity related to https://srv1node.flexonode.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://srv1node.flexonode.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://main-v4-point.vortex-lab.in.net/verification.google id: auto-6b208db98a222ff2f34b3f082a100c58036a03e794e5f1decc552d0a29ef85c9 status: experimental description: Detects traffic or activity related to https://main-v4-point.vortex-lab.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://main-v4-point.vortex-lab.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://zone-v8-area.lumen-nodo.in.net/verification.google id: auto-c5290897738a2b1d78dd3cf29a29ce245afb94ee362688cc18e2e482073e0d4a status: experimental description: Detects traffic or activity related to https://zone-v8-area.lumen-nodo.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://zone-v8-area.lumen-nodo.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://rim-k12-outer.lumen-nodo.in.net/verification.google id: auto-e2315799fc6765f496da9cd6eedf7e6c0119843b19bdcbbb52c3f9a98b094c6a status: experimental description: Detects traffic or activity related to https://rim-k12-outer.lumen-nodo.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://rim-k12-outer.lumen-nodo.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://sync-v9-vision.terra-data.in.net/verification.google id: auto-428972475b3ab08a44a4fbfbca7b4cc6b34c96ad19d3b2311f29c6e769f8eae3 status: experimental description: Detects traffic or activity related to https://sync-v9-vision.terra-data.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://sync-v9-vision.terra-data.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://scan-z0-point.terra-data.in.net/verification.google id: auto-06342f4c8d12ead2857a81f8f8ba57ba06374966eb78fde19cd628879e930d79 status: experimental description: Detects traffic or activity related to https://scan-z0-point.terra-data.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://scan-z0-point.terra-data.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://bridge-x4-light.terra-data.in.net/verification.google id: auto-b54cf48410a848d8f8c581564750a0e0260be04aab8e550bcd0385d38d46116f status: experimental description: Detects traffic or activity related to https://bridge-x4-light.terra-data.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://bridge-x4-light.terra-data.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://room-v51-dark.terra-data.in.net/verification.google id: auto-afbe06af4e151c2dc4e939d4b30a000fc628d9da856b92d16159b25de77ef193 status: experimental description: Detects traffic or activity related to https://room-v51-dark.terra-data.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://room-v51-dark.terra-data.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://vision-v4-sync.nux-systems.in.net/verification.google id: auto-ba47600dc9ce59572bb191cc9859c1287c0cf623287a1615fd501ea56613962a status: experimental description: Detects traffic or activity related to https://vision-v4-sync.nux-systems.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://vision-v4-sync.nux-systems.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ghost-z2-node.nux-systems.in.net/verification.google id: auto-fd70efac5ce7ffe1bff7f626d156284d8fa0b368541cb3aa2c0eb3e85ca36127 status: experimental description: Detects traffic or activity related to https://ghost-z2-node.nux-systems.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ghost-z2-node.nux-systems.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://shell-v7-core.nux-systems.in.net/verification.google id: auto-58336fd3233250aaa74fa5c861b5566b8a3dc7e7da8a6ae6c9cf676856bca739 status: experimental description: Detects traffic or activity related to https://shell-v7-core.nux-systems.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://shell-v7-core.nux-systems.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://trace-x11-alpha.nux-systems.in.net/verification.google id: auto-38a71865ef262416ad3123d0c1e83c44dfdb4ed3cccdcca855c79087f7a36898 status: experimental description: Detects traffic or activity related to https://trace-x11-alpha.nux-systems.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://trace-x11-alpha.nux-systems.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://auth-l2-user.foco-global.in.net/verification.google id: auto-a606887952d1bd8f339bdbab0bf4009bc61d915bd274ddaff8789d2d8369a582 status: experimental description: Detects traffic or activity related to https://auth-l2-user.foco-global.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://auth-l2-user.foco-global.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://db-g0-point.foco-global.in.net/verification.google id: auto-e7aeef5148d632a8942d374380413523e1c367ed5b662fb788ab6c0a9632c3e9 status: experimental description: Detects traffic or activity related to https://db-g0-point.foco-global.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://db-g0-point.foco-global.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://flow-z9-work.punto-viva.in.net/verification.google id: auto-a3c8e103bba38718c207e847cef1980b9f3a96cf5129b66144febf9e16696a16 status: experimental description: Detects traffic or activity related to https://flow-z9-work.punto-viva.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://flow-z9-work.punto-viva.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://base-f4-infra.foco-global.in.net/verification.google id: auto-89b564433d19519b28c97acde68484f051fed1a76eee2cc5dd531eb927ff39a9 status: experimental description: Detects traffic or activity related to https://base-f4-infra.foco-global.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://base-f4-infra.foco-global.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://net-v88-global.foco-global.in.net/verification.google id: auto-593e7a73712939d96756a593615438832cab7c15eda9b795a14a0c807826cb12 status: experimental description: Detects traffic or activity related to https://net-v88-global.foco-global.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://net-v88-global.foco-global.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://link-p1-power.punto-viva.in.net/verification.google id: auto-f1ca090b6d0a8b07ecbd92dbc3be11ca4981d253854d214ac808ecccb40bffbb status: experimental description: Detects traffic or activity related to https://link-p1-power.punto-viva.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://link-p1-power.punto-viva.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://hub-v02-local.punto-viva.in.net/verification.google id: auto-3a87a80572b7170c6c3a1af262344c442da16ffc5715c64eb0e973067d98ce14 status: experimental description: Detects traffic or activity related to https://hub-v02-local.punto-viva.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://hub-v02-local.punto-viva.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://sys-s33-monitor.punto-viva.in.net/verification.google id: auto-b4742fdf00bdc1660e49477c65ccb2f6145ae0098f2b1a365eebe3c358b04385 status: experimental description: Detects traffic or activity related to https://sys-s33-monitor.punto-viva.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://sys-s33-monitor.punto-viva.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://gate-v5-entry.densa-materia.in.net/verification.google id: auto-3e786eced2f8d0f71f95b07ecccbaf2aae9949ebdefb98c8535973162cb7e651 status: experimental description: Detects traffic or activity related to https://gate-v5-entry.densa-materia.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://gate-v5-entry.densa-materia.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://api-r2-remote.densa-materia.in.net/verification.google id: auto-e38fcaca27e48d2c4cd6e8a98330f67bab2f058e7742628765709a56fa4edebb status: experimental description: Detects traffic or activity related to https://api-r2-remote.densa-materia.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://api-r2-remote.densa-materia.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cloud-w11-store.densa-materia.in.net/verification.google id: auto-24dbd216d7d35804a80137f60f5860787f56b1485b45de07601396f58464c4b0 status: experimental description: Detects traffic or activity related to https://cloud-w11-store.densa-materia.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cloud-w11-store.densa-materia.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://core-j1-sync.faser-tech.in.net/verification.google id: auto-796251cfe2cdae309f9d87e6af29d1070da9060cfae6a3d3d8b9c3309cb71c22 status: experimental description: Detects traffic or activity related to https://core-j1-sync.faser-tech.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://core-j1-sync.faser-tech.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://web-proxy-707.faser-tech.in.net/verification.google id: auto-1e7d79e9695993d46b644f0efe79c5abf6c2a92a329d34c442773839f9967452 status: experimental description: Detects traffic or activity related to https://web-proxy-707.faser-tech.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://web-proxy-707.faser-tech.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://app-v09-data.faser-tech.in.net/verification.google id: auto-fc53874ae52f2ea9d1a99d6b79e1fc0c954d86971f10e63c4f54c3ebfa6492e2 status: experimental description: Detects traffic or activity related to https://app-v09-data.faser-tech.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://app-v09-data.faser-tech.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://srv-k44-meta.faser-tech.in.net/verification.google id: auto-01ad329d7f590e755537c2c14c89f51477bef4f7600e9f930815f556d9fc7874 status: experimental description: Detects traffic or activity related to https://srv-k44-meta.faser-tech.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://srv-k44-meta.faser-tech.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://infra-m2-static.optico-voda.in.net/verification.google id: auto-6146dbee2dd48c0fc742cff74c5a144f0026a682ef03fc2df43c12929b1632e6 status: experimental description: Detects traffic or activity related to https://infra-m2-static.optico-voda.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://infra-m2-static.optico-voda.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cdn-z7-edge.optico-voda.in.net/verification.google id: auto-8c57827d73f6982ff45bea1fb7cb046bc460185c9ac0ff30cec3b2b2c1510052 status: experimental description: Detects traffic or activity related to https://cdn-z7-edge.optico-voda.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cdn-z7-edge.optico-voda.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://sync-v01-auth.optico-voda.in.net/verification.google id: auto-72fd1b7a440354ff54e0f7fd0b0503b24d772e86eac6c05e67611c0d68416a0e status: experimental description: Detects traffic or activity related to https://sync-v01-auth.optico-voda.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://sync-v01-auth.optico-voda.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://pop-x88-node.optico-voda.in.net/verification.google id: auto-c31490827ed54a639393c0f7d06900af73bde259de481b34ab7fa757f29998a3 status: experimental description: Detects traffic or activity related to https://pop-x88-node.optico-voda.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://pop-x88-node.optico-voda.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://node-x33-auth.curvaforte.in.net/verification.google id: auto-3bd58b58fa88a4ab2fa10a4f591e15fced36fe60b6617c086c99c007f7bc9959 status: experimental description: Detects traffic or activity related to https://node-x33-auth.curvaforte.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://node-x33-auth.curvaforte.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://main-j5-point.curvaforte.in.net/verification.google id: auto-c4218d44c819cacc142de61c3443f42e674c18e2f5eb2377dd358c41e644ce95 status: experimental description: Detects traffic or activity related to https://main-j5-point.curvaforte.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://main-j5-point.curvaforte.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://sync-h4-data.curvaforte.in.net/verification.google id: auto-46f8251ac54b354d6174215d6b8d0e721ccef33799673c766af61cbc83755175 status: experimental description: Detects traffic or activity related to https://sync-h4-data.curvaforte.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://sync-h4-data.curvaforte.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://gate-p1-proxy.curvaforte.in.net/verification.google id: auto-3209d1c8c5aaaa740e22a5ebd98ae9ad8ed3789b6e4188bf67fff2765fa3fe54 status: experimental description: Detects traffic or activity related to https://gate-p1-proxy.curvaforte.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://gate-p1-proxy.curvaforte.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://web-s09-infra.prismaviva.in.net/verification.google id: auto-7fa154405e690f63f2a934886809fd99a27a32429ec2dfb8137a85a341601b32 status: experimental description: Detects traffic or activity related to https://web-s09-infra.prismaviva.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://web-s09-infra.prismaviva.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://uplink-r2-sat.prismaviva.in.net/verification.google id: auto-3d08cee1046201a83d0c43584824f0a69ea0e1b9c273775b51c7e2897d345df3 status: experimental description: Detects traffic or activity related to https://uplink-r2-sat.prismaviva.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://uplink-r2-sat.prismaviva.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://core-q7-rock.prismaviva.in.net/verification.google id: auto-6cb7c9394e98b650337594968849a3dff1271d3f61864ef0dd2ff0e74e79dd25 status: experimental description: Detects traffic or activity related to https://core-q7-rock.prismaviva.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://core-q7-rock.prismaviva.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://base-b1-steel.prismaviva.in.net/verification.google id: auto-d74989c9b7a34b648a9543780bda7e0eb7aa8f822fcab7fff7074e53dcf7afcb status: experimental description: Detects traffic or activity related to https://base-b1-steel.prismaviva.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://base-b1-steel.prismaviva.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://orbit-n2-moon.sinapsitech.in.net/verification.google id: auto-4652edd487f9ec2fb90eb8df47f0b095024cbcf9bf9e9d401835c52afae055dc status: experimental description: Detects traffic or activity related to https://orbit-n2-moon.sinapsitech.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://orbit-n2-moon.sinapsitech.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://space-x4-open.sinapsitech.in.net/verification.google id: auto-eb9b3c6504fbc24455fdcab82d11fb16a3b227e0cada1498b30c1104e349b5a7 status: experimental description: Detects traffic or activity related to https://space-x4-open.sinapsitech.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://space-x4-open.sinapsitech.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://field-z01-vast.sinapsitech.in.net/verification.google id: auto-f50a0e8a92325de2c2c6530e89635e1c7167723b2d161021e7bb68e181cfa548 status: experimental description: Detects traffic or activity related to https://field-z01-vast.sinapsitech.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://field-z01-vast.sinapsitech.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://zone-w3-area.sinapsitech.in.net/verification.google id: auto-2f0ea42cd3fe04ec245a37881f47ab7e295f2a9cbd5de472c81ace7e5a3c1d96 status: experimental description: Detects traffic or activity related to https://zone-w3-area.sinapsitech.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://zone-w3-area.sinapsitech.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://rim-k77-outer.altocentro.in.net/verification.google id: auto-379242dbaeb5e71c7c0a483727d24ec1053d7fb1c996ab94d068e1adc4994290 status: experimental description: Detects traffic or activity related to https://rim-k77-outer.altocentro.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://rim-k77-outer.altocentro.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://sync-m1-vision.altocentro.in.net/verification.google id: auto-cc605f28af6ded79707aa462c18db2b188e90702e96ee4f6f2d37565fe38cb25 status: experimental description: Detects traffic or activity related to https://sync-m1-vision.altocentro.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://sync-m1-vision.altocentro.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://scan-a2-point.altocentro.in.net/verification.google id: auto-4f6602b4a35f9ade477d39ecd06279eb31664d2592ebe94355386388ebb67309 status: experimental description: Detects traffic or activity related to https://scan-a2-point.altocentro.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://scan-a2-point.altocentro.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://bridge-e5-light.altocentro.in.net/verification.google id: auto-d9f809fa5b56650b97d037954ce6bf6155909b2aee2920b72db5e66c11871878 status: experimental description: Detects traffic or activity related to https://bridge-e5-light.altocentro.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://bridge-e5-light.altocentro.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://room-v12-dark.fluidonodo.in.net/verification.google id: auto-9de006b0c434250ef0553cd3075ac0ee7ad0c0679d70070672723ca28ef94405 status: experimental description: Detects traffic or activity related to https://room-v12-dark.fluidonodo.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://room-v12-dark.fluidonodo.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://vision-i9-sync.fluidonodo.in.net/verification.google id: auto-15f8ff12f6b6ee66e739e7bfc1ed325862e6d5579fbacdbe98977d87af2bbb32 status: experimental description: Detects traffic or activity related to https://vision-i9-sync.fluidonodo.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://vision-i9-sync.fluidonodo.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ghost-u4-node.fluidonodo.in.net/verification.google id: auto-9a3fc423dc03d1e0838e83ae6341c86c828998900aadc6a5f789e41871739b87 status: experimental description: Detects traffic or activity related to https://ghost-u4-node.fluidonodo.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ghost-u4-node.fluidonodo.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://shell-t2-main.fluidonodo.in.net/verification.google id: auto-d95afb5db0cb4bc344f2f4f769426016f02dde5541367c4e2157b62fc70ccb52 status: experimental description: Detects traffic or activity related to https://shell-t2-main.fluidonodo.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://shell-t2-main.fluidonodo.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://trace-y7-alpha.durolocus.in.net/verification.google id: auto-b9d1f2a346c90acde6b49805a39945a6006e58a9ce187f766155963b6b77b127 status: experimental description: Detects traffic or activity related to https://trace-y7-alpha.durolocus.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://trace-y7-alpha.durolocus.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://user-l0-access.durolocus.in.net/verification.google id: auto-0fa5aa8ccb38134f680fcf50db4e2b985023eedd80cf48a40bf0788483190107 status: experimental description: Detects traffic or activity related to https://user-l0-access.durolocus.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://user-l0-access.durolocus.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://db-g3-point.durolocus.in.net/verification.google id: auto-7b3160804aa364a0b4fa4208b0f1e1019021e4808c1108589ac5f290fffe554d status: experimental description: Detects traffic or activity related to https://db-g3-point.durolocus.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://db-g3-point.durolocus.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://base-f11-infra.durolocus.in.net/verification.google id: auto-e31a3f414801cc114ea9dcef510014cacbf6cb959844b8ff481646344c753bae status: experimental description: Detects traffic or activity related to https://base-f11-infra.durolocus.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://base-f11-infra.durolocus.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://net-v8-global.metropunto.in.net/verification.google id: auto-0f821bba1d2033793efb97d530ccb0f89a685e376d659d5bcd7aaf7cda243415 status: experimental description: Detects traffic or activity related to https://net-v8-global.metropunto.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://net-v8-global.metropunto.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://flow-z2-work.metropunto.in.net/verification.google id: auto-34f5de354d0dd8b45ac3bab83d6c937e9efeffbc1ab25f118ad457c4884629aa status: experimental description: Detects traffic or activity related to https://flow-z2-work.metropunto.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://flow-z2-work.metropunto.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://hub-v01-local.metropunto.in.net/verification.google id: auto-b79b5076c4552d5164cd40b8ebbad4c4a80f9ff083ea2f5786014cf943ab583b status: experimental description: Detects traffic or activity related to https://hub-v01-local.metropunto.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://hub-v01-local.metropunto.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://sys-s44-monitor.metropunto.in.net/verification.google id: auto-5ad1d7c2d090ba8622f5735992a1191fb6f99825df08f5a36327f895697b4f1d status: experimental description: Detects traffic or activity related to https://sys-s44-monitor.metropunto.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://sys-s44-monitor.metropunto.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://link-v9-point.vectorbase.in.net/verification.google id: auto-dcb490a18ce81aa381900620f05f0988c1dab270ea8bfef41d6f8c646b8b7c70 status: experimental description: Detects traffic or activity related to https://link-v9-point.vectorbase.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://link-v9-point.vectorbase.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dev-t0-host.vectorbase.in.net/verification.google id: auto-eb8439a21ca959b6fabe1bc31988639b9b8fc2d5406e0a56d0362bd92cf4f3dd status: experimental description: Detects traffic or activity related to https://dev-t0-host.vectorbase.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dev-t0-host.vectorbase.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://api-r5-remote.vectorbase.in.net/verification.google id: auto-5425d770fbc086e400874b334ae9b1a55e25b25f2f2377e7a80f998b5ec8f6bb status: experimental description: Detects traffic or activity related to https://api-r5-remote.vectorbase.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://api-r5-remote.vectorbase.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cloud-w12-store.vectorbase.in.net/verification.google id: auto-bb9e7885b912378ae751167e32ec8edf71d338a28c9ceae4471869432ad3782c status: experimental description: Detects traffic or activity related to https://cloud-w12-store.vectorbase.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cloud-w12-store.vectorbase.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://gate-j2-entry.acustica-v.in.net/verification.google id: auto-fa04d28c45d4b961c6e5f086565e5d2964d76852a406c7b638ca29710ab3b9f0 status: experimental description: Detects traffic or activity related to https://gate-j2-entry.acustica-v.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://gate-j2-entry.acustica-v.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://web-proxy-808.acustica-v.in.net/verification.google id: auto-a2b3998e1dcd35ce54a7fffc1535493d7b4b73751e25cee73f633c826b9994cd status: experimental description: Detects traffic or activity related to https://web-proxy-808.acustica-v.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://web-proxy-808.acustica-v.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://data-v09-core.acustica-v.in.net/verification.google id: auto-37bb451fe53b9d0f1ea0fb44fb77f6198192a1e57b95dc3ebfc68a679d2c175f status: experimental description: Detects traffic or activity related to https://data-v09-core.acustica-v.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://data-v09-core.acustica-v.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://auth-q11-gate.acustica-v.in.net/verification.google id: auto-a8de2318017d894d7d01ef3f6165042d2d0b089d1726c75ed61a60af1a654a44 status: experimental description: Detects traffic or activity related to https://auth-q11-gate.acustica-v.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://auth-q11-gate.acustica-v.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://infra-k7-static.turboflow.in.net/verification.google id: auto-1a99e6f66866fd89a29b05587bc59d8a38e6cd9f51e3b99b3c1b34fd0c108e10 status: experimental description: Detects traffic or activity related to https://infra-k7-static.turboflow.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://infra-k7-static.turboflow.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dist-x2-sync.turboflow.in.net/verification.google id: auto-23438607792f98a3a34f2e9d7667c98fb6b575f5f96db696e18de801bb23b743 status: experimental description: Detects traffic or activity related to https://dist-x2-sync.turboflow.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dist-x2-sync.turboflow.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://app-v44-meta.turboflow.in.net/verification.google id: auto-098e1d0905e1c9661cec07fa3c413698948d7ea29349e5c108841b801f631709 status: experimental description: Detects traffic or activity related to https://app-v44-meta.turboflow.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://app-v44-meta.turboflow.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://srv-z901-node.turboflow.in.net/verification.google id: auto-ddda7216c873c6e782228b8ed33c678b95f163c129ba8ce7da35af621b898295 status: experimental description: Detects traffic or activity related to https://srv-z901-node.turboflow.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://srv-z901-node.turboflow.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://driveouter.yardnext.in.net/verification.google id: auto-197c7c450ddb6d2c051f6f363668ce3fb16ffc2a11088c5f2d0d2f50f54ad2f0 status: experimental description: Detects traffic or activity related to https://driveouter.yardnext.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://driveouter.yardnext.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://msshdxv.yardnext.in.net/verification.google id: auto-2c3396e0db32c975bc0b91a4a572455ea7c7616529bb2fdf391a739c8c084164 status: experimental description: Detects traffic or activity related to https://msshdxv.yardnext.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://msshdxv.yardnext.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://nirnb-node.runfast.in.net/verification.google id: auto-e89a810e0f7b62d981d47460b46189da1e6b6f2bcfd9183b58a3e05212ce9f33 status: experimental description: Detects traffic or activity related to https://nirnb-node.runfast.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://nirnb-node.runfast.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://repsand.runfast.in.net/verification.google id: auto-5c0290dddac693690e916737c7f5231d19267f79f473e7807ec8de20bf5773ff status: experimental description: Detects traffic or activity related to https://repsand.runfast.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://repsand.runfast.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://lumtide7ex.devopsn.in.net/verification.google id: auto-48d681a6cca9a22af660dd7519772a6ab77e25021ac3cf2fd916b2641a2fb7dd status: experimental description: Detects traffic or activity related to https://lumtide7ex.devopsn.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://lumtide7ex.devopsn.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://alt-c4che.devopsn.in.net/verification.google id: auto-da67be07875fb66388f43d033645592deb92d2a3a74d1a8e6eecad575f7e1984 status: experimental description: Detects traffic or activity related to https://alt-c4che.devopsn.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://alt-c4che.devopsn.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://gr0ve7-loop.gramsup.in.net/verification.google id: auto-00f3fb7e02a386c6d67de2cbaa85678fd09e7450c3481b32b0fd6c3fe8580e50 status: experimental description: Detects traffic or activity related to https://gr0ve7-loop.gramsup.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://gr0ve7-loop.gramsup.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://rav3n-sync.gramsup.in.net/verification.google id: auto-34d1b2805320c7f97b9e4e955dff4a8adeadceda91a2f20bfd1db68a6d86b830 status: experimental description: Detects traffic or activity related to https://rav3n-sync.gramsup.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://rav3n-sync.gramsup.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://lxphm9.vouayger.in.net/verification.google id: auto-d8ecc54dd9e4af439443fae98a09b99660372f85a227545fef7ffd0813b45f8b status: experimental description: Detects traffic or activity related to https://lxphm9.vouayger.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://lxphm9.vouayger.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://secureimport.vouayger.in.net/verification.google id: auto-3ad8a6afb8588043a287facce14cf5f6bac76eb903f343b31f248ceca6c33210 status: experimental description: Detects traffic or activity related to https://secureimport.vouayger.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://secureimport.vouayger.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://5h4ll-watch.checkbro.in.net/verification.google id: auto-4a231e23e464c10fa696398b369c60cf683b8e43948ad70e2a25003c12bfca7c status: experimental description: Detects traffic or activity related to https://5h4ll-watch.checkbro.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://5h4ll-watch.checkbro.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://uczgs.checkbro.in.net/verification.google id: auto-d8e70b722b3c5531a47eb282143ab66dc1b2f55595ead1edbccd7096c2af1db3 status: experimental description: Detects traffic or activity related to https://uczgs.checkbro.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://uczgs.checkbro.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://rock-oasis.woodflo.in.net/verification.google id: auto-6292245acb1a9900987d61c17f0f2ebc704057d8c1ecc2e61be2b9b40eea5560 status: experimental description: Detects traffic or activity related to https://rock-oasis.woodflo.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://rock-oasis.woodflo.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://a5say-craft.woodflo.in.net/verification.google id: auto-3b4c981eb1af05ff24edc83f2622bacd62e47823e765f78e3f5611e80b242fdb status: experimental description: Detects traffic or activity related to https://a5say-craft.woodflo.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://a5say-craft.woodflo.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://gdrq4jn.goodwork.in.net/verification.google id: auto-087e4cb1b939caf515783856ea82283e77d3d1f557e7a5ff97d82869c1af4fe4 status: experimental description: Detects traffic or activity related to https://gdrq4jn.goodwork.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://gdrq4jn.goodwork.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://5tud0-glow.goodwork.in.net/verification.google id: auto-5827f2c12688100ffacbdcec70461f2d7b3b36177944d4f9c9f820ac4fe804c0 status: experimental description: Detects traffic or activity related to https://5tud0-glow.goodwork.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://5tud0-glow.goodwork.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ag3nt1-lab.besthire.in.net/verification.google id: auto-8f635f004f9063b6a64d04b1b3e80b60e72034725182e2e83b43838c69307bf5 status: experimental description: Detects traffic or activity related to https://ag3nt1-lab.besthire.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ag3nt1-lab.besthire.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://jhifgpnl.besthire.in.net/verification.google id: auto-f227bfa4b493fedc7444f2fb12a8c3869f4c3a5db33d60bbc39b1a11100c7764 status: experimental description: Detects traffic or activity related to https://jhifgpnl.besthire.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://jhifgpnl.besthire.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://oewl.yardnext.in.net/verification.google id: auto-d5c1e031507b51770c6f63bb3ba88b9cab1a73a4a0f7d514abdda50b12c233bf status: experimental description: Detects traffic or activity related to https://oewl.yardnext.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://oewl.yardnext.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://5hap-phase.yardnext.in.net/verification.google id: auto-93b61df5291268117e80521561965e93e8da4c70fb4275fe5a8930d69e3cbe20 status: experimental description: Detects traffic or activity related to https://5hap-phase.yardnext.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://5hap-phase.yardnext.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://triline7en.yardnext.in.net/verification.google id: auto-e5d3601a32271c67e3056bc29314c3a40b69cce8c3e3823e6725ad46c3b89791 status: experimental description: Detects traffic or activity related to https://triline7en.yardnext.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://triline7en.yardnext.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://c4mp-cast.yardnext.in.net/verification.google id: auto-ec484c65e26e0db6f297a84b4e65a49fed9b129b3c3bd2e42eefaef2608b73f0 status: experimental description: Detects traffic or activity related to https://c4mp-cast.yardnext.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://c4mp-cast.yardnext.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://5umm1-forge.runfast.in.net/verification.google id: auto-36f53fcba972d7bb599bb6054b2430adfa0857c0e3fb76b11780553118930784 status: experimental description: Detects traffic or activity related to https://5umm1-forge.runfast.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://5umm1-forge.runfast.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://lattvisua.runfast.in.net/verification.google id: auto-ad18139080f0682b848feef8f1e010ecaa4e90c3bceadfd3aa5f8e45480de3d2 status: experimental description: Detects traffic or activity related to https://lattvisua.runfast.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://lattvisua.runfast.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://hub-sync.runfast.in.net/verification.google id: auto-88079ed97af67230de6fcb3638036eb093abb880ef62243c6a283f8f105c340b status: experimental description: Detects traffic or activity related to https://hub-sync.runfast.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://hub-sync.runfast.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://trailernode.runfast.in.net/verification.google id: auto-3840c323f8377395ade65927e9050d56d86ba2157d97f4493d23c93d76b05c70 status: experimental description: Detects traffic or activity related to https://trailernode.runfast.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://trailernode.runfast.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://lgd9j832.devopsn.in.net/verification.google id: auto-3bb075f95ba83cdc11e458a7634e0abb070b52fd48ad49a4f2bf95abb767e5ea status: experimental description: Detects traffic or activity related to https://lgd9j832.devopsn.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://lgd9j832.devopsn.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cmavixjw.devopsn.in.net/verification.google id: auto-38583f0c8dacb453156fabea21885eeed1ee0036dac92e8466eebdd83c8cf1ad status: experimental description: Detects traffic or activity related to https://cmavixjw.devopsn.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cmavixjw.devopsn.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://normesha7.devopsn.in.net/verification.google id: auto-7a6420ea1a4daa05fb25e9070625887cd762f0e0f185c3245ceae7d9e1965db1 status: experimental description: Detects traffic or activity related to https://normesha7.devopsn.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://normesha7.devopsn.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://s0ft6-line.devopsn.in.net/verification.google id: auto-3cd3bafe2dbc988ad846d2be81d07732d070009d77a25f136017969779a6c30c status: experimental description: Detects traffic or activity related to https://s0ft6-line.devopsn.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://s0ft6-line.devopsn.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://packetpuls.gramsup.in.net/verification.google id: auto-efc47d12371410d1a3c31cbb828849b1b11738a12cb12046c6b048b5b29edc12 status: experimental description: Detects traffic or activity related to https://packetpuls.gramsup.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://packetpuls.gramsup.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://sc4r-grid.gramsup.in.net/verification.google id: auto-c74e214e0f0ce298bef727265c6971543be63c9407f0043cf892a22069190902 status: experimental description: Detects traffic or activity related to https://sc4r-grid.gramsup.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://sc4r-grid.gramsup.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://9ddky9.vouayger.in.net/verification.google id: auto-c75ccacf725b0df01f6773d8a280925f657323785c2a4dfd0174c78d07b5f918 status: experimental description: Detects traffic or activity related to https://9ddky9.vouayger.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://9ddky9.vouayger.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://arkfluxor.vouayger.in.net/verification.google id: auto-cd460313e7729157ff2eb169e03454304a67237daef387dc9cdfc2af50b4bde8 status: experimental description: Detects traffic or activity related to https://arkfluxor.vouayger.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://arkfluxor.vouayger.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://vlecktv.checkbro.in.net/verification.google id: auto-ebbe96b26db9c97153145b2b5781d287b352141acd60ee985a02599e963934a1 status: experimental description: Detects traffic or activity related to https://vlecktv.checkbro.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://vlecktv.checkbro.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://arktide4ix.checkbro.in.net/verification.google id: auto-50bd97946393bff6d91bb614b3b9f753b65f30ecb9ae96ff56c11e4a4dfa9149 status: experimental description: Detects traffic or activity related to https://arktide4ix.checkbro.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://arktide4ix.checkbro.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://pkidfz.woodflo.in.net/verification.google id: auto-0f7426772191ffb4a28c5972bd081ffff241eddafd4a0d1a572f4b271cd7b9e1 status: experimental description: Detects traffic or activity related to https://pkidfz.woodflo.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://pkidfz.woodflo.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://fina1-hold.woodflo.in.net/verification.google id: auto-de70b3953582c3a8f8261e5492845a203d87c66a2a45c93b8141e3f854e0ba1b status: experimental description: Detects traffic or activity related to https://fina1-hold.woodflo.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://fina1-hold.woodflo.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://clusbuild.goodwork.in.net/verification.google id: auto-47110861486988d7da95a069e0fc48a6a759e7f3f67a99238d3ff1525d39e682 status: experimental description: Detects traffic or activity related to https://clusbuild.goodwork.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://clusbuild.goodwork.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://crawltheory.goodwork.in.net/verification.google id: auto-2c2b2c7bd5cc28318f5142ce946c061712e9674aaed925ac78252848e3a328ce status: experimental description: Detects traffic or activity related to https://crawltheory.goodwork.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://crawltheory.goodwork.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://vszagmsi.besthire.in.net/verification.google id: auto-667bf640230867cdf72647ef12a331314be08bf72ace2760cf0bb75545e6fa0d status: experimental description: Detects traffic or activity related to https://vszagmsi.besthire.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://vszagmsi.besthire.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://sub-dr1v.besthire.in.net/verification.google id: auto-5214f50d51086f349e3e27e3e37f03aa99de30f192ef3f245eb88ba0fff14089 status: experimental description: Detects traffic or activity related to https://sub-dr1v.besthire.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://sub-dr1v.besthire.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://orch3st-plate.gramsup.in.net/verification.google id: auto-f994f13549b61ab96f8c66c789e7218e5ca76782f4ebe80f333bc85ca3b4206b status: experimental description: Detects traffic or activity related to https://orch3st-plate.gramsup.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://orch3st-plate.gramsup.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://gent1-core.gramsup.in.net/verification.google id: auto-b635f640fdc3cebfc9272a0c39354f029f56f5f6398d2ae9238e7685f7c5f678 status: experimental description: Detects traffic or activity related to https://gent1-core.gramsup.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://gent1-core.gramsup.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://islbay.gramsup.in.net/verification.google id: auto-1ea86919b24c95f299eeafc785b6385a878616dc66287da9b4473698ffb72e09 status: experimental description: Detects traffic or activity related to https://islbay.gramsup.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://islbay.gramsup.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://roadspring.gramsup.in.net/verification.google id: auto-af6f15076fc163c6e72d6b947fdb973c28e3ad037dcc4103bf3e26b340c073f6 status: experimental description: Detects traffic or activity related to https://roadspring.gramsup.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://roadspring.gramsup.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dynvenos7.vouayger.in.net/verification.google id: auto-c02aa7f1db6d7d9882e84f6bc835b6878f637508adb5abf8554dda69258dd28f status: experimental description: Detects traffic or activity related to https://dynvenos7.vouayger.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dynvenos7.vouayger.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://branchpubli.vouayger.in.net/verification.google id: auto-8b8b307c88a0228fea410ae7a106cf67ac071e60cf6db746da6a7db00f7ef99d status: experimental description: Detects traffic or activity related to https://branchpubli.vouayger.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://branchpubli.vouayger.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://palesdk.vouayger.in.net/verification.google id: auto-e9174dd9a3e1ab4943f46b28ea3f98d427b407646465c7d6079ff4bfab0b0ccc status: experimental description: Detects traffic or activity related to https://palesdk.vouayger.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://palesdk.vouayger.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ty30.vouayger.in.net/verification.google id: auto-5e3b5cbade4668c953d7367040c04e67f66e68515a77d9bf5c305fa3418c43fb status: experimental description: Detects traffic or activity related to https://ty30.vouayger.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ty30.vouayger.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://github.com/FomaNory/Adobe-Substance-3D-Painter/releases/download/Release/Loader.msi id: auto-cccd14887bccbb509fd9c32f2a6f90011f8d54a79df56263e135feff2596dd99 status: experimental description: Detects traffic or activity related to https://github.com/FomaNory/Adobe-Substance-3D-Painter/releases/download/Release/Loader.msi which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://github.com/FomaNory/Adobe-Substance-3D-Painter/releases/download/Release/Loader.msi*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://grocery.brightnous.com/images/vxjirch/mqkrehf/vxbcdrz/gmchmkp.txt id: auto-2bd3652034bfadd686ceba7b84c19f8111bc57473c38daa53dde2b0fa2c67961 status: experimental description: Detects traffic or activity related to https://grocery.brightnous.com/images/vxjirch/mqkrehf/vxbcdrz/gmchmkp.txt which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://grocery.brightnous.com/images/vxjirch/mqkrehf/vxbcdrz/gmchmkp.txt*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://sunchernical.com/blessed/blessed/ENCRYPT.Ps1 id: auto-2b35496d4d3a660d97b119e02b2f12a029ed584738f106cc3a4555a8065d11a2 status: experimental description: Detects traffic or activity related to https://sunchernical.com/blessed/blessed/ENCRYPT.Ps1 which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://sunchernical.com/blessed/blessed/ENCRYPT.Ps1*' condition: selection level: high tags: - attack.t1059.001 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://7uka.checkbro.in.net/verification.google id: auto-d80fca25f5f4aa832e36161e3792062ce8641e7114e22c960bbb3627b7280c7e status: experimental description: Detects traffic or activity related to https://7uka.checkbro.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://7uka.checkbro.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://zen-fluxon.checkbro.in.net/verification.google id: auto-d49e0ae773f35ac07dbc4423e91fe437fa4074807017c4890bf24e0fb3acd78e status: experimental description: Detects traffic or activity related to https://zen-fluxon.checkbro.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://zen-fluxon.checkbro.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://vorspire4a.checkbro.in.net/verification.google id: auto-f9b3e45f1988ff9a3f5868b6898676c31f8496873c226fbca1e387b0689e34b4 status: experimental description: Detects traffic or activity related to https://vorspire4a.checkbro.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://vorspire4a.checkbro.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://torrentink.checkbro.in.net/verification.google id: auto-8c8f4191537c0a162d16c2383355b1abc5e62e59d90f60efd2c7da6a10df535b status: experimental description: Detects traffic or activity related to https://torrentink.checkbro.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://torrentink.checkbro.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://innerbund.woodflo.in.net/verification.google id: auto-434982b4dddd555603e285c1429cfe17aa4e2a1bd21912e815a24d668b9ccfa2 status: experimental description: Detects traffic or activity related to https://innerbund.woodflo.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://innerbund.woodflo.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://grocery.brightnous.com/images/vxjirch/mqkrehf/vxbcdrz/ddcgagd.txt id: auto-912c60da62e969de0972a56d04a707f83c266e3794b8b0b3131f8ba259e7418e status: experimental description: Detects traffic or activity related to https://grocery.brightnous.com/images/vxjirch/mqkrehf/vxbcdrz/ddcgagd.txt which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://grocery.brightnous.com/images/vxjirch/mqkrehf/vxbcdrz/ddcgagd.txt*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://pastefy.app/RoBl0TEe/raw id: auto-da28d22ef7e17d4966527792fe771e0099cb3e8920c1b19b9d6c77368c27365c status: experimental description: Detects traffic or activity related to https://pastefy.app/RoBl0TEe/raw which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://pastefy.app/RoBl0TEe/raw*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://grocery.brightnous.com/images/vxjirch/mqkrehf/vxbcdrz/rhaadpf.txt id: auto-9c64573f17ea904a036846a6a3ae66a5952994ecc2642ec18ff48d52b8856b45 status: experimental description: Detects traffic or activity related to https://grocery.brightnous.com/images/vxjirch/mqkrehf/vxbcdrz/rhaadpf.txt which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://grocery.brightnous.com/images/vxjirch/mqkrehf/vxbcdrz/rhaadpf.txt*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://pastefy.app/3ocDEoXR/raw id: auto-28cf0a75184c95b632fc519bfad2cdd4874c1e6259d18c754e6201a038854399 status: experimental description: Detects traffic or activity related to https://pastefy.app/3ocDEoXR/raw which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://pastefy.app/3ocDEoXR/raw*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://oxtn0z.woodflo.in.net/verification.google id: auto-0fdcb9e7b4a8bcc358b9a07a5e443890f68c56402dc66427cb80fc3dd8310c71 status: experimental description: Detects traffic or activity related to https://oxtn0z.woodflo.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://oxtn0z.woodflo.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://atomi5-watch.woodflo.in.net/verification.google id: auto-ad7a5c6f96cc7d7444baa11ec34cd35e53f1153962c0755eb2a42700f51547dd status: experimental description: Detects traffic or activity related to https://atomi5-watch.woodflo.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://atomi5-watch.woodflo.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://lumlithis8.woodflo.in.net/verification.google id: auto-cd889272e6dc1656c7b3f814707faac9b731adbebe29b81a07e05be2c06dc4ef status: experimental description: Detects traffic or activity related to https://lumlithis8.woodflo.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://lumlithis8.woodflo.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://biropt.goodwork.in.net/verification.google id: auto-de52bca00581d480bcba993edf99911794095ef6b4f39e7610865053e4ee755e status: experimental description: Detects traffic or activity related to https://biropt.goodwork.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://biropt.goodwork.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://tal-nexos.goodwork.in.net/verification.google id: auto-d2a2d01ad3f88af943b10f6ca95d6164c9e5d8657b1a5882974ed3c1872f31be status: experimental description: Detects traffic or activity related to https://tal-nexos.goodwork.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://tal-nexos.goodwork.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://craf-freig.goodwork.in.net/verification.google id: auto-f33d6a332369a8471915b18c4248d83793f1a5751e1eb59547ef5320b4785452 status: experimental description: Detects traffic or activity related to https://craf-freig.goodwork.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://craf-freig.goodwork.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://mist-logic.goodwork.in.net/verification.google id: auto-a4974c30cb79d367b2c47daeb0172327c146839d88c8eeacbb3ce50de4a4588f status: experimental description: Detects traffic or activity related to https://mist-logic.goodwork.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://mist-logic.goodwork.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://carrypublish.besthire.in.net/verification.google id: auto-2a442ea3c417a90159d60d8885b9d8bbcb72e011b9b8606bb071838446d676a6 status: experimental description: Detects traffic or activity related to https://carrypublish.besthire.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://carrypublish.besthire.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://norcrest7is.besthire.in.net/verification.google id: auto-2515552a2765b07f7194c7812b6e95678c1f71dfac0b596bb30f2c589b3eac66 status: experimental description: Detects traffic or activity related to https://norcrest7is.besthire.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://norcrest7is.besthire.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://adapterprime.besthire.in.net/verification.google id: auto-ef2bed47eb3b2cc54d517deb503fd552346773d06b59181b9b78b56b09a80fab status: experimental description: Detects traffic or activity related to https://adapterprime.besthire.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://adapterprime.besthire.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://lumcrestor.besthire.in.net/verification.google id: auto-7d6f62e0e94133ab1a605cde3b44d5d8b19fc0fa95649e89d67a99ca4213dd4a status: experimental description: Detects traffic or activity related to https://lumcrestor.besthire.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://lumcrestor.besthire.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ds-grok.bokshire.in.net/verification.google id: auto-6dbdd76ac9d67134fb574981f7be0b7f7172b4ceaf27b4273bf744d2a39115fd status: experimental description: Detects traffic or activity related to https://ds-grok.bokshire.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ds-grok.bokshire.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://fast7.bokshire.in.net/verification.google id: auto-0c4cf854d30eb15fe118a939e5999ad54e72e02153a5c678f42cce446f9270b3 status: experimental description: Detects traffic or activity related to https://fast7.bokshire.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://fast7.bokshire.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://geamervial.slashbak.in.net/verification.google id: auto-91cd707c4f87bc54d6fd6e75070bed09b11db30e2f4d953fd55e8df5aa8fa350 status: experimental description: Detects traffic or activity related to https://geamervial.slashbak.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://geamervial.slashbak.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://sentinsp.natneth.in.net/verification.google id: auto-aa0d54ad274dfd4a95fddebe2c2d662efdfe10e62ce1e054ae9c623edf339fb9 status: experimental description: Detects traffic or activity related to https://sentinsp.natneth.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://sentinsp.natneth.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://microneur.bokshire.in.net/verification.google id: auto-a5decb756dbab4fa7f74804f0879ddf10a26fc9a326bae96d2aaf5abde2ad359 status: experimental description: Detects traffic or activity related to https://microneur.bokshire.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://microneur.bokshire.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://neuronbundle.bokshire.in.net/verification.google id: auto-85d36d736a47da58750eae42f5d44e39e62202d99ce7b3fa838f12d6491e4fa1 status: experimental description: Detects traffic or activity related to https://neuronbundle.bokshire.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://neuronbundle.bokshire.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://5andb0x-gate.bokshire.in.net/verification.google id: auto-cdc232d4ddca4b4238d7c802dda3b47b3bb1dd7e307598b17912453c1b6d091f status: experimental description: Detects traffic or activity related to https://5andb0x-gate.bokshire.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://5andb0x-gate.bokshire.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ynpxhbz.bokshire.in.net/verification.google id: auto-170b602cf4fb61f518bd0863365b066fadbe1e844a6d2bb14ace9de8627f4b15 status: experimental description: Detects traffic or activity related to https://ynpxhbz.bokshire.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ynpxhbz.bokshire.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dropmefiles.com/7Tpu0 id: auto-a7d59b0db89bc2cf5969849aeb7f430c91901b858a70f11d798f4de90cb0dfca status: experimental description: Detects traffic or activity related to https://dropmefiles.com/7Tpu0 which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dropmefiles.com/7Tpu0*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://whrc.ru/files/jar/RuntimeBroker.exe id: auto-ce84b4858ae2111a37b414317e8e4c64925b458c51d9af067af721f5f291887f status: experimental description: Detects traffic or activity related to https://whrc.ru/files/jar/RuntimeBroker.exe which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://whrc.ru/files/jar/RuntimeBroker.exe*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://www.mediafire.com/file/bm0cj6jfpki80yd/Xeno.zip/file id: auto-f103c18535a9253d1896ef25108c745739c40f3fe5a0fb2b4b0666f2f5bca725 status: experimental description: Detects traffic or activity related to https://www.mediafire.com/file/bm0cj6jfpki80yd/Xeno.zip/file which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://www.mediafire.com/file/bm0cj6jfpki80yd/Xeno.zip/file*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://limewire.com/d/pQojy#OKnl04bf7o id: auto-1d03edddcd77b614d1d6465fbb76dedcf6d99190ac7072d0ea6f0c11a202306b status: experimental description: Detects traffic or activity related to https://limewire.com/d/pQojy#OKnl04bf7o which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://limewire.com/d/pQojy#OKnl04bf7o*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://gardeninsp.natneth.in.net/verification.google id: auto-dec6d8fe4f7be33f78c091c222dc17722d3c22b751384827a88446481b26caa2 status: experimental description: Detects traffic or activity related to https://gardeninsp.natneth.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://gardeninsp.natneth.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://www.dropbox.com/t/TdZoYTuggGYL7vgl id: auto-6b698ac253bc83e0a2af8377886dd5642d533e57068ed28444d11714a81e968b status: experimental description: Detects traffic or activity related to https://www.dropbox.com/t/TdZoYTuggGYL7vgl which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://www.dropbox.com/t/TdZoYTuggGYL7vgl*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://kernelbrid.natneth.in.net/verification.google id: auto-d4791511e2c12e75926c53f02ea778d2959b9a8e0fe7a87f93c84e0610be1e8c status: experimental description: Detects traffic or activity related to https://kernelbrid.natneth.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://kernelbrid.natneth.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://shapedock.natneth.in.net/verification.google id: auto-3f451e527c8a96a9a965adfd4ff80f0e3109afa8e54b8a97bbf763b18eb8c753 status: experimental description: Detects traffic or activity related to https://shapedock.natneth.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://shapedock.natneth.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://anchor0-mount.natneth.in.net/verification.google id: auto-b4f5bc5a2111d469bb0305db19b754ac32c9b10507eed10bc5404897df5506b3 status: experimental description: Detects traffic or activity related to https://anchor0-mount.natneth.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://anchor0-mount.natneth.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://south1-wave.slashbak.in.net/verification.google id: auto-895e2c18c06ee60997060bfd29935ae996dc0da62bf1e0999f4e665c9a9caad3 status: experimental description: Detects traffic or activity related to https://south1-wave.slashbak.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://south1-wave.slashbak.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://streamervial.slashbak.in.net/verification.google id: auto-919d7b541b4dbf89201ade18b32a3a2a249f156553b2576b2b7af37c9062459d status: experimental description: Detects traffic or activity related to https://streamervial.slashbak.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://streamervial.slashbak.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://geo-n0de.slashbak.in.net/verification.google id: auto-20c3d3882c5915913634f840a9d9b9de4cef7f09fbfab73023f396ef0f3a3ddd status: experimental description: Detects traffic or activity related to https://geo-n0de.slashbak.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://geo-n0de.slashbak.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://monit8-spark.slashbak.in.net/verification.google id: auto-3a54f8a572663e19593b29edbc0d5333328e475d02b44f37969c22c483373c8a status: experimental description: Detects traffic or activity related to https://monit8-spark.slashbak.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://monit8-spark.slashbak.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://forest-sparr.copyvrok.in.net/verification.google id: auto-43892c974856699e67dbcba5e74c7d158c0660a35c8d0e5fa87c7d80d20635b3 status: experimental description: Detects traffic or activity related to https://forest-sparr.copyvrok.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://forest-sparr.copyvrok.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://rktqwhu.copyvrok.in.net/verification.google id: auto-092040efc3dd2610d44b7268e11d10564b8d5914cc565cf56bb1e1621f3e666d status: experimental description: Detects traffic or activity related to https://rktqwhu.copyvrok.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://rktqwhu.copyvrok.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - http://github.com/qudette/fluffy-dollop/releases/download/Tag/DesireHack.zip id: auto-2c14ce5c1612794bb24c38c51e88e6785714ca51e5b12511e13034eae64e4ef1 status: experimental description: Detects traffic or activity related to http://github.com/qudette/fluffy-dollop/releases/download/Tag/DesireHack.zip which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*http://github.com/qudette/fluffy-dollop/releases/download/Tag/DesireHack.zip*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://igewi86i.copyvrok.in.net/verification.google id: auto-7ee50ab8ec140494f1b9b39a41cbcb19a85d0da872329046ee40c08096997f5e status: experimental description: Detects traffic or activity related to https://igewi86i.copyvrok.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://igewi86i.copyvrok.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://enzym-nod.copyvrok.in.net/verification.google id: auto-e4eeccb705f25d8ee982c129fc209b11d23377ad6c7bce8ac86685982ce893ac status: experimental description: Detects traffic or activity related to https://enzym-nod.copyvrok.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://enzym-nod.copyvrok.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://677ktc.slashbak.in.net/verification.google id: auto-f2932a28302f2b11af6ae5fcdceee9f0924dbf53cab0023fdc6b22c0a08a18e8 status: experimental description: Detects traffic or activity related to https://677ktc.slashbak.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://677ktc.slashbak.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cache-path.slashbak.in.net/verification.google id: auto-a30e64206d931040f4bd5f3cfc5020f1fdadcd883de7d8fe6a123d9fab7f86c6 status: experimental description: Detects traffic or activity related to https://cache-path.slashbak.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cache-path.slashbak.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://innerrouter.slashbak.in.net/verification.google id: auto-516e71ed8da522c36de2e61410862c4abb4bb899711cb1335d79d13a867431d8 status: experimental description: Detects traffic or activity related to https://innerrouter.slashbak.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://innerrouter.slashbak.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://lago-lun.slashbak.in.net/verification.google id: auto-3899f44ad2f2fcde97ad6b7933e910159b25182e3d34650572c177a341fca012 status: experimental description: Detects traffic or activity related to https://lago-lun.slashbak.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://lago-lun.slashbak.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://syncgath.copyvrok.in.net/verification.google id: auto-bbe0b10099853c3410acf5649ec6174ad9eaba2f478066f663c5cb3f37317e7f status: experimental description: Detects traffic or activity related to https://syncgath.copyvrok.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://syncgath.copyvrok.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - http://158.94.208.7/files/8468794285/4Ma9Ksk.exe id: auto-61a228b781c0ed9053621a6954077c9ec0699ef3c0b2ba297eef86a7a47731c3 status: experimental description: Detects traffic or activity related to http://158.94.208.7/files/8468794285/4Ma9Ksk.exe which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*http://158.94.208.7/files/8468794285/4Ma9Ksk.exe*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://main-j9-point.gravix-net.cfd/verification.google id: auto-71fc755850ad55fdf447bdf46711624a59353cf3fe6a2c6d1897074379b9daf3 status: experimental description: Detects traffic or activity related to https://main-j9-point.gravix-net.cfd/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://main-j9-point.gravix-net.cfd/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://sync-h1-data.gravix-net.cfd/verification.google id: auto-809a83d9aa3171789e1f8e715e67a605ff6f592ba3a1bd7ec94874092b3b6f77 status: experimental description: Detects traffic or activity related to https://sync-h1-data.gravix-net.cfd/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://sync-h1-data.gravix-net.cfd/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://gate-p7-proxy.gravix-net.cfd/verification.google id: auto-5ec41679b03f983f7f7608261ecc2320f32f7e19bf8206fcc3a5887e7991bfc3 status: experimental description: Detects traffic or activity related to https://gate-p7-proxy.gravix-net.cfd/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://gate-p7-proxy.gravix-net.cfd/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://web-s3-infra.gravix-net.cfd/verification.google id: auto-8a669877d3a70c41c1226b85e4a20e7f8817abb80589445fb7d67d7d192deb30 status: experimental description: Detects traffic or activity related to https://web-s3-infra.gravix-net.cfd/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://web-s3-infra.gravix-net.cfd/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://link-r1-sat.densocore.cfd/verification.google id: auto-7e2276019b4f68f31b4a4c54cc83397ca5822df1334fba6c2bc687f45fd1ac0d status: experimental description: Detects traffic or activity related to https://link-r1-sat.densocore.cfd/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://link-r1-sat.densocore.cfd/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://core-q9-rock.densocore.cfd/verification.google id: auto-8acf257b3ea4c4172ffa237c3c5c010b7f6285c9cc5a09f6b90a3c7cd89571e5 status: experimental description: Detects traffic or activity related to https://core-q9-rock.densocore.cfd/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://core-q9-rock.densocore.cfd/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://base-b4-steel.densocore.cfd/verification.google id: auto-8544d7602ac03ed258e3a877116dd1b7f8b2670db7027404a82382161df7a761 status: experimental description: Detects traffic or activity related to https://base-b4-steel.densocore.cfd/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://base-b4-steel.densocore.cfd/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://orbit-n0-moon.densocore.cfd/verification.google id: auto-3f3200016892c8f49183ecd12e941767585bd01184d5c4858ab51414bc8e0acb status: experimental description: Detects traffic or activity related to https://orbit-n0-moon.densocore.cfd/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://orbit-n0-moon.densocore.cfd/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://space-x9-open.polar-axis.cfd/verification.google id: auto-f59211358ddf7823a3c03822c66be00aa7f7094e3a4f08ef4fc0ae5be610fe0a status: experimental description: Detects traffic or activity related to https://space-x9-open.polar-axis.cfd/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://space-x9-open.polar-axis.cfd/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://field-z2-vast.polar-axis.cfd/verification.google id: auto-ba8878031a7085b778f8156fafa8ea3e76811bbabe2ea2844e38385f4eec3135 status: experimental description: Detects traffic or activity related to https://field-z2-vast.polar-axis.cfd/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://field-z2-vast.polar-axis.cfd/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://zone-w8-area.polar-axis.cfd/verification.google id: auto-9308b36bc73961f012c9fca6a75396ed6c0f5e13c301f7d321e8a4b6aa009c79 status: experimental description: Detects traffic or activity related to https://zone-w8-area.polar-axis.cfd/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://zone-w8-area.polar-axis.cfd/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://rim-k11-outer.polar-axis.cfd/verification.google id: auto-54da92173c7fd88b48b1fa9e686a419c9e73f6e673e8cb8ffd892997af190a13 status: experimental description: Detects traffic or activity related to https://rim-k11-outer.polar-axis.cfd/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://rim-k11-outer.polar-axis.cfd/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://scan-a9-point.curva-flux.cfd/verification.google id: auto-a75348a95590e5c7a4d1a079ff42f4a0fd64f334285a3a239e3176af66242d90 status: experimental description: Detects traffic or activity related to https://scan-a9-point.curva-flux.cfd/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://scan-a9-point.curva-flux.cfd/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://bridge-e1-light.curva-flux.cfd/verification.google id: auto-11169377cf7f13d9fa25625eae6dbe7e5cbd09eed9c5c3150bec8036fad1d91f status: experimental description: Detects traffic or activity related to https://bridge-e1-light.curva-flux.cfd/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://bridge-e1-light.curva-flux.cfd/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://room-v5-dark.curva-flux.cfd/verification.google id: auto-e4f63c5149cf632338d924b268cae6621b3650016279a75d298b8b76baf98bfc status: experimental description: Detects traffic or activity related to https://room-v5-dark.curva-flux.cfd/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://room-v5-dark.curva-flux.cfd/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://vision-i4-sync.nauticbase.cfd/verification.google id: auto-1c575ada6e63c030e5d1b63329b60d23428d61de3447433b8e1d23b3d6e44780 status: experimental description: Detects traffic or activity related to https://vision-i4-sync.nauticbase.cfd/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://vision-i4-sync.nauticbase.cfd/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ghost-u9-node.nauticbase.cfd/verification.google id: auto-b3c1ac607ee762f259dc3b9fe54cc1a2d0439325d6c6b47bbb2c1e3a9421a93f status: experimental description: Detects traffic or activity related to https://ghost-u9-node.nauticbase.cfd/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ghost-u9-node.nauticbase.cfd/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://shell-t0-core.nauticbase.cfd/verification.google id: auto-9fbd6f098235c4b07ebf22a8738c89899c10f375eecc969c02d2be95b5b9411a status: experimental description: Detects traffic or activity related to https://shell-t0-core.nauticbase.cfd/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://shell-t0-core.nauticbase.cfd/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://trace-y21-alpha.nauticbase.cfd/verification.google id: auto-59b7bb3d52d2e71ab20fa1ca8a5b72b43c2ad672ae70a468f16a88ed069768c0 status: experimental description: Detects traffic or activity related to https://trace-y21-alpha.nauticbase.cfd/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://trace-y21-alpha.nauticbase.cfd/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://auth-l9-user.termoviva.cfd/verification.google id: auto-62aa9645e424004088824230061410d681bac46e5b83615a13b2a1eb730ad2ce status: experimental description: Detects traffic or activity related to https://auth-l9-user.termoviva.cfd/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://auth-l9-user.termoviva.cfd/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://db-g1-point.termoviva.cfd/verification.google id: auto-ab86265fd6f7b6e111cab592bff6da5240c8713d65dfe22093bfca1757a1bda2 status: experimental description: Detects traffic or activity related to https://db-g1-point.termoviva.cfd/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://db-g1-point.termoviva.cfd/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://base-f3-infra.termoviva.cfd/verification.google id: auto-ad5593a7821a194ef78b6d4c8d634d8c28de1b58fe00a984377e65962bddeb8f status: experimental description: Detects traffic or activity related to https://base-f3-infra.termoviva.cfd/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://base-f3-infra.termoviva.cfd/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://net-d88-global.termoviva.cfd/verification.google id: auto-b76768c3bc0d4c9f7b30d22d798e4cf2bd44d95a2599c3aa02d4933777883222 status: experimental description: Detects traffic or activity related to https://net-d88-global.termoviva.cfd/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://net-d88-global.termoviva.cfd/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://flow-z4-work.prismagrid.cfd/verification.google id: auto-cc68c2f8e62eed4d2a4b14f83f4d4f4610d5c8303534c9b1ce862756dd0a3f3e status: experimental description: Detects traffic or activity related to https://flow-z4-work.prismagrid.cfd/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://flow-z4-work.prismagrid.cfd/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://hub-v22-local.prismagrid.cfd/verification.google id: auto-a716c5540b0bf6be25d030908908d88ec442457d1c284adc5b843f27b13243b2 status: experimental description: Detects traffic or activity related to https://hub-v22-local.prismagrid.cfd/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://hub-v22-local.prismagrid.cfd/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://link-p9-power.prismagrid.cfd/verification.google id: auto-e0628b7d1aa5fde601237a370cbc587b1d6734730e4cbbc58c18e5a09f1488da status: experimental description: Detects traffic or activity related to https://link-p9-power.prismagrid.cfd/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://link-p9-power.prismagrid.cfd/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://sys-s01-monitor.prismagrid.cfd/verification.google id: auto-c3ae811496b361e3894a68dde0e1152190c7a66e61a6c8bbff47a5f301ccf4f1 status: experimental description: Detects traffic or activity related to https://sys-s01-monitor.prismagrid.cfd/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://sys-s01-monitor.prismagrid.cfd/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://gate-v5-entry.fluido-v.cfd/verification.google id: auto-1c0be5ca20d8536ec79073413ddb535662841ea00ce18f5cf6a5c51db71b8a65 status: experimental description: Detects traffic or activity related to https://gate-v5-entry.fluido-v.cfd/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://gate-v5-entry.fluido-v.cfd/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dev-t4-host.fluido-v.cfd/verification.google id: auto-3bf181d07b67a7010af9a47dc06080550773284f218c439b83f9eee78dba7884 status: experimental description: Detects traffic or activity related to https://dev-t4-host.fluido-v.cfd/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dev-t4-host.fluido-v.cfd/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://api-r8-remote.fluido-v.cfd/verification.google id: auto-ff87956123da4bf7cee92ed6b037bd690cbf24e11acbb03cc4a29ec64913fe7b status: experimental description: Detects traffic or activity related to https://api-r8-remote.fluido-v.cfd/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://api-r8-remote.fluido-v.cfd/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cloud-w22-store.fluido-v.cfd/verification.google id: auto-27a5d60c79b42b2a8c724ea4b1838ebf7e32ff3827816e951833dac5338ee9b9 status: experimental description: Detects traffic or activity related to https://cloud-w22-store.fluido-v.cfd/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cloud-w22-store.fluido-v.cfd/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://core-j1-sync.optic-prime.cfd/verification.google id: auto-697fba5b72154144572c1948ed8a84e527bc7f57667d1e5a2a7292c331c039c4 status: experimental description: Detects traffic or activity related to https://core-j1-sync.optic-prime.cfd/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://core-j1-sync.optic-prime.cfd/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://web-303-proxy.optic-prime.cfd/verification.google id: auto-727250b71836bef03fc7bf353d8b541e5afe8bad75c8128cc46a5f597a1d2399 status: experimental description: Detects traffic or activity related to https://web-303-proxy.optic-prime.cfd/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://web-303-proxy.optic-prime.cfd/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://app-v09-data.optic-prime.cfd/verification.google id: auto-78213f2eb7a9c468f1a6e9f8f16e6c32eea02b00eff74ed9acda7384c2d9d488 status: experimental description: Detects traffic or activity related to https://app-v09-data.optic-prime.cfd/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://app-v09-data.optic-prime.cfd/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://srv-q44-meta.optic-prime.cfd/verification.google id: auto-1685fd39d5cfb7e1c01ff82ba741701a0a197d9b4327d97e85f44336edee762b status: experimental description: Detects traffic or activity related to https://srv-q44-meta.optic-prime.cfd/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://srv-q44-meta.optic-prime.cfd/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://infra-k1-static.ventonodal.cfd/verification.google id: auto-1e096e6aa3868a0d780073ebc1af731598c24632a7310bb93d2d29478d70b42d status: experimental description: Detects traffic or activity related to https://infra-k1-static.ventonodal.cfd/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://infra-k1-static.ventonodal.cfd/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dist-z7-cache.ventonodal.cfd/verification.google id: auto-96401703d5417ceb49b0008d6e3c4f56731dac636c4b025397fb78d14910dee9 status: experimental description: Detects traffic or activity related to https://dist-z7-cache.ventonodal.cfd/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dist-z7-cache.ventonodal.cfd/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://sync-v02-edge.ventonodal.cfd/verification.google id: auto-8e1366fbacd590106112eaf98acb8dfaa7e13f8fe083502eb2726ec408561aba status: experimental description: Detects traffic or activity related to https://sync-v02-edge.ventonodal.cfd/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://sync-v02-edge.ventonodal.cfd/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://node-x911-auth.ventonodal.cfd/verification.google id: auto-e54e63cfd3c799a837f0fb20f85f2c78bab45be16d538a2456d150f1bb9bb124 status: experimental description: Detects traffic or activity related to https://node-x911-auth.ventonodal.cfd/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://node-x911-auth.ventonodal.cfd/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://breezetide.slashbak.in.net/verification.google id: auto-0f445788096d235c5f067dfcc5507c2746f7275bdbc706515bae276be89120c5 status: experimental description: Detects traffic or activity related to https://breezetide.slashbak.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://breezetide.slashbak.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://lanecheck.slashbak.in.net/verification.google id: auto-ed671a7ecc56d082aeec0054024b58fe6ea383df5a2a78e7e2ae94cf38a508d1 status: experimental description: Detects traffic or activity related to https://lanecheck.slashbak.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://lanecheck.slashbak.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://4ztdaumj.slashbak.in.net/verification.google id: auto-4b253605c675f65abf547493095ba24a259dbc89772358a1446a7e8a5d6cc725 status: experimental description: Detects traffic or activity related to https://4ztdaumj.slashbak.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://4ztdaumj.slashbak.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://alignpro.slashbak.in.net/verification.google id: auto-0e629e6957a19e962bd99800be3d94b9501102863a8842037d786f0c9a862f92 status: experimental description: Detects traffic or activity related to https://alignpro.slashbak.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://alignpro.slashbak.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://exhys.copyvrok.in.net/verification.google id: auto-0985fead9c19cf9cb39509914c6d2e73ff1166d710d6d3543d1fffb9318edff3 status: experimental description: Detects traffic or activity related to https://exhys.copyvrok.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://exhys.copyvrok.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://vellineal.copyvrok.in.net/verification.google id: auto-1b2bba96a9ecd2039babf439db21c37a7ffd739bc18e88329a5567d8ca77729a status: experimental description: Detects traffic or activity related to https://vellineal.copyvrok.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://vellineal.copyvrok.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://vor-tidea.copyvrok.in.net/verification.google id: auto-f6cbcf0dad6130d14cd3cd7dc6cac90f8b3254e088fc0841c655c026d5548ee6 status: experimental description: Detects traffic or activity related to https://vor-tidea.copyvrok.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://vor-tidea.copyvrok.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://afikku.copyvrok.in.net/verification.google id: auto-48caf0ec4bd56b41d4ac93b4dff2e2753ead714daab8c7f2476cfbb0278995ca status: experimental description: Detects traffic or activity related to https://afikku.copyvrok.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://afikku.copyvrok.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://link-r5-sat.purosentido.in.net/verification.google id: auto-360469f6979b757e471d9484d96c722f5fdad0475710277c00a006b2b6d90bc0 status: experimental description: Detects traffic or activity related to https://link-r5-sat.purosentido.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://link-r5-sat.purosentido.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://core-q1-rock.purosentido.in.net/verification.google id: auto-c23d94fd1f7055606b9164a1135e8c89de3441d25b6725e5a9c85c64f4740097 status: experimental description: Detects traffic or activity related to https://core-q1-rock.purosentido.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://core-q1-rock.purosentido.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://base-b9-steel.purosentido.in.net/verification.google id: auto-2c041151e71bb40dfbf427d8877c57f269c23599ecb64ec674a5ed326580e502 status: experimental description: Detects traffic or activity related to https://base-b9-steel.purosentido.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://base-b9-steel.purosentido.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://orbit-n4-moon.purosentido.in.net/verification.google id: auto-bfbe583a0251ef78b73c8a548746390e1b96437e3f4b0378a2fe2820da468280 status: experimental description: Detects traffic or activity related to https://orbit-n4-moon.purosentido.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://orbit-n4-moon.purosentido.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://space-x0-open.curvazero.in.net/verification.google id: auto-84987f2cdeb2f061584d41d3b46bcacdb16d15f22eed9c0f6d5c11f9cff45b4c status: experimental description: Detects traffic or activity related to https://space-x0-open.curvazero.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://space-x0-open.curvazero.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://field-z7-vast.curvazero.in.net/verification.google id: auto-b966b2f05be082e39422073e8542808a172101c363942a786b7138cf1ba9f1a4 status: experimental description: Detects traffic or activity related to https://field-z7-vast.curvazero.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://field-z7-vast.curvazero.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://zone-w1-area.curvazero.in.net/verification.google id: auto-c73416aef08c9d5cf28c2fd446fc77d1144e58cbc01d494dc0b08802c8ab7065 status: experimental description: Detects traffic or activity related to https://zone-w1-area.curvazero.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://zone-w1-area.curvazero.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://rim-k9-outer.curvazero.in.net/verification.google id: auto-224d52a65dbcdb3ff1aae46a45a2385bfc71b5429dc78008072c8a5de45ec46e status: experimental description: Detects traffic or activity related to https://rim-k9-outer.curvazero.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://rim-k9-outer.curvazero.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://sync-m8-vision.nexustech-v.in.net/verification.google id: auto-b72d675d7a5b1f8464b1281c3cb7ff83159f08077fca447302e71bccfa6e6f41 status: experimental description: Detects traffic or activity related to https://sync-m8-vision.nexustech-v.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://sync-m8-vision.nexustech-v.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://scan-a4-point.nexustech-v.in.net/verification.google id: auto-06de619235e39b883e8ca386a28a25df8a8f48a5cd39e8d2627255d158ad5e66 status: experimental description: Detects traffic or activity related to https://scan-a4-point.nexustech-v.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://scan-a4-point.nexustech-v.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://bridge-e6-light.nexustech-v.in.net/verification.google id: auto-b3f57966389bac7061cc62d6081b1c09ed7a0fef14851e403260b694b5a090b6 status: experimental description: Detects traffic or activity related to https://bridge-e6-light.nexustech-v.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://bridge-e6-light.nexustech-v.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://vision-i1-sync.primasfera.in.net/verification.google id: auto-c9384abe01a9859b96d8d1cbd670cac29e387a8092d822912f2f0df30dbb7e95 status: experimental description: Detects traffic or activity related to https://vision-i1-sync.primasfera.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://vision-i1-sync.primasfera.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://shell-t5-core.primasfera.in.net/verification.google id: auto-eef92b39c37edfb9dd7ef7caa1791a3761dc25e21c840eebc195b18441bd139a status: experimental description: Detects traffic or activity related to https://shell-t5-core.primasfera.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://shell-t5-core.primasfera.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://trace-y2-alpha.primasfera.in.net/verification.google id: auto-5ce8ddc731b9f9b612301a8008bf1b9d9d76be021dbe3b39fa3a01853f4110e6 status: experimental description: Detects traffic or activity related to https://trace-y2-alpha.primasfera.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://trace-y2-alpha.primasfera.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://auth-l9-user.optimumvia.in.net/verification.google id: auto-7cc75eda137717afb1b192b8246e04db4dd674b2047f721d1e1647e60172340a status: experimental description: Detects traffic or activity related to https://auth-l9-user.optimumvia.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://auth-l9-user.optimumvia.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://db-g7-point.optimumvia.in.net/verification.google id: auto-ee8bf979fb9dc9a068af1764652afc8e7f6029f9b932cf1844d627eea4c2e67c status: experimental description: Detects traffic or activity related to https://db-g7-point.optimumvia.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://db-g7-point.optimumvia.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://base-f4-infra.optimumvia.in.net/verification.google id: auto-2090da411592d0194fc8cade0f2cc065a47d9416c6c5278390247303ca9d4269 status: experimental description: Detects traffic or activity related to https://base-f4-infra.optimumvia.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://base-f4-infra.optimumvia.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://net-d8-global.optimumvia.in.net/verification.google id: auto-bb9f846335fa82f6c47f0e7405226405bceea41a7773a5a4afd7138a092d5cfe status: experimental description: Detects traffic or activity related to https://net-d8-global.optimumvia.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://net-d8-global.optimumvia.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://gate-v7-entry.veloxfundo.in.net/verification.google id: auto-9b085ee1548f8a52960802e398e8553e81d16d20d824f2cd85a8a6a243b2c64b status: experimental description: Detects traffic or activity related to https://gate-v7-entry.veloxfundo.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://gate-v7-entry.veloxfundo.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dev-t44-host.veloxfundo.in.net/verification.google id: auto-3eada9221de778cb60130d5aeceadc4cd9eea195bdebfeacd54f9e4d5692ad12 status: experimental description: Detects traffic or activity related to https://dev-t44-host.veloxfundo.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dev-t44-host.veloxfundo.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://api-r8-remote.veloxfundo.in.net/verification.google id: auto-940f4a650b3a00de6a22b71c99a52a599f854a6516bcfc1bc47071742b62e1a1 status: experimental description: Detects traffic or activity related to https://api-r8-remote.veloxfundo.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://api-r8-remote.veloxfundo.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://infra-z0-static.fluxovivavo.in.net/verification.google id: auto-3709b35d78c9a1a20bd802d29ea9269f722d0c88562c3ed92ba3533a4ac9ad44 status: experimental description: Detects traffic or activity related to https://infra-z0-static.fluxovivavo.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://infra-z0-static.fluxovivavo.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dist-k4-meta.fluxovivavo.in.net/verification.google id: auto-91f0fa3aadb42b9ef7a0ef50a675556d3ef1c132a3b66d4ab26f4d8aac1a6b9b status: experimental description: Detects traffic or activity related to https://dist-k4-meta.fluxovivavo.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dist-k4-meta.fluxovivavo.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://v1-sync-h07.fluxovivavo.in.net/verification.google id: auto-f6a33ef0a08d046c0b9f97626f91d8486e07102ce893594e3b4ef71be571a28c status: experimental description: Detects traffic or activity related to https://v1-sync-h07.fluxovivavo.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://v1-sync-h07.fluxovivavo.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://id-x992-node.fluxovivavo.in.net/verification.google id: auto-238501d694f366b2d198c8256f3595807d230925082cc6e3360b5298d5b68581 status: experimental description: Detects traffic or activity related to https://id-x992-node.fluxovivavo.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://id-x992-node.fluxovivavo.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://c1-core-j3.amplitudo-v.in.net/verification.google id: auto-913d8fcf20eab6d893ed91813a8d4aa39c05669df957a2909a5017a6cd71e9e7 status: experimental description: Detects traffic or activity related to https://c1-core-j3.amplitudo-v.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://c1-core-j3.amplitudo-v.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://x4-web-p09.amplitudo-v.in.net/verification.google id: auto-69f82877b8630687f390cb00ea11724a758abd6ad2a30056574b2da5dd7a772f status: experimental description: Detects traffic or activity related to https://x4-web-p09.amplitudo-v.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://x4-web-p09.amplitudo-v.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://z6-app-h11.amplitudo-v.in.net/verification.google id: auto-5685bdd52632e8278a24be8a061e149a23c37b4d372472349f7871e37d397a7e status: experimental description: Detects traffic or activity related to https://z6-app-h11.amplitudo-v.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://z6-app-h11.amplitudo-v.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://v0-srv-q82.amplitudo-v.in.net/verification.google id: auto-122e7ca0430125767007d1ec825b9bc01eedf6bab808d6843c395541e71ba150 status: experimental description: Detects traffic or activity related to https://v0-srv-q82.amplitudo-v.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://v0-srv-q82.amplitudo-v.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://m2-infra-b4.versicodex.in.net/verification.google id: auto-269624b46271442144452dba86cc41f72208417d3ecd4bfb43d206c6c95f0c86 status: experimental description: Detects traffic or activity related to https://m2-infra-b4.versicodex.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://m2-infra-b4.versicodex.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://k5-dist-z07.versicodex.in.net/verification.google id: auto-5ef29f6b9725e4d13e3804bf96a0cd776aae96c8568ad959f807912903bf4afc status: experimental description: Detects traffic or activity related to https://k5-dist-z07.versicodex.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://k5-dist-z07.versicodex.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://w3-sync-v99.versicodex.in.net/verification.google id: auto-9711e141e82c46bc0625903037057c8fe4a004e4354b4d9b10416cf2ed3b1c27 status: experimental description: Detects traffic or activity related to https://w3-sync-v99.versicodex.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://w3-sync-v99.versicodex.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://b1rch0-route.yellglass.in.net/verification.google id: auto-bfd55d49ca025199bd990cd35ff26cca4163bb0b534e00f38ac15272c04dfbfd status: experimental description: Detects traffic or activity related to https://b1rch0-route.yellglass.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://b1rch0-route.yellglass.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://quordra5a.yellglass.in.net/verification.google id: auto-2c4cd72dfab9811f719602e016bc474ef451e4a600ac96899afe5690177902fa status: experimental description: Detects traffic or activity related to https://quordra5a.yellglass.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://quordra5a.yellglass.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://driver-tru.yellglass.in.net/verification.google id: auto-1e066791c5e7615f2d50702efb46bf27881f190c64a44fb8ba1a3076538e2759 status: experimental description: Detects traffic or activity related to https://driver-tru.yellglass.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://driver-tru.yellglass.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dynlineal3.yellglass.in.net/verification.google id: auto-923f35c1772cd8a33eb39593aba1b976f4e097101b2743387ceda231a363afd9 status: experimental description: Detects traffic or activity related to https://dynlineal3.yellglass.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dynlineal3.yellglass.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cultur3-array.ratflat.in.net/verification.google id: auto-c6f359ba1d45a7bfe062d99d28318c4d04c4afc6167bc37730f6216b889288c6 status: experimental description: Detects traffic or activity related to https://cultur3-array.ratflat.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cultur3-array.ratflat.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://qxff.ratflat.in.net/verification.google id: auto-236ce39dd4990c7c68cafa18ca912bf66147ae99764460b1ae7f32f9526082f3 status: experimental description: Detects traffic or activity related to https://qxff.ratflat.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://qxff.ratflat.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://tiny-stack.ratflat.in.net/verification.google id: auto-2ea13e90cdc52ab001822cf150cde49663cf8a1e730b152a4b2fb4214d6f79e0 status: experimental description: Detects traffic or activity related to https://tiny-stack.ratflat.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://tiny-stack.ratflat.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://nordraal4.ratflat.in.net/verification.google id: auto-892aeb7151fe30eadcc029e739650fc296fa15ddf893dd508167784052b28161 status: experimental description: Detects traffic or activity related to https://nordraal4.ratflat.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://nordraal4.ratflat.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://petalcra.catflat.in.net/verification.google id: auto-753617fa16f1effb474e4139a80a9ae769429a81bcf7cdbe48cdefc3907f6503 status: experimental description: Detects traffic or activity related to https://petalcra.catflat.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://petalcra.catflat.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://nqsl.catflat.in.net/verification.google id: auto-d77292001719412875dcb3149ac704897ddae50caf35622282b397d4cb85084c status: experimental description: Detects traffic or activity related to https://nqsl.catflat.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://nqsl.catflat.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://delive-crest.catflat.in.net/verification.google id: auto-7cb538bf6c8e964963a83f8fb90671a311e3ff5215076b61914decf46acae43a status: experimental description: Detects traffic or activity related to https://delive-crest.catflat.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://delive-crest.catflat.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://riv3-node.catflat.in.net/verification.google id: auto-f9d3a3b30fca5d555aa2e7af3e9270320900c9406b0caa2bc4773398c07fca98 status: experimental description: Detects traffic or activity related to https://riv3-node.catflat.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://riv3-node.catflat.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://banne-shi.catflow.in.net/verification.google id: auto-bafb21b32000645785711f6fb275eccc3ad7ab8dad2007dc89c9a8adf6c4366e status: experimental description: Detects traffic or activity related to https://banne-shi.catflow.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://banne-shi.catflow.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://norcore4ex.catflow.in.net/verification.google id: auto-0ee8d00f84f738ef59efce785b81a5d3b0ed1cf5167f99fefcac866e1dbfdc0e status: experimental description: Detects traffic or activity related to https://norcore4ex.catflow.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://norcore4ex.catflow.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://nmgixmc.catflow.in.net/verification.google id: auto-4be5728489cb7cde3b0486fa0d9cfa0c4ebde606349fc23adfcf5fcfa6fc8025 status: experimental description: Detects traffic or activity related to https://nmgixmc.catflow.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://nmgixmc.catflow.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://openpure.catflow.in.net/verification.google id: auto-2b7a7012c34a9e951f6d34b1ddcb2a00e7fb2069fa334404f679b77da5075f22 status: experimental description: Detects traffic or activity related to https://openpure.catflow.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://openpure.catflow.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://gat3wa-craft.slowcube.in.net/verification.google id: auto-3cc4de4ec153589af0ef1c8a19ef494e307d39617e9dd14c3219e76e1c2f5a7c status: experimental description: Detects traffic or activity related to https://gat3wa-craft.slowcube.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://gat3wa-craft.slowcube.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://1609tkt.slowcube.in.net/verification.google id: auto-42e7c7431c3e4eafeb4f112bbc579d5aaf55642c514ebf76dc5005a63c47746a status: experimental description: Detects traffic or activity related to https://1609tkt.slowcube.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://1609tkt.slowcube.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://launchprocess.slowcube.in.net/verification.google id: auto-4c8e2c5e82eeb27a073d4f65efcc3e13fd1f219a351bb40af212cea6074a06ca status: experimental description: Detects traffic or activity related to https://launchprocess.slowcube.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://launchprocess.slowcube.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cedarclient.slowcube.in.net/verification.google id: auto-43e01d14e2dd8d09d3c535e4abf9504b051ab0d34b1ce4b274b1840a97c6799b status: experimental description: Detects traffic or activity related to https://cedarclient.slowcube.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cedarclient.slowcube.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://znnyfo.sandball.in.net/verification.google id: auto-5c59ecbab52814158b611555f54c4f4c9f7d3b46276b791b8fe0f1de77255993 status: experimental description: Detects traffic or activity related to https://znnyfo.sandball.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://znnyfo.sandball.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://sertideex1.sandball.in.net/verification.google id: auto-ace926d8dbc493ebb7f4c0c451231da090bf29cb66c6edc0839ceb874c653b92 status: experimental description: Detects traffic or activity related to https://sertideex1.sandball.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://sertideex1.sandball.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://klvkpw.sandball.in.net/verification.google id: auto-baf60ef56a505a4d1f1573ec5fc6f87db9b9f3b667be0507b3c829dcafcbd9a3 status: experimental description: Detects traffic or activity related to https://klvkpw.sandball.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://klvkpw.sandball.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://26u4.sandball.in.net/verification.google id: auto-080150a2a288e870a3bbccd35a9861523599c37b4843df8d5a8b67e40f878050 status: experimental description: Detects traffic or activity related to https://26u4.sandball.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://26u4.sandball.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://peak-tra.saltball.in.net/verification.google id: auto-0c3b6f6b04afce1918d7022af8846bee51384e5c3b80a034225ea5bec75bd083 status: experimental description: Detects traffic or activity related to https://peak-tra.saltball.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://peak-tra.saltball.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://geo-5car1et.saltball.in.net/verification.google id: auto-8f742ddc69ef13940292a47f97dbadad6ab499d8c0f9fcdcf39984c11035ad07 status: experimental description: Detects traffic or activity related to https://geo-5car1et.saltball.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://geo-5car1et.saltball.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://truemeasur.saltball.in.net/verification.google id: auto-d88ae87a0ed4b7608d45b7d1effe91ae91d3dcf9701e9307abc194d185aaf3e1 status: experimental description: Detects traffic or activity related to https://truemeasur.saltball.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://truemeasur.saltball.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://biomefocus.saltball.in.net/verification.google id: auto-d980adaab4247e0e0ebcfbc160fea796dd56cc8bee394c23409da028110341de status: experimental description: Detects traffic or activity related to https://biomefocus.saltball.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://biomefocus.saltball.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://compdark.darkboll.in.net/verification.google id: auto-45179ab86cbde7e2f32b48f235b720d396172e71db8dd428342bb9518696e525 status: experimental description: Detects traffic or activity related to https://compdark.darkboll.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://compdark.darkboll.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://eyw3w.darkboll.in.net/verification.google id: auto-a5e4ab8b88bc33dfad20664149ed0c925372da4b690d5d57db28dfa7895fc656 status: experimental description: Detects traffic or activity related to https://eyw3w.darkboll.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://eyw3w.darkboll.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://4utu6-forge.darkboll.in.net/verification.google id: auto-571371df6b8914e0c51a8e6f291b257ec081e617168cdcf72cb0ea1e80ec2c61 status: experimental description: Detects traffic or activity related to https://4utu6-forge.darkboll.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://4utu6-forge.darkboll.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://hub-phase.darkboll.in.net/verification.google id: auto-b8a82174f17529c9411c2df2b3d008b0d317ffd1f74de63410f31386d988fa14 status: experimental description: Detects traffic or activity related to https://hub-phase.darkboll.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://hub-phase.darkboll.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://circuitpublis.inkpit.in.net/verification.google id: auto-57584aa18beedbfd4c591e2e125f50cab3b8695d9db7c51a0e01663dd4d9a3c0 status: experimental description: Detects traffic or activity related to https://circuitpublis.inkpit.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://circuitpublis.inkpit.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://02kbny.inkpit.in.net/verification.google id: auto-c06859ec213099dbd514f6ee7e9b5e62f00728c9fd754bebf279150ee96fb54a status: experimental description: Detects traffic or activity related to https://02kbny.inkpit.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://02kbny.inkpit.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://urb4n-gate.inkpit.in.net/verification.google id: auto-439cc882dde71c09e7a8e0d588987144b942e82325552622b43d9b851fafe350 status: experimental description: Detects traffic or activity related to https://urb4n-gate.inkpit.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://urb4n-gate.inkpit.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://kelvenis7.inkpit.in.net/verification.google id: auto-5101f15736c7bc1c599ab11e232a6ac6ac070485ab5a6545fc73597e1e1d9524 status: experimental description: Detects traffic or activity related to https://kelvenis7.inkpit.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://kelvenis7.inkpit.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://d15p6-cast.inksky.in.net/verification.google id: auto-498e18acf6fd8e92cec5facd4392f644a9f184ca96fa3d11cf20878b28c1e96e status: experimental description: Detects traffic or activity related to https://d15p6-cast.inksky.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://d15p6-cast.inksky.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://neo-t1ny.inksky.in.net/verification.google id: auto-1a32f9a3b166121f3a1b31898a5e953740866b9002ddd999ee71c0d73a086ac4 status: experimental description: Detects traffic or activity related to https://neo-t1ny.inksky.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://neo-t1ny.inksky.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://golsec.inksky.in.net/verification.google id: auto-622a22d4030ae0b9fcdc0334d3f6dd2155df1fb2ed6f53787354c1b3c825a420 status: experimental description: Detects traffic or activity related to https://golsec.inksky.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://golsec.inksky.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://zentide0on.tempiso.in.net/verification.google id: auto-c575105db642fd88221cc5ee4c141a14da34a7337d9d89796e4382cfa665c312 status: experimental description: Detects traffic or activity related to https://zentide0on.tempiso.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://zentide0on.tempiso.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://royalmonitor.tempiso.in.net/verification.google id: auto-eab96a6b2b3e493236486b3e0354d12a965250be71143361d7744be3db3ed5f0 status: experimental description: Detects traffic or activity related to https://royalmonitor.tempiso.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://royalmonitor.tempiso.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://5c4r-trail.tempiso.in.net/verification.google id: auto-e37ead450338448bed06bfb51bfeba20f68092af4ab7ad509b5c988557a96bad status: experimental description: Detects traffic or activity related to https://5c4r-trail.tempiso.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://5c4r-trail.tempiso.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://proto-ed1t.tempiso.in.net/verification.google id: auto-98ca29e429616cf2c0ead48583ea0753f268a9b3bfd5e061ab72aa2cd8e1f3e7 status: experimental description: Detects traffic or activity related to https://proto-ed1t.tempiso.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://proto-ed1t.tempiso.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://4gen-switch.tempink.in.net/verification.google id: auto-614580974528ae0e7effa9d4ad3351a92045f609f4320a7c4c791daea7a8537e status: experimental description: Detects traffic or activity related to https://4gen-switch.tempink.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://4gen-switch.tempink.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://silverins.tempink.in.net/verification.google id: auto-d23d0ae8d778216a94dcb1936b10e9a812fb35f5b6eba83a59dbde35225d119c status: experimental description: Detects traffic or activity related to https://silverins.tempink.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://silverins.tempink.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://jhh0yt.highjoke.in.net/verification.google id: auto-007dbe30a736b3b1394105613a46e4df04aeb11100fe7089528f574a67b1a79e status: experimental description: Detects traffic or activity related to https://jhh0yt.highjoke.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://jhh0yt.highjoke.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://lum-draa.jokerun.in.net/verification.google id: auto-e7b02bb7a888322ac48a81ecf018802033335e47680c9f44adc0def0eab40426 status: experimental description: Detects traffic or activity related to https://lum-draa.jokerun.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://lum-draa.jokerun.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://qpml0.cokefun.in.net/verification.google id: auto-e67a3f970e3efca012b3e3342b7f859fe688170cab25aa746fd5e135aecfb6e1 status: experimental description: Detects traffic or activity related to https://qpml0.cokefun.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://qpml0.cokefun.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://tridraar2.backyard.in.net/verification.google id: auto-2094eec2836fafb88652babf8ac521448736423edc446a1ac1cad45466b4ddc6 status: experimental description: Detects traffic or activity related to https://tridraar2.backyard.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://tridraar2.backyard.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://6klywpf.norsdwest.in.net/verification.google id: auto-f32dd1ee7323b34603f6efe99616b6d9655cac6f4f4a3579326ed86913c42a03 status: experimental description: Detects traffic or activity related to https://6klywpf.norsdwest.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://6klywpf.norsdwest.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://tr3nd-plate.norsdwest.in.net/verification.google id: auto-82350b86f8b7376d3bcc2a23f49e76e1676326773f69e598f6d82a711fd91a71 status: experimental description: Detects traffic or activity related to https://tr3nd-plate.norsdwest.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://tr3nd-plate.norsdwest.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://spring8-branch.easttea.in.net/verification.google id: auto-0d65e8b97b925708115e46b566ee2a41531e2c43f2aea0aa7da219512f4c0f70 status: experimental description: Detects traffic or activity related to https://spring8-branch.easttea.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://spring8-branch.easttea.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://c1ien-forge.octagonon.in.net/verification.google id: auto-f479aea0f1c568b1328ff0f0b32a101e3cff0a2f37f084719aa7c2ed0c605c3f status: experimental description: Detects traffic or activity related to https://c1ien-forge.octagonon.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://c1ien-forge.octagonon.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://neo-sc4r1.blowoff.in.net/verification.google id: auto-b48500cd44a2095b61fc91afdc009d449fecc882ef1fdde4c6994ab179692e5a status: experimental description: Detects traffic or activity related to https://neo-sc4r1.blowoff.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://neo-sc4r1.blowoff.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://geo-reg1st.blowoff.in.net/verification.google id: auto-cb551700b13afa5b58aff211b59fe65cf35af89a6a01b11f20b6ed394d3b81ec status: experimental description: Detects traffic or activity related to https://geo-reg1st.blowoff.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://geo-reg1st.blowoff.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://stac5-signal.jokerun.in.net/verification.google id: auto-5ab563ba4ce7e135bc1a6729a8ed84ee7437f95a47077131a3f3a75ab0562fbc status: experimental description: Detects traffic or activity related to https://stac5-signal.jokerun.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://stac5-signal.jokerun.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://routcha.cokefun.in.net/verification.google id: auto-7c5136d2c816360210a64a4a0718631a15653894417b7d3484cec296dcbc7fd1 status: experimental description: Detects traffic or activity related to https://routcha.cokefun.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://routcha.cokefun.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://p0rta-node.backyard.in.net/verification.google id: auto-5933e53268e406c665eb48db8bdc34aab35316cde077c26c9307e8941e726e99 status: experimental description: Detects traffic or activity related to https://p0rta-node.backyard.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://p0rta-node.backyard.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://f0rrn-core.norsdwest.in.net/verification.google id: auto-6afc36f3a90154027dd292da563005cbaa6d7a171cd1b09987fca8da438c404f status: experimental description: Detects traffic or activity related to https://f0rrn-core.norsdwest.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://f0rrn-core.norsdwest.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://2dqe6hsl.norsdwest.in.net/verification.google id: auto-d84c8eabb74561a5aecfb101a6a1685318c4cb8bb78b2e152b169e904fd58321 status: experimental description: Detects traffic or activity related to https://2dqe6hsl.norsdwest.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://2dqe6hsl.norsdwest.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ser-draon.easttea.in.net/verification.google id: auto-7181443d9a2218af750b3d9bd8e259281ef72233cc6e9ce96d9d4d27075541bf status: experimental description: Detects traffic or activity related to https://ser-draon.easttea.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ser-draon.easttea.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://tinyruntime.easttea.in.net/verification.google id: auto-0aefaee66266383291ac4a3faf30429d48c08ed53e34bf2716b07838adda5eb7 status: experimental description: Detects traffic or activity related to https://tinyruntime.easttea.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://tinyruntime.easttea.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://castgrani.easttea.in.net/verification.google id: auto-bc549eaaee20b62a7f29d344a85ebe378bb732cf7e181a5b8df7c9109dfeae63 status: experimental description: Detects traffic or activity related to https://castgrani.easttea.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://castgrani.easttea.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://mujlhpe.grosstao.in.net/verification.google id: auto-4d465e2f68c0faca4ff087841470e87360344fda9546fdfdfaab094d1657d6ea status: experimental description: Detects traffic or activity related to https://mujlhpe.grosstao.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://mujlhpe.grosstao.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://framsun.grosstao.in.net/verification.google id: auto-c6b82a2565046d124e2ea022654842cab8bc93a25bcc7a37ffabf9cbafe06820 status: experimental description: Detects traffic or activity related to https://framsun.grosstao.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://framsun.grosstao.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://tal-lineal.grosstao.in.net/verification.google id: auto-e1557b847afdbc7ada689e43bf50ea21437fe3fc1a9511e18408126c365189dd status: experimental description: Detects traffic or activity related to https://tal-lineal.grosstao.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://tal-lineal.grosstao.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://m3rge4-point.gronstat.in.net/verification.google id: auto-0a318caf2f2efdc5a96030ef334056819b8e4b69260ea4db8ff1dbaaa5f0843c status: experimental description: Detects traffic or activity related to https://m3rge4-point.gronstat.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://m3rge4-point.gronstat.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://taldraor1.gronstat.in.net/verification.google id: auto-f39302a22d16970c73e213938311c47bf655edf3264ba31ab4b91a913929ef30 status: experimental description: Detects traffic or activity related to https://taldraor1.gronstat.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://taldraor1.gronstat.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://6tojdb.gronstat.in.net/verification.google id: auto-8d880ff2f199967346894d986cc578c8bb1d65ddc95356d0b6aa8d16d2e9486e status: experimental description: Detects traffic or activity related to https://6tojdb.gronstat.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://6tojdb.gronstat.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://f41th8-spark.flowwow.in.net/verification.google id: auto-daea6d429f58de74d8ab0440b60208021bc3d69ba598babef8dc71023a6d96b2 status: experimental description: Detects traffic or activity related to https://f41th8-spark.flowwow.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://f41th8-spark.flowwow.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://solmesha7.flowwow.in.net/verification.google id: auto-011ba100a23dcb67a47f810eaef8fb4bff9343fcbead696fb04062ee0c34e668 status: experimental description: Detects traffic or activity related to https://solmesha7.flowwow.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://solmesha7.flowwow.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://synt-sheet.fabulos.in.net/verification.google id: auto-a26efaf90f0afd664f72519e5081528457f622d14f332e1e9a002c44a3b7ec33 status: experimental description: Detects traffic or activity related to https://synt-sheet.fabulos.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://synt-sheet.fabulos.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://pasturepow.fabulos.in.net/verification.google id: auto-a4dbc10e66a800e88fc7c302f20195260ccc63bfc0e797451cccfcdbdd1342c5 status: experimental description: Detects traffic or activity related to https://pasturepow.fabulos.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://pasturepow.fabulos.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://00adv0.fabulos.in.net/verification.google id: auto-4fb0fd3cecb2d1dc2732cf8cb9225e03656ae5c548dca9ecc4e527eb37e1da06 status: experimental description: Detects traffic or activity related to https://00adv0.fabulos.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://00adv0.fabulos.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://le4r-vector.octagonon.in.net/verification.google id: auto-547b789145da8050640df87f89521b3ba8489bc1f3b29a221c05bd8378dedc3b status: experimental description: Detects traffic or activity related to https://le4r-vector.octagonon.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://le4r-vector.octagonon.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://rbvjsji.octagonon.in.net/verification.google id: auto-b9d226f35dc4b54baf257460e570d5a80585cd80934c1442c5564bf463eb2768 status: experimental description: Detects traffic or activity related to https://rbvjsji.octagonon.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://rbvjsji.octagonon.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://j40frzwa.octagonon.in.net/verification.google id: auto-683daab752c65237f6e25094b11ac1763da5ce78457c65bbb895f109ab954488 status: experimental description: Detects traffic or activity related to https://j40frzwa.octagonon.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://j40frzwa.octagonon.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://measurecircu.blowoff.in.net/verification.google id: auto-76ab4a00e193a678971dd18b6bc23866ab8b0d64e4d7cd7ae87b5af588469489 status: experimental description: Detects traffic or activity related to https://measurecircu.blowoff.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://measurecircu.blowoff.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://18z4.blowoff.in.net/verification.google id: auto-a3394ea5ca9cfc220a5a3f2b815b6fd9c32eabe8274d1031b333a287ffd7d5de status: experimental description: Detects traffic or activity related to https://18z4.blowoff.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://18z4.blowoff.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://gcyryi.blowoff.in.net/verification.google id: auto-f4f60a43f91c41ec9770354bb5039717f87ac72f0c4dfcb5b76963dacd7852d6 status: experimental description: Detects traffic or activity related to https://gcyryi.blowoff.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://gcyryi.blowoff.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://raibark.highjoke.in.net/verification.google id: auto-378758e78bbff6e4e40432b72334e43b84d05af5e9cd115649c7404fc0760bb0 status: experimental description: Detects traffic or activity related to https://raibark.highjoke.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://raibark.highjoke.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://a08ulcab.highjoke.in.net/verification.google id: auto-2bf894c73a3e20d1caf34e8e17e3022d321bf29b856edbb5fb6c9871333748c6 status: experimental description: Detects traffic or activity related to https://a08ulcab.highjoke.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://a08ulcab.highjoke.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://yzkzwt.highjoke.in.net/verification.google id: auto-d2646dd9f352118f9047d7f49cf6499ab3074d55f8cc753c6c4b7942c1705e57 status: experimental description: Detects traffic or activity related to https://yzkzwt.highjoke.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://yzkzwt.highjoke.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://warmcha.jokerun.in.net/verification.google id: auto-3fda9d26fcdfcd4a74a31a403f25dbaacab00428438486ce5b7ac9b704770c44 status: experimental description: Detects traffic or activity related to https://warmcha.jokerun.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://warmcha.jokerun.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://opticwin.jokerun.in.net/verification.google id: auto-92747f97a4abe4efb85468946578ed4168724afdcae3eadd2e2e023f862e51eb status: experimental description: Detects traffic or activity related to https://opticwin.jokerun.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://opticwin.jokerun.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ro4d-stream.jokerun.in.net/verification.google id: auto-ce43d247b7847a076962ecef815c7ab2f566d1b448b7a63ef352182ce49ccd49 status: experimental description: Detects traffic or activity related to https://ro4d-stream.jokerun.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ro4d-stream.jokerun.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://bloorn-bridge.cokefun.in.net/verification.google id: auto-2c45be2167fbb0abef8359b89bf5f64c75a2c8ee833e6883b0704f6fe3bdee38 status: experimental description: Detects traffic or activity related to https://bloorn-bridge.cokefun.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://bloorn-bridge.cokefun.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://tren-sai.cokefun.in.net/verification.google id: auto-7adce72ac6796d1f840015ba2c37b7e6f98e8a53ac0c2fcae57eb1e007cfd682 status: experimental description: Detects traffic or activity related to https://tren-sai.cokefun.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://tren-sai.cokefun.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://gr0wt4-layer.cokefun.in.net/verification.google id: auto-4da13a8b6bf882a660c69279010820a4b25fee27e54d29277e5fdc84f76488c8 status: experimental description: Detects traffic or activity related to https://gr0wt4-layer.cokefun.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://gr0wt4-layer.cokefun.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://zeh4rg.cokenote.in.net/verification.google id: auto-2a41b8bbaaaf573e2acf6c75a2740da3c020e35c4b8f9b46a3454c2859842145 status: experimental description: Detects traffic or activity related to https://zeh4rg.cokenote.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://zeh4rg.cokenote.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://quorcrest2en.cokenote.in.net/verification.google id: auto-00730e172a6585767bd1568fab894fa3a1590810b94e0775327fd4b15e2a5d85 status: experimental description: Detects traffic or activity related to https://quorcrest2en.cokenote.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://quorcrest2en.cokenote.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://notifi-vault.cokenote.in.net/verification.google id: auto-aac021902c3e0db19e66c8c46f35de742e5aa4184d8fb5626e5fd697d88d17db status: experimental description: Detects traffic or activity related to https://notifi-vault.cokenote.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://notifi-vault.cokenote.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://esjxi.backyard.in.net/verification.google id: auto-8fcc8f8c7bb3e89cb475c8c81648f30306c8db90dde57d1146b1f34dcf953584 status: experimental description: Detects traffic or activity related to https://esjxi.backyard.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://esjxi.backyard.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://i08da.backyard.in.net/verification.google id: auto-a4c2e66075224d9f5aecf0b54ba5bbd7ce403f752e7a33ae4170d48d4843ca94 status: experimental description: Detects traffic or activity related to https://i08da.backyard.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://i08da.backyard.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://videobiome.backyard.in.net/verification.google id: auto-9b4fafa4d33ef403a92a0aecf02abef35dbebebf36a7e7cb35beed3a3d6320ea status: experimental description: Detects traffic or activity related to https://videobiome.backyard.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://videobiome.backyard.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://58broegq.norsdwest.in.net/verification.google id: auto-c7391dedd2fb120da97ab01fa5bf76469c7c2ec4964162f623918d205a249efd status: experimental description: Detects traffic or activity related to https://58broegq.norsdwest.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://58broegq.norsdwest.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://format5-scope.norsdwest.in.net/verification.google id: auto-7278fc2d66e5eebf6ed47175b3f4d7024a91a9ab87a1c6a1c871c2769d920dfc status: experimental description: Detects traffic or activity related to https://format5-scope.norsdwest.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://format5-scope.norsdwest.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://trailertrue.easttea.in.net/verification.google id: auto-6abef309ba1fde81272433dd3e68a0850e1e947d055a92e4d3530eca94070fcd status: experimental description: Detects traffic or activity related to https://trailertrue.easttea.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://trailertrue.easttea.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://yefwc3t.easttea.in.net/verification.google id: auto-e73fb5f36d5d941edb844ba9bc0abe7730c77b7d0f7f58bdd34af72578dfdf2f status: experimental description: Detects traffic or activity related to https://yefwc3t.easttea.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://yefwc3t.easttea.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://check-gate.easttea.in.net/verification.google id: auto-0acbcf34877bc501e7cfd4ac263ddf5ceede970e05069d1e3276b410a3e29e3d status: experimental description: Detects traffic or activity related to https://check-gate.easttea.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://check-gate.easttea.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://1ette6-graph.grosstao.in.net/verification.google id: auto-65587c7fc18caca30984a09621c122a7f8d74f8214bcbb3487bd25820d74ed8d status: experimental description: Detects traffic or activity related to https://1ette6-graph.grosstao.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://1ette6-graph.grosstao.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://zk370qhd.grosstao.in.net/verification.google id: auto-9a8ed8b24db4cc1db1b3db3445a3490d1d58beba46ce80786047c0939ea282f8 status: experimental description: Detects traffic or activity related to https://zk370qhd.grosstao.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://zk370qhd.grosstao.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://clinicpulse.grosstao.in.net/verification.google id: auto-2199547643d3af10559ef1e52989a83c827c763a7de26ba0ca2a7afa9921ce65 status: experimental description: Detects traffic or activity related to https://clinicpulse.grosstao.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://clinicpulse.grosstao.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://assets.fxd-hz-tk-loop.in.net/vk_swiftshader_icd.json id: auto-cdd8c9b62a5096679dd469d264aa645631dc757742d8d794355a490476dae39b status: experimental description: Detects traffic or activity related to https://assets.fxd-hz-tk-loop.in.net/vk_swiftshader_icd.json which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://assets.fxd-hz-tk-loop.in.net/vk_swiftshader_icd.json*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://wu9h.highjoke.in.net/verification.google id: auto-04e16a154f71ba27cb9ba258d2a1b6fcc6ff2085312b247395b78a7918d804be status: experimental description: Detects traffic or activity related to https://wu9h.highjoke.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://wu9h.highjoke.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://gustfil.highjoke.in.net/verification.google id: auto-627457dff80ebb24c674635c3b5076b2c297b5d9641658ed335ed81c43356d3b status: experimental description: Detects traffic or activity related to https://gustfil.highjoke.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://gustfil.highjoke.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://s3cre-plate.highjoke.in.net/verification.google id: auto-1078fb038c726a47cc5c4189313ac62a5963b4a6a070b5ecf8f0bc542c3dfc00 status: experimental description: Detects traffic or activity related to https://s3cre-plate.highjoke.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://s3cre-plate.highjoke.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://zeee.jokerun.in.net/verification.google id: auto-3b52df54c5f6f242e73a8626535c20736c5e8948f93c1cd0f6742a9d9e87cc30 status: experimental description: Detects traffic or activity related to https://zeee.jokerun.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://zeee.jokerun.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://clustercheck.jokerun.in.net/verification.google id: auto-35740b84a117db1a1ebe4ba94f56b7a9e5666c95027fdc88e57d5dfb45716e9c status: experimental description: Detects traffic or activity related to https://clustercheck.jokerun.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://clustercheck.jokerun.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://5ilve-vector.cokefun.in.net/verification.google id: auto-2a78003e72ce53f24c26695471441ca3c3fd646054ad05de4e7518d578da9767 status: experimental description: Detects traffic or activity related to https://5ilve-vector.cokefun.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://5ilve-vector.cokefun.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://8vxgsoq9.cokefun.in.net/verification.google id: auto-b053a3c914835a033fff488f95751b2d84374bcd4d70401910ff13004123cf26 status: experimental description: Detects traffic or activity related to https://8vxgsoq9.cokefun.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://8vxgsoq9.cokefun.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://crbn95bh.cokefun.in.net/verification.google id: auto-85be288d8192205023945a53888a5a5ba10c8b6c664bdfca3a7e004f5db2aad4 status: experimental description: Detects traffic or activity related to https://crbn95bh.cokefun.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://crbn95bh.cokefun.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ts2hfdf.cokefun.in.net/verification.google id: auto-d3512fbfb4f54e669b682bfddb2a8a11b201c25c22718e7464da0fc518fabe98 status: experimental description: Detects traffic or activity related to https://ts2hfdf.cokefun.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ts2hfdf.cokefun.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://3nsojlm.cokenote.in.net/verification.google id: auto-1105d1ae65cbbd666666faeb633eb21a6edd4fe9374bd8b3c82c5efb2b8be562 status: experimental description: Detects traffic or activity related to https://3nsojlm.cokenote.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://3nsojlm.cokenote.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cour1e1-beam.cokenote.in.net/verification.google id: auto-fd8825e4b32f38335f4615a3369ddee8211afcc18b959b3deb0bc5bf0ee6e58b status: experimental description: Detects traffic or activity related to https://cour1e1-beam.cokenote.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cour1e1-beam.cokenote.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://vorven9is.cokenote.in.net/verification.google id: auto-d7e8ce42cfc8defda59c473acb191e2c3c021753a348b8a64910350da90a06f6 status: experimental description: Detects traffic or activity related to https://vorven9is.cokenote.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://vorven9is.cokenote.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://5t0r-hold.cokenote.in.net/verification.google id: auto-4ce1306d44a435b72162d4081748f43127f8efdc00c08f22d0e2c1fd898c5600 status: experimental description: Detects traffic or activity related to https://5t0r-hold.cokenote.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://5t0r-hold.cokenote.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://hfcn.backyard.in.net/verification.google id: auto-b3733577a8ac299e456cc65b6454a254c28e120d481570b08d35ef018ffb1958 status: experimental description: Detects traffic or activity related to https://hfcn.backyard.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://hfcn.backyard.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://quortideex3.backyard.in.net/verification.google id: auto-ba26a3c7d64596f777038797be2e2e3982e355ca1c52f3e79a76a323e9a61c38 status: experimental description: Detects traffic or activity related to https://quortideex3.backyard.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://quortideex3.backyard.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://banne4-frame.backyard.in.net/verification.google id: auto-c86cf749cf8995beb0baa4abcc9d595cfea008749375fafe444bfe117ec0312e status: experimental description: Detects traffic or activity related to https://banne4-frame.backyard.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://banne4-frame.backyard.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://t1d3-reach.backyard.in.net/verification.google id: auto-8103001ee8add012d4851976e64b9d24c5e3dc6568489b815d9cf42f050e05d8 status: experimental description: Detects traffic or activity related to https://t1d3-reach.backyard.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://t1d3-reach.backyard.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://sales-path.norsdwest.in.net/verification.google id: auto-5af83770e7bc31ce7f1ea50557e1891aa568e789324f94dfdba7ce7fc6b59d67 status: experimental description: Detects traffic or activity related to https://sales-path.norsdwest.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://sales-path.norsdwest.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://853rfm15.norsdwest.in.net/verification.google id: auto-e1d6c062fb25e1cadca79f88ba9c7e40e71ab45a3029908b14f04c68017d3859 status: experimental description: Detects traffic or activity related to https://853rfm15.norsdwest.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://853rfm15.norsdwest.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://solvenum.norsdwest.in.net/verification.google id: auto-b542d5ddee1606bff2d13397b69b945b40cac1cc91e551536ec51aed475974ff status: experimental description: Detects traffic or activity related to https://solvenum.norsdwest.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://solvenum.norsdwest.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://c1e4-point.easttea.in.net/verification.google id: auto-822123c8012d6d9fc59354c093f14837eacdefe0cc04d77223dbe1d19202b1ed status: experimental description: Detects traffic or activity related to https://c1e4-point.easttea.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://c1e4-point.easttea.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://gjugxvg.easttea.in.net/verification.google id: auto-7e726db6fe3b0da6befa2ff7148aa74d2a8a77e834ce41893d37c255106ea53e status: experimental description: Detects traffic or activity related to https://gjugxvg.easttea.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://gjugxvg.easttea.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://gust-exp.easttea.in.net/verification.google id: auto-554fb24d8a350fdaff84da76d3c339f597239b482dca0974a585e54eb5c1f499 status: experimental description: Detects traffic or activity related to https://gust-exp.easttea.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://gust-exp.easttea.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://yefa.easttea.in.net/verification.google id: auto-89d7abe9ac2d3018ce5e1b28f88dab2acc1e2ff7799d923bcbb05f3471bc6bc8 status: experimental description: Detects traffic or activity related to https://yefa.easttea.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://yefa.easttea.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cor46-layer.grosstao.in.net/verification.google id: auto-5a754455c2f1958cd3bb37eec2df276ec0014dd88492a6e27d408193a6aff4c0 status: experimental description: Detects traffic or activity related to https://cor46-layer.grosstao.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cor46-layer.grosstao.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://markterminal.grosstao.in.net/verification.google id: auto-471abd8f617affc39980e478e0cabe816582b8bde235e3a583335f0452ccff1b status: experimental description: Detects traffic or activity related to https://markterminal.grosstao.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://markterminal.grosstao.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://l0-main-v7.navispazio.in.net/verification.google id: auto-86bf4a48aaf223e4d88aae8960c10510149c9a81d6d308f924ef06fd1c507abe status: experimental description: Detects traffic or activity related to https://l0-main-v7.navispazio.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://l0-main-v7.navispazio.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://s5-sync-x1.navispazio.in.net/verification.google id: auto-b9a6e9ba77df25e5b49b2350f8654b965cdfb63370684614d6d719fa47059f49 status: experimental description: Detects traffic or activity related to https://s5-sync-x1.navispazio.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://s5-sync-x1.navispazio.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://f2-gate-v0.navispazio.in.net/verification.google id: auto-f6bae5bb2b3dab818daaa7378c8813d112c68ab521fd4275d1329dc2527dd8dd status: experimental description: Detects traffic or activity related to https://f2-gate-v0.navispazio.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://f2-gate-v0.navispazio.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://j8-web-infra.navispazio.in.net/verification.google id: auto-e1b88a062be2a617c149c2a7f6668b5f84a280f7c166796030eb96d2945ee3c6 status: experimental description: Detects traffic or activity related to https://j8-web-infra.navispazio.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://j8-web-infra.navispazio.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://t4-link-x2.muralis-tech.in.net/verification.google id: auto-fea75846c1d7ed5bccbbae406c527bba4e2b773515994ce4dc2dab4efc2549b2 status: experimental description: Detects traffic or activity related to https://t4-link-x2.muralis-tech.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://t4-link-x2.muralis-tech.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://r1-core-v3.muralis-tech.in.net/verification.google id: auto-c2afa0ef00fc59f5c9d5977830eb5e1eb2b846209dcb76b0ad309c217ab28e9e status: experimental description: Detects traffic or activity related to https://r1-core-v3.muralis-tech.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://r1-core-v3.muralis-tech.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://q7-base-99.muralis-tech.in.net/verification.google id: auto-de52a35f956fbe5e24951a45650439dfd52604233b849eba2e84bf6f79c44818 status: experimental description: Detects traffic or activity related to https://q7-base-99.muralis-tech.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://q7-base-99.muralis-tech.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://u2-orbit-z.muralis-tech.in.net/verification.google id: auto-cdf8d3f29206159a9c0440c7debe4b5bd8724ed9ec8ee5abd9af4a494f80eef3 status: experimental description: Detects traffic or activity related to https://u2-orbit-z.muralis-tech.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://u2-orbit-z.muralis-tech.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://x9-space-v5.stratagrid.in.net/verification.google id: auto-c373d6dcbc0a4d869d1c381619ce04fa0dcc3e4f99b285b6ff6c4ddd855b5144 status: experimental description: Detects traffic or activity related to https://x9-space-v5.stratagrid.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://x9-space-v5.stratagrid.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://z0-field-x.stratagrid.in.net/verification.google id: auto-cd6487f245554231a541c1e97e9bec82759afdab7ea5504420d4de8587818c58 status: experimental description: Detects traffic or activity related to https://z0-field-x.stratagrid.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://z0-field-x.stratagrid.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://v4-zone-12.stratagrid.in.net/verification.google id: auto-5d2776d3d0237716b1fa527df682c396c871c835e1c114ef75db8c92af252edc status: experimental description: Detects traffic or activity related to https://v4-zone-12.stratagrid.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://v4-zone-12.stratagrid.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://w1-rim-node.stratagrid.in.net/verification.google id: auto-db21bdb8c3950048de05758b42d9bf41678c505e33b29b24b85ba68e7e43fe34 status: experimental description: Detects traffic or activity related to https://w1-rim-node.stratagrid.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://w1-rim-node.stratagrid.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://k7-sync-v2.fossaflow.in.net/verification.google id: auto-b97b41efbb6c93d023204be2718474969dc1c97916d02ec58e9aaca5802a1c1e status: experimental description: Detects traffic or activity related to https://k7-sync-v2.fossaflow.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://k7-sync-v2.fossaflow.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://p0-scan-x8.fossaflow.in.net/verification.google id: auto-f36ca9f3d9aa5949d2880dc2abc180a1d876e54aa9e78e11f51055df96a2594d status: experimental description: Detects traffic or activity related to https://p0-scan-x8.fossaflow.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://p0-scan-x8.fossaflow.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://n4-bridge-z.fossaflow.in.net/verification.google id: auto-e8c5a086e8ec4856c1094285bb8f0f06afd4e9d78e51fb9832c9ed4930d77e45 status: experimental description: Detects traffic or activity related to https://n4-bridge-z.fossaflow.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://n4-bridge-z.fossaflow.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://m5-vision-9.columnasol.in.net/verification.google id: auto-ae39e45cb913788585f5cecaa4e0c61a888e259b7c0f50c4652fac63078c087c status: experimental description: Detects traffic or activity related to https://m5-vision-9.columnasol.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://m5-vision-9.columnasol.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://a2-ghost-v3.columnasol.in.net/verification.google id: auto-80cbbbcd6f91bd9380c9005e4daf06907c4f41302b2824c40c78270f27551e31 status: experimental description: Detects traffic or activity related to https://a2-ghost-v3.columnasol.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://a2-ghost-v3.columnasol.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://e9-trace-x.columnasol.in.net/verification.google id: auto-85aa9bbd26f84b8483af54ab6624f9a660b2d99d7760095319a89edc932bf2bd status: experimental description: Detects traffic or activity related to https://e9-trace-x.columnasol.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://e9-trace-x.columnasol.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://d3-shell-0.columnasol.in.net/verification.google id: auto-0479207eb983b1614d56642672ebe99651216e198dfddf6777c6a62a6094d7a0 status: experimental description: Detects traffic or activity related to https://d3-shell-0.columnasol.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://d3-shell-0.columnasol.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://y1-point-v7.viametrica.in.net/verification.google id: auto-439b5a3c0edeec57940df3124949e6d6c3f27f3565ee3b03a393697787704caf status: experimental description: Detects traffic or activity related to https://y1-point-v7.viametrica.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://y1-point-v7.viametrica.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://g0-data-z9.viametrica.in.net/verification.google id: auto-cbe35377758de97bca0f15e39ee14d62cb6b9ccf05100cee494d29a517eea819 status: experimental description: Detects traffic or activity related to https://g0-data-z9.viametrica.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://g0-data-z9.viametrica.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://t5-auth-x4.viametrica.in.net/verification.google id: auto-b36a6cf3c3d8e9ed45d8ef969d3c8322d85c30ef2412537805387673fecc3caf status: experimental description: Detects traffic or activity related to https://t5-auth-x4.viametrica.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://t5-auth-x4.viametrica.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://l2-net-base.viametrica.in.net/verification.google id: auto-29e9d3b411270abd87fda9f84b1045c66425a162d44d69445b2fb1f7ab5a1b4c status: experimental description: Detects traffic or activity related to https://l2-net-base.viametrica.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://l2-net-base.viametrica.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://f8-flow-v11.basalticnode.in.net/verification.google id: auto-b6a372785dfab01287bec715b26a44906eeb17f587d65d15dd7ea9ba44231133 status: experimental description: Detects traffic or activity related to https://f8-flow-v11.basalticnode.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://f8-flow-v11.basalticnode.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://j3-hub-stat.basalticnode.in.net/verification.google id: auto-cd1817dba2292bfc6fade9060ad92c43bfb525eccbedb3fee31dbb4553c67779 status: experimental description: Detects traffic or activity related to https://j3-hub-stat.basalticnode.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://j3-hub-stat.basalticnode.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://q4-sys-grid.basalticnode.in.net/verification.google id: auto-1d9c9c8ccde60af2eccc313aad723904270bf2182f1e4f6a00f7c5b138c18acf status: experimental description: Detects traffic or activity related to https://q4-sys-grid.basalticnode.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://q4-sys-grid.basalticnode.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://b1-store-v2.basalticnode.in.net/verification.google id: auto-062604002dae6142eedc20f474da46a77f7e421ab0779b0c8483608659e3272e status: experimental description: Detects traffic or activity related to https://b1-store-v2.basalticnode.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://b1-store-v2.basalticnode.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://v6-api-node.pietraforte.in.net/verification.google id: auto-aa1d847d494be9fe0f0a6b6c13e78dbb15d538a981a5248df0cac932f0b19bb7 status: experimental description: Detects traffic or activity related to https://v6-api-node.pietraforte.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://v6-api-node.pietraforte.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://k2-dist-x7.pietraforte.in.net/verification.google id: auto-94be9c88f72060aa19988d9d56f84177957418e53c3bb3c032acb7212b47eb5e status: experimental description: Detects traffic or activity related to https://k2-dist-x7.pietraforte.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://k2-dist-x7.pietraforte.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://h4-node-00.pietraforte.in.net/verification.google id: auto-223afe91234f5ba716a174cef5bd3d90d23650b0aac58c8116efaa988b3e16ee status: experimental description: Detects traffic or activity related to https://h4-node-00.pietraforte.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://h4-node-00.pietraforte.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://m8-app-unit.arcostruttura.in.net/verification.google id: auto-c37b349d042b11c8583ed9e65f337b6032fbe0c590e18082358e3d20cee616f1 status: experimental description: Detects traffic or activity related to https://m8-app-unit.arcostruttura.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://m8-app-unit.arcostruttura.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://w2-web-cache.arcostruttura.in.net/verification.google id: auto-91b449d6395540a40668a0847193bb99f8dbfdd02f1809e3a4a79aaca409cb5f status: experimental description: Detects traffic or activity related to https://w2-web-cache.arcostruttura.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://w2-web-cache.arcostruttura.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://p1-sync-v9.arcostruttura.in.net/verification.google id: auto-361fe28ce158fe13c17da969205bc7a899acd69fe398b4e9cef39a1043e339cd status: experimental description: Detects traffic or activity related to https://p1-sync-v9.arcostruttura.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://p1-sync-v9.arcostruttura.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://x5-gate-33.arcostruttura.in.net/verification.google id: auto-9bcedb28a40e5268c91d77efdbc3b97f1f741ce6132ce20152ba331e5e8eb0a8 status: experimental description: Detects traffic or activity related to https://x5-gate-33.arcostruttura.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://x5-gate-33.arcostruttura.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://n7-core-db.terrafirma.in.net/verification.google id: auto-dd9c4d751db647c8b4ba2fd91b674530f5a88ce77fd65e19c04b44c0322c81aa status: experimental description: Detects traffic or activity related to https://n7-core-db.terrafirma.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://n7-core-db.terrafirma.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://s1-ext-link.terrafirma.in.net/verification.google id: auto-24caef980421ffe8500018ca78d4f5d0d08bd147c3ba4c081010b963824248db status: experimental description: Detects traffic or activity related to https://s1-ext-link.terrafirma.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://s1-ext-link.terrafirma.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://r3-mon-v8.terrafirma.in.net/verification.google id: auto-31cb05d808c5fb2c376457b55a05be7cd72744d34353e253a22fe242aaa9f9a7 status: experimental description: Detects traffic or activity related to https://r3-mon-v8.terrafirma.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://r3-mon-v8.terrafirma.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://u9-bal-01.terrafirma.in.net/verification.google id: auto-80caa177a8d1e6fcaa8ccab319c8556753797cc7d6cba830d86a9fd495889784 status: experimental description: Detects traffic or activity related to https://u9-bal-01.terrafirma.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://u9-bal-01.terrafirma.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://main-v1-point.cellanode.in.net/verification.google id: auto-44ac763d768132f9a1f82aeb8d0f413c5bad8b15bbf6955bc2833e6402825e6c status: experimental description: Detects traffic or activity related to https://main-v1-point.cellanode.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://main-v1-point.cellanode.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://sync-z3-data.cellanode.in.net/verification.google id: auto-e8dd8f4eed65f9d00ac31dd89e166fb941e869d11d9088071bd8ecf5467c0c71 status: experimental description: Detects traffic or activity related to https://sync-z3-data.cellanode.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://sync-z3-data.cellanode.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://gate-x8-proxy.cellanode.in.net/verification.google id: auto-b6a7f04a03c46ec66e5ac09b2b26fbae588d9b75121ad3291043bade384efae5 status: experimental description: Detects traffic or activity related to https://gate-x8-proxy.cellanode.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://gate-x8-proxy.cellanode.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://web-v02-infra.cellanode.in.net/verification.google id: auto-8fa29568e0378d89d451def294b359a7fc43a48bb37b644d7f7e65529e684ca2 status: experimental description: Detects traffic or activity related to https://web-v02-infra.cellanode.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://web-v02-infra.cellanode.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://link-v1-sat.vitalocus.in.net/verification.google id: auto-5d2fdd2826b4f7e8d286ecca3d6264961efdb49e323a6201d1be20df512f04fc status: experimental description: Detects traffic or activity related to https://link-v1-sat.vitalocus.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://link-v1-sat.vitalocus.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://core-x9-rock.vitalocus.in.net/verification.google id: auto-8a46d0face6ec5590eb52ec37bdab8dbbecc5f7122a4edd47a683b81454570cc status: experimental description: Detects traffic or activity related to https://core-x9-rock.vitalocus.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://core-x9-rock.vitalocus.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://base-z3-steel.vitalocus.in.net/verification.google id: auto-e9acab74587943cfe6680a8b0407f541bb0aed13d940decb150def32ea9bd618 status: experimental description: Detects traffic or activity related to https://base-z3-steel.vitalocus.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://base-z3-steel.vitalocus.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://orbit-v7-moon.vitalocus.in.net/verification.google id: auto-e1e5310cea1ed94e5c2736f5d0586185733bbd14ed1aa5b91b409be6206c8153 status: experimental description: Detects traffic or activity related to https://orbit-v7-moon.vitalocus.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://orbit-v7-moon.vitalocus.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://space-x0-open.chemflow.in.net/verification.google id: auto-00a8fab0583bfa877e8d2ca37ed18dc44fb5eec39392dd194a562f8db0146bd4 status: experimental description: Detects traffic or activity related to https://space-x0-open.chemflow.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://space-x0-open.chemflow.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://field-z1-vast.chemflow.in.net/verification.google id: auto-e6df9cfff43050dae0047f887ba43761f2aaaaada4d79086b1c8e5c8046c9e3d status: experimental description: Detects traffic or activity related to https://field-z1-vast.chemflow.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://field-z1-vast.chemflow.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://rim-x4-outer.chemflow.in.net/verification.google id: auto-0d59614c8bc51bcd43187934b6531609c287aa8584687f1f3edcc0fe23aebf2d status: experimental description: Detects traffic or activity related to https://rim-x4-outer.chemflow.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://rim-x4-outer.chemflow.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://net-v8-access.medivault.in.net/verification.google id: auto-96952765ead37bfdeb980fb3929a1d191b9b46b22f79779fa97a481c5996a24e status: experimental description: Detects traffic or activity related to https://net-v8-access.medivault.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://net-v8-access.medivault.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://auth-x5-user.medivault.in.net/verification.google id: auto-8c598cbb2c8cad936a207e216d5940ec82379947de1d5a406fb135c0c9853b91 status: experimental description: Detects traffic or activity related to https://auth-x5-user.medivault.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://auth-x5-user.medivault.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://db-z3-point.medivault.in.net/verification.google id: auto-297a14bda1daf799638f413dbf10b85f76e1f81cc373d049454d31e7caea5e85 status: experimental description: Detects traffic or activity related to https://db-z3-point.medivault.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://db-z3-point.medivault.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://base-v11-infra.medivault.in.net/verification.google id: auto-51a3245663dac96d671e1dfdd3ab5df6a794e0181249603158024aeed1adb1a4 status: experimental description: Detects traffic or activity related to https://base-v11-infra.medivault.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://base-v11-infra.medivault.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://sync-v0-vision.opticlocus.in.net/verification.google id: auto-158e02b7a4cced5b853fbec4114d9196ad627d9d113a31e74fa1a72545e6ddf8 status: experimental description: Detects traffic or activity related to https://sync-v0-vision.opticlocus.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://sync-v0-vision.opticlocus.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://scan-z9-point.opticlocus.in.net/verification.google id: auto-23c86a741ba4593ca9c6caaf83730922abee771e6495536678966f7ddaceda2c status: experimental description: Detects traffic or activity related to https://scan-z9-point.opticlocus.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://scan-z9-point.opticlocus.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://bridge-x1-light.opticlocus.in.net/verification.google id: auto-686d6216dd35eab8e42a3a4df1fd3ed61e9cf9a1c28f6e1dafffbb85c559a0cd status: experimental description: Detects traffic or activity related to https://bridge-x1-light.opticlocus.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://bridge-x1-light.opticlocus.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://room-v7-dark.opticlocus.in.net/verification.google id: auto-42a8bfbe3aa3053e307cff37fd54f028b4bc9ddc0e050ceba15429eb1c3fa7e1 status: experimental description: Detects traffic or activity related to https://room-v7-dark.opticlocus.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://room-v7-dark.opticlocus.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://vision-v4-sync.genomax.in.net/verification.google id: auto-4bbb38c1b9ed9d4f56e88b04d62cb1465a730a2e8fcc35a8e15b51f5bd35f49f status: experimental description: Detects traffic or activity related to https://vision-v4-sync.genomax.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://vision-v4-sync.genomax.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ghost-z2-node.genomax.in.net/verification.google id: auto-ac8415afa2d49aefcf0c27288d40fefe4c14a48c9343e6e2b5151a91a89e63e8 status: experimental description: Detects traffic or activity related to https://ghost-z2-node.genomax.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ghost-z2-node.genomax.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://shell-v9-core.genomax.in.net/verification.google id: auto-e4649466d905769a8753d3ddf87b8987da74150915874b0d87c9bbe58cc4c634 status: experimental description: Detects traffic or activity related to https://shell-v9-core.genomax.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://shell-v9-core.genomax.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://trace-x1-alpha.genomax.in.net/verification.google id: auto-b43fc1b561b6dbe3c8f3457f7cd13fb0cfeb80f7b69253232628c9771d94a18a status: experimental description: Detects traffic or activity related to https://trace-x1-alpha.genomax.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://trace-x1-alpha.genomax.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://net-v6-global.biosphera.in.net/verification.google id: auto-20720801c78c808390ee050a242aa301343d64e47984e3f76b49900290db79fe status: experimental description: Detects traffic or activity related to https://net-v6-global.biosphera.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://net-v6-global.biosphera.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://flow-z0-work.biosphera.in.net/verification.google id: auto-82f7114f3c90d45fdca2a1f8666bad59729f14522dadfd21280a89d3251ece7f status: experimental description: Detects traffic or activity related to https://flow-z0-work.biosphera.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://flow-z0-work.biosphera.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - http://158.94.208.7/files/8167064937/DAIs3ZV.exe id: auto-d4a1a82067c777c2068b77fd449f5b8772346411a69aee575fd1664180196e1e status: experimental description: Detects traffic or activity related to http://158.94.208.7/files/8167064937/DAIs3ZV.exe which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*http://158.94.208.7/files/8167064937/DAIs3ZV.exe*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://hub-v11-local.biosphera.in.net/verification.google id: auto-a81a0f082a3718f940118d640621b9ff82b60c41f82caa1ca6738e5b87bf852d status: experimental description: Detects traffic or activity related to https://hub-v11-local.biosphera.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://hub-v11-local.biosphera.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://sys-x8-monitor.biosphera.in.net/verification.google id: auto-a8f0e569f996531c39a8b0fa4c12a2405e3c619c106076b1c0919b169e9d3479 status: experimental description: Detects traffic or activity related to https://sys-x8-monitor.biosphera.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://sys-x8-monitor.biosphera.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cloud-v5-store.plasmaviva.in.net/verification.google id: auto-f338324287bab53d0c204e56c696d52c5f0a35e887ca5b029c826ca99848eeac status: experimental description: Detects traffic or activity related to https://cloud-v5-store.plasmaviva.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cloud-v5-store.plasmaviva.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://gate-v1-entry.enzymecore.in.net/verification.google id: auto-01bd65cfb6ca68efbab85a88ad1fe93e6e11c540907ef06651cd81db98a97fdc status: experimental description: Detects traffic or activity related to https://gate-v1-entry.enzymecore.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://gate-v1-entry.enzymecore.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://web-90-cache.enzymecore.in.net/verification.google id: auto-166312dc3a5b6303d306f3626d3404fb0f2542f9ccdc61abbc546a84dbb4f2ea status: experimental description: Detects traffic or activity related to https://web-90-cache.enzymecore.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://web-90-cache.enzymecore.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://app-v3-flow.enzymecore.in.net/verification.google id: auto-7d7407d69a69eb7695ca2e9acce54c75d0165df9a86b2f8d3f89da93dd989008 status: experimental description: Detects traffic or activity related to https://app-v3-flow.enzymecore.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://app-v3-flow.enzymecore.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://srv-x12-unit.enzymecore.in.net/verification.google id: auto-d229d96fde04620fca36b0f93c364ca4a2a61ac343045733eb3f70ab69039613 status: experimental description: Detects traffic or activity related to https://srv-x12-unit.enzymecore.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://srv-x12-unit.enzymecore.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://infra-v9-core.neurosync.in.net/verification.google id: auto-dd2314c18f9569d9b536587b805e2da2b0f74cdef303bfabf6fa06e4f93f7a26 status: experimental description: Detects traffic or activity related to https://infra-v9-core.neurosync.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://infra-v9-core.neurosync.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://result-z4-meta.neurosync.in.net/verification.google id: auto-e8e0dbed24185012ccbdcb2d98aee55bf435bf7133fecb632b4cf2d562b26433 status: experimental description: Detects traffic or activity related to https://result-z4-meta.neurosync.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://result-z4-meta.neurosync.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://data-x7-sync.neurosync.in.net/verification.google id: auto-c013b87ddf7eef9e56c57015b79e5235c75d9e54c0e3bcc88e0ff8e1a095d557 status: experimental description: Detects traffic or activity related to https://data-x7-sync.neurosync.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://data-x7-sync.neurosync.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://lab-v01-node.neurosync.in.net/verification.google id: auto-be38db295f712ac18e866be3a2228739ca1dd9aaedd2e734269c0d8904f0995d status: experimental description: Detects traffic or activity related to https://lab-v01-node.neurosync.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://lab-v01-node.neurosync.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://tal-coreal.fastpink.in.net/verification.google id: auto-193f39947118742a8d309ea9f883ff7cf731f075b15f3fc638f65b6af2b665d3 status: experimental description: Detects traffic or activity related to https://tal-coreal.fastpink.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://tal-coreal.fastpink.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://norlineis2.fastpink.in.net/verification.google id: auto-d26e2db5147ec5f691a6a813bc8d180e365a2a7607edeca6b515e97190b20cee status: experimental description: Detects traffic or activity related to https://norlineis2.fastpink.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://norlineis2.fastpink.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ky29r.fastpink.in.net/verification.google id: auto-ba78e275078c2c0a6a69f8fb8b6eff4b4a0750ffba1ce16e75464e3822069baf status: experimental description: Detects traffic or activity related to https://ky29r.fastpink.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ky29r.fastpink.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://fund8-gate.fastpink.in.net/verification.google id: auto-255b43e754a0c634d2ad6818b120a9211e1c89cbdc241d6f73af6d80c3d344f0 status: experimental description: Detects traffic or activity related to https://fund8-gate.fastpink.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://fund8-gate.fastpink.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://studioalign.tempink.in.net/verification.google id: auto-c6f8b7561f15c90dbd3aa1a3b86bc7b1ed418d433367a5b26706e03f8ade6c14 status: experimental description: Detects traffic or activity related to https://studioalign.tempink.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://studioalign.tempink.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://f3rn-trace.tempink.in.net/verification.google id: auto-14b6a8fcd67e5ff4102f7bccf98b5ca060394ecef86a0c87ad3b2354403349b2 status: experimental description: Detects traffic or activity related to https://f3rn-trace.tempink.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://f3rn-trace.tempink.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://norcrestal.tempink.in.net/verification.google id: auto-2749003ec19c6d10c2d54ef1705b4a4bb8932d92de049bfdc57ab2ba4f503874 status: experimental description: Detects traffic or activity related to https://norcrestal.tempink.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://norcrestal.tempink.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://solcresta1.tempink.in.net/verification.google id: auto-23e806052ea5f73df48a4b6c59dce63b833865b244ea7599b340a5cf738a6557 status: experimental description: Detects traffic or activity related to https://solcresta1.tempink.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://solcresta1.tempink.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://quor-spireon.tempiso.in.net/verification.google id: auto-6b252c42654746fd524f8a99b48dbd8657df466afbd7385259a53e35f59433af status: experimental description: Detects traffic or activity related to https://quor-spireon.tempiso.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://quor-spireon.tempiso.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://gig0wg7.tempiso.in.net/verification.google id: auto-22e63610cc9b45313a5b9138e7616395f35739c9c4afba9a7703fdd591d64007 status: experimental description: Detects traffic or activity related to https://gig0wg7.tempiso.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://gig0wg7.tempiso.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://k56gfm6.tempiso.in.net/verification.google id: auto-82f71c789f6e94cbaac9c247f6613b23fb54e86ce08b6e80ba3d54a982fcc590 status: experimental description: Detects traffic or activity related to https://k56gfm6.tempiso.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://k56gfm6.tempiso.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://clea-line.inksky.in.net/verification.google id: auto-62503352fb8ba070858d16d6206d83544345d0d2dbd86a3661614c6a394f5727 status: experimental description: Detects traffic or activity related to https://clea-line.inksky.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://clea-line.inksky.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://compres6-well.inkpit.in.net/verification.google id: auto-bcf1b905ad3ebe8b45e692dd8056c4e8f1c3e3f16876264cded284613a52cffd status: experimental description: Detects traffic or activity related to https://compres6-well.inkpit.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://compres6-well.inkpit.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://geo-f0x.inkpit.in.net/verification.google id: auto-ff2e0256bb9eeb367879915e67db5fcd9b43f21b4e1fd441c84e04e21844b32e status: experimental description: Detects traffic or activity related to https://geo-f0x.inkpit.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://geo-f0x.inkpit.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://snapsgene.inkpit.in.net/verification.google id: auto-fceb5b6a9fa9756cc970849a6d68d8f9320e8de10582b813c76362d8d0cc62c8 status: experimental description: Detects traffic or activity related to https://snapsgene.inkpit.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://snapsgene.inkpit.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://reage2-crest.darkboll.in.net/verification.google id: auto-fbd563b999ac131c407ee08549bb2165f05b0cbf6bb0f8607ce543cbc9400739 status: experimental description: Detects traffic or activity related to https://reage2-crest.darkboll.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://reage2-crest.darkboll.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://trivale8et.darkboll.in.net/verification.google id: auto-1efe5803c691d910196adf5cb65ae66910cc16ef410f1f3a3256ad9321bafe9e status: experimental description: Detects traffic or activity related to https://trivale8et.darkboll.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://trivale8et.darkboll.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://tru59-chain.darkboll.in.net/verification.google id: auto-3e9a9742af1c3951a67bc3a5d38e2e7c320e37f4235167ec31970dcd88a30c15 status: experimental description: Detects traffic or activity related to https://tru59-chain.darkboll.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://tru59-chain.darkboll.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://appjm.darkboll.in.net/verification.google id: auto-eb7ac8c52ef3b12d07ef3d79b0a4e8dec2d071d454ec4309c627c45ab79de820 status: experimental description: Detects traffic or activity related to https://appjm.darkboll.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://appjm.darkboll.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ewg75280.saltball.in.net/verification.google id: auto-46cf6c3c5f81a156fea237c9341d01c48ee82e7284efe455532c06f59f247bbf status: experimental description: Detects traffic or activity related to https://ewg75280.saltball.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ewg75280.saltball.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://bpdwtj.saltball.in.net/verification.google id: auto-0ece4cc7d8175cc166bb8f3c4baf526015c445f3b82e15ddd5d5bb8899ab6b6e status: experimental description: Detects traffic or activity related to https://bpdwtj.saltball.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://bpdwtj.saltball.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://5ter1-loop.saltball.in.net/verification.google id: auto-1fde3535822051013d77c99248cb7e7893e9bdd5d3ad85bd8c4a7acda2b1b10b status: experimental description: Detects traffic or activity related to https://5ter1-loop.saltball.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://5ter1-loop.saltball.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://kelspireal3.saltball.in.net/verification.google id: auto-b01d01654b9acef5f1d62995f350e62f0d051d65308e5fc4d6b92bb12af97313 status: experimental description: Detects traffic or activity related to https://kelspireal3.saltball.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://kelspireal3.saltball.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://scenecompr.sandball.in.net/verification.google id: auto-2ad3767aacb9bb7afafc4d11023b065850b3ccadaad1c3587b55c94753c9b5e4 status: experimental description: Detects traffic or activity related to https://scenecompr.sandball.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://scenecompr.sandball.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://code-mesh.sandball.in.net/verification.google id: auto-86c9721c30a3be1550f5ef9beac5881b0ae945e81b370d3d4c85144248b2a14e status: experimental description: Detects traffic or activity related to https://code-mesh.sandball.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://code-mesh.sandball.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://thyc.sandball.in.net/verification.google id: auto-30c660434f150c005eec38c60149f28c54a2e343523ba6d1f27dbc66cd083d61 status: experimental description: Detects traffic or activity related to https://thyc.sandball.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://thyc.sandball.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://coretor.sandball.in.net/verification.google id: auto-b16c8ce89ac40056ca7311559c45347680acb8115b25919fcceec64c66b7ce5a status: experimental description: Detects traffic or activity related to https://coretor.sandball.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://coretor.sandball.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://flh72g.highjoke.in.net/verification.google id: auto-5f01a427ccaa327d5cbdcf9e24248a91fa4736a129e5e6097f0913f01c7366cd status: experimental description: Detects traffic or activity related to https://flh72g.highjoke.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://flh72g.highjoke.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://4ldo6v.highjoke.in.net/verification.google id: auto-f33b72e6bf2e5e3917e687cf60e5e9c3e61b44445ca579c07a39238ae05aadf2 status: experimental description: Detects traffic or activity related to https://4ldo6v.highjoke.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://4ldo6v.highjoke.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://trace3-bridge.highjoke.in.net/verification.google id: auto-4f533ea28a375be3ddb36e588c95356b5d6c4b96b20ce2b44cc1bba232f5b449 status: experimental description: Detects traffic or activity related to https://trace3-bridge.highjoke.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://trace3-bridge.highjoke.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://1huqs.highjoke.in.net/verification.google id: auto-2e4b6234b6ab9ed2651e9652ad33c04c9792d02d5ab414162ab4fe60cb712553 status: experimental description: Detects traffic or activity related to https://1huqs.highjoke.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://1huqs.highjoke.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://kelline3a.jokerun.in.net/verification.google id: auto-73c73fdc761d72d41df80c5263aa7717eca5de7edfe2d4def62029e9afdb7fda status: experimental description: Detects traffic or activity related to https://kelline3a.jokerun.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://kelline3a.jokerun.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://kelvalear3.jokerun.in.net/verification.google id: auto-f4855897ac6a0fa11c2a30640dd323bda78b43da598fcaf2037a6e6e1241bac9 status: experimental description: Detects traffic or activity related to https://kelvalear3.jokerun.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://kelvalear3.jokerun.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ub5309hp.jokerun.in.net/verification.google id: auto-e2bcb1547906955e1f25bfaefbee4f0369d3cb3b420f302acf4d40ba6cf51c3b status: experimental description: Detects traffic or activity related to https://ub5309hp.jokerun.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ub5309hp.jokerun.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://l0yal-grid.cokefun.in.net/verification.google id: auto-7fc670fdb7d1231fdb1c0f3a266eaae751df98ead12497aa020ebab2903daadd status: experimental description: Detects traffic or activity related to https://l0yal-grid.cokefun.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://l0yal-grid.cokefun.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dyncore5et.cokefun.in.net/verification.google id: auto-2ca57e51af45276a279b3c64ec25f7e9b8ce7809bc74892271c469a91580d84c status: experimental description: Detects traffic or activity related to https://dyncore5et.cokefun.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dyncore5et.cokefun.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://encproce.cokefun.in.net/verification.google id: auto-da3bca49a8faf86796faacaf53dac0a319fc3911512647ac88c79e388620b6c7 status: experimental description: Detects traffic or activity related to https://encproce.cokefun.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://encproce.cokefun.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://keldraix.cokefun.in.net/verification.google id: auto-9b3098a9a07418837849be2aeb7cdcf037e1b4020712270eefcbe2415ebbc435 status: experimental description: Detects traffic or activity related to https://keldraix.cokefun.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://keldraix.cokefun.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://mer-drais.cokenote.in.net/verification.google id: auto-d5a529b57bbe516813bc05346f40082e1c3d4e23bf3510fa272a0030aa3dd7c8 status: experimental description: Detects traffic or activity related to https://mer-drais.cokenote.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://mer-drais.cokenote.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://n0rt7-cast.cokenote.in.net/verification.google id: auto-a70197781248c90d938b836bf272fc8f9cba821f8aabcff222911a869cabddef status: experimental description: Detects traffic or activity related to https://n0rt7-cast.cokenote.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://n0rt7-cast.cokenote.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://zbyhm.cokenote.in.net/verification.google id: auto-ce7de74510477918e01bae4c3ae93979aa374c61c371ed38e973e1dc5e876034 status: experimental description: Detects traffic or activity related to https://zbyhm.cokenote.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://zbyhm.cokenote.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://jyhl.cokenote.in.net/verification.google id: auto-63bddd464e53ca98dd5934bc4ca35af165f38af78bd419ba30f3f6cfebb6a814 status: experimental description: Detects traffic or activity related to https://jyhl.cokenote.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://jyhl.cokenote.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://tal-meshex.backyard.in.net/verification.google id: auto-356565a3ca877fc30b26b022e0cc11963a6ec4f59a72478769b08b004e796ef8 status: experimental description: Detects traffic or activity related to https://tal-meshex.backyard.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://tal-meshex.backyard.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://measur0-mark.backyard.in.net/verification.google id: auto-a3ae8bfcffcb42ae7fc261ebe88a3fbbcb41fb19ee36ab54b8587dff617a8f0b status: experimental description: Detects traffic or activity related to https://measur0-mark.backyard.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://measur0-mark.backyard.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://passivecor.backyard.in.net/verification.google id: auto-8d50245fe2d8989db054003a7bcd1788bf2073bf45d3f07969dabdc121bbefbb status: experimental description: Detects traffic or activity related to https://passivecor.backyard.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://passivecor.backyard.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://kggkm.backyard.in.net/verification.google id: auto-fbbd0b2ce71bdfdbfeeee02fc7cbc25fe4c0025fb737280cea704de07871e52e status: experimental description: Detects traffic or activity related to https://kggkm.backyard.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://kggkm.backyard.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://camporgani.norsdwest.in.net/verification.google id: auto-55f92b93b8bfd31126f4ee53dd6681f3fadc4378ed6f23fae139ca8cfa9a8ff4 status: experimental description: Detects traffic or activity related to https://camporgani.norsdwest.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://camporgani.norsdwest.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://atomi-point.norsdwest.in.net/verification.google id: auto-a329ef6d84d84e1c9888f5d36a089bad81ea285f0bb39395d54e74ffbaa57901 status: experimental description: Detects traffic or activity related to https://atomi-point.norsdwest.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://atomi-point.norsdwest.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://3xten9-dock.norsdwest.in.net/verification.google id: auto-9b56971a7235fa16bd82613658930d25b1f036f156b875b22e57f22a58859b9a status: experimental description: Detects traffic or activity related to https://3xten9-dock.norsdwest.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://3xten9-dock.norsdwest.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://arrscre.norsdwest.in.net/verification.google id: auto-64ff474d08f2b88af5bfed200b67d1fc4f5d4128553b6d3c815d10f23d9bfe52 status: experimental description: Detects traffic or activity related to https://arrscre.norsdwest.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://arrscre.norsdwest.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://trilithon.easttea.in.net/verification.google id: auto-94e40d9fe87625c14699b069c20e562cdba49e29df97a1ac7fbc280195388a0b status: experimental description: Detects traffic or activity related to https://trilithon.easttea.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://trilithon.easttea.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dbiecm.easttea.in.net/verification.google id: auto-57557c688ef06b919443266749b87f30caac20a35cee54abb4c05cd251e80774 status: experimental description: Detects traffic or activity related to https://dbiecm.easttea.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dbiecm.easttea.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://25vsikqn.easttea.in.net/verification.google id: auto-112014fbc8b1f6fa10f401f047893f29642678c2440286c3ee14d0d7ec9ac93d status: experimental description: Detects traffic or activity related to https://25vsikqn.easttea.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://25vsikqn.easttea.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://p1tc2-logic.easttea.in.net/verification.google id: auto-f99ea776591a0033d97fdf4fe809a79b678df4ae4a039f7b8b93aa36f082eda8 status: experimental description: Detects traffic or activity related to https://p1tc2-logic.easttea.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://p1tc2-logic.easttea.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://solfluxet1.grosstao.in.net/verification.google id: auto-a6f78a5730c6303367064d08a5e6a03b52c8e52082780c4e86d5bc168f2d5359 status: experimental description: Detects traffic or activity related to https://solfluxet1.grosstao.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://solfluxet1.grosstao.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://vellitha7.grosstao.in.net/verification.google id: auto-efdf7d04347a7233d67f349291dceaf67528941fa72bc10a8f90cd8a22704ca5 status: experimental description: Detects traffic or activity related to https://vellitha7.grosstao.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://vellitha7.grosstao.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://balancepilot.grosstao.in.net/verification.google id: auto-060809e1e9127ee64c1292cbb42d9c5df53e86f1b3dba11f07594f7ecd46278b status: experimental description: Detects traffic or activity related to https://balancepilot.grosstao.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://balancepilot.grosstao.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dpwqj.gronstat.in.net/verification.google id: auto-80549b641774b343bdc1f3cb300ce372ab4094302dc065f3d6fd1251dc91f3be status: experimental description: Detects traffic or activity related to https://dpwqj.gronstat.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dpwqj.gronstat.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://vinebay.gronstat.in.net/verification.google id: auto-b2c1050400c40ca745ffaaddcd5f325d24e100477024cbab27c51ec4a056b84f status: experimental description: Detects traffic or activity related to https://vinebay.gronstat.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://vinebay.gronstat.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://uz51av.gronstat.in.net/verification.google id: auto-c0f2fb798e1dc2642ec0c0687d332c8431ca211e62b92008471f0ccee59c2498 status: experimental description: Detects traffic or activity related to https://uz51av.gronstat.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://uz51av.gronstat.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://columnneedle.gronstat.in.net/verification.google id: auto-9aebce8c7ccff78f53f407166c55172414c3529938364aa24ddf3e84c08fc93b status: experimental description: Detects traffic or activity related to https://columnneedle.gronstat.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://columnneedle.gronstat.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://9069srn1.flowwow.in.net/verification.google id: auto-25ac3d2640c140d46a740bb67609a6000ca3560c0d497de070c423386d076e69 status: experimental description: Detects traffic or activity related to https://9069srn1.flowwow.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://9069srn1.flowwow.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://tr4d3-sheet.flowwow.in.net/verification.google id: auto-d6ed7c7b1d7ff4ebcbcd93226146e8a00ab0353eee56f797a451eae370c6c8e3 status: experimental description: Detects traffic or activity related to https://tr4d3-sheet.flowwow.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://tr4d3-sheet.flowwow.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://pr0xy9-craft.flowwow.in.net/verification.google id: auto-79a5f6118638c5bf70af7e569d7e25e94bdd3fe8bf656f116928c9f74a87905c status: experimental description: Detects traffic or activity related to https://pr0xy9-craft.flowwow.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://pr0xy9-craft.flowwow.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://depoff.flowwow.in.net/verification.google id: auto-ef8489bdbc2a4c273e5603cf6cc992a8f633dc399d7758d533900bf41ad188eb status: experimental description: Detects traffic or activity related to https://depoff.flowwow.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://depoff.flowwow.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://kel-forgeum.fabulos.in.net/verification.google id: auto-fe2dafb734c8438261e277e57d9448b9062377af823577573f982fe08e226484 status: experimental description: Detects traffic or activity related to https://kel-forgeum.fabulos.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://kel-forgeum.fabulos.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://vordra3on.fabulos.in.net/verification.google id: auto-abce6cc521ec97cdd00084cb4324caf0f98bfb862c739f830e3d4e7d81f47865 status: experimental description: Detects traffic or activity related to https://vordra3on.fabulos.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://vordra3on.fabulos.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://slowdemand.fabulos.in.net/verification.google id: auto-1e6a00874b1e9c7545578593ad98880e70dfe847fdba1dc1638c4a7aff867370 status: experimental description: Detects traffic or activity related to https://slowdemand.fabulos.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://slowdemand.fabulos.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://draftharv.fabulos.in.net/verification.google id: auto-62731cc5f5d61cd75fa8b42c9f93725f0590c1be8c37fc7a3a4c367d3eac7f9b status: experimental description: Detects traffic or activity related to https://draftharv.fabulos.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://draftharv.fabulos.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://swiftbasalt.octagonon.in.net/verification.google id: auto-683b9c036aecf1a1c86074cc5c289ef2cf3d15272dfdbfae809a54c01ee839c2 status: experimental description: Detects traffic or activity related to https://swiftbasalt.octagonon.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://swiftbasalt.octagonon.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://lc94pexb.octagonon.in.net/verification.google id: auto-b525722a16799c3982a3875b302454e3162f3cfd4d8dd263abe5a97aa5d9ac76 status: experimental description: Detects traffic or activity related to https://lc94pexb.octagonon.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://lc94pexb.octagonon.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://hyp3r8-stream.octagonon.in.net/verification.google id: auto-90cc1e0cfed1814c999c31a7c82b264d084babcc803410b2f5cff5c4ce682e22 status: experimental description: Detects traffic or activity related to https://hyp3r8-stream.octagonon.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://hyp3r8-stream.octagonon.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ujsl.octagonon.in.net/verification.google id: auto-89690113a718e2eccbcb8e391423e7f9abde32c46d20161615854782e6932b80 status: experimental description: Detects traffic or activity related to https://ujsl.octagonon.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ujsl.octagonon.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://clip-ten.blowoff.in.net/verification.google id: auto-43e1fe440de3d4cfd1576c62f660598a4dd6254ddc7ebf540ed25c2de54cf073 status: experimental description: Detects traffic or activity related to https://clip-ten.blowoff.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://clip-ten.blowoff.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://tgua.blowoff.in.net/verification.google id: auto-42c5c738eaf85e9d170e34ef0b6cb84c62d44642a9d7259502c9a77f0de612dd status: experimental description: Detects traffic or activity related to https://tgua.blowoff.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://tgua.blowoff.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://gathe-core.blowoff.in.net/verification.google id: auto-fd0f989b79dd7741e8b9d02470af2212256636bebcfdf8c88b8671ef1aa198a9 status: experimental description: Detects traffic or activity related to https://gathe-core.blowoff.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://gathe-core.blowoff.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://qkmnf.blowoff.in.net/verification.google id: auto-18934078a6a0a1dcf706b9e2442e104de6ad0ef41b3c63a87b212344bffc04f3 status: experimental description: Detects traffic or activity related to https://qkmnf.blowoff.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://qkmnf.blowoff.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://sfb1sn6.onelight.in.net/verification.google id: auto-326c99a498dec7f3dbf71fff5212eaa603c846c48c3d0827ef24f19618295b2d status: experimental description: Detects traffic or activity related to https://sfb1sn6.onelight.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://sfb1sn6.onelight.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://5ap-field.onelight.in.net/verification.google id: auto-48e471c9a7b8aa7a393cad7ebcb44334cc2ae9f0b3bd4a69af2fa8ecc0107245 status: experimental description: Detects traffic or activity related to https://5ap-field.onelight.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://5ap-field.onelight.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://f4bric7-point.oilglass.in.net/verification.google id: auto-ad657670f6856e0c726258d14185c1c3ddb52726ce64eeceb02b7b686be2a5c3 status: experimental description: Detects traffic or activity related to https://f4bric7-point.oilglass.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://f4bric7-point.oilglass.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://true-mar.oilglass.in.net/verification.google id: auto-896eff19f647743c35c78384f3de96d793805701c352e744d39aab583944562e status: experimental description: Detects traffic or activity related to https://true-mar.oilglass.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://true-mar.oilglass.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://deep-pat.yellglass.in.net/verification.google id: auto-065851d2d3e52f6e6fccf8ea1b3b234a3ad4ecde901d2016989dfbe4378d7d1d status: experimental description: Detects traffic or activity related to https://deep-pat.yellglass.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://deep-pat.yellglass.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://3hca.yellglass.in.net/verification.google id: auto-43ec77bc5047ff0942cc612c58f6fbdf934699c736bb933893995340364b74d2 status: experimental description: Detects traffic or activity related to https://3hca.yellglass.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://3hca.yellglass.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://kelforge1al.rassvet.in.net/verification.google id: auto-934b18d9c03854d8e6c77f7051f8ad920d4d37078bf9036d5fcce7ea540dc12f status: experimental description: Detects traffic or activity related to https://kelforge1al.rassvet.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://kelforge1al.rassvet.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://kel-meshum.dotnet.in.net/verification.google id: auto-e5f12978352aac7656f393922da50bc4e017f1a7416fefec5e091a4747bd5ac4 status: experimental description: Detects traffic or activity related to https://kel-meshum.dotnet.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://kel-meshum.dotnet.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - http://109.107.168.138:8080/files/build.exe id: auto-0e90679236f774795ae6f5856861cda8689efd973bdd8673cbb9977f61a9786f status: experimental description: Detects traffic or activity related to http://109.107.168.138:8080/files/build.exe which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*http://109.107.168.138:8080/files/build.exe*' condition: selection level: high tags: - attack.t1204.002 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://6gx6.dotnet.in.net/verification.google id: auto-2ef088848f4c3d38e16d80adbae441ff7bc6a04cd35411dcefba6695ee7d52ba status: experimental description: Detects traffic or activity related to https://6gx6.dotnet.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://6gx6.dotnet.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://plasmatransmit.gobright.in.net/verification.google id: auto-d93bc611e5873e160a1ea2f65b14aa77f28b0c6a48e731148fe2acb9c0d54ddf status: experimental description: Detects traffic or activity related to https://plasmatransmit.gobright.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://plasmatransmit.gobright.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://notifiersenso.gobright.in.net/verification.google id: auto-5b73e5ce2e24533c5160fe080e7732e4ee1f14dd09602b000e48ddf5429f4e66 status: experimental description: Detects traffic or activity related to https://notifiersenso.gobright.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://notifiersenso.gobright.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://massivereagen.highligh.in.net/verification.google id: auto-8b068792d0bac71b6895a4cd7027a246bea59abff71d915c4c1fcccfc25ef27b status: experimental description: Detects traffic or activity related to https://massivereagen.highligh.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://massivereagen.highligh.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://timb3r-cast.highligh.in.net/verification.google id: auto-c363cd28d69f43c6a63a68ddfd189771fb270a4325b187d0355fca5a2aa8fc5c status: experimental description: Detects traffic or activity related to https://timb3r-cast.highligh.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://timb3r-cast.highligh.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ad65x.omnifree.in.net/verification.google id: auto-efa9d7a7f2ea19bfd7179d5e863911b2522817c54a96328ff0e8a9f555c966b0 status: experimental description: Detects traffic or activity related to https://ad65x.omnifree.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ad65x.omnifree.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://mc9wq0.omnifree.in.net/verification.google id: auto-aa8dad80363ee2f004088d80c2312b0ad164277af7dbfc61c4c845b9a9de2821 status: experimental description: Detects traffic or activity related to https://mc9wq0.omnifree.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://mc9wq0.omnifree.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://tal-lithum.omnifree.in.net/verification.google id: auto-745ba67d3f0bfbaeb8586b997a9b2926fe0b8006e6a6713a16a9ef12f0df20b8 status: experimental description: Detects traffic or activity related to https://tal-lithum.omnifree.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://tal-lithum.omnifree.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ser-fluxa.omnifree.in.net/verification.google id: auto-e0dfc15abdb9b30d506acc2898bd89b4c71669350ac2b4b944161c4c8ed22b22 status: experimental description: Detects traffic or activity related to https://ser-fluxa.omnifree.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ser-fluxa.omnifree.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://fund-lab.takefree.in.net/verification.google id: auto-f2a5de8e721c6443e42619c052f730a8d58158a892d61572f25657aa0f971c76 status: experimental description: Detects traffic or activity related to https://fund-lab.takefree.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://fund-lab.takefree.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ndhxikv.takefree.in.net/verification.google id: auto-ac44b4a4b23623ca1c515f9279d305bcc03e2223ef509e7275cebb3a423a6c3f status: experimental description: Detects traffic or activity related to https://ndhxikv.takefree.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ndhxikv.takefree.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://wvswfck.takefree.in.net/verification.google id: auto-07ba1483756d5868b3f3ab8a196cdf148ef19cc85184ca98fa38ebfdab2a5c04 status: experimental description: Detects traffic or activity related to https://wvswfck.takefree.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://wvswfck.takefree.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://modelultra.takefree.in.net/verification.google id: auto-1588eefeeaa20b49a2642a426836646c887e1df7e9eab312c7790a6143007ce7 status: experimental description: Detects traffic or activity related to https://modelultra.takefree.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://modelultra.takefree.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://partnerdust.taketwo.in.net/verification.google id: auto-5b4efbd76b5cd4163e07de5f05ac38a0a882d577c13b940db617d845d4991279 status: experimental description: Detects traffic or activity related to https://partnerdust.taketwo.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://partnerdust.taketwo.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://rural-ash.taketwo.in.net/verification.google id: auto-a6b8c8eaff149d149072de340ab6bc4fc95868e71d711fd75a84d12a6e2493bb status: experimental description: Detects traffic or activity related to https://rural-ash.taketwo.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://rural-ash.taketwo.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://5cann5-wave.taketwo.in.net/verification.google id: auto-12b40ea2aaee7993e9f32ecd96bb43553b6f0e9d2b1f4a8b170386e70922c5eb status: experimental description: Detects traffic or activity related to https://5cann5-wave.taketwo.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://5cann5-wave.taketwo.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ijsbcf.taketwo.in.net/verification.google id: auto-2239045338306476debb8076683eab6f60f5987e38e11226073a46d82681c330 status: experimental description: Detects traffic or activity related to https://ijsbcf.taketwo.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ijsbcf.taketwo.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://kel-tideen.tunetwo.in.net/verification.google id: auto-432eee20c0490b41c8b0c4ff073c6f9e4ccd498e6ef54b7a95f7d61c38060629 status: experimental description: Detects traffic or activity related to https://kel-tideen.tunetwo.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://kel-tideen.tunetwo.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://tirs47so.tunetwo.in.net/verification.google id: auto-fce8f0282aab1a793f45c64236d840a0f10b907867f0347bb6ba2c9d5f757676 status: experimental description: Detects traffic or activity related to https://tirs47so.tunetwo.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://tirs47so.tunetwo.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ycmfs.tunetwo.in.net/verification.google id: auto-e4f9af149a27afb0b6cffefc87c4d681670235d661f76cfa3343b5d2b0c3f4b8 status: experimental description: Detects traffic or activity related to https://ycmfs.tunetwo.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ycmfs.tunetwo.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://velnex7is.tunetwo.in.net/verification.google id: auto-87bf5d7f1325409b733f0656fea3801ea5d8e9a1ec8a184df2ff48771022afb7 status: experimental description: Detects traffic or activity related to https://velnex7is.tunetwo.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://velnex7is.tunetwo.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://0g94h.tuneone.in.net/verification.google id: auto-0416bed2cb7addea047ba8a437a304b202fc4f39d3381c5074cb3f50fde7a005 status: experimental description: Detects traffic or activity related to https://0g94h.tuneone.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://0g94h.tuneone.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://talfluxa.tuneone.in.net/verification.google id: auto-13217c7bf5ce96c7fd4e55cbddec84b3fc893c812b97987a37b4bb259f71ea59 status: experimental description: Detects traffic or activity related to https://talfluxa.tuneone.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://talfluxa.tuneone.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://gateext.tuneone.in.net/verification.google id: auto-d61d28fa49d0f4cbfff165d56d1ab641ab7cf3b745a070537b4a3e8b9baf2178 status: experimental description: Detects traffic or activity related to https://gateext.tuneone.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://gateext.tuneone.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://glyp-line.tuneone.in.net/verification.google id: auto-d3e2d19a64666705ebc529f94eff1e22189aeb05a93ab27f3022ed84f4578aa6 status: experimental description: Detects traffic or activity related to https://glyp-line.tuneone.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://glyp-line.tuneone.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://sercrestet.tunefour.in.net/verification.google id: auto-6c16b88bfb6d9d828ef415ea9d130c2cd3c5656cccdc7e492751ce8e453d81ec status: experimental description: Detects traffic or activity related to https://sercrestet.tunefour.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://sercrestet.tunefour.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://launchwind.tunefour.in.net/verification.google id: auto-d17c0fe07851f4aa73cf9f5cdf5b2db3afb003f246fb2741cc8862efe28d2925 status: experimental description: Detects traffic or activity related to https://launchwind.tunefour.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://launchwind.tunefour.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://api8-well.slowcube.in.net/verification.google id: auto-2451b78408c9b05f6d38a65e822d1a02ff1064466e9479350feaf9d508a7bb08 status: experimental description: Detects traffic or activity related to https://api8-well.slowcube.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://api8-well.slowcube.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cedar-focu.catflow.in.net/verification.google id: auto-956097aa230bda34dd6c10106063a6b4b12bfa8010381e014e99d941a13feca6 status: experimental description: Detects traffic or activity related to https://cedar-focu.catflow.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cedar-focu.catflow.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://rn1x-mesh.catflow.in.net/verification.google id: auto-d20290759b178efa03684a4f40cc4656a1196ba33e2babdc61ce743ca8d735cd status: experimental description: Detects traffic or activity related to https://rn1x-mesh.catflow.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://rn1x-mesh.catflow.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cavvoya.catflow.in.net/verification.google id: auto-d0331d28c4f31269bc6502037dc57251bf2888aebef4c295a210c61d4c9096c7 status: experimental description: Detects traffic or activity related to https://cavvoya.catflow.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cavvoya.catflow.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://assetproxy.catflat.in.net/verification.google id: auto-1c85898fa84c8a255d998014511396e7bc04d2a235d034da55fbe1e1aeac969d status: experimental description: Detects traffic or activity related to https://assetproxy.catflat.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://assetproxy.catflat.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://gard-cano.catflat.in.net/verification.google id: auto-534d70af53dbdbb5385dfba035547f14a38ef2579a054fca5fd9ce6877724c25 status: experimental description: Detects traffic or activity related to https://gard-cano.catflat.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://gard-cano.catflat.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ewt2o.catflat.in.net/verification.google id: auto-ca36a3a50539657913400245818b188deb3a65f73f4b93f5f197a16e6c3c8082 status: experimental description: Detects traffic or activity related to https://ewt2o.catflat.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ewt2o.catflat.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://goo8039f.catflat.in.net/verification.google id: auto-1b3e8738408f8da459bdf2a8cc252fe2ddaffe120826bd496f98f583b06e2e59 status: experimental description: Detects traffic or activity related to https://goo8039f.catflat.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://goo8039f.catflat.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://gvo7j.ratflat.in.net/verification.google id: auto-f2fe084d427f3b7cd3cc311d5cbbc719ca4bb0accc5554b5acca38b0ee9f515d status: experimental description: Detects traffic or activity related to https://gvo7j.ratflat.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://gvo7j.ratflat.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://channelash.ratflat.in.net/verification.google id: auto-fffef460d120de83b96e63d81971ee9fa2b8c45a8e67765bc3ab3a4eece9956e status: experimental description: Detects traffic or activity related to https://channelash.ratflat.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://channelash.ratflat.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://storybroad.ratflat.in.net/verification.google id: auto-05f3ca1be5c353d33748552210dd38a096f0cdce63e27a54c7da6393085bb5b6 status: experimental description: Detects traffic or activity related to https://storybroad.ratflat.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://storybroad.ratflat.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://lte05ohe.ratflat.in.net/verification.google id: auto-1a3cc81155efee5fd420d600b0a402cd18999fe13af6c241240fd070875de35a status: experimental description: Detects traffic or activity related to https://lte05ohe.ratflat.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://lte05ohe.ratflat.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://j9-main-point.ferroviva.in.net/verification.google id: auto-e5572558e4605c27fd8488390b0fd7918de6ef004d7dd11cf05eb3df5431e86f status: experimental description: Detects traffic or activity related to https://j9-main-point.ferroviva.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://j9-main-point.ferroviva.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://p7-gate-proxy.ferroviva.in.net/verification.google id: auto-d85939f65ce0389fdec5fefbf9f50acff44767770a81983e44a5339c51ff4984 status: experimental description: Detects traffic or activity related to https://p7-gate-proxy.ferroviva.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://p7-gate-proxy.ferroviva.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://s3-web-infra.ferroviva.in.net/verification.google id: auto-ae330625b87aa8b66d6ffaed23261730c5c0bd8a8b233b21796e440756f193fb status: experimental description: Detects traffic or activity related to https://s3-web-infra.ferroviva.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://s3-web-infra.ferroviva.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://r5-link-sat.secretovalle.in.net/verification.google id: auto-5a49e22834d59e59cf1d9c4bc31455c0c9a5546a939a9b8b2371818742a4976d status: experimental description: Detects traffic or activity related to https://r5-link-sat.secretovalle.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://r5-link-sat.secretovalle.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://q1-core-rock.secretovalle.in.net/verification.google id: auto-4223e01a8ff077f2e5708e364357238bcbb9baa7429df3118678f9d7b0f96b66 status: experimental description: Detects traffic or activity related to https://q1-core-rock.secretovalle.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://q1-core-rock.secretovalle.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://b9-base-steel.secretovalle.in.net/verification.google id: auto-e5774a54d0ff20d85ee1a72fbae02a1fe761d8c6c9201ce5b0f0cdf0a18d7687 status: experimental description: Detects traffic or activity related to https://b9-base-steel.secretovalle.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://b9-base-steel.secretovalle.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://n4-orbit-moon.secretovalle.in.net/verification.google id: auto-09eefd661c8fb365d104aee00c4e7ca9dcd3349560e7fef2c33722fa63ef70ee status: experimental description: Detects traffic or activity related to https://n4-orbit-moon.secretovalle.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://n4-orbit-moon.secretovalle.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://x0-space-open.altasphera.in.net/verification.google id: auto-4076197e4735d444b317d53b71e4201c8b3e494ecbb36c525f23e93cb1f5ec82 status: experimental description: Detects traffic or activity related to https://x0-space-open.altasphera.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://x0-space-open.altasphera.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://k9-rim-outer.altasphera.in.net/verification.google id: auto-56df0715b06508c12c1efee66fe49c03821e204a96cc727f4a7d64a770f237cf status: experimental description: Detects traffic or activity related to https://k9-rim-outer.altasphera.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://k9-rim-outer.altasphera.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://m8-sync-vision.puroflusso.in.net/verification.google id: auto-7b9b7a5e050636989433b92d88ca1317f283d6554046ca34ed6e2d6e0e80c5a2 status: experimental description: Detects traffic or activity related to https://m8-sync-vision.puroflusso.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://m8-sync-vision.puroflusso.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://a4-scan-point.puroflusso.in.net/verification.google id: auto-660bbfd2278a42330af255cc48e2bd6447a5605f881c4623b3e4ea1b7c7b8ee9 status: experimental description: Detects traffic or activity related to https://a4-scan-point.puroflusso.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://a4-scan-point.puroflusso.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://e6-bridge-light.puroflusso.in.net/verification.google id: auto-dadda34a4539bea19b6c36d8612cb51dd2f9a2c3ae2141f23b0ae030fa2abfd9 status: experimental description: Detects traffic or activity related to https://e6-bridge-light.puroflusso.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://e6-bridge-light.puroflusso.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://v0-room-dark.puroflusso.in.net/verification.google id: auto-e34c096381f7ee3b7b3b224a00b13cf677429698f0f176dfa7f66d79c1377c68 status: experimental description: Detects traffic or activity related to https://v0-room-dark.puroflusso.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://v0-room-dark.puroflusso.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://i1-vision-sync.duronodo.in.net/verification.google id: auto-bde25ca97e5c63117c38759ceb1e645829499db3b4de29e262f58927bcd70dfe status: experimental description: Detects traffic or activity related to https://i1-vision-sync.duronodo.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://i1-vision-sync.duronodo.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://y2-trace-alpha.duronodo.in.net/verification.google id: auto-a0cb0120a7888b1f4e49b916c89e8fcf60a7c59d3448c737eb1022f068344fb1 status: experimental description: Detects traffic or activity related to https://y2-trace-alpha.duronodo.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://y2-trace-alpha.duronodo.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://l9-auth-user.velocicorsa.in.net/verification.google id: auto-6c46e1c4aac5be9f468ec1a29b16dd9052d40102745f07d81d4826239fc0eb3a status: experimental description: Detects traffic or activity related to https://l9-auth-user.velocicorsa.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://l9-auth-user.velocicorsa.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://g7-db-point.velocicorsa.in.net/verification.google id: auto-8b806d022ecf5cb51795b1a23333af19bfd6022bff1ca8bbb9a89198d4eec821 status: experimental description: Detects traffic or activity related to https://g7-db-point.velocicorsa.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://g7-db-point.velocicorsa.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://f4-base-infra.velocicorsa.in.net/verification.google id: auto-0f56568105943cf276d9e18a9d3cb957b33b035a093569c28bd7b74289b8368e status: experimental description: Detects traffic or activity related to https://f4-base-infra.velocicorsa.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://f4-base-infra.velocicorsa.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://d8-net-global.velocicorsa.in.net/verification.google id: auto-edd8c5b31ec8cf9e343afec918e1c6fda3e2a2c874cba0ddd2e2ca0a03264d4f status: experimental description: Detects traffic or activity related to https://d8-net-global.velocicorsa.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://d8-net-global.velocicorsa.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://j1-flow-work.ombragrigia.in.net/verification.google id: auto-a595e43d21c44ac4c4d278c728fff1a0437d9144d22f44d1a92b7aaacd406edf status: experimental description: Detects traffic or activity related to https://j1-flow-work.ombragrigia.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://j1-flow-work.ombragrigia.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://h3-hub-local.ombragrigia.in.net/verification.google id: auto-2e25c89598ec056a6bac7396144300325be4ba158bd88245bc1653638639710c status: experimental description: Detects traffic or activity related to https://h3-hub-local.ombragrigia.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://h3-hub-local.ombragrigia.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://p0-link-power.ombragrigia.in.net/verification.google id: auto-35b1f3e64f07dd0ceca89b72350ec7d1bcc50b5757b618bcc4939a53ba05c4e5 status: experimental description: Detects traffic or activity related to https://p0-link-power.ombragrigia.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://p0-link-power.ombragrigia.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://r2-gate-entry.terralibre.in.net/verification.google id: auto-60c1624613a8391295e20cdb8bf071ed774241d78e75181bdb1a743a73c04800 status: experimental description: Detects traffic or activity related to https://r2-gate-entry.terralibre.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://r2-gate-entry.terralibre.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://q4-dev-host.terralibre.in.net/verification.google id: auto-7b28e68af367412865488a4f6022d6ff4ab231fcbc8767f821c0665536c323b6 status: experimental description: Detects traffic or activity related to https://q4-dev-host.terralibre.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://q4-dev-host.terralibre.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://n8-api-remote.terralibre.in.net/verification.google id: auto-d3fd158e53eff097fb4af06ea83dae4d89998af190bbfb64efdfa23eea005982 status: experimental description: Detects traffic or activity related to https://n8-api-remote.terralibre.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://n8-api-remote.terralibre.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://b1-cloud-store.terralibre.in.net/verification.google id: auto-d153ed521942fb12f2a08106671ee9baccda4d8b2117cd2b02092835dc6c1b3b status: experimental description: Detects traffic or activity related to https://b1-cloud-store.terralibre.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://b1-cloud-store.terralibre.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://c2-core-sync.focozero.in.net/verification.google id: auto-7182462ba93d40b4afda402d37352b20f235853b0333a6e712ca30ec9e1e7543 status: experimental description: Detects traffic or activity related to https://c2-core-sync.focozero.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://c2-core-sync.focozero.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://x5-web-proxy.focozero.in.net/verification.google id: auto-7b2a62f0ee4ea6a15dde96c7cc180b60a38afcd5b5aa45b5ae2313539c940fa6 status: experimental description: Detects traffic or activity related to https://x5-web-proxy.focozero.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://x5-web-proxy.focozero.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://z3-app-data.focozero.in.net/verification.google id: auto-ee40215dd58e97c71cff237bab14bad2eb439b2ed7a8a86ffbb9742ff37cac2f status: experimental description: Detects traffic or activity related to https://z3-app-data.focozero.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://z3-app-data.focozero.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://v7-srv-gate.focozero.in.net/verification.google id: auto-6ba6c2c9c70ae157e46deb44890cd85a0a9c75285bdd98e174af9f51ff5c31b5 status: experimental description: Detects traffic or activity related to https://v7-srv-gate.focozero.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://v7-srv-gate.focozero.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://m1-infra-static.ventonovo.in.net/verification.google id: auto-85dd2075f67107228ea9b6d596651f9042e2c472b2660b2b236904fea94af398 status: experimental description: Detects traffic or activity related to https://m1-infra-static.ventonovo.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://m1-infra-static.ventonovo.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://w9-dist-meta.ventonovo.in.net/verification.google id: auto-f02ec9479d47ab495a873e6b95acf55be17ebf74ac45e65dba95c3904f2f20db status: experimental description: Detects traffic or activity related to https://w9-dist-meta.ventonovo.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://w9-dist-meta.ventonovo.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://k4-sync-auth.ventonovo.in.net/verification.google id: auto-5eab74c80eca776b25df01322f817fd2f384aa9dd63cddc757bf8fbb2b02418d status: experimental description: Detects traffic or activity related to https://k4-sync-auth.ventonovo.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://k4-sync-auth.ventonovo.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://t0-node-edge.ventonovo.in.net/verification.google id: auto-61f74d9c57822745f79f242dbb78b75a3db70f31e61b9847ec733fee609562de status: experimental description: Detects traffic or activity related to https://t0-node-edge.ventonovo.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://t0-node-edge.ventonovo.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://sync-z2-data.metalloarea.in.net/verification.google id: auto-01363adbfc233799a7f9c05be6818c5a0de45ccab4e100a7442affb8b417c87f status: experimental description: Detects traffic or activity related to https://sync-z2-data.metalloarea.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://sync-z2-data.metalloarea.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://gate-x11-proxy.metalloarea.in.net/verification.google id: auto-8d842c858d01e552054ba23b3800abeb1cf699890f9091ee0e1366eab514f46b status: experimental description: Detects traffic or activity related to https://gate-x11-proxy.metalloarea.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://gate-x11-proxy.metalloarea.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://web-v8-infra.metalloarea.in.net/verification.google id: auto-5b920fb6e8b9191307df0f462a28a9a8bec5f000602f63ba17fe1dac75302453 status: experimental description: Detects traffic or activity related to https://web-v8-infra.metalloarea.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://web-v8-infra.metalloarea.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://link-z0-sat.grandeserveur.in.net/verification.google id: auto-a7824552751f441f764067e27def8675fb1551f42a50934ebd8d8fca7d1cec5e status: experimental description: Detects traffic or activity related to https://link-z0-sat.grandeserveur.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://link-z0-sat.grandeserveur.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://core-x2-rock.grandeserveur.in.net/verification.google id: auto-1ac5fc23505a7d95388b9687d2c45b8a85290af6071dbc892f7cc09aa5709ba7 status: experimental description: Detects traffic or activity related to https://core-x2-rock.grandeserveur.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://core-x2-rock.grandeserveur.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://base-v55-steel.grandeserveur.in.net/verification.google id: auto-4f3deadb2256b71c08e15b9f463ff8e0ab186ac35199217dcffc359164e96d7a status: experimental description: Detects traffic or activity related to https://base-v55-steel.grandeserveur.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://base-v55-steel.grandeserveur.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://orbit-z1-moon.grandeserveur.in.net/verification.google id: auto-56abd2bfded5dff78765eefd88c19688876e88f26ba7244de514753cc251be9f status: experimental description: Detects traffic or activity related to https://orbit-z1-moon.grandeserveur.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://orbit-z1-moon.grandeserveur.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://space-x9-open.silberstromz.in.net/verification.google id: auto-c3276cbe3aab3d80edd8cd9bb8889401eccf06573f37ec3902b038dc92c729f5 status: experimental description: Detects traffic or activity related to https://space-x9-open.silberstromz.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://space-x9-open.silberstromz.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://field-z4-vast.silberstromz.in.net/verification.google id: auto-74dfa13e85f23c53aec79214d025bdf6a7aa2b6800dc857973aa26395debb0fc status: experimental description: Detects traffic or activity related to https://field-z4-vast.silberstromz.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://field-z4-vast.silberstromz.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://zone-v11-area.silberstromz.in.net/verification.google id: auto-5e589b852b6122ac2de60f3274e53f882c393f54148e6bc95b466404faf148b2 status: experimental description: Detects traffic or activity related to https://zone-v11-area.silberstromz.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://zone-v11-area.silberstromz.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://rim-x7-outer.silberstromz.in.net/verification.google id: auto-57ecdc7593c8853af2033ec101c0cd3ec267872098b00a2fd90aa16278a29943 status: experimental description: Detects traffic or activity related to https://rim-x7-outer.silberstromz.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://rim-x7-outer.silberstromz.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://sync-v0-vision.altosistema.in.net/verification.google id: auto-6654c990e005cce1440dba3947e6b599b5e5663ff1898bfb8af74c52947048b8 status: experimental description: Detects traffic or activity related to https://sync-v0-vision.altosistema.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://sync-v0-vision.altosistema.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://scan-z2-point.altosistema.in.net/verification.google id: auto-0c4cff77885c1366a291436ee94af2a6247e30bd7bc88333e3b7e26f7d05eb15 status: experimental description: Detects traffic or activity related to https://scan-z2-point.altosistema.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://scan-z2-point.altosistema.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://bridge-x4-light.altosistema.in.net/verification.google id: auto-3e50f19384ac63041fed12f9038ba0998396972717f18db6c1a135a280865702 status: experimental description: Detects traffic or activity related to https://bridge-x4-light.altosistema.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://bridge-x4-light.altosistema.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://room-v51-dark.altosistema.in.net/verification.google id: auto-809c74f5c63867522b53731133a4214bd96de37ad1fe837a82ab0bf050c07343 status: experimental description: Detects traffic or activity related to https://room-v51-dark.altosistema.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://room-v51-dark.altosistema.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ghost-v3-node.froidenodal.in.net/verification.google id: auto-7762d88a6691be71c13623a063c4cfd5f7ad5ec2011ac57a8e6edd620e6bf4ff status: experimental description: Detects traffic or activity related to https://ghost-v3-node.froidenodal.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ghost-v3-node.froidenodal.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://trace-z9-alpha.froidenodal.in.net/verification.google id: auto-b2027e92fafc4bf7ae0b82db8843933a61fa1b433eaec0407b3260b5b0f66aad status: experimental description: Detects traffic or activity related to https://trace-z9-alpha.froidenodal.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://trace-z9-alpha.froidenodal.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://auth-v1-user.mondosicuro.in.net/verification.google id: auto-6a92e80b89463ca3035c8f732175d525acd136e9c0265ee9dcd92fc1be7bcf59 status: experimental description: Detects traffic or activity related to https://auth-v1-user.mondosicuro.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://auth-v1-user.mondosicuro.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://db-z12-point.mondosicuro.in.net/verification.google id: auto-102fa6f650884badbd27ec92af8ecc91e21ea4b3b7f05f777cc70de4e7ed4e19 status: experimental description: Detects traffic or activity related to https://db-z12-point.mondosicuro.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://db-z12-point.mondosicuro.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dev-x44-host.petittravail.in.net/verification.google id: auto-eeb11f3cd0b5d514e99f7204fbd5d1ed0eec2b8b2787d7245b3c17f9c49c52c0 status: experimental description: Detects traffic or activity related to https://dev-x44-host.petittravail.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dev-x44-host.petittravail.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://trace-x7-alpha.froidefibre.in.net/verification.google id: auto-e248fd8d34c45b3147270f822b6dc723961bd9ac541b8c401df25e41ddcb021c status: experimental description: Detects traffic or activity related to https://trace-x7-alpha.froidefibre.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://trace-x7-alpha.froidefibre.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://auth-v2-user.mondolucente.in.net/verification.google id: auto-ef2c3ad2a912f1c01d8b04d0d31fc43e23c5de2e7d7ca7ae09ea3486f01c89fc status: experimental description: Detects traffic or activity related to https://auth-v2-user.mondolucente.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://auth-v2-user.mondolucente.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://db-x55-point.mondolucente.in.net/verification.google id: auto-2123911c66b0d8e7152fe27b64524d0097a18f993f46224b5071382ef51d6b93 status: experimental description: Detects traffic or activity related to https://db-x55-point.mondolucente.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://db-x55-point.mondolucente.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://base-z3-infra.mondolucente.in.net/verification.google id: auto-4a3d7839ad489afa9d29e201710b4247f323673c995e12c99a87d7ca0a4a2709 status: experimental description: Detects traffic or activity related to https://base-z3-infra.mondolucente.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://base-z3-infra.mondolucente.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://net-v11-global.mondolucente.in.net/verification.google id: auto-90e34ec5efdeeabed8be2abaf967fe9201615ac9413ebde9694ea396fc9df297 status: experimental description: Detects traffic or activity related to https://net-v11-global.mondolucente.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://net-v11-global.mondolucente.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://flow-z4-work.starkewolke.in.net/verification.google id: auto-097aa352ff39f03433eb66085d3f21c7f416e583450057900c0c0425da260ded status: experimental description: Detects traffic or activity related to https://flow-z4-work.starkewolke.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://flow-z4-work.starkewolke.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://hub-v22-local.starkewolke.in.net/verification.google id: auto-ec8a59c0d81d72ff1da264417e6ec089807dc169fd05a31b6b5eb45505be4ef6 status: experimental description: Detects traffic or activity related to https://hub-v22-local.starkewolke.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://hub-v22-local.starkewolke.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://link-x9-power.starkewolke.in.net/verification.google id: auto-c046afcbc21782f199598537183061a2058a808a1a7862d06d5e8314f8dd05b1 status: experimental description: Detects traffic or activity related to https://link-x9-power.starkewolke.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://link-x9-power.starkewolke.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://sys-01-monitor.starkewolke.in.net/verification.google id: auto-4772254e6b72169bdfc565abf17d1f11ed259d4f94f2803faf6e8a41cdbedd30 status: experimental description: Detects traffic or activity related to https://sys-01-monitor.starkewolke.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://sys-01-monitor.starkewolke.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://gate-v5-entry.petitreseauv.in.net/verification.google id: auto-10f700d757dc5e89ad5e8fcfe25eb89ce0f47a871ea21d7ffeaa5a7bc07f2019 status: experimental description: Detects traffic or activity related to https://gate-v5-entry.petitreseauv.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://gate-v5-entry.petitreseauv.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dev-x11-host.petitreseauv.in.net/verification.google id: auto-895dab6a046eb68f8e5626094c2c721217567fb2260ea9de4f9a7db29e5153b0 status: experimental description: Detects traffic or activity related to https://dev-x11-host.petitreseauv.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dev-x11-host.petitreseauv.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://api-z8-remote.petitreseauv.in.net/verification.google id: auto-4f3698b6b37e6a701742b854a50d50ca9a4e778e83af5c77072e0826c2a7730b status: experimental description: Detects traffic or activity related to https://api-z8-remote.petitreseauv.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://api-z8-remote.petitreseauv.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cloud-v2-store.petitreseauv.in.net/verification.google id: auto-d081dcbe8055e3ecb7b6b2eadb50ede8d14d65189419ccb1eb725d42b1531eb6 status: experimental description: Detects traffic or activity related to https://cloud-v2-store.petitreseauv.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cloud-v2-store.petitreseauv.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://core-x1-sync.schnellestat.in.net/verification.google id: auto-565aa4c5cde381dc6cb40c73f5b0038ff1a55dd49a76d39c07df238ad1f70c48 status: experimental description: Detects traffic or activity related to https://core-x1-sync.schnellestat.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://core-x1-sync.schnellestat.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://web-303-proxy.schnellestat.in.net/verification.google id: auto-ab8950acb7522cd9d0329a01bfc623bd2dc73caf9800b33adafaab3c00a22da3 status: experimental description: Detects traffic or activity related to https://web-303-proxy.schnellestat.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://web-303-proxy.schnellestat.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://app-v9-data.schnellestat.in.net/verification.google id: auto-679cb7ea9e6fb86c6ef2b269f30901fbda60fc8762942ac99bd396ed5de3a1f9 status: experimental description: Detects traffic or activity related to https://app-v9-data.schnellestat.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://app-v9-data.schnellestat.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://srv-z44-meta.schnellestat.in.net/verification.google id: auto-90a657c1b3e6e631fc2616093106365413db5e4650e21af121d5fa2f00636c00 status: experimental description: Detects traffic or activity related to https://srv-z44-meta.schnellestat.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://srv-z44-meta.schnellestat.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://infra-v1-static.pontesicuro.in.net/verification.google id: auto-c9b2d243e927c17cf30df0ac9475f06686bf1d1d37d127f2b653db7c30158529 status: experimental description: Detects traffic or activity related to https://infra-v1-static.pontesicuro.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://infra-v1-static.pontesicuro.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dist-7-cache.pontesicuro.in.net/verification.google id: auto-8f14f0774066adafbdbd00ad7824ef1031e8252580e1944829d3156b52c5cd63 status: experimental description: Detects traffic or activity related to https://dist-7-cache.pontesicuro.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dist-7-cache.pontesicuro.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://sync-v02-edge.pontesicuro.in.net/verification.google id: auto-282948a231487bf9e3bbb285f7ed24b98e12513abfb414bbc6fb01d17f3472ac status: experimental description: Detects traffic or activity related to https://sync-v02-edge.pontesicuro.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://sync-v02-edge.pontesicuro.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://node-x91-auth.pontesicuro.in.net/verification.google id: auto-bde5111c65e7f0c51aa98bd1caa7b04f37f1ad5c46f133dccc4ec03b045cf4a4 status: experimental description: Detects traffic or activity related to https://node-x91-auth.pontesicuro.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://node-x91-auth.pontesicuro.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dynnexos.getlight.in.net/verification.google id: auto-bd0ba244ba28d649de2e018b3e16ea5191178f99a4dbe5c59feea81ba72788ea status: experimental description: Detects traffic or activity related to https://dynnexos.getlight.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dynnexos.getlight.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://proto-p1an.getlight.in.net/verification.google id: auto-f7aea743c050976f2244f5ff2a301d9d95fb3668935850e42236ab638f2fdcf4 status: experimental description: Detects traffic or activity related to https://proto-p1an.getlight.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://proto-p1an.getlight.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://irnport-array.getlight.in.net/verification.google id: auto-778bc2f4cdfb334f2023da78dd2b788f0834fcb5c10d6d07d526bd0b37f99d4a status: experimental description: Detects traffic or activity related to https://irnport-array.getlight.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://irnport-array.getlight.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://forrn4-mark.getlight.in.net/verification.google id: auto-314c75fc4d53ec18988ffc74e127e20ae13077d1ef36d43455ae156fa7885055 status: experimental description: Detects traffic or activity related to https://forrn4-mark.getlight.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://forrn4-mark.getlight.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://rmly.onelight.in.net/verification.google id: auto-3f56e0a0e8fcd014be99b8eb832fabc48c5b409885d4c27e5a1dc7eaa72c00a4 status: experimental description: Detects traffic or activity related to https://rmly.onelight.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://rmly.onelight.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://xivuhpzc.onelight.in.net/verification.google id: auto-4562b867a78f89ed6c1b48d221ac63c8da7bbd018d6a6d8405a63e5afec6b198 status: experimental description: Detects traffic or activity related to https://xivuhpzc.onelight.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://xivuhpzc.onelight.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://zenlithis.onelight.in.net/verification.google id: auto-e9381994b1cc600e58b53b152b1265693c038b747988e36ddf6c411303b64090 status: experimental description: Detects traffic or activity related to https://zenlithis.onelight.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://zenlithis.onelight.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://hyp3-grid.onelight.in.net/verification.google id: auto-5d0295910f044771a80a0deed37f6457057412a86b2f7f49ad08477ae0b6637e status: experimental description: Detects traffic or activity related to https://hyp3-grid.onelight.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://hyp3-grid.onelight.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://kelline7en.biglight.in.net/verification.google id: auto-f6ead4dbb0f46130822a1b0043c6a7fed4a963bcb98f018e9af7a072136a0e0f status: experimental description: Detects traffic or activity related to https://kelline7en.biglight.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://kelline7en.biglight.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://neo-dep0.biglight.in.net/verification.google id: auto-7529e7b7117e9f11f89f1968f1c6986ae750bd3edffb05eb3c680b8fdaa1607f status: experimental description: Detects traffic or activity related to https://neo-dep0.biglight.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://neo-dep0.biglight.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ultra-10ader.biglight.in.net/verification.google id: auto-850b124d5303f6ce5985dda77cf1865e923a312d9331febd7bc8b678d30e3db6 status: experimental description: Detects traffic or activity related to https://ultra-10ader.biglight.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ultra-10ader.biglight.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://owgnjyia.oilglass.in.net/verification.google id: auto-63a3f07df6c698dd536d5fd466f36f2c8f21a56d606ed12051f440e358fb6883 status: experimental description: Detects traffic or activity related to https://owgnjyia.oilglass.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://owgnjyia.oilglass.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://alt-4g3nt.oilglass.in.net/verification.google id: auto-7a51e16699a47df2bdcb9ab159d47564694a29c2939444655eec0e6ab3ab84da status: experimental description: Detects traffic or activity related to https://alt-4g3nt.oilglass.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://alt-4g3nt.oilglass.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://c11p8-route.oilglass.in.net/verification.google id: auto-d98525c5d4009555b2e5e50d5166327414247fead47e02f62c47d29a938e1152 status: experimental description: Detects traffic or activity related to https://c11p8-route.oilglass.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://c11p8-route.oilglass.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://awzsl.oilglass.in.net/verification.google id: auto-b4e78613c7d381184d831a3cc37e04ab339db85bd1710837cf1b66c572cefcf7 status: experimental description: Detects traffic or activity related to https://awzsl.oilglass.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://awzsl.oilglass.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://schem2-span.yellglass.in.net/verification.google id: auto-e3cddb94ec562893fffca59202cb09af1015f9474453ff006d741e4cb19a5109 status: experimental description: Detects traffic or activity related to https://schem2-span.yellglass.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://schem2-span.yellglass.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://lkzsajn.yellglass.in.net/verification.google id: auto-8565a4bd7ff9688977a78b7464d9e0d19ef496d2cd3e8c952c5d09d45c872ea1 status: experimental description: Detects traffic or activity related to https://lkzsajn.yellglass.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://lkzsajn.yellglass.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://67hl8p.yellglass.in.net/verification.google id: auto-c27210004b0706ec218514144bee3862baa87d71c35f73d2a02c5e6e58fb7570 status: experimental description: Detects traffic or activity related to https://67hl8p.yellglass.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://67hl8p.yellglass.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://timbermerge.yellglass.in.net/verification.google id: auto-917f1f5694e2fb2fead3f818e743026927fd1f9f666f431fde343026ccf89553 status: experimental description: Detects traffic or activity related to https://timbermerge.yellglass.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://timbermerge.yellglass.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://blendlayout.rassvet.in.net/verification.google id: auto-9e8a4fc718862ee6b01ba45c573418f70fef9b5c2ec574cafeb5af3972cc3dba status: experimental description: Detects traffic or activity related to https://blendlayout.rassvet.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://blendlayout.rassvet.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://bridgsock.rassvet.in.net/verification.google id: auto-6e613a5dbc5eea625ed83cedd72680c202aff7d4b57ea9dcab88a1249263783e status: experimental description: Detects traffic or activity related to https://bridgsock.rassvet.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://bridgsock.rassvet.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://66baw.rassvet.in.net/verification.google id: auto-acb2df4abee1425c6b744389aee2e00823527b9ecc3c30cd87e6e691e8598b17 status: experimental description: Detects traffic or activity related to https://66baw.rassvet.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://66baw.rassvet.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cellcol.rassvet.in.net/verification.google id: auto-d76d682022a34864cb186209cf324a8219fb9ffc1683e54a8dbcf238ad4ae34f status: experimental description: Detects traffic or activity related to https://cellcol.rassvet.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cellcol.rassvet.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://vorlithar5.bluelight.in.net/verification.google id: auto-0f8af5456bdae4277e6e775b264df2a7f5dfafd23c0de29e3a76277824a0d1e3 status: experimental description: Detects traffic or activity related to https://vorlithar5.bluelight.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://vorlithar5.bluelight.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://4ud18-ring.bluelight.in.net/verification.google id: auto-b969c0c6adadc03f0481399f847498d6c0eb74a67519f332332a1f6f64f80064 status: experimental description: Detects traffic or activity related to https://4ud18-ring.bluelight.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://4ud18-ring.bluelight.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://surve-spool.bluelight.in.net/verification.google id: auto-015f63adeb4fa57d5b7d236bbc38fe9a4de34dca8a1a4a983dd51e70a9e2efb6 status: experimental description: Detects traffic or activity related to https://surve-spool.bluelight.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://surve-spool.bluelight.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://routercanva.bluelight.in.net/verification.google id: auto-0fb499631ed0ea8975b001126a3087699e1fe322298d30951a1f93a8b3a426f2 status: experimental description: Detects traffic or activity related to https://routercanva.bluelight.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://routercanva.bluelight.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dynlineum5.dotnet.in.net/verification.google id: auto-66dfa1b593f98f89e3ce006afd646293633bd1aa600c97c9d9bd98c5e6d58085 status: experimental description: Detects traffic or activity related to https://dynlineum5.dotnet.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dynlineum5.dotnet.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://splitcrim.dotnet.in.net/verification.google id: auto-5bd1a2e81a4435011197893f3680010009ab30d1d10b304736cacbc36557813a status: experimental description: Detects traffic or activity related to https://splitcrim.dotnet.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://splitcrim.dotnet.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://br4nd-crest.dotnet.in.net/verification.google id: auto-22c88f1b324d70e6b9ac297188fdf46425bbdc2685331994d0a3952e932a793b status: experimental description: Detects traffic or activity related to https://br4nd-crest.dotnet.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://br4nd-crest.dotnet.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://n4rr-wave.gobright.in.net/verification.google id: auto-2484f39fa0a57dea3d40ef9334b8c8d68b4583db0cbb9e242c201d4621a94032 status: experimental description: Detects traffic or activity related to https://n4rr-wave.gobright.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://n4rr-wave.gobright.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://canopyform.gobright.in.net/verification.google id: auto-62bfd9e1062830b1c92c9d4df996ec04b293f4fd5224a9ba48cb40d6d5e9113e status: experimental description: Detects traffic or activity related to https://canopyform.gobright.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://canopyform.gobright.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://bran-gen.gobright.in.net/verification.google id: auto-cb68d407df2751d55ce52605a48f1e94408e99d2fbe7ba7097301318730664d5 status: experimental description: Detects traffic or activity related to https://bran-gen.gobright.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://bran-gen.gobright.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://shoalthorn.gobright.in.net/verification.google id: auto-951b9390481c1b8b74fc95d16b1e00b1ba00c0d147adabf027f5745ee86a8e32 status: experimental description: Detects traffic or activity related to https://shoalthorn.gobright.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://shoalthorn.gobright.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://9kmz1s.highligh.in.net/verification.google id: auto-ae40d64132959c33df0d53d8c814b20ff5a441d11ce29f3921d906a43a599dfe status: experimental description: Detects traffic or activity related to https://9kmz1s.highligh.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://9kmz1s.highligh.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://quorcore5et.highligh.in.net/verification.google id: auto-47fd4c73aa12cf1ce34bd38e7e937dfd96107f56ef269dcf1fd6b8523421e43b status: experimental description: Detects traffic or activity related to https://quorcore5et.highligh.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://quorcore5et.highligh.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://mooinne.highligh.in.net/verification.google id: auto-5c51cef9ce642c91aaac4cbafad5fa368a494134f2a08a3a668e6c983e31884e status: experimental description: Detects traffic or activity related to https://mooinne.highligh.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://mooinne.highligh.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://workerembe.highligh.in.net/verification.google id: auto-0e3118e6eda1835759e6ebbe7900bc5e074262d896d230f4c362aaa9db9c08dd status: experimental description: Detects traffic or activity related to https://workerembe.highligh.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://workerembe.highligh.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://c0ve-grid.ziparch.in.net/verification.google id: auto-68615294902f7e7d3e559ac3dcd07a1c9ce9957516e5e4d3d733805983787da5 status: experimental description: Detects traffic or activity related to https://c0ve-grid.ziparch.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://c0ve-grid.ziparch.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://c72ole.ziparch.in.net/verification.google id: auto-aa1f801c0a996a0a13ada612770f6c1393ff98c5427db4a8709926bf28da824c status: experimental description: Detects traffic or activity related to https://c72ole.ziparch.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://c72ole.ziparch.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ser-tidear.ziparch.in.net/verification.google id: auto-e300e6c3bbefd844da3daf50e56c42e656d0f500931560f659249a9ae9f041be status: experimental description: Detects traffic or activity related to https://ser-tidear.ziparch.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ser-tidear.ziparch.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://quotasun.ziparch.in.net/verification.google id: auto-c4117c8a042c36705377e55a3c8fd44b4f84a50d1322d1fbed0034e0647d9ad9 status: experimental description: Detects traffic or activity related to https://quotasun.ziparch.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://quotasun.ziparch.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://clousupply.farngo.in.net/verification.google id: auto-5b0909e96b7250576db6f41d2db7e860b082c6cd906280ed451cb72182e745cb status: experimental description: Detects traffic or activity related to https://clousupply.farngo.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://clousupply.farngo.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://shiel-track.farngo.in.net/verification.google id: auto-d000304204fbbc82cc31dc9e3ed2c64c41720bef021a7ddefcd883d8aa1e6c73 status: experimental description: Detects traffic or activity related to https://shiel-track.farngo.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://shiel-track.farngo.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://flee-peta.farngo.in.net/verification.google id: auto-fc36b9c1b9996e2e0daa9b2c26e782dd74410082af536feee15104a6c9d21ff9 status: experimental description: Detects traffic or activity related to https://flee-peta.farngo.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://flee-peta.farngo.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://geo-4uth.farngo.in.net/verification.google id: auto-ae1a08a0e660b13ae96d76fb2931d183eed4d6b2ef6ae86122dada9e367d1b50 status: experimental description: Detects traffic or activity related to https://geo-4uth.farngo.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://geo-4uth.farngo.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ff6se.idealup.in.net/verification.google id: auto-7bd17ff6ca93acabd81ee26a4b6f66bf671843277386a1c0c63ee77b40da73ff status: experimental description: Detects traffic or activity related to https://ff6se.idealup.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ff6se.idealup.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://curiouswholesale.idealup.in.net/verification.google id: auto-b2f7b64a30ab80143a66c195087420e8ee3e7c2561d752a6468a6dd519fcca80 status: experimental description: Detects traffic or activity related to https://curiouswholesale.idealup.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://curiouswholesale.idealup.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://brookurban.idealup.in.net/verification.google id: auto-5acdb45ac5d5ac6ad5522171d038b861dd9d929ba884c0bd8bbed52a776f1d48 status: experimental description: Detects traffic or activity related to https://brookurban.idealup.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://brookurban.idealup.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://5tab1-pulse.idealup.in.net/verification.google id: auto-6c6bfa4c3a59e3326dd803d99ad92315649fea37eecd508d770992d81ea6552b status: experimental description: Detects traffic or activity related to https://5tab1-pulse.idealup.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://5tab1-pulse.idealup.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://bhzrypm.idealno.in.net/verification.google id: auto-7723317d74723e4e0d01163ddc94893d80d714ff12d54e434c2909015d3acf2c status: experimental description: Detects traffic or activity related to https://bhzrypm.idealno.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://bhzrypm.idealno.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://bd6vpbg.idealno.in.net/verification.google id: auto-18ab199aa9fd6b477e06dc4b63efb26c90d03f91d1d89fe9738f9f81184a704a status: experimental description: Detects traffic or activity related to https://bd6vpbg.idealno.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://bd6vpbg.idealno.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://g447cjsx.idealno.in.net/verification.google id: auto-93c0951340e9904d012f822b3ae588f4a64e519bd9eb845ae8d5c10f308722d6 status: experimental description: Detects traffic or activity related to https://g447cjsx.idealno.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://g447cjsx.idealno.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://talfluxen.idealno.in.net/verification.google id: auto-73e82d66c86f5ff3cb7343dbc471c3e5dba8f9d5162c4b45860d4d4955634666 status: experimental description: Detects traffic or activity related to https://talfluxen.idealno.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://talfluxen.idealno.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://0hm6uq.trustdom.in.net/verification.google id: auto-00889f931e135edbd47f81a33d0d2097afbbf4cef5e449d545a8a1ae7137f4ba status: experimental description: Detects traffic or activity related to https://0hm6uq.trustdom.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://0hm6uq.trustdom.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://gu5t-spark.trustdom.in.net/verification.google id: auto-e1374eeaffd9a4bcd11f71e0e442eb8572046d38d1de923eaf9f871da4c311cd status: experimental description: Detects traffic or activity related to https://gu5t-spark.trustdom.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://gu5t-spark.trustdom.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://54p9sle.trustdom.in.net/verification.google id: auto-f090f49cf039d9152c28d12f2e4cd6e2a6d8c5f104cbbf98b2fb979af4d509f2 status: experimental description: Detects traffic or activity related to https://54p9sle.trustdom.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://54p9sle.trustdom.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://vgbf.trustdom.in.net/verification.google id: auto-646912578b0fed6d6506a29903f7395284ef75c999a8ff2358a11a420eb2da8b status: experimental description: Detects traffic or activity related to https://vgbf.trustdom.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://vgbf.trustdom.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://meta-val1dat.trustsum.in.net/verification.google id: auto-1a81b0ac5faa51bba301b66bc91c15512ff0c3e4e7c2f42d2b0e309276345c94 status: experimental description: Detects traffic or activity related to https://meta-val1dat.trustsum.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://meta-val1dat.trustsum.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://pf1dxwdy.trustsum.in.net/verification.google id: auto-35e8750bdc85a4790ab1f4952921e6cdcf33c58b536f78d9e0cbf222ebfdc8aa status: experimental description: Detects traffic or activity related to https://pf1dxwdy.trustsum.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://pf1dxwdy.trustsum.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://drawsout.trustsum.in.net/verification.google id: auto-4e15f8dc8c4da43a47e2a1219437c88a225267992633b756ab95d9753290f211 status: experimental description: Detects traffic or activity related to https://drawsout.trustsum.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://drawsout.trustsum.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://sp3c6-vault.trustsum.in.net/verification.google id: auto-33b27de68949f34aa87924e8b28611e46809d3feecc69e4d4352089d511dd2d4 status: experimental description: Detects traffic or activity related to https://sp3c6-vault.trustsum.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://sp3c6-vault.trustsum.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://baow.man4get.in.net/verification.google id: auto-51586ef949197086862abace901b669fd9b04b5c872bb1b3dfa5b2f6f75ef870 status: experimental description: Detects traffic or activity related to https://baow.man4get.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://baow.man4get.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://solcrest8on.man4get.in.net/verification.google id: auto-6a22b6f5b628c0112f794421b26db7bf5037641bae155022d8533fc4087374ef status: experimental description: Detects traffic or activity related to https://solcrest8on.man4get.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://solcrest8on.man4get.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://v3lv-watch.man4get.in.net/verification.google id: auto-470c969a1420729a8104ac3a0a668200086a38bdeab5dbd4aa2eaf8ef2482dc2 status: experimental description: Detects traffic or activity related to https://v3lv-watch.man4get.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://v3lv-watch.man4get.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://soldraex2.man4get.in.net/verification.google id: auto-8ead5d49e1749635b536d3c5a131d790efe2c4cb210ec033e958a9c102212eb6 status: experimental description: Detects traffic or activity related to https://soldraex2.man4get.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://soldraex2.man4get.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://airwaybroker.m4gnet.in.net/verification.google id: auto-996e71a1f3466edc38bdba6758351e817e6485de99a9383d142e2ae0a9adc697 status: experimental description: Detects traffic or activity related to https://airwaybroker.m4gnet.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://airwaybroker.m4gnet.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://solmarkex.m4gnet.in.net/verification.google id: auto-209d93b7e0425cb28f499fd6e5c58b10a781bd1f972aec3d4f0a08e2dea1cd16 status: experimental description: Detects traffic or activity related to https://solmarkex.m4gnet.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://solmarkex.m4gnet.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://7y35a.m4gnet.in.net/verification.google id: auto-7ea049771f1391311b211b55227f41cef1b1028471afb7fd2d5a0ed59dc4140f status: experimental description: Detects traffic or activity related to https://7y35a.m4gnet.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://7y35a.m4gnet.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://spr1ng-field.farmanager.in.net/verification.google id: auto-26aac1fb306987d317156deb64bf3901b2b7a7393bb2f5a746ac92ca8267666b status: experimental description: Detects traffic or activity related to https://spr1ng-field.farmanager.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://spr1ng-field.farmanager.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://salestru.farmanager.in.net/verification.google id: auto-9ea0983a69e68fe5c064409b4fc0c2e6804f47753c4ed2af7849ea379abd5c9a status: experimental description: Detects traffic or activity related to https://salestru.farmanager.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://salestru.farmanager.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://temp0-beam.farmanager.in.net/verification.google id: auto-b9d030a2e5d25de5130794ba67bd1d4dea40c77416108f81522cdeaab714e8b0 status: experimental description: Detects traffic or activity related to https://temp0-beam.farmanager.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://temp0-beam.farmanager.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://slopar.farmanager.in.net/verification.google id: auto-192b4b2ea41720121cb3fb033855226c7a122563b5761e27fccc21830a99b9d9 status: experimental description: Detects traffic or activity related to https://slopar.farmanager.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://slopar.farmanager.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://alt-w4go.checkstor.in.net/verification.google id: auto-ea82b63d12a811b042f2965d67c45880fe29d0caec4f858f85c2f4e8d1a3a8c3 status: experimental description: Detects traffic or activity related to https://alt-w4go.checkstor.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://alt-w4go.checkstor.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://6tym.checkstor.in.net/verification.google id: auto-5d3fbad2eb925882fe3a891c5f8596e2be4ba2fbe44241a37860438efe01f34b status: experimental description: Detects traffic or activity related to https://6tym.checkstor.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://6tym.checkstor.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://privateflame.checkstor.in.net/verification.google id: auto-ace65b95343402cf90cd423c697b496a40b082190cacbb37e8b12a001daa894f status: experimental description: Detects traffic or activity related to https://privateflame.checkstor.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://privateflame.checkstor.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://bloomhaul.checkstor.in.net/verification.google id: auto-16c6e837030c898e8a5b05aaa4a6c1bdf5cc3f7f7a5d5152e03b94cc80c09a5e status: experimental description: Detects traffic or activity related to https://bloomhaul.checkstor.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://bloomhaul.checkstor.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://638490.idealgo.in.net/verification.google id: auto-bad7cf70c6b9f66dd367f3be7c6098999ac0007c20308d1436a81c3b05257e79 status: experimental description: Detects traffic or activity related to https://638490.idealgo.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://638490.idealgo.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - http://158.94.208.7/files/2043702969/Ln9yol3.exe id: auto-49cebe6483ab696c45ca2368c271d673b7ac3841d4612b2b722d32a466479f9b status: experimental description: Detects traffic or activity related to http://158.94.208.7/files/2043702969/Ln9yol3.exe which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*http://158.94.208.7/files/2043702969/Ln9yol3.exe*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://genomecouri.idealgo.in.net/verification.google id: auto-1e5d9f1c9d24464667fad8c457258352b4febda43b3c9c759aeafa5df580caf8 status: experimental description: Detects traffic or activity related to https://genomecouri.idealgo.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://genomecouri.idealgo.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://guidecoral.idealgo.in.net/verification.google id: auto-46540c9535e6c5b29c55ba0550255f9632638f122ec3224ff709cdeda185fe28 status: experimental description: Detects traffic or activity related to https://guidecoral.idealgo.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://guidecoral.idealgo.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://mer-forgeon.idealgo.in.net/verification.google id: auto-41a1fcb5b5421e715bfc0682505646113430538b45a719a968e8d372d62e12c4 status: experimental description: Detects traffic or activity related to https://mer-forgeon.idealgo.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://mer-forgeon.idealgo.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - http://158.94.208.7/files/7362035837/FbbqcXE.exe id: auto-5a95cac6fb76c97d13c28e3d04b0e8f3c9df55647cd17cb6a6adb3a321d4e9d7 status: experimental description: Detects traffic or activity related to http://158.94.208.7/files/7362035837/FbbqcXE.exe which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*http://158.94.208.7/files/7362035837/FbbqcXE.exe*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://qpiihw67.zipfolder.in.net/verification.google id: auto-56230a373b92e3d67cd197341df103776c4b7d883dcb4904c2edb06c33445864 status: experimental description: Detects traffic or activity related to https://qpiihw67.zipfolder.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://qpiihw67.zipfolder.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://hyper-sc4n.zipfolder.in.net/verification.google id: auto-f4419c8875bcf50d4ee772d5a2dcede57f58af41bca3019df1e0a75cc75b7bff status: experimental description: Detects traffic or activity related to https://hyper-sc4n.zipfolder.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://hyper-sc4n.zipfolder.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://main-z7-point.metallocampo.in.net/verification.google id: auto-29d2fc7f56a5367c6f82b12955cbecfadbe887f00c630a00f8479c90de3fde12 status: experimental description: Detects traffic or activity related to https://main-z7-point.metallocampo.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://main-z7-point.metallocampo.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://sync-x1-data.metallocampo.in.net/verification.google id: auto-c145aa13aa3985462eaf9e57ff666a18dd23d04fb4dce8190ef0741c06164e04 status: experimental description: Detects traffic or activity related to https://sync-x1-data.metallocampo.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://sync-x1-data.metallocampo.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://gate-v8-proxy.metallocampo.in.net/verification.google id: auto-e508b988a962533056fe7576c9e1001d4bbbdf32e6486a435fc2e805e8767889 status: experimental description: Detects traffic or activity related to https://gate-v8-proxy.metallocampo.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://gate-v8-proxy.metallocampo.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://link-z2-sat.grandeparole.in.net/verification.google id: auto-4bb2ef6dae4f2a63bd9fa70c250353c17d156576389254a791d01210d3f2732b status: experimental description: Detects traffic or activity related to https://link-z2-sat.grandeparole.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://link-z2-sat.grandeparole.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://core-x3-rock.grandeparole.in.net/verification.google id: auto-b3018543dd5d8dc1e58f73e484790b3ed4cb03087f06f57000812f84e3a96a50 status: experimental description: Detects traffic or activity related to https://core-x3-rock.grandeparole.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://core-x3-rock.grandeparole.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://base-v5-steel.grandeparole.in.net/verification.google id: auto-b671f186b5e2da2c61e04c2b6aaf8b38730b8851376bbc8c462c635790f6efd2 status: experimental description: Detects traffic or activity related to https://base-v5-steel.grandeparole.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://base-v5-steel.grandeparole.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://orbit-90-moon.grandeparole.in.net/verification.google id: auto-22c135e905ccb166a64e2ca1a6267f94c7900f38c946b8bb6591f2697bb65c84 status: experimental description: Detects traffic or activity related to https://orbit-90-moon.grandeparole.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://orbit-90-moon.grandeparole.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://space-v7-open.silberfluss.in.net/verification.google id: auto-99b23122a455baab0c158fd07f5588f84d1ee35e71dc74fd888c3457b575b775 status: experimental description: Detects traffic or activity related to https://space-v7-open.silberfluss.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://space-v7-open.silberfluss.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://field-x4-vast.silberfluss.in.net/verification.google id: auto-fbf643f0e0f8f4d9136edf4be3bf127d0443e03c0bc9259b4985f68ad76d10f3 status: experimental description: Detects traffic or activity related to https://field-x4-vast.silberfluss.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://field-x4-vast.silberfluss.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://rim-v9-outer.silberfluss.in.net/verification.google id: auto-d18fa4f09cae369bfd44dc8dffb7e11a604e4f245c9a069d82389e511deabf9d status: experimental description: Detects traffic or activity related to https://rim-v9-outer.silberfluss.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://rim-v9-outer.silberfluss.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://sync-z0-vision.altotensione.in.net/verification.google id: auto-0da60677efabf5d43fad9d3e7dd20ade195acb7ecedc4b1de83cfcbada673d51 status: experimental description: Detects traffic or activity related to https://sync-z0-vision.altotensione.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://sync-z0-vision.altotensione.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://point-x2-scan.altotensione.in.net/verification.google id: auto-f615988ae6450f4c9949d565fe41f7b8febb509b4d2d814c985e48758cc50134 status: experimental description: Detects traffic or activity related to https://point-x2-scan.altotensione.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://point-x2-scan.altotensione.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://bridge-v4-light.altotensione.in.net/verification.google id: auto-a7c0c6168b36cd9d59e0326216bbe6fe05b4dbfbe9bd10a0e3eee37c16ce4e16 status: experimental description: Detects traffic or activity related to https://bridge-v4-light.altotensione.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://bridge-v4-light.altotensione.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://room-51-dark.altotensione.in.net/verification.google id: auto-504c78a2063422383e5ea6068576935ea2cfe84f3c9b571669f6c92ff684ca12 status: experimental description: Detects traffic or activity related to https://room-51-dark.altotensione.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://room-51-dark.altotensione.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://shell-v7-core.froidelumiere.in.net/verification.google id: auto-c1c41b9d9ba5fb77126331a497555ae59983990867ce49a36c1f3adbdcce30ae status: experimental description: Detects traffic or activity related to https://shell-v7-core.froidelumiere.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://shell-v7-core.froidelumiere.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://trace-44-alpha.froidelumiere.in.net/verification.google id: auto-9ef4b76c87bf78cb762ff1858b91790d362053e660c676d07b3698ac229e2d04 status: experimental description: Detects traffic or activity related to https://trace-44-alpha.froidelumiere.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://trace-44-alpha.froidelumiere.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://auth-z9-user.mondofuturo.in.net/verification.google id: auto-b0f1ed75196ec0777eac05dfd4817769b686e806b850998946efdcbb41a13b9f status: experimental description: Detects traffic or activity related to https://auth-z9-user.mondofuturo.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://auth-z9-user.mondofuturo.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://github.com/WindSkyUnveil39/Warzone-Cheat-2026/releases/download/Latest/WarLauncher.zip id: auto-ba98c09ca5665c13c63027f70632ac978ddc82db9e2f67f3759fc413cb6bdeea status: experimental description: Detects traffic or activity related to https://github.com/WindSkyUnveil39/Warzone-Cheat-2026/releases/download/Latest/WarLauncher.zip which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://github.com/WindSkyUnveil39/Warzone-Cheat-2026/releases/download/Latest/WarLauncher.zip*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://db-v12-point.mondofuturo.in.net/verification.google id: auto-cf0c2550fc590c5eeec43d69590c9a53ea6107664cfd5f4d7c1f3a568267ff5e status: experimental description: Detects traffic or activity related to https://db-v12-point.mondofuturo.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://db-v12-point.mondofuturo.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://base-x5-infra.mondofuturo.in.net/verification.google id: auto-dc7ee3032baa8e45bc5c2681a9c39ddd9c8ed953255baa07da2c772332312cf3 status: experimental description: Detects traffic or activity related to https://base-x5-infra.mondofuturo.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://base-x5-infra.mondofuturo.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://net-88-global.mondofuturo.in.net/verification.google id: auto-d732736729e77d05587590eb020ef5ab92f69e51cdab7b732cd9ed2a12f63d34 status: experimental description: Detects traffic or activity related to https://net-88-global.mondofuturo.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://net-88-global.mondofuturo.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://flow-v3-work.starkewand.in.net/verification.google id: auto-1c67d6581e0b0817744835577377493c9f8ef03f73dc49c8830c5a8c4bb587c7 status: experimental description: Detects traffic or activity related to https://flow-v3-work.starkewand.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://flow-v3-work.starkewand.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://hub-x0-local.starkewand.in.net/verification.google id: auto-aa400dfc109630fc9af4a0dcc9b10ef5fd37eea8eea36c1b59253f32ed4d9507 status: experimental description: Detects traffic or activity related to https://hub-x0-local.starkewand.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://hub-x0-local.starkewand.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://link-v2-power.starkewand.in.net/verification.google id: auto-f583e89589a5fe5b0d1ac9e8dc2ba4bec1ef5574624a72287e10bc71489858fa status: experimental description: Detects traffic or activity related to https://link-v2-power.starkewand.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://link-v2-power.starkewand.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://sys-99-monitor.starkewand.in.net/verification.google id: auto-b941fe1c67dee58ffe3c0f616f39286e5b1a6d158fb5b63143e2d468946a2cb7 status: experimental description: Detects traffic or activity related to https://sys-99-monitor.starkewand.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://sys-99-monitor.starkewand.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://gate-v9-entry.petitniveaux.in.net/verification.google id: auto-8edfabdcb7c7cafa127597a727342f76c276b41f39b513771bf0dde3a6237478 status: experimental description: Detects traffic or activity related to https://gate-v9-entry.petitniveaux.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://gate-v9-entry.petitniveaux.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dev-x7-host.petitniveaux.in.net/verification.google id: auto-8a8eaaf7eecbb2255b3de29ff9f42d0e5b0b930de2a5846c2829961799ef1e88 status: experimental description: Detects traffic or activity related to https://dev-x7-host.petitniveaux.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dev-x7-host.petitniveaux.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://api-v0-remote.petitniveaux.in.net/verification.google id: auto-93ffb059c83056959e82362569abe7541bf1e57f7984f1e64e07b92b5be6b702 status: experimental description: Detects traffic or activity related to https://api-v0-remote.petitniveaux.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://api-v0-remote.petitniveaux.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cloud-z1-store.petitniveaux.in.net/verification.google id: auto-bb79edbdb3d43ddc4d739663f300e20ac6b758494e322bed5673e894b80b7a3a status: experimental description: Detects traffic or activity related to https://cloud-z1-store.petitniveaux.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cloud-z1-store.petitniveaux.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://core-x2-sync.schnellerechner.in.net/verification.google id: auto-6a07556d5072ff10fc4b527240f05677dba50b74b7b1916d784f5f302912f5a8 status: experimental description: Detects traffic or activity related to https://core-x2-sync.schnellerechner.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://core-x2-sync.schnellerechner.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://web-901-proxy.schnellerechner.in.net/verification.google id: auto-394c7577fc9e5a37f5fe275fe41bdca55a47042c24fabfea65dfdd73a4c98940 status: experimental description: Detects traffic or activity related to https://web-901-proxy.schnellerechner.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://web-901-proxy.schnellerechner.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://app-v4-data.schnellerechner.in.net/verification.google id: auto-554a8cc833edf7633a68320cb266721c032865c78a0e62efa8c96d94c4ef9850 status: experimental description: Detects traffic or activity related to https://app-v4-data.schnellerechner.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://app-v4-data.schnellerechner.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://srv-77-meta.schnellerechner.in.net/verification.google id: auto-a5a9b9c2360aafe4ce62f8b887a479d980944a85f6196e139cc5925a366e6051 status: experimental description: Detects traffic or activity related to https://srv-77-meta.schnellerechner.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://srv-77-meta.schnellerechner.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://infra-static-z.vittoriaviva.in.net/verification.google id: auto-52f442ebfdc93350eb1b48f8836b3ee73042e4a36309e9754b017151a198c25e status: experimental description: Detects traffic or activity related to https://infra-static-z.vittoriaviva.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://infra-static-z.vittoriaviva.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dist-v8-cache.vittoriaviva.in.net/verification.google id: auto-b26f8b5ba9e64f5b75fb8f3a265709fb7d14d56642e566554191c40027648b38 status: experimental description: Detects traffic or activity related to https://dist-v8-cache.vittoriaviva.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dist-v8-cache.vittoriaviva.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://sync-01-edge.vittoriaviva.in.net/verification.google id: auto-b9fdd1fdf02fd670263d94170a7554682ed07f4c54fb88eaeec89636b7b3b190 status: experimental description: Detects traffic or activity related to https://sync-01-edge.vittoriaviva.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://sync-01-edge.vittoriaviva.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://node-b92-auth.vittoriaviva.in.net/verification.google id: auto-1201ff4ba18ccee5a8685b864ec1e5c7c9db43e2aa0fb421bc5fc42bb7ea7bfc status: experimental description: Detects traffic or activity related to https://node-b92-auth.vittoriaviva.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://node-b92-auth.vittoriaviva.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://main-point-v.silberstrom.in.net/verification.google id: auto-5f4dc076b01ec30c0c5139a163edd0ce6d6f5682e12c1ff7b85932bfc375f2ca status: experimental description: Detects traffic or activity related to https://main-point-v.silberstrom.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://main-point-v.silberstrom.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://data-sync-01.silberstrom.in.net/verification.google id: auto-5a43330f50211e9607606be947a5b1b62a6d6ea9f7f85ef767dca3abee7ff96a status: experimental description: Detects traffic or activity related to https://data-sync-01.silberstrom.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://data-sync-01.silberstrom.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://gate-proxy-x.silberstrom.in.net/verification.google id: auto-d3387f90f52948183d49301088f3009e3a61b0a7b381c8cbbae359b0c1bfa7ac status: experimental description: Detects traffic or activity related to https://gate-proxy-x.silberstrom.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://gate-proxy-x.silberstrom.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://infra-web-v2.silberstrom.in.net/verification.google id: auto-2c8013dda63a2fba46b568ceb075fcdb108699dcaba15365dbaef547c9600f6a status: experimental description: Detects traffic or activity related to https://infra-web-v2.silberstrom.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://infra-web-v2.silberstrom.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://sat-uplink-0.vitaserena.in.net/verification.google id: auto-4762fb84e9a3c1319ba3d0306c5372b1a12363f8d10594e6982e7007c08c881f status: experimental description: Detects traffic or activity related to https://sat-uplink-0.vitaserena.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://sat-uplink-0.vitaserena.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://rock-core-z4.vitaserena.in.net/verification.google id: auto-d7deaad03f4d7b34fd3b4d6c910f4a0b7e6084d47c8253daaaa9d4ab1f1ec17c status: experimental description: Detects traffic or activity related to https://rock-core-z4.vitaserena.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://rock-core-z4.vitaserena.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://steel-base-x.vitaserena.in.net/verification.google id: auto-96c9f1fbff026b97ae57fac1555a27b3ad8983d2422c9ee698096d076a97e61d status: experimental description: Detects traffic or activity related to https://steel-base-x.vitaserena.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://steel-base-x.vitaserena.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://moon-orbit-v1.vitaserena.in.net/verification.google id: auto-61962efca36c2a04bb94609e3220af51db3d3689c9ae54c0724b370103f106f2 status: experimental description: Detects traffic or activity related to https://moon-orbit-v1.vitaserena.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://moon-orbit-v1.vitaserena.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://open-space-z.espacesombre.in.net/verification.google id: auto-e5c37203dd5cd08ddcb13bae13785df2817f6e7216433bec7f0ec8bb452a2d53 status: experimental description: Detects traffic or activity related to https://open-space-z.espacesombre.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://open-space-z.espacesombre.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://vast-field-1.espacesombre.in.net/verification.google id: auto-88632a55fd7046b531e63b2ca887ed35379cf217d8feb5aa3c1e67480e0339b6 status: experimental description: Detects traffic or activity related to https://vast-field-1.espacesombre.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://vast-field-1.espacesombre.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://area-zone-v3.espacesombre.in.net/verification.google id: auto-9d85ff028d50a62f9d08a22f1798f97537d0edd615d7a2d11a458b366a2795de status: experimental description: Detects traffic or activity related to https://area-zone-v3.espacesombre.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://area-zone-v3.espacesombre.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://outer-rim-09.espacesombre.in.net/verification.google id: auto-080b746836a7bf2c8423b0bce915acf36b44505f3fa7d00ac9b4a2e48849cc8a status: experimental description: Detects traffic or activity related to https://outer-rim-09.espacesombre.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://outer-rim-09.espacesombre.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://vision-sync-v.kaltemech.in.net/verification.google id: auto-96028c01a5c581c04045d7e18688dd1dd8d42eeead6bef0fddf1f72a30d67d55 status: experimental description: Detects traffic or activity related to https://vision-sync-v.kaltemech.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://vision-sync-v.kaltemech.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://scan-point-2.kaltemech.in.net/verification.google id: auto-9244a9ee521d29d390dc1a89407690234dd1da6bb4093106522857fa16d5f83d status: experimental description: Detects traffic or activity related to https://scan-point-2.kaltemech.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://scan-point-2.kaltemech.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://light-bridge-x.kaltemech.in.net/verification.google id: auto-20484cbc360644787c545070f627e5c3982acd96d382903db06dae69b8f089b0 status: experimental description: Detects traffic or activity related to https://light-bridge-x.kaltemech.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://light-bridge-x.kaltemech.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dark-room-v5.kaltemech.in.net/verification.google id: auto-085f105af8426e50bf68bdd9440b475609c24174f2bbb94db1e90a3012aa267a status: experimental description: Detects traffic or activity related to https://dark-room-v5.kaltemech.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dark-room-v5.kaltemech.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ghost-node-0.fiumeveloce.in.net/verification.google id: auto-1d6f4a5afe7feda8b2fe1ca8823d0f363bbfbc0133a2d485991a351e6013f83c status: experimental description: Detects traffic or activity related to https://ghost-node-0.fiumeveloce.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ghost-node-0.fiumeveloce.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://user-auth-x3.fiumeveloce.in.net/verification.google id: auto-336e91b73e161a1b30b8ba668ed3f0b24699df3a414b96488b0ecff72bfea3c7 status: experimental description: Detects traffic or activity related to https://user-auth-x3.fiumeveloce.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://user-auth-x3.fiumeveloce.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://core-shell-z8.fiumeveloce.in.net/verification.google id: auto-d0ebe296088f45165eadb7dedbf80f1bd66c72c911edd9ad13d28ab9e954c101 status: experimental description: Detects traffic or activity related to https://core-shell-z8.fiumeveloce.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://core-shell-z8.fiumeveloce.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://alpha-trace-v.fiumeveloce.in.net/verification.google id: auto-4305701acde458f5d156968797df7568338ce4305ccc5b05b4f2f53f69407324 status: experimental description: Detects traffic or activity related to https://alpha-trace-v.fiumeveloce.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://alpha-trace-v.fiumeveloce.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://point-entry-4.grandestat.in.net/verification.google id: auto-0f004ac871d98be05ce14561cec3fc244b0482c07d9be9620f4389f74533761f status: experimental description: Detects traffic or activity related to https://point-entry-4.grandestat.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://point-entry-4.grandestat.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://data-base-v5.grandestat.in.net/verification.google id: auto-5e05e3c57cdaaaa5e276aec1aa3987a0470bdbaf7442e5ad973496bac7f88be3 status: experimental description: Detects traffic or activity related to https://data-base-v5.grandestat.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://data-base-v5.grandestat.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://base-infra-99.grandestat.in.net/verification.google id: auto-9bf753394db012a17e3aa1a050813e935f59459da00423d113ba9b30591d4b48 status: experimental description: Detects traffic or activity related to https://base-infra-99.grandestat.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://base-infra-99.grandestat.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://global-net-v1.grandestat.in.net/verification.google id: auto-66df981a38fc5928ae46c6347ba5cfb2b742360a36d33a15d15010063555ac37 status: experimental description: Detects traffic or activity related to https://global-net-v1.grandestat.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://global-net-v1.grandestat.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://local-hub-x9.mondolibre.in.net/verification.google id: auto-1ce724e923b172b20252a15a2e59508d3ee806907e5cee99e916175a99488244 status: experimental description: Detects traffic or activity related to https://local-hub-x9.mondolibre.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://local-hub-x9.mondolibre.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://staff-portal-1.mondolibre.in.net/verification.google id: auto-c9963fd63e15f878b87718466a6dbb2168b3f4e1d54c72a54bd96b1eb1374a86 status: experimental description: Detects traffic or activity related to https://staff-portal-1.mondolibre.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://staff-portal-1.mondolibre.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://work-flow-v0.mondolibre.in.net/verification.google id: auto-0f01be37d49f0da6ce6306d35c3fecd7813acf475c7e774c2ae7ecf3f1d28936 status: experimental description: Detects traffic or activity related to https://work-flow-v0.mondolibre.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://work-flow-v0.mondolibre.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://power-link-z5.mondolibre.in.net/verification.google id: auto-3ae9be325cf02937335f6b220b9b5254316a84aff858b457eaebc72cd94b2828 status: experimental description: Detects traffic or activity related to https://power-link-z5.mondolibre.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://power-link-z5.mondolibre.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://backend-node-v.stillewasser.in.net/verification.google id: auto-4dbdb70cd1702884af6eaaca99c228bd1cc145fdf4aced0d2df8421f82d54cb6 status: experimental description: Detects traffic or activity related to https://backend-node-v.stillewasser.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://backend-node-v.stillewasser.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://app-data-hub.fortezzarossa.in.net/verification.google id: auto-f0175bcdb9340300c5e347abc01761bba90308821af52fd9a7dc00abd4614262 status: experimental description: Detects traffic or activity related to https://app-data-hub.fortezzarossa.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://app-data-hub.fortezzarossa.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://web-proxy-alt.fortezzarossa.in.net/verification.google id: auto-3c75a291574a3ee32d6170af52c7606c262d57849577673766595e62c74863d2 status: experimental description: Detects traffic or activity related to https://web-proxy-alt.fortezzarossa.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://web-proxy-alt.fortezzarossa.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://srv-cluster-01.fortezzarossa.in.net/verification.google id: auto-4ddef156661bee27ab37f1fb9b9e5bb2199c6f38642c4d40c3280cae846887d6 status: experimental description: Detects traffic or activity related to https://srv-cluster-01.fortezzarossa.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://srv-cluster-01.fortezzarossa.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cloud-drive-v7.fortezzarossa.in.net/verification.google id: auto-73358da5a451c8d94594931a5bba86d99d81fbcd5646b2ed2d6e643963f078da status: experimental description: Detects traffic or activity related to https://cloud-drive-v7.fortezzarossa.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cloud-drive-v7.fortezzarossa.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://metrics-sync-1.petitnuage.in.net/verification.google id: auto-415cfa835e68efa83f7e6015eb2872b07c20a259d996978cb0e3102266fdd5dd status: experimental description: Detects traffic or activity related to https://metrics-sync-1.petitnuage.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://metrics-sync-1.petitnuage.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://api-v3-storage.petitnuage.in.net/verification.google id: auto-6477bc0f2afac8d33d81ea2a4b828b953e8c7170486150fc0beebbde8095ccba status: experimental description: Detects traffic or activity related to https://api-v3-storage.petitnuage.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://api-v3-storage.petitnuage.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cdn-static-v5.petitnuage.in.net/verification.google id: auto-438ca3cf61a705dc307413adc7978890c2ba3ed6b4770afb01dc728deb3145c5 status: experimental description: Detects traffic or activity related to https://cdn-static-v5.petitnuage.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cdn-static-v5.petitnuage.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - http://main-point-1.metallocielo.in.net/verification.google id: auto-65a9137830ad944f90bd5117d6922a9157f8263dc098401a4dcea8e95073f3ec status: experimental description: Detects traffic or activity related to http://main-point-1.metallocielo.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*http://main-point-1.metallocielo.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://data-sync-x9.metallocielo.in.net/verification.google id: auto-3f1d8a83c59bdbd9ae86186ffa8d5b840629ff6c733e814e82723e3036edf563 status: experimental description: Detects traffic or activity related to https://data-sync-x9.metallocielo.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://data-sync-x9.metallocielo.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://gate-proxy-z.metallocielo.in.net/verification.google id: auto-196f64a00be09f4d993aa1adc7e40087e178d969b2e41cd5bca90e2fd58e5478 status: experimental description: Detects traffic or activity related to https://gate-proxy-z.metallocielo.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://gate-proxy-z.metallocielo.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://infra-web-01.metallocielo.in.net/verification.google id: auto-09f9dc6e907aa142d3ebec3314da5967f5bb8fff5e978bab7514dbeed2e5e385 status: experimental description: Detects traffic or activity related to https://infra-web-01.metallocielo.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://infra-web-01.metallocielo.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://sat-uplink-5.grandevision.in.net/verification.google id: auto-7b7532de49ab69ac6ba3673b8edbfcd42c94587bed5815b990bcd9dfd5495ef0 status: experimental description: Detects traffic or activity related to https://sat-uplink-5.grandevision.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://sat-uplink-5.grandevision.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://rock-core-v2.grandevision.in.net/verification.google id: auto-c1d9cb225788d9f75637bfd6a459ce31d4e3a38d0a3d8c86f09f62e30e5dcd3a status: experimental description: Detects traffic or activity related to https://rock-core-v2.grandevision.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://rock-core-v2.grandevision.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://steel-base-7.grandevision.in.net/verification.google id: auto-5543f9dd65d02a800d0228d616757c86d1978fe00d1e732f6659e4febf44ab68 status: experimental description: Detects traffic or activity related to https://steel-base-7.grandevision.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://steel-base-7.grandevision.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://moon-orbit-x.grandevision.in.net/verification.google id: auto-d0a23b5f4eb36382dfc07ca9a7c350b7f8572a64faf7a64e959c97042e821dc1 status: experimental description: Detects traffic or activity related to https://moon-orbit-x.grandevision.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://moon-orbit-x.grandevision.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://open-space-1.silberpfad.in.net/verification.google id: auto-bf346b89a05ff896e3c3da37a339a5f4b7082156365a603874526e56d54b83d8 status: experimental description: Detects traffic or activity related to https://open-space-1.silberpfad.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://open-space-1.silberpfad.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://vast-field-z.silberpfad.in.net/verification.google id: auto-78db33acf230b2eb6115aed0378635a63ea7482bf3f067f31e179e2c87be9e03 status: experimental description: Detects traffic or activity related to https://vast-field-z.silberpfad.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://vast-field-z.silberpfad.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://area-zone-99.silberpfad.in.net/verification.google id: auto-8141711cfa68a0738b55740f32220a421b0b4c17280a001133a84a6b66bb96dc status: experimental description: Detects traffic or activity related to https://area-zone-99.silberpfad.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://area-zone-99.silberpfad.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://outer-rim-v1.silberpfad.in.net/verification.google id: auto-8de90ef82733ae435279a3cb01c8fbc177a2dc0fda6da45fe6c90b1cfc954ff8 status: experimental description: Detects traffic or activity related to https://outer-rim-v1.silberpfad.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://outer-rim-v1.silberpfad.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://vision-sync-x.altovelocita.in.net/verification.google id: auto-712136b22e3e568387af5a4620d43f205346f99ce427831daa6cf2f7b2d8810e status: experimental description: Detects traffic or activity related to https://vision-sync-x.altovelocita.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://vision-sync-x.altovelocita.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://scan-point-0.altovelocita.in.net/verification.google id: auto-7f833bc20d558de12f586be64183f36613e14a40ef144d3948dc9790dd82fba3 status: experimental description: Detects traffic or activity related to https://scan-point-0.altovelocita.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://scan-point-0.altovelocita.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://light-bridge-1.altovelocita.in.net/verification.google id: auto-cc1f8dcd384451f40c61c4c959e56d26e949c7964b6bd7c7095cdac5a4f14313 status: experimental description: Detects traffic or activity related to https://light-bridge-1.altovelocita.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://light-bridge-1.altovelocita.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dark-room-z.altovelocita.in.net/verification.google id: auto-c3dbe691e19be113dcbddfe2720683dbc07079e525415bac03af429f47b585c1 status: experimental description: Detects traffic or activity related to https://dark-room-z.altovelocita.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dark-room-z.altovelocita.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ghost-node-x.froidespace.in.net/verification.google id: auto-0b723a81ede4cb2e332a84e39608a8e69cc0aa4a92f70658fe090a1b80812195 status: experimental description: Detects traffic or activity related to https://ghost-node-x.froidespace.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ghost-node-x.froidespace.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://user-auth-11.froidespace.in.net/verification.google id: auto-1edf6b549eda331a1c325f6c604284110fc5a25beeb477eed61eddf7541005d1 status: experimental description: Detects traffic or activity related to https://user-auth-11.froidespace.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://user-auth-11.froidespace.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://core-shell-v4.froidespace.in.net/verification.google id: auto-90d7888482298a1a668289c454b1bfea5d8fb9ce35ff2b3d69089ccc24f37164 status: experimental description: Detects traffic or activity related to https://core-shell-v4.froidespace.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://core-shell-v4.froidespace.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://alpha-trace-9.froidespace.in.net/verification.google id: auto-2d16d5dbcb97f5b5f59f017da307ac6112587df51267b61edcf99972e879d9ee status: experimental description: Detects traffic or activity related to https://alpha-trace-9.froidespace.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://alpha-trace-9.froidespace.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - http://62.60.226.97:5553/karas.exe id: auto-83a8b0ff5c8ac040bd1a5032b8ab202799b04f0447fb814131979c786c6ed72c status: experimental description: Detects traffic or activity related to http://62.60.226.97:5553/karas.exe which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*http://62.60.226.97:5553/karas.exe*' condition: selection level: high tags: - attack.t1204.002 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - http://62.60.226.97:5553/seshea.exe id: auto-3b63a5c5bcf5fd2fde3860be5442122765c6ca919c2ca64770b92a2ddb321f45 status: experimental description: Detects traffic or activity related to http://62.60.226.97:5553/seshea.exe which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*http://62.60.226.97:5553/seshea.exe*' condition: selection level: high tags: - attack.t1204.002 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - http://62.60.226.97:5553/ssl.exe id: auto-4c78946e0e30bcc2c8fa63f73f55908474482101752e07d6ad14ae873f4ea7fe status: experimental description: Detects traffic or activity related to http://62.60.226.97:5553/ssl.exe which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*http://62.60.226.97:5553/ssl.exe*' condition: selection level: high tags: - attack.t1204.002 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - http://62.60.226.97:5553/xenos.exe id: auto-75fce53b0edf91476a237f8aa9e67c4b8cd46d4ce04e950aa3eb4c60a67d429f status: experimental description: Detects traffic or activity related to http://62.60.226.97:5553/xenos.exe which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*http://62.60.226.97:5553/xenos.exe*' condition: selection level: high tags: - attack.t1204.002 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - http://62.60.226.97:5553/xenosa.exe id: auto-9b60d9a9a20f88721a9fc1780b2b7ffd27ff8da4d0b1a380a11312d9f5b040c1 status: experimental description: Detects traffic or activity related to http://62.60.226.97:5553/xenosa.exe which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*http://62.60.226.97:5553/xenosa.exe*' condition: selection level: high tags: - attack.t1204.002 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://data-base-00.mondolavoro.in.net/verification.google id: auto-d6f3479abe441bb72daa207b64716be1c1d57381088653940de354995d2f339c status: experimental description: Detects traffic or activity related to https://data-base-00.mondolavoro.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://data-base-00.mondolavoro.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://base-infra-77.mondolavoro.in.net/verification.google id: auto-c56bc599a2d9c7194acd805d07f3ecac35203554ffc6d3ed0e4fbe420b90aa2b status: experimental description: Detects traffic or activity related to https://base-infra-77.mondolavoro.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://base-infra-77.mondolavoro.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://global-net-x.mondolavoro.in.net/verification.google id: auto-011427f9c1c4be4ad6140f664ce9cc50877c6d2ce43777ea5dba218c353f3ce8 status: experimental description: Detects traffic or activity related to https://global-net-x.mondolavoro.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://global-net-x.mondolavoro.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://local-hub-v9.starkewelle.in.net/verification.google id: auto-e619e60f38fc44a98e2047d15c9e8207f39cb16fed009793f5de5b0445a0187f status: experimental description: Detects traffic or activity related to https://local-hub-v9.starkewelle.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://local-hub-v9.starkewelle.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://staff-portal-0.starkewelle.in.net/verification.google id: auto-3b553e8a3ecf5a949ec5caf38637807dda8daef60e174026e4f10c6228d3f6de status: experimental description: Detects traffic or activity related to https://staff-portal-0.starkewelle.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://staff-portal-0.starkewelle.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://work-flow-z1.starkewelle.in.net/verification.google id: auto-089dccf1a3596252e7fd197c886d94e321b7cb01294beda0eecc03210705d68b status: experimental description: Detects traffic or activity related to https://work-flow-z1.starkewelle.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://work-flow-z1.starkewelle.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://power-link-v8.starkewelle.in.net/verification.google id: auto-db0a55f5383fb7255cf059be5325293d5fd3c5014e6e9544ed245889a24dbc44 status: experimental description: Detects traffic or activity related to https://power-link-v8.starkewelle.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://power-link-v8.starkewelle.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://internal-sys.petitreseau.in.net/verification.google id: auto-8b62198f6a459e551341252b44b5824b4357faa74594cf4539b8c4876c4118b6 status: experimental description: Detects traffic or activity related to https://internal-sys.petitreseau.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://internal-sys.petitreseau.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://backend-node-x.petitreseau.in.net/verification.google id: auto-e1fbedea9041d6f5ca96904a594abed673e15dd2e8d8c6401158ab768e5efbb4 status: experimental description: Detects traffic or activity related to https://backend-node-x.petitreseau.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://backend-node-x.petitreseau.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://remote-access-7.petitreseau.in.net/verification.google id: auto-af7f830c0c6267a8e57ec79840dfd27dc449b8ed3cdbf95c1b089e6296fa177c status: experimental description: Detects traffic or activity related to https://remote-access-7.petitreseau.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://remote-access-7.petitreseau.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://web-proxy-v.vitasicura.in.net/verification.google id: auto-a15da57ecc168391ebc3f7bc4e0dc017d3c0114d19f9f18796be4b3356da9522 status: experimental description: Detects traffic or activity related to https://web-proxy-v.vitasicura.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://web-proxy-v.vitasicura.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://srv-cluster-33.vitasicura.in.net/verification.google id: auto-26e0f6e9b4fc0e0a0f95180d1088adadeff207ec552e81cc0bd8698504b34f74 status: experimental description: Detects traffic or activity related to https://srv-cluster-33.vitasicura.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://srv-cluster-33.vitasicura.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://local-host.life/download_raw/Rgple3DXXxCUvYUB/images.png id: auto-4650cd02aeefa966e8728bc79fe5abb5293c5f66b59c310a65f22bccdb35c1e8 status: experimental description: Detects traffic or activity related to https://local-host.life/download_raw/Rgple3DXXxCUvYUB/images.png which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://local-host.life/download_raw/Rgple3DXXxCUvYUB/images.png*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://local-host.life/download_raw/9U116InjUiX3h3LY/ser.txt id: auto-c8b99d60194fe00bd4906855934b230cdbb03d7690001c06bd8804914fbd3810 status: experimental description: Detects traffic or activity related to https://local-host.life/download_raw/9U116InjUiX3h3LY/ser.txt which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://local-host.life/download_raw/9U116InjUiX3h3LY/ser.txt*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://local-host.life/download_raw/Cw9aoa7PZwvcnVU5/mer.txt id: auto-7f8825f832e0ae369b5c7a46c18e47c55090f53c746a5ed4664f5512c1b89b78 status: experimental description: Detects traffic or activity related to https://local-host.life/download_raw/Cw9aoa7PZwvcnVU5/mer.txt which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://local-host.life/download_raw/Cw9aoa7PZwvcnVU5/mer.txt*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://local-host.life/download_raw/Ig4TEtDBfygg1gOZ/sabvs.txt id: auto-abeaf5207182a69ac0d4bbaa06fc794352f7d6916022bf4e9ea6ebf94f66f703 status: experimental description: Detects traffic or activity related to https://local-host.life/download_raw/Ig4TEtDBfygg1gOZ/sabvs.txt which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://local-host.life/download_raw/Ig4TEtDBfygg1gOZ/sabvs.txt*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cloud-drive-a1.vitasicura.in.net/verification.google id: auto-131fe1202f5876135af6ea3e7bb2334e404386e3053dfde06fd7fb4f6b843114 status: experimental description: Detects traffic or activity related to https://cloud-drive-a1.vitasicura.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cloud-drive-a1.vitasicura.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://metrics-core.grossesystem.in.net/verification.google id: auto-9088234e591f1cdc1436cd829e54d495455fd50b8acf57c1f0b929cb1b4b906b status: experimental description: Detects traffic or activity related to https://metrics-core.grossesystem.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://metrics-core.grossesystem.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dev-test-unit.grossesystem.in.net/verification.google id: auto-0e83cfa56acdb945a6417c8c3edcdfb7489d1f44994677920370b5b865312a0e status: experimental description: Detects traffic or activity related to https://dev-test-unit.grossesystem.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dev-test-unit.grossesystem.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://api-v2-master.grossesystem.in.net/verification.google id: auto-0c58ff8373aa50662e3797a389d09b01e209968a1b869dbdf59723521a0ab06e status: experimental description: Detects traffic or activity related to https://api-v2-master.grossesystem.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://api-v2-master.grossesystem.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cdn-static-4.grossesystem.in.net/verification.google id: auto-c5a4ae16d77c615ab5f0c4e687e4960c22526ca7a1131c55e86356d7f7d1f4f3 status: experimental description: Detects traffic or activity related to https://cdn-static-4.grossesystem.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cdn-static-4.grossesystem.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://vf16.stoppit.in.net/verification.google id: auto-9c71cfde68d659799d6f851c085cb4cc1dfecb9e7d03750255f50d86749b70b6 status: experimental description: Detects traffic or activity related to https://vf16.stoppit.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://vf16.stoppit.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://climole.stoppit.in.net/verification.google id: auto-df860ed3082e639122e4e6b1ee2bbe604378c28fa91b1e530274ca59bf59f866 status: experimental description: Detects traffic or activity related to https://climole.stoppit.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://climole.stoppit.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://rzlt.getron.in.net/verification.google id: auto-27d196aabcd179836d867ffc01235c2b8a14a96929636a9c9181fce3b49d6e1e status: experimental description: Detects traffic or activity related to https://rzlt.getron.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://rzlt.getron.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dshqj1.getron.in.net/verification.google id: auto-019d053263a1df77f66b45b049ee32b13bb40fe19354a8454cb90e1b1f624e94 status: experimental description: Detects traffic or activity related to https://dshqj1.getron.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dshqj1.getron.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://local-host.life/download_raw/gNhDrkROldD6EkRc/Xeno.png id: auto-1a144ddb04f9f8511a9bbbd42c35f0321cb27b281a9bda02d1673bfadfbc6165 status: experimental description: Detects traffic or activity related to https://local-host.life/download_raw/gNhDrkROldD6EkRc/Xeno.png which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://local-host.life/download_raw/gNhDrkROldD6EkRc/Xeno.png*' condition: selection level: high tags: - attack.t1204.002 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://sap0-node.zecoko.in.net/verification.google id: auto-470c19c6e3db41778ee47929bd0c36fa23c6cfba29ff624ca178b1b7210b4a66 status: experimental description: Detects traffic or activity related to https://sap0-node.zecoko.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://sap0-node.zecoko.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cube.zecoko.in.net/verification.google id: auto-15183ced723f937c2ac9385f300e44fce9817f358c728b19c6f7cea818939274 status: experimental description: Detects traffic or activity related to https://cube.zecoko.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cube.zecoko.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://yxngqe.cutlog.in.net/verification.google id: auto-b0e3ec860033503763079a95ca33b65d31bd86df28deefa2462c50ffc8d2ee58 status: experimental description: Detects traffic or activity related to https://yxngqe.cutlog.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://yxngqe.cutlog.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://courie-sprou.cutlog.in.net/verification.google id: auto-31abdba282e9ea74dc7434b5c7993d984e63ad3b59415ae74ff9862c409eaeaa status: experimental description: Detects traffic or activity related to https://courie-sprou.cutlog.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://courie-sprou.cutlog.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://bufferforge.onfloor.in.net/verification.google id: auto-b222fe0e1f57a7980ab03beca164fd1bf5d80f813eff0bca8fb641f284d818b2 status: experimental description: Detects traffic or activity related to https://bufferforge.onfloor.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://bufferforge.onfloor.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://mirogv.onfloor.in.net/verification.google id: auto-5cd1d1018fed869f760a558226b4a0db94756ba76a885fc73886dff0904bd3af status: experimental description: Detects traffic or activity related to https://mirogv.onfloor.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://mirogv.onfloor.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://alpha2-point.uptrend.in.net/verification.google id: auto-734fbe17827c8434e605fce3f07cfe47c2504832a2d431e2c2d1b97151d4a840 status: experimental description: Detects traffic or activity related to https://alpha2-point.uptrend.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://alpha2-point.uptrend.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://wuurrgc.uptrend.in.net/verification.google id: auto-77a601c686059b91e7af85efae107dcf7f0a78613e146ec7d687f05f0d854879 status: experimental description: Detects traffic or activity related to https://wuurrgc.uptrend.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://wuurrgc.uptrend.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - http://158.94.208.7/files/7362035837/rBOBWhe.exe id: auto-0096f54b98bcfc644975b1b79cceb5937bfd38a61e22e2e10b632fbb49bfb073 status: experimental description: Detects traffic or activity related to http://158.94.208.7/files/7362035837/rBOBWhe.exe which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*http://158.94.208.7/files/7362035837/rBOBWhe.exe*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://posteroutlet.getontra.in.net/verification.google id: auto-7b1aed01c93e73d70890764531d71ad442271aab459e45a3b16a3f553d8d462b status: experimental description: Detects traffic or activity related to https://posteroutlet.getontra.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://posteroutlet.getontra.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://genom-inde.getontra.in.net/verification.google id: auto-5661f9b6121671be47294bdba98a72e455a2ced806e86088c40fc6848793d972 status: experimental description: Detects traffic or activity related to https://genom-inde.getontra.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://genom-inde.getontra.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cvk6.freespe.in.net/verification.google id: auto-7c0f4c0d5a0d52aaec66ea935059f471fcf9f1c6954477b46e6414c89587b716 status: experimental description: Detects traffic or activity related to https://cvk6.freespe.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cvk6.freespe.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - http://158.94.208.7/files/8616879702/6KlKqZ9.exe id: auto-48173a5c40efa0a4278d9c3e6eae4b5e87942e39c3858f18cf015fecd7af7d76 status: experimental description: Detects traffic or activity related to http://158.94.208.7/files/8616879702/6KlKqZ9.exe which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*http://158.94.208.7/files/8616879702/6KlKqZ9.exe*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://birdcast.freespe.in.net/verification.google id: auto-0cabca9fee0b695e9ee2ea6d8ebb4c0f3987f6c93b83553c203370f7a1cc694a status: experimental description: Detects traffic or activity related to https://birdcast.freespe.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://birdcast.freespe.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://uanwzyl.lowflo.in.net/verification.google id: auto-e9da9a132249cd640650d87bbd379901da4d59c36660e7f45e7b6c6e526b0fea status: experimental description: Detects traffic or activity related to https://uanwzyl.lowflo.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://uanwzyl.lowflo.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://rekr.lowflo.in.net/verification.google id: auto-aa5d2bf30587d022a03aea056e47ccec40e732d9b4d97befe6a3d865cda09787 status: experimental description: Detects traffic or activity related to https://rekr.lowflo.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://rekr.lowflo.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://softgui.stoppit.in.net/verification.google id: auto-1da856f227bf5072557fef452d7392672a68983b8108997127f8822de7845d6d status: experimental description: Detects traffic or activity related to https://softgui.stoppit.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://softgui.stoppit.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://m0fb.stoppit.in.net/verification.google id: auto-2220772603979c55e62f5106c8b2978c20043c9647f6c1bb2275a1f275706e0e status: experimental description: Detects traffic or activity related to https://m0fb.stoppit.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://m0fb.stoppit.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://wmajq.getron.in.net/verification.google id: auto-89eaf7a447ca51fee1118fbb82a2452c644b75695a04d01a30f0553f042aa384 status: experimental description: Detects traffic or activity related to https://wmajq.getron.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://wmajq.getron.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://xbusrwue.zecoko.in.net/verification.google id: auto-135c6869b24736fecf84124c919c18c68df12882d5eb04ac216e0415134c0c77 status: experimental description: Detects traffic or activity related to https://xbusrwue.zecoko.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://xbusrwue.zecoko.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - http://mz13se.alfabon.in.net/verification.google id: auto-7162600c53d938e91b706128a78938a214faf8915969527a6fef5367d429e552 status: experimental description: Detects traffic or activity related to http://mz13se.alfabon.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*http://mz13se.alfabon.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ooenm.zecoko.in.net/verification.google id: auto-8b4a90d3e5d316362f19c31649bfbf433072579382d244fa104098101ccd9929 status: experimental description: Detects traffic or activity related to https://ooenm.zecoko.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ooenm.zecoko.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://mz13se.alfabon.in.net/verification.google id: auto-ceb70914931ef95b9d7f7c7009c4e461f1f3c7a98cf17b1f23b04beb111bdbd9 status: experimental description: Detects traffic or activity related to https://mz13se.alfabon.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://mz13se.alfabon.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://mistshe.getron.in.net/verification.google id: auto-80a2ab1026b43b1fd2ab381ea62554e8ebd4a547f5693908db8cd898d752bddf status: experimental description: Detects traffic or activity related to https://mistshe.getron.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://mistshe.getron.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svvit-vector.zecoko.in.net/verification.google id: auto-25228c1c404a0f48d2398e4b840bff3cf13714fc282dec6d105fd50855cf55df status: experimental description: Detects traffic or activity related to https://svvit-vector.zecoko.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svvit-vector.zecoko.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://yxmptwzw.cutlog.in.net/verification.google id: auto-b75f19240e0bbeb0df421088007e36bc4a39d09a792f4ad840f4a0bd37de6407 status: experimental description: Detects traffic or activity related to https://yxmptwzw.cutlog.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://yxmptwzw.cutlog.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://mon1to-frame.cutlog.in.net/verification.google id: auto-4f0456ae47b7493007f379c6915cd23e91571d2ecf5c92909373952cc4e998fd status: experimental description: Detects traffic or activity related to https://mon1to-frame.cutlog.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://mon1to-frame.cutlog.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://lummeshar4.cutlog.in.net/verification.google id: auto-9b5d24a5614fc2b256cc79b319e65414f04ac96b83ba9721feeabad07e593e03 status: experimental description: Detects traffic or activity related to https://lummeshar4.cutlog.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://lummeshar4.cutlog.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://qpzv.onfloor.in.net/verification.google id: auto-bcad8f49ae68fd2b2681cca8a0301ac3b9d04c6328ebcbc39d3ab79f47b656ea status: experimental description: Detects traffic or activity related to https://qpzv.onfloor.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://qpzv.onfloor.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://rav3-plate.onfloor.in.net/verification.google id: auto-0d0fb65cad6748aebd0b292198921348b5b2b7d14fc728c6ae3ab8e33cdc87f4 status: experimental description: Detects traffic or activity related to https://rav3-plate.onfloor.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://rav3-plate.onfloor.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://kk8z.onfloor.in.net/verification.google id: auto-a76952e6343286c0f16d00a78ca56c4d104b8e03f282a27de2fd0194d371eb94 status: experimental description: Detects traffic or activity related to https://kk8z.onfloor.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://kk8z.onfloor.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://neo-go1d.uptrend.in.net/verification.google id: auto-280aed6643d9584496c3034d5ce36a9761c42b56e70c61934924859412e29922 status: experimental description: Detects traffic or activity related to https://neo-go1d.uptrend.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://neo-go1d.uptrend.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ultra-rnot1f.uptrend.in.net/verification.google id: auto-e0a92781da0056f185424287476324fffaa7b03365f1affcb57379163be0438b status: experimental description: Detects traffic or activity related to https://ultra-rnot1f.uptrend.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ultra-rnot1f.uptrend.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://9ucjff.uptrend.in.net/verification.google id: auto-97847608385efa9d86323173801c3253de92152a8b7540d84331ccb3edd13dea status: experimental description: Detects traffic or activity related to https://9ucjff.uptrend.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://9ucjff.uptrend.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://bpuk6mpm.uptrend.in.net/verification.google id: auto-0c6069f9adcbc6a6b887893a60274966c5c919d923677e7735eefae015722f47 status: experimental description: Detects traffic or activity related to https://bpuk6mpm.uptrend.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://bpuk6mpm.uptrend.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://tnocf.uptrend.in.net/verification.google id: auto-b87aedc50e101b6eb44afdc8d67fb40484d2f564e6fa2b3840c17bd716eeca4e status: experimental description: Detects traffic or activity related to https://tnocf.uptrend.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://tnocf.uptrend.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://defendtimber.uptrend.in.net/verification.google id: auto-719d96fd662a6e63e321971954063ce0e12c24313fa210d449622cd556a33f99 status: experimental description: Detects traffic or activity related to https://defendtimber.uptrend.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://defendtimber.uptrend.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://covmarsh.onfloor.in.net/verification.google id: auto-ea6a98741896ab01e2e475ea08f123172cf728f06e1b814984e5009891160e94 status: experimental description: Detects traffic or activity related to https://covmarsh.onfloor.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://covmarsh.onfloor.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://pj74vo.onfloor.in.net/verification.google id: auto-6da95fa9215f7b239365893d3fbf696c4b333c343a90bc4e931934a36468e60c status: experimental description: Detects traffic or activity related to https://pj74vo.onfloor.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://pj74vo.onfloor.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://hkwyagfe.onfloor.in.net/verification.google id: auto-cc93843fdbec387cf31577084479d8b0d8d716fc90e43ce214c5bb5ae90bb477 status: experimental description: Detects traffic or activity related to https://hkwyagfe.onfloor.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://hkwyagfe.onfloor.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://riveyby.onfloor.in.net/verification.google id: auto-a7a4ca772f755f1eef4c4df8f389d0fa1b6369f562313882d6208e4d2c2ec64d status: experimental description: Detects traffic or activity related to https://riveyby.onfloor.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://riveyby.onfloor.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cipmem.cutlog.in.net/verification.google id: auto-b1ed2c52c9d974cb1441687040b40aa7883e12daa7ef12d52d97991f1505a43c status: experimental description: Detects traffic or activity related to https://cipmem.cutlog.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cipmem.cutlog.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://clearadap.cutlog.in.net/verification.google id: auto-57f0d98a172a529d624a54f2cf9bc155dc5677715658155e3cc2a88a6037db8c status: experimental description: Detects traffic or activity related to https://clearadap.cutlog.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://clearadap.cutlog.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://workeractive.cutlog.in.net/verification.google id: auto-a12bb51390137978ed4f5cb46bf834ea26cbd0e56d8d76b0c17ba88f870321ff status: experimental description: Detects traffic or activity related to https://workeractive.cutlog.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://workeractive.cutlog.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://4nch-route.cutlog.in.net/verification.google id: auto-30f9b3d94ab2d2df9759186389c7f5748f09f0cee39b877ea0459a6e9ffae04c status: experimental description: Detects traffic or activity related to https://4nch-route.cutlog.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://4nch-route.cutlog.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://sat-uplink-x.mondofresco.in.net/verification.google id: auto-044998eaeee3fede0187b20834c2db5adfd992b1c552a40dd174e87a7d2f6519 status: experimental description: Detects traffic or activity related to https://sat-uplink-x.mondofresco.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://sat-uplink-x.mondofresco.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://gate-proxy-1.silberstern.in.net/verification.google id: auto-34d91463e81feecb758504680fd5d63c4c749dfd0713e2f82d413f9749d361e6 status: experimental description: Detects traffic or activity related to https://gate-proxy-1.silberstern.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://gate-proxy-1.silberstern.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://data-sync-v2.silberstern.in.net/verification.google id: auto-fdb0824f5bc8ce7f417e165ca7d2d8c0398d7895b65f9852f1a887bf0f47d21c status: experimental description: Detects traffic or activity related to https://data-sync-v2.silberstern.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://data-sync-v2.silberstern.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://main-point-5.silberstern.in.net/verification.google id: auto-52abaf821bd0a9b1ab5cd91cca7866b95e714eb386207a41cba4e51cb3a611f7 status: experimental description: Detects traffic or activity related to https://main-point-5.silberstern.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://main-point-5.silberstern.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://casual9-forge.stoppit.in.net/verification.google id: auto-8fbc44969b0b298b580ac9b65953ad40f058e662d9d4c8243f7911ac066a419f status: experimental description: Detects traffic or activity related to https://casual9-forge.stoppit.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://casual9-forge.stoppit.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://sol-tideen.stoppit.in.net/verification.google id: auto-96efd202d3ce6b2b5b1d6c83ac38a6c1bb9c4e131f34a8a3eba020578784b213 status: experimental description: Detects traffic or activity related to https://sol-tideen.stoppit.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://sol-tideen.stoppit.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://rnanif-gate.stoppit.in.net/verification.google id: auto-49019db56a2f47472a89b5cabd159547a95ece5bbfbece9230efb9d61d4bc453 status: experimental description: Detects traffic or activity related to https://rnanif-gate.stoppit.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://rnanif-gate.stoppit.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://txeqa.stoppit.in.net/verification.google id: auto-215e202813a5002948258ee0e4f1b7be04a27a6c04d2f802ab7a3f758c5f04ba status: experimental description: Detects traffic or activity related to https://txeqa.stoppit.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://txeqa.stoppit.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://al1g3-route.getron.in.net/verification.google id: auto-e61a450eb5d1bce724de6db34dbd6d299de9de11c472565b06c4a865651a03de status: experimental description: Detects traffic or activity related to https://al1g3-route.getron.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://al1g3-route.getron.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://corepayload.getron.in.net/verification.google id: auto-56409f05299bc28ca405cb27f42d639f01caa2de4742837fee5036648332c272 status: experimental description: Detects traffic or activity related to https://corepayload.getron.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://corepayload.getron.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://neo-lo4d.getron.in.net/verification.google id: auto-dce66260483a97716ad7bec1a03ffa9acc315759ac3b139b0aad68b5ce4cb3e3 status: experimental description: Detects traffic or activity related to https://neo-lo4d.getron.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://neo-lo4d.getron.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://crystalion.getron.in.net/verification.google id: auto-d626bb9986f249e59f76c743193463301026fbb0e9ff8951887e957d90fb4624 status: experimental description: Detects traffic or activity related to https://crystalion.getron.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://crystalion.getron.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dyncresten.alfabon.in.net/verification.google id: auto-a8e051c9c56b27f149642a36ffa03aaeb0f221e1b12e16ce30faab7087bbca2b status: experimental description: Detects traffic or activity related to https://dyncresten.alfabon.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dyncresten.alfabon.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://matrixfjor.alfabon.in.net/verification.google id: auto-b42076a078908c4df13d042d4c97267d140979d5c719a34d9af0be44b7825c38 status: experimental description: Detects traffic or activity related to https://matrixfjor.alfabon.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://matrixfjor.alfabon.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://urbashallo.alfabon.in.net/verification.google id: auto-02b98e74690038e2ac71577b9224b5696b341c8343b07af3d8266cfce26a2817 status: experimental description: Detects traffic or activity related to https://urbashallo.alfabon.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://urbashallo.alfabon.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://1qo3nia.alfabon.in.net/verification.google id: auto-e80893834cef29e086909fea309e667f2391d2e026bdaf8845ed883fc056976b status: experimental description: Detects traffic or activity related to https://1qo3nia.alfabon.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://1qo3nia.alfabon.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://6zlibyx.zecoko.in.net/verification.google id: auto-4524274c063469ecb4c3abfc02f8f210e720a759f0ae7993374964d253504aa4 status: experimental description: Detects traffic or activity related to https://6zlibyx.zecoko.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://6zlibyx.zecoko.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://modernstrea.zecoko.in.net/verification.google id: auto-ae12d4ab0c6d9319e37d1489b492f3d581d7914eedef16ec2b0e342ad8cd9c1e status: experimental description: Detects traffic or activity related to https://modernstrea.zecoko.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://modernstrea.zecoko.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://s77nqr.zecoko.in.net/verification.google id: auto-f834b4135e96d6128ca4beb9f99dfa5ef9f0cd41c10347ef21ed3c9747d35d0a status: experimental description: Detects traffic or activity related to https://s77nqr.zecoko.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://s77nqr.zecoko.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://decodecoo.zecoko.in.net/verification.google id: auto-db8fb34dbfc2430d2e31d548a1f111f98ac60f0a6f7db2b9c363a36075f8c9ee status: experimental description: Detects traffic or activity related to https://decodecoo.zecoko.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://decodecoo.zecoko.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://merfluxon8.farman.in.net/verification.google id: auto-56baa1815205caff03df90af9682850923c0a313446a0e60e6178d90b3613ab1 status: experimental description: Detects traffic or activity related to https://merfluxon8.farman.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://merfluxon8.farman.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ufv174r8.farman.in.net/verification.google id: auto-590e4fd0b73547f2ac1faa30ed5633282917157ba78f4b89009a412b46eb9dc5 status: experimental description: Detects traffic or activity related to https://ufv174r8.farman.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ufv174r8.farman.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://sub-5p3cime.farman.in.net/verification.google id: auto-98de9f5b30104def3d1b15b7f25677782676074f3a336e257c8d48fd46e357b1 status: experimental description: Detects traffic or activity related to https://sub-5p3cime.farman.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://sub-5p3cime.farman.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://quor-valeis.farman.in.net/verification.google id: auto-ab8586f904969845396b309ba618a88b6805818d77ea854e740139560c4ce2fd status: experimental description: Detects traffic or activity related to https://quor-valeis.farman.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://quor-valeis.farman.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://point-entry-b.petitjardin.in.net/verification.google id: auto-f42785b2d931782b295e0cd8cbbb0e582e345b05b5587d6b94685ed11e95545b status: experimental description: Detects traffic or activity related to https://point-entry-b.petitjardin.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://point-entry-b.petitjardin.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://data-base-101.petitjardin.in.net/verification.google id: auto-5bc790bdecc6860bc3648c80384cb19e06d19d0e1b6754d3691b6fc7921b0c26 status: experimental description: Detects traffic or activity related to https://data-base-101.petitjardin.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://data-base-101.petitjardin.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://base-infra-v3.petitjardin.in.net/verification.google id: auto-ee38e8b7b2ff6d6d341d4afeda1e57de53bab67011a9a5db6d82e0f41b67026f status: experimental description: Detects traffic or activity related to https://base-infra-v3.petitjardin.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://base-infra-v3.petitjardin.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://local-hub-01.ondeviva.in.net/verification.google id: auto-f5ebed98f6b4b93a9a3854c6dfa6d1a48468baa843dd2a68487b49a3b8979bcf status: experimental description: Detects traffic or activity related to https://local-hub-01.ondeviva.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://local-hub-01.ondeviva.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://staff-portal-x.ondeviva.in.net/verification.google id: auto-803580c725d24bba48f9e6fb743429686f0e2090dcbdb8114f5d05933199fc99 status: experimental description: Detects traffic or activity related to https://staff-portal-x.ondeviva.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://staff-portal-x.ondeviva.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://work-flow-99.ondeviva.in.net/verification.google id: auto-3fb76f34d711c01c6b0a33cc9901ce88ad553a9a15caa2243b3ba634b1dac048 status: experimental description: Detects traffic or activity related to https://work-flow-99.ondeviva.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://work-flow-99.ondeviva.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://office-link-z.ondeviva.in.net/verification.google id: auto-61e81b06bcad22830bf7b9d3b5c0e020aad29993d6628795224df58fd46240db status: experimental description: Detects traffic or activity related to https://office-link-z.ondeviva.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://office-link-z.ondeviva.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://internal-dns-v.schnellkraft.in.net/verification.google id: auto-b20dc49b07e62820ce75364914ced88546dfbeee38aa2715b433e273db8e372b status: experimental description: Detects traffic or activity related to https://internal-dns-v.schnellkraft.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://internal-dns-v.schnellkraft.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cache-dist-77.schnellkraft.in.net/verification.google id: auto-e94181188019b80d89d02f471a59dff3e454e1d2c65196b09dbf192aae836037 status: experimental description: Detects traffic or activity related to https://cache-dist-77.schnellkraft.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cache-dist-77.schnellkraft.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://backend-core-v.schnellkraft.in.net/verification.google id: auto-065ae03f3421f374299acfbba0cd1b946014c90fe681a2ac0212585d93d1b956 status: experimental description: Detects traffic or activity related to https://backend-core-v.schnellkraft.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://backend-core-v.schnellkraft.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://remote-access-0.schnellkraft.in.net/verification.google id: auto-9937ea8ddda323e4da040011b718beeb1340d87841cbf33acdd9c154ee612f18 status: experimental description: Detects traffic or activity related to https://remote-access-0.schnellkraft.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://remote-access-0.schnellkraft.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://app-data-sync.bleusoleil.in.net/verification.google id: auto-24ca57c886b800233bc2f63644f8921b4b8b09e4d88f6349fdfdce68e3fffd0f status: experimental description: Detects traffic or activity related to https://app-data-sync.bleusoleil.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://app-data-sync.bleusoleil.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://web-proxy-12.bleusoleil.in.net/verification.google id: auto-bfb8d3ca878aec016559dee602554acf1a8ac1ce67978a5790b77ba4b86847b9 status: experimental description: Detects traffic or activity related to https://web-proxy-12.bleusoleil.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://web-proxy-12.bleusoleil.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://srv-cluster-9.bleusoleil.in.net/verification.google id: auto-6bcc5af862f53cd8ce8b291b94ba21865d0e89d3a23953f2d501b0e0256f5a26 status: experimental description: Detects traffic or activity related to https://srv-cluster-9.bleusoleil.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://srv-cluster-9.bleusoleil.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cloud-drive-x.bleusoleil.in.net/verification.google id: auto-9ce5c721f17022cc0c33213da2fd7331df979e98a5a30eb46ecd8703503d343a status: experimental description: Detects traffic or activity related to https://cloud-drive-x.bleusoleil.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cloud-drive-x.bleusoleil.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://metrics-node.altamontagna.in.net/verification.google id: auto-b5176da950efb003939dd503dfb3a9646f796848236af1dd7a3fc2cbbfe13a82 status: experimental description: Detects traffic or activity related to https://metrics-node.altamontagna.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://metrics-node.altamontagna.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dev-test-hub.altamontagna.in.net/verification.google id: auto-464c174f07183abd3f7c414899d3c380b6310a7a57e6504cfeab03e3676b2096 status: experimental description: Detects traffic or activity related to https://dev-test-hub.altamontagna.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dev-test-hub.altamontagna.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://api-v1-storage.altamontagna.in.net/verification.google id: auto-be63042e3702d60f7d7eb23d4ec3d9dad1c5068d80b6e7440cc6fd3fd27a9ade status: experimental description: Detects traffic or activity related to https://api-v1-storage.altamontagna.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://api-v1-storage.altamontagna.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cdn-static-3.altamontagna.in.net/verification.google id: auto-19323875f258a0eefa07f8a4d66518f4a99d3910f7364d96940a90206998f002 status: experimental description: Detects traffic or activity related to https://cdn-static-3.altamontagna.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cdn-static-3.altamontagna.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://main-point-z.grandemuro.in.net/verification.google id: auto-d4f23b9eeb5a1f607c4fce9501756bb7df5604b876f429c4611dbc5435ed01ea status: experimental description: Detects traffic or activity related to https://main-point-z.grandemuro.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://main-point-z.grandemuro.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://data-sync-00.grandemuro.in.net/verification.google id: auto-c47fee2c221945befd29933e46208e0f0a686b417836331f08b59eec7515003c status: experimental description: Detects traffic or activity related to https://data-sync-00.grandemuro.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://data-sync-00.grandemuro.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://gate-proxy-7.grandemuro.in.net/verification.google id: auto-a326872bcd773ad6cb1df8bb2ee1bb9d42117a4523272dd96633fb971b77cc19 status: experimental description: Detects traffic or activity related to https://gate-proxy-7.grandemuro.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://gate-proxy-7.grandemuro.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://infra-web-v4.grandemuro.in.net/verification.google id: auto-5fe7de5d89288e5235e52cc840e871a4d59f92a18f8c3867b586049aaca16578 status: experimental description: Detects traffic or activity related to https://infra-web-v4.grandemuro.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://infra-web-v4.grandemuro.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://sat-uplink-2.silenziovia.in.net/verification.google id: auto-7433b8fcc0d641a0a0f2226937dfb0b94850fd6156f8fc0fe9c0076d0f28c789 status: experimental description: Detects traffic or activity related to https://sat-uplink-2.silenziovia.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://sat-uplink-2.silenziovia.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://rock-core-99.silenziovia.in.net/verification.google id: auto-34f09fb2e9bdd9955dcd51f1d843de3c0ec58701c5ebd0aa31765757c79ef9d3 status: experimental description: Detects traffic or activity related to https://rock-core-99.silenziovia.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://rock-core-99.silenziovia.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://steel-base-1.silenziovia.in.net/verification.google id: auto-c9e18236990b837b8e09917ae6dedfbe84f8f265405b611c770099c0b23de453 status: experimental description: Detects traffic or activity related to https://steel-base-1.silenziovia.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://steel-base-1.silenziovia.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://moon-orbit-v.silenziovia.in.net/verification.google id: auto-1a5786aead4b3d8387cc2424936afc5c80adad5c4119b1e84c83fdabc134b439 status: experimental description: Detects traffic or activity related to https://moon-orbit-v.silenziovia.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://moon-orbit-v.silenziovia.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://open-space-8.astracorp.in.net/verification.google id: auto-56af87d50b979d7d40b665fc8adb2ebdd307d53db36d93e1a1bbb53a5e1a6b00 status: experimental description: Detects traffic or activity related to https://open-space-8.astracorp.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://open-space-8.astracorp.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://vast-field-x.astracorp.in.net/verification.google id: auto-7783f2cf6a1274f9fc893dc83931b72fee16cee46b88778ba975cdabee8240c1 status: experimental description: Detects traffic or activity related to https://vast-field-x.astracorp.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://vast-field-x.astracorp.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://area-zone-33.astracorp.in.net/verification.google id: auto-2a9b224757d5bdad06dae0b5eca4bbd9628b9fed4683856453c63153f3f5d02d status: experimental description: Detects traffic or activity related to https://area-zone-33.astracorp.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://area-zone-33.astracorp.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://outer-rim-v2.astracorp.in.net/verification.google id: auto-473c4b6021d1ec3a4751559d1ec6084dd5355e9125e7702b41cc1f233a8f0d7d status: experimental description: Detects traffic or activity related to https://outer-rim-v2.astracorp.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://outer-rim-v2.astracorp.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://vision-sync-9.petitfoyer.in.net/verification.google id: auto-33edd8e9a2ea989463885eb185d9197fcf53336584e1a473879e363efc91e071 status: experimental description: Detects traffic or activity related to https://vision-sync-9.petitfoyer.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://vision-sync-9.petitfoyer.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://scan-point-05.petitfoyer.in.net/verification.google id: auto-f3cdb5376bd0462732ef581f025e6bc678e633a40ea565504d72ac01642dd34d status: experimental description: Detects traffic or activity related to https://scan-point-05.petitfoyer.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://scan-point-05.petitfoyer.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://light-bridge-7.petitfoyer.in.net/verification.google id: auto-ec8dac8d12c30748cfc1a67bdc7a1b75cb9297aad1ba92e6ce6d4ee178a5619a status: experimental description: Detects traffic or activity related to https://light-bridge-7.petitfoyer.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://light-bridge-7.petitfoyer.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dark-room-v3.petitfoyer.in.net/verification.google id: auto-76ff0ac5e1c32a4716c4c4af4a82c223bd18b95e7f395a9c118e348d529727d4 status: experimental description: Detects traffic or activity related to https://dark-room-v3.petitfoyer.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dark-room-v3.petitfoyer.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ghost-node-z.kaltesystem.in.net/verification.google id: auto-d37e533328bfb7174cd8cb37482f201b83e296b6617409cdf25da9dc135d16dd status: experimental description: Detects traffic or activity related to https://ghost-node-z.kaltesystem.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ghost-node-z.kaltesystem.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://user-auth-v8.kaltesystem.in.net/verification.google id: auto-ad27cea88a52d087cec41d87cfe481694140d61379f77f37fc205ebe821dfea2 status: experimental description: Detects traffic or activity related to https://user-auth-v8.kaltesystem.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://user-auth-v8.kaltesystem.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://core-shell-11.kaltesystem.in.net/verification.google id: auto-cfc3a84cde6702e2bc027dbd2527272f5a07627119fbe6e88dfe7ff3f313bc2d status: experimental description: Detects traffic or activity related to https://core-shell-11.kaltesystem.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://core-shell-11.kaltesystem.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://alpha-trace-x.kaltesystem.in.net/verification.google id: auto-3b9d284a8f2fe0f348d5166157f368e97690fc482cbf8d6be6e93b5c225243d2 status: experimental description: Detects traffic or activity related to https://alpha-trace-x.kaltesystem.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://alpha-trace-x.kaltesystem.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://point-entry-1.mondoluce.in.net/verification.google id: auto-f6289c09558a4350a973a991eff8483c2701d3fdbe9faf60b84bed2e1d2113ad status: experimental description: Detects traffic or activity related to https://point-entry-1.mondoluce.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://point-entry-1.mondoluce.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://data-base-v4.mondoluce.in.net/verification.google id: auto-3f2581c3db2ff2efc8e5ec8ee3773601607c245a01a2740f3873ffe95d1fcba9 status: experimental description: Detects traffic or activity related to https://data-base-v4.mondoluce.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://data-base-v4.mondoluce.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://base-infra-5.mondoluce.in.net/verification.google id: auto-0cd66068c1f85a686ab0b36787f1e4c9b8ba6e7918ce82f9568354030878c98a status: experimental description: Detects traffic or activity related to https://base-infra-5.mondoluce.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://base-infra-5.mondoluce.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://global-net-2.mondoluce.in.net/verification.google id: auto-ef4c4edc3139d126a84c1a2387a2f0ba8b4d655840f621d8f2c3a807f34379d2 status: experimental description: Detects traffic or activity related to https://global-net-2.mondoluce.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://global-net-2.mondoluce.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://local-hub-sec.espacerapide.in.net/verification.google id: auto-ea4fc347f3d7d00a287e3c7761c4b8e5525d023fed303868da53ea73753f70df status: experimental description: Detects traffic or activity related to https://local-hub-sec.espacerapide.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://local-hub-sec.espacerapide.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://work-flow-v3.espacerapide.in.net/verification.google id: auto-742702e15aa1115a699d7e6c968577a7356f9f6740ce92c5d9ed7bd08046c9bf status: experimental description: Detects traffic or activity related to https://work-flow-v3.espacerapide.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://work-flow-v3.espacerapide.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://office-link-1.espacerapide.in.net/verification.google id: auto-d3aae8751b67087f030cf2e87a1f4224f565d3dd7c1238bf5a994e94119e9b89 status: experimental description: Detects traffic or activity related to https://office-link-1.espacerapide.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://office-link-1.espacerapide.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://internal-dns-2.vitagrazia.in.net/verification.google id: auto-ed5a799d3ea2b1ebcef031ce37dc6dea285839a54e2daff7050dc7bed9b63327 status: experimental description: Detects traffic or activity related to https://internal-dns-2.vitagrazia.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://internal-dns-2.vitagrazia.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cache-dist-5.vitagrazia.in.net/verification.google id: auto-4217a7eee64af261703bad560d598bedfc0f33ad8043aa1f36018b8c9a3518b3 status: experimental description: Detects traffic or activity related to https://cache-dist-5.vitagrazia.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cache-dist-5.vitagrazia.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://backend-core-x.vitagrazia.in.net/verification.google id: auto-ba43a57c512bf93727dff7cf63d7a2f9bf75536fb672ecca6f7ce923c522b95a status: experimental description: Detects traffic or activity related to https://backend-core-x.vitagrazia.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://backend-core-x.vitagrazia.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://remote-access-v1.vitagrazia.in.net/verification.google id: auto-6321b3db8160b5beb9266d6bf2e7f31e1d6bc8cb71c9c2d5dfa008a11c8bc6db status: experimental description: Detects traffic or activity related to https://remote-access-v1.vitagrazia.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://remote-access-v1.vitagrazia.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://app-data-log.fortezzablu.in.net/verification.google id: auto-8a65fa80e9b73fe82128645959182ddb84e844a72b003d56e1450b0031bb78c6 status: experimental description: Detects traffic or activity related to https://app-data-log.fortezzablu.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://app-data-log.fortezzablu.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://web-proxy-88.fortezzablu.in.net/verification.google id: auto-61d598442843a49cca5f36c99e5c83eff7959a5af7833b8372efe67878443331 status: experimental description: Detects traffic or activity related to https://web-proxy-88.fortezzablu.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://web-proxy-88.fortezzablu.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://srv-cluster-7.fortezzablu.in.net/verification.google id: auto-43110cd228abd7d2d3a1ace0e6abc7c24bad765a62b8c4841c79b73955169cd7 status: experimental description: Detects traffic or activity related to https://srv-cluster-7.fortezzablu.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://srv-cluster-7.fortezzablu.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cloud-storage-b.fortezzablu.in.net/verification.google id: auto-576ff3cacab96515559909530510d54ec315bbacd9c33e388c1700074634f26a status: experimental description: Detects traffic or activity related to https://cloud-storage-b.fortezzablu.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cloud-storage-b.fortezzablu.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dev-test-node.sturmwelle.in.net/verification.google id: auto-4eeffa2e08e3772fdb7a143caad0722b058498a20fb62c046646362aeefa2bf8 status: experimental description: Detects traffic or activity related to https://dev-test-node.sturmwelle.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dev-test-node.sturmwelle.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cdn-static-2.sturmwelle.in.net/verification.google id: auto-48ff214d8118ca73052acc468b8ae43441785b208f7eb9888b3c9a4de4814e10 status: experimental description: Detects traffic or activity related to https://cdn-static-2.sturmwelle.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cdn-static-2.sturmwelle.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://zendraix.stayflat.in.net/verification.google id: auto-9646ca7639f5cd65097f36ecc8eeec4484c0eddd4b5eec3e67b81ff312c34107 status: experimental description: Detects traffic or activity related to https://zendraix.stayflat.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://zendraix.stayflat.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://exposedemand.stayflat.in.net/verification.google id: auto-99d13650a5d43343e9b83ef020d6a095769dc3ac86390101a1c1febab9e86f78 status: experimental description: Detects traffic or activity related to https://exposedemand.stayflat.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://exposedemand.stayflat.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://organizecourier.stayflat.in.net/verification.google id: auto-6a2c547ccede01a142a1c8a29bc2e532f71bf185bb490e9e205a50f1d1302e92 status: experimental description: Detects traffic or activity related to https://organizecourier.stayflat.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://organizecourier.stayflat.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://marshlagoon.stayflat.in.net/verification.google id: auto-7e7e26bce38164df47f849217ea30ec61f1160f861b9d79b0d0921a4cac5afcc status: experimental description: Detects traffic or activity related to https://marshlagoon.stayflat.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://marshlagoon.stayflat.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://otyhyn.gorun.in.net/verification.google id: auto-efa3bb70cb2352844e5c73febe7f5130786551feb75f06335d2f5f8d4385a162 status: experimental description: Detects traffic or activity related to https://otyhyn.gorun.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://otyhyn.gorun.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://delivelagoo.gorun.in.net/verification.google id: auto-819561d8337e85fd77bfeb8c4968f41a09e56c7ce7caea78e3c1f065e7855433 status: experimental description: Detects traffic or activity related to https://delivelagoo.gorun.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://delivelagoo.gorun.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://opticparcel.gorun.in.net/verification.google id: auto-92586f678a0ee6a4b2846def0f9f0a3633dd17cb471fc2349e57e6c77edd436b status: experimental description: Detects traffic or activity related to https://opticparcel.gorun.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://opticparcel.gorun.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://k97iydxz.gorun.in.net/verification.google id: auto-daf4f62ad994292f3fdfb27200cae298cf01904afe6b3e8e70cd2abefc745e0e status: experimental description: Detects traffic or activity related to https://k97iydxz.gorun.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://k97iydxz.gorun.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://tri-nexos.gontake.in.net/verification.google id: auto-124b3140995da41efda682fd98ddf2d145c8820b06e6c71d070fb6920c77493a status: experimental description: Detects traffic or activity related to https://tri-nexos.gontake.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://tri-nexos.gontake.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://visuavital.gontake.in.net/verification.google id: auto-42aca41c5e02614424c7d1d69dd533d15d76d7ad2260958c2560251f62faf417 status: experimental description: Detects traffic or activity related to https://visuavital.gontake.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://visuavital.gontake.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://48leal.gontake.in.net/verification.google id: auto-38039fe496da15f1560349a7d93a750228a17bd1f83510fad824e2dca923b9de status: experimental description: Detects traffic or activity related to https://48leal.gontake.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://48leal.gontake.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - http://158.94.208.7/files/8468794285/dSBZqK0.exe id: auto-ad8d0b719df076745dd0b1e1d2755b8478bf5a3e7aaf8e411fd4c607fd5ecedc status: experimental description: Detects traffic or activity related to http://158.94.208.7/files/8468794285/dSBZqK0.exe which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*http://158.94.208.7/files/8468794285/dSBZqK0.exe*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - http://158.94.208.7/files/8167064937/BB3UGoE.exe id: auto-812e4e29c4a1874d6e32ec3f64845dc5dc999d3e1d23716f2390bde86b772825 status: experimental description: Detects traffic or activity related to http://158.94.208.7/files/8167064937/BB3UGoE.exe which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*http://158.94.208.7/files/8167064937/BB3UGoE.exe*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://rich-wave.gontake.in.net/verification.google id: auto-9e847279c97a32d6e5bdaf3a09d954be04ad7d3b8f68f9f6a532fcb21dce1cdd status: experimental description: Detects traffic or activity related to https://rich-wave.gontake.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://rich-wave.gontake.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://uzpjxi.whitebus.in.net/verification.google id: auto-8c890bf446b126c318c222cab38db221c028408fba68399e808f1c537ac97548 status: experimental description: Detects traffic or activity related to https://uzpjxi.whitebus.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://uzpjxi.whitebus.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://bgsgroup.com.ar/c/Doc_902838.msi id: auto-121b25a2b084d09b6ce03603d5bed09d965b758e9856aa9b6ab7a76c5a40d5ab status: experimental description: Detects traffic or activity related to https://bgsgroup.com.ar/c/Doc_902838.msi which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://bgsgroup.com.ar/c/Doc_902838.msi*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://catalogmonitor.whitebus.in.net/verification.google id: auto-d62157b2b65e1542aa4eaa802a07fb9d7f8199ffabcf68ece53f45c52be90554 status: experimental description: Detects traffic or activity related to https://catalogmonitor.whitebus.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://catalogmonitor.whitebus.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://criloya.whitebus.in.net/verification.google id: auto-d854476e6831e48ba1fe8f93889951d66f6ffad2c60bc6dd6e94604cb9352e48 status: experimental description: Detects traffic or activity related to https://criloya.whitebus.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://criloya.whitebus.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://iceevery.whitebus.in.net/verification.google id: auto-4fb23c7c48303365992e038bb631f047646af11d3e2a1b9d158fc9e7efdf52a9 status: experimental description: Detects traffic or activity related to https://iceevery.whitebus.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://iceevery.whitebus.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://sat-uplink.ferroluna.in.net/verification.google id: auto-0331243492da59f2f8db682d8a467a6ab4d976d4958b34027df25f256aa3b60b status: experimental description: Detects traffic or activity related to https://sat-uplink.ferroluna.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://sat-uplink.ferroluna.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://rock-core-v7.ferroluna.in.net/verification.google id: auto-5d3bc861fa6d79b8e8c695b7627847b95089fc25c6825a1cc6abecf904a81949 status: experimental description: Detects traffic or activity related to https://rock-core-v7.ferroluna.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://rock-core-v7.ferroluna.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://steel-base-9.ferroluna.in.net/verification.google id: auto-f1f36bfe617021b7d915bc06f3c1b149f57a91cc740a8abd0c90df346374a5ec status: experimental description: Detects traffic or activity related to https://steel-base-9.ferroluna.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://steel-base-9.ferroluna.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://moon-orbit-3.ferroluna.in.net/verification.google id: auto-cb1b78809c313b7e8fa616dcbbb8d7da787b156ad3529fda4392a8aaf3ceb81e status: experimental description: Detects traffic or activity related to https://moon-orbit-3.ferroluna.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://moon-orbit-3.ferroluna.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://open-space-v.grandespace.in.net/verification.google id: auto-518eca80de36c83872e9b60dfa84e5124caa2e3109beccb772d24827b635a344 status: experimental description: Detects traffic or activity related to https://open-space-v.grandespace.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://open-space-v.grandespace.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://vast-field-01.grandespace.in.net/verification.google id: auto-7b1f7eadce3c9d3a78ee5be00f24a1b1389de198a7d6bb6bc785292f46406e8c status: experimental description: Detects traffic or activity related to https://vast-field-01.grandespace.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://vast-field-01.grandespace.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://area-zone-55.grandespace.in.net/verification.google id: auto-6cbcdaa4717032814d2c9f2c6617b0e40a935bf357d26ad3970a60c889136f17 status: experimental description: Detects traffic or activity related to https://area-zone-55.grandespace.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://area-zone-55.grandespace.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://outer-rim-9.grandespace.in.net/verification.google id: auto-05a88582a084be48377922092519567fc18d4ef12e7a7c7d94544ba1599e2191 status: experimental description: Detects traffic or activity related to https://outer-rim-9.grandespace.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://outer-rim-9.grandespace.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://vision-sync.nachtlicht.in.net/verification.google id: auto-a4e91aacb71062d635e3a00a1b8425017523f57f2a6fefedc8d65985f61adddd status: experimental description: Detects traffic or activity related to https://vision-sync.nachtlicht.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://vision-sync.nachtlicht.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://scan-point-21.nachtlicht.in.net/verification.google id: auto-d85f464b327c6d4fe28add257002e85e0c7e4c60b1a19b97d546c8d674f2d80c status: experimental description: Detects traffic or activity related to https://scan-point-21.nachtlicht.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://scan-point-21.nachtlicht.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://light-bridge-4.nachtlicht.in.net/verification.google id: auto-c8bfe3d34f16396a3e6a18959b13510b4af634f2f892acd9327dd022e2791b28 status: experimental description: Detects traffic or activity related to https://light-bridge-4.nachtlicht.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://light-bridge-4.nachtlicht.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dark-room-v8.nachtlicht.in.net/verification.google id: auto-a6b48ba15051f1a319d8ad393f1067cb8b52fcf248ecadb10bb01dbb85b30f23 status: experimental description: Detects traffic or activity related to https://dark-room-v8.nachtlicht.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dark-room-v8.nachtlicht.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ghost-node.cybergeist.in.net/verification.google id: auto-7c5f1137b3ff19e482350ce99ffc43b5fd275c68b1779567df4d733064e584ca status: experimental description: Detects traffic or activity related to https://ghost-node.cybergeist.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ghost-node.cybergeist.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://user-auth-x2.cybergeist.in.net/verification.google id: auto-a08b87d64eab32b4fa62dc7273feb09f542ed44781d5087e4d7f4568d8e0ea4f status: experimental description: Detects traffic or activity related to https://user-auth-x2.cybergeist.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://user-auth-x2.cybergeist.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://core-shell-77.cybergeist.in.net/verification.google id: auto-4e56a7de397bbfa9e6ed951fee2420c20ee3210d948673cbca463dabc74a0d0e status: experimental description: Detects traffic or activity related to https://core-shell-77.cybergeist.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://core-shell-77.cybergeist.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://alpha-trace-0.cybergeist.in.net/verification.google id: auto-fcbaa086f07996962d80ca12c98a349ca8bcb15a3569170363a01d9f20f22d23 status: experimental description: Detects traffic or activity related to https://alpha-trace-0.cybergeist.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://alpha-trace-0.cybergeist.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://point-entry.mondosolido.in.net/verification.google id: auto-4d7607be252aa83cbd5d764857af5363b43fea5ff200543ba2db5152d939977f status: experimental description: Detects traffic or activity related to https://point-entry.mondosolido.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://point-entry.mondosolido.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://data-base-v3.mondosolido.in.net/verification.google id: auto-5d663b335c8b98f6f7c90bcd03af89e12b61e9c4b2f313e0c962cbfd50a95127 status: experimental description: Detects traffic or activity related to https://data-base-v3.mondosolido.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://data-base-v3.mondosolido.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://base-infra-9.mondosolido.in.net/verification.google id: auto-99fad8efbf20ca68d74fa08cc06d3595206db4be2f6b0fca7aa275f0ddc80755 status: experimental description: Detects traffic or activity related to https://base-infra-9.mondosolido.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://base-infra-9.mondosolido.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://global-net-1.mondosolido.in.net/verification.google id: auto-02089ce447fc7f43e30ace0db345fb7b42c970a17dbc24f294feff6e283427b9 status: experimental description: Detects traffic or activity related to https://global-net-1.mondosolido.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://global-net-1.mondosolido.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://local-hub-test.petitbureau.in.net/verification.google id: auto-8ef17eb91229043f7f3f1fa88714551a1a8b918b2f49f1f7727bda6d32b8b74b status: experimental description: Detects traffic or activity related to https://local-hub-test.petitbureau.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://local-hub-test.petitbureau.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://staff-portal-5.petitbureau.in.net/verification.google id: auto-f55bda22d374b002fb3e1cac89795004edf94d4a854ea56fee514048ca9eedec status: experimental description: Detects traffic or activity related to https://staff-portal-5.petitbureau.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://staff-portal-5.petitbureau.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://work-flow-v2.petitbureau.in.net/verification.google id: auto-eded1ac8fbe3b014ed61f53dc066d91cb1b244e555eb31e56b666327084b6361 status: experimental description: Detects traffic or activity related to https://work-flow-v2.petitbureau.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://work-flow-v2.petitbureau.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://office-link-0.petitbureau.in.net/verification.google id: auto-0dbd50d9ed1c5de24230bdfc2a6e8901bb2223e2aca337216cb9330f014a8a2c status: experimental description: Detects traffic or activity related to https://office-link-0.petitbureau.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://office-link-0.petitbureau.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://gateway-secure.starkstrom.in.net/verification.google id: auto-3b4c596c1817c853770cfa17975863dc2916c28e0b21722d222d9c3d53a0f42d status: experimental description: Detects traffic or activity related to https://gateway-secure.starkstrom.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://gateway-secure.starkstrom.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://sys-monitor-x.starkstrom.in.net/verification.google id: auto-f04bff5d356309be51744d702a4957897be93207711b2a37dc2ff47c0b4a0c45 status: experimental description: Detects traffic or activity related to https://sys-monitor-x.starkstrom.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://sys-monitor-x.starkstrom.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://load-balancer-3.starkstrom.in.net/verification.google id: auto-6b86c3cd49732a5b22783d2309d1a4c0dd86afb5e0b66b3276ee607b07e22d93 status: experimental description: Detects traffic or activity related to https://load-balancer-3.starkstrom.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://load-balancer-3.starkstrom.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://power-grid-88.starkstrom.in.net/verification.google id: auto-925dea80d0bfd57eefda635b7a648b367af0b7362c13cb1aa1ea538ea839acbb status: experimental description: Detects traffic or activity related to https://power-grid-88.starkstrom.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://power-grid-88.starkstrom.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://internal-dns.cielonumerique.in.net/verification.google id: auto-1edc1d08ef051cc469d5b4e568a566c6905949efd1139cf03dff4aaa0d5f9350 status: experimental description: Detects traffic or activity related to https://internal-dns.cielonumerique.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://internal-dns.cielonumerique.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cache-dist-12.cielonumerique.in.net/verification.google id: auto-861cbc884a4b5697b846a11599d45df45698f5485aceb4fe5d3770d044596d2c status: experimental description: Detects traffic or activity related to https://cache-dist-12.cielonumerique.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cache-dist-12.cielonumerique.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://backend-core-7.cielonumerique.in.net/verification.google id: auto-610528a63ce73455c171433df734067de04c791d736e1896b2b1de73f681d985 status: experimental description: Detects traffic or activity related to https://backend-core-7.cielonumerique.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://backend-core-7.cielonumerique.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://remote-access-v4.cielonumerique.in.net/verification.google id: auto-2d88d8fdcd519d5d82d2e5a8c744a3fec971cfa5e2a096403e828201b1c01bb3 status: experimental description: Detects traffic or activity related to https://remote-access-v4.cielonumerique.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://remote-access-v4.cielonumerique.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://app-data-sync.vittoriastrada.in.net/verification.google id: auto-9d4b9b88b626bc5431f1979bc477d155eac349f177a4ba80e5852d2963ff27c2 status: experimental description: Detects traffic or activity related to https://app-data-sync.vittoriastrada.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://app-data-sync.vittoriastrada.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://web-proxy-99.vittoriastrada.in.net/verification.google id: auto-331dc440fdf1a8a5a96478d2fb1327e8ad6b9f9f4d22cb902d246948dfcf61ba status: experimental description: Detects traffic or activity related to https://web-proxy-99.vittoriastrada.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://web-proxy-99.vittoriastrada.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cloud-storage-5.vittoriastrada.in.net/verification.google id: auto-288f4c5c6714fe1ab6525a8bcce22445e044337da72bd23e625819dcdf4fb3a0 status: experimental description: Detects traffic or activity related to https://cloud-storage-5.vittoriastrada.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cloud-storage-5.vittoriastrada.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://metrics-sync.kristallwelt.in.net/verification.google id: auto-b0c539111ff8acce69cd659701a753b680c7acbf25013a5ab58960503184050e status: experimental description: Detects traffic or activity related to https://metrics-sync.kristallwelt.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://metrics-sync.kristallwelt.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dev-test-01.kristallwelt.in.net/verification.google id: auto-e416e02bc03e143dde229f05bb1e42286197dfb49f3ba3fe4ff751a838851928 status: experimental description: Detects traffic or activity related to https://dev-test-01.kristallwelt.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dev-test-01.kristallwelt.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://api-node-v2.kristallwelt.in.net/verification.google id: auto-5cc433e41f1953828bac54cf4a4e50b901138c4126fa6935fa07827e429993d6 status: experimental description: Detects traffic or activity related to https://api-node-v2.kristallwelt.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://api-node-v2.kristallwelt.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cdn-static-1.kristallwelt.in.net/verification.google id: auto-4a6c588889f3a3b00c437c6c5acc248456c936b731ec669c5c544b42a3e6cdee status: experimental description: Detects traffic or activity related to https://cdn-static-1.kristallwelt.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cdn-static-1.kristallwelt.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://endpointtest.chifdark.in.net/verification.google id: auto-f012be9a1543cf91ce5346bbac94e6c2f992b30390fd2d7394b8604b5abd8408 status: experimental description: Detects traffic or activity related to https://endpointtest.chifdark.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://endpointtest.chifdark.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://reel-age.chifdark.in.net/verification.google id: auto-54ffab5b6e6998929fc8f6dc673af1f846fec7f55c744af96256f65d1b3b3c65 status: experimental description: Detects traffic or activity related to https://reel-age.chifdark.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://reel-age.chifdark.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ipggvyss.chifdark.in.net/verification.google id: auto-e888aa4902e8b7bac0a5ad46dff4c0d07a0233a71868845b7e6a4b3aeaaf6311 status: experimental description: Detects traffic or activity related to https://ipggvyss.chifdark.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ipggvyss.chifdark.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://closedgranite.chifdark.in.net/verification.google id: auto-c72a589b8c73e52b15032e0b8e2deff0a5c6cc7792e24a551b8c38bf91b5a461 status: experimental description: Detects traffic or activity related to https://closedgranite.chifdark.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://closedgranite.chifdark.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://7xvura.coldcaught.in.net/verification.google id: auto-b81b911a82a0b07f6ff172f57d2e35c291c433e3ea2351e18c82027ca44441fe status: experimental description: Detects traffic or activity related to https://7xvura.coldcaught.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://7xvura.coldcaught.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://i0n3-graph.coldcaught.in.net/verification.google id: auto-96bce50739d6aee23451c137812329946f550c1fb9d584b72adc3bd61239e1fd status: experimental description: Detects traffic or activity related to https://i0n3-graph.coldcaught.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://i0n3-graph.coldcaught.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cratelayout.coldcaught.in.net/verification.google id: auto-eccb8b2346d69ad9c72570387e3c4f4b414fceed97739546d84576b92a2e0eb8 status: experimental description: Detects traffic or activity related to https://cratelayout.coldcaught.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cratelayout.coldcaught.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://m4nif-stack.coldcaught.in.net/verification.google id: auto-fe50d185494d4a91672fbd10fa72ec4322a55e73444baf37a7b69854d2ed831b status: experimental description: Detects traffic or activity related to https://m4nif-stack.coldcaught.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://m4nif-stack.coldcaught.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://sannod.liberalpilka.in.net/verification.google id: auto-4dba8e6308757b56fc78873953eb50126c5072b27d8db388bff533b2cb34a101 status: experimental description: Detects traffic or activity related to https://sannod.liberalpilka.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://sannod.liberalpilka.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://vfjpe.liberalpilka.in.net/verification.google id: auto-11c47c270e34d84722a436a5390c95188c85124b6f4fb7187ef23952d5805deb status: experimental description: Detects traffic or activity related to https://vfjpe.liberalpilka.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://vfjpe.liberalpilka.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://vorcoreix1.liberalpilka.in.net/verification.google id: auto-2bad122c0a97031aa26190e146c68a071316eafb37a1c107183e54f2ce1b1224 status: experimental description: Detects traffic or activity related to https://vorcoreix1.liberalpilka.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://vorcoreix1.liberalpilka.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://scarnetwor.liberalpilka.in.net/verification.google id: auto-87d4bfee847e65ffcebc75fe812fa12d16e4c0023104ef1023cd48ee5d96080e status: experimental description: Detects traffic or activity related to https://scarnetwor.liberalpilka.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://scarnetwor.liberalpilka.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ohqr.migratetulle.in.net/verification.google id: auto-fb7e4a08655b42bc2719fd58b519480e140e5be61c4cfe0c04a017420817b0a8 status: experimental description: Detects traffic or activity related to https://ohqr.migratetulle.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ohqr.migratetulle.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://threadtrend.migratetulle.in.net/verification.google id: auto-8571206aea0f830919b40a4419de25b7a620f3a3061e6c0a5df197a441b6667e status: experimental description: Detects traffic or activity related to https://threadtrend.migratetulle.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://threadtrend.migratetulle.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://alt-0tter.migratetulle.in.net/verification.google id: auto-0a65db4c91cda560eb1c74461e87b166b59c1839631da1c0578d7358f224bd03 status: experimental description: Detects traffic or activity related to https://alt-0tter.migratetulle.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://alt-0tter.migratetulle.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://61yede8.migratetulle.in.net/verification.google id: auto-13b3155d8ca8b94282a00f3749bd4fa11025d2189bf18330ff99f21ffbc018fc status: experimental description: Detects traffic or activity related to https://61yede8.migratetulle.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://61yede8.migratetulle.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - http://158.94.208.7/files/7048186296/SASBjh2.exe id: auto-e86f049e4224d1705c0a2badb9091ac016433460879ea9c156677b2368bf2c08 status: experimental description: Detects traffic or activity related to http://158.94.208.7/files/7048186296/SASBjh2.exe which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*http://158.94.208.7/files/7048186296/SASBjh2.exe*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://vyyrr.idyllmuscat.in.net/verification.google id: auto-fe7f0ef2b23c5dc101d9ba9fecacf9b841e99f3c2341e3fc684662c936f96ba2 status: experimental description: Detects traffic or activity related to https://vyyrr.idyllmuscat.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://vyyrr.idyllmuscat.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://kh9zgked.idyllmuscat.in.net/verification.google id: auto-15c16ae06a6a72e0187e28f2d01bc9ae17013ff7c9937f067ee6e4d1e3aece0b status: experimental description: Detects traffic or activity related to https://kh9zgked.idyllmuscat.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://kh9zgked.idyllmuscat.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://d3ploy-mesh.idyllmuscat.in.net/verification.google id: auto-a9fa6dc479087ac0758a09026b97dd783f9006f2f400f6cbf76b57d8df4fe17c status: experimental description: Detects traffic or activity related to https://d3ploy-mesh.idyllmuscat.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://d3ploy-mesh.idyllmuscat.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://eih59fij.idyllmuscat.in.net/verification.google id: auto-12951c5ddca64eff70943d92fd68436912b23ab08abe4c8a6e446a14e1e2fc47 status: experimental description: Detects traffic or activity related to https://eih59fij.idyllmuscat.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://eih59fij.idyllmuscat.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://zen-crestex.concretemixer.in.net/verification.google id: auto-a0cf87850a963346eb25e7192625d15981024b0651d30a21e1e3286f12010372 status: experimental description: Detects traffic or activity related to https://zen-crestex.concretemixer.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://zen-crestex.concretemixer.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ypzwu43.concretemixer.in.net/verification.google id: auto-83ca4fd1553f45b18952c0e676a56c374757b8fb238fc8931c6d55afb7d3f82f status: experimental description: Detects traffic or activity related to https://ypzwu43.concretemixer.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ypzwu43.concretemixer.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://getjwrv.concretemixer.in.net/verification.google id: auto-6135843981531d9b66ffbb6f6c56453e53e873906b1e4acbe84cb2d5aa81a84c status: experimental description: Detects traffic or activity related to https://getjwrv.concretemixer.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://getjwrv.concretemixer.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://rq4pe.concretemixer.in.net/verification.google id: auto-464c19145c453f8a31ef4b34b6a1db459fe8ac62f9a0015602c2e774c3d99ae4 status: experimental description: Detects traffic or activity related to https://rq4pe.concretemixer.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://rq4pe.concretemixer.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://lay3r4-cache.blowdisassem.in.net/verification.google id: auto-ab46609169a62ca6e41ebfaa7c9c8538b8499e1f6335c695a2394fe0e8d010b8 status: experimental description: Detects traffic or activity related to https://lay3r4-cache.blowdisassem.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://lay3r4-cache.blowdisassem.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://uga9ai.blowdisassem.in.net/verification.google id: auto-54a73e1454643d14abebb2cc2e222f510209cc6ee43917168e05fbbbe08024d2 status: experimental description: Detects traffic or activity related to https://uga9ai.blowdisassem.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://uga9ai.blowdisassem.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://fgctlmw.blowdisassem.in.net/verification.google id: auto-4d9250a6d1ce5794fbb4124f835eecf5d203f028b7a0f29c89bee9ae1f944915 status: experimental description: Detects traffic or activity related to https://fgctlmw.blowdisassem.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://fgctlmw.blowdisassem.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://piouzv.blowdisassem.in.net/verification.google id: auto-41e5a2debb4dd41d575416af6ba9820234d6bd17dd1aad00a71208ae01f9d64e status: experimental description: Detects traffic or activity related to https://piouzv.blowdisassem.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://piouzv.blowdisassem.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://merline3ar.synchronting.in.net/verification.google id: auto-fa4cb367d116cb28ee709854be6db7c130ce5d6f193ae2d8fe3817feb0520889 status: experimental description: Detects traffic or activity related to https://merline3ar.synchronting.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://merline3ar.synchronting.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://arkspire4um.synchronting.in.net/verification.google id: auto-79f7f465f724b5eaa83e792f4edb8f424efef310f80bb6e0cf17443f5bd020ed status: experimental description: Detects traffic or activity related to https://arkspire4um.synchronting.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://arkspire4um.synchronting.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://viykdw01.synchronting.in.net/verification.google id: auto-3851bac89acf600b305b767b359bcc191eb31ab7ab1560e9f29a8bb201835874 status: experimental description: Detects traffic or activity related to https://viykdw01.synchronting.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://viykdw01.synchronting.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://nor-nexet.synchronting.in.net/verification.google id: auto-d9ab5e04db6537640248a801442c855129bc7d080c20dc82365be4bbda182a7b status: experimental description: Detects traffic or activity related to https://nor-nexet.synchronting.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://nor-nexet.synchronting.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://stitchroo.directkorchaga.in.net/verification.google id: auto-a1f40a67c2c6f18390a12b405aace938122810c6ded738a3d3f71dd25e4a9adc status: experimental description: Detects traffic or activity related to https://stitchroo.directkorchaga.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://stitchroo.directkorchaga.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://arknexen.directkorchaga.in.net/verification.google id: auto-14ef4fbee4521f888e2e69a9a9a4af9ca9f3ca5baed96e6bf6dd73dd4042018d status: experimental description: Detects traffic or activity related to https://arknexen.directkorchaga.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://arknexen.directkorchaga.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://gzgqdb.directkorchaga.in.net/verification.google id: auto-40b59f175627c83f198e658fbfd8fa5bb93de03e7c263e9d3f1da29285ea6355 status: experimental description: Detects traffic or activity related to https://gzgqdb.directkorchaga.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://gzgqdb.directkorchaga.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://fxafcfe.invulshuga.in.net/verification.google id: auto-88b5d56fe2bf6eabd7efa06818461ae361917126e161d40fc0213a3187d3febc status: experimental description: Detects traffic or activity related to https://fxafcfe.invulshuga.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://fxafcfe.invulshuga.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://hhqh.invulshuga.in.net/verification.google id: auto-01c77a7b62a44f03b6849557463127b092ab3dbb384930a553b64bdd67a3e230 status: experimental description: Detects traffic or activity related to https://hhqh.invulshuga.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://hhqh.invulshuga.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://temp-urban.directkorchaga.in.net/verification.google id: auto-da05a5b98a0e845f76a2a698c87c993628a38f6d4a46e95fb4d18d8b71d19619 status: experimental description: Detects traffic or activity related to https://temp-urban.directkorchaga.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://temp-urban.directkorchaga.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://spoolfox.invulshuga.in.net/verification.google id: auto-af03c917a3973f0a6e7366be004347254b20f3202d61b7f4b4750aaa50b345f5 status: experimental description: Detects traffic or activity related to https://spoolfox.invulshuga.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://spoolfox.invulshuga.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://mod3-trace.invulshuga.in.net/verification.google id: auto-8a8d2ff9a06f55e76692e06320389cf8bc1d826eee523d21ab6c75fce28b9b1b status: experimental description: Detects traffic or activity related to https://mod3-trace.invulshuga.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://mod3-trace.invulshuga.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://pricethread.starpit.in.net/verification.google id: auto-039acefcf0dd5da5241f6764fb044a6dd036c2a49fd2bc075a7c6ad6801dab5c status: experimental description: Detects traffic or activity related to https://pricethread.starpit.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://pricethread.starpit.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://zennex7is.starpit.in.net/verification.google id: auto-f7ce53ee2545c299e2b02de9992adaf42f43797904618d79b9e7650dc5f446c0 status: experimental description: Detects traffic or activity related to https://zennex7is.starpit.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://zennex7is.starpit.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://runvv4-forge.starpit.in.net/verification.google id: auto-78b0c3d398102dee21ccf3bd34c0889fd31df4534c1a56858b06dd7d5f11b4e3 status: experimental description: Detects traffic or activity related to https://runvv4-forge.starpit.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://runvv4-forge.starpit.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://7lqpjwbx.starpit.in.net/verification.google id: auto-6241c0cb75e979f25185155cf9ee20c66077e870393823293747fc9fdcc0b66a status: experimental description: Detects traffic or activity related to https://7lqpjwbx.starpit.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://7lqpjwbx.starpit.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://p5pywt.ironbay.in.net/verification.google id: auto-82ae682ce6db3c0d9ef30607fae316bf730016f6d7fcc95f4188323e59f0d175 status: experimental description: Detects traffic or activity related to https://p5pywt.ironbay.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://p5pywt.ironbay.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://jycyry1b.ironbay.in.net/verification.google id: auto-4b5954b5dc9018de283b74cdc80a2534a3edfd471e374ee21eec2fdad7bc36cf status: experimental description: Detects traffic or activity related to https://jycyry1b.ironbay.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://jycyry1b.ironbay.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://pine2-cast.ironbay.in.net/verification.google id: auto-d3e9314b4f5014153612edf2237652000b8a210b5d249d0a546976b78e38385a status: experimental description: Detects traffic or activity related to https://pine2-cast.ironbay.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://pine2-cast.ironbay.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dispatc-puls.ironbay.in.net/verification.google id: auto-c1bfe3134d30d818ce526aa5a60bfc6dc2908fe79578756513b97dd29c8fd860 status: experimental description: Detects traffic or activity related to https://dispatc-puls.ironbay.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dispatc-puls.ironbay.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://pine-fix.lakepit.in.net/verification.google id: auto-a4fb5708c3ffde3234d38a1a5e252f320672d300f539eec0afcc1eacc989c942 status: experimental description: Detects traffic or activity related to https://pine-fix.lakepit.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://pine-fix.lakepit.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://solspireis6.lakepit.in.net/verification.google id: auto-c131d225ee1182ad56cb8d6e1fff0c7599deadc658b6731c210683c52f78efee status: experimental description: Detects traffic or activity related to https://solspireis6.lakepit.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://solspireis6.lakepit.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://du5t0-frame.lakepit.in.net/verification.google id: auto-207164e7e2ac425b252972264ffe52651ad0d352533e7e1d6d04b0262b0412ee status: experimental description: Detects traffic or activity related to https://du5t0-frame.lakepit.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://du5t0-frame.lakepit.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - http://158.94.208.7/files/8167064937/7P402xV.exe id: auto-40a2ebf0328dc977c86cecefca7a2d6c76763dc0d6dc743f4bbf7dd6c1ee6bc1 status: experimental description: Detects traffic or activity related to http://158.94.208.7/files/8167064937/7P402xV.exe which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*http://158.94.208.7/files/8167064937/7P402xV.exe*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://nl6rhf.lakepit.in.net/verification.google id: auto-2b4acb6aaf22eec56ee97eaec0610f1197b142f6ae1535e9115055f7240f5c45 status: experimental description: Detects traffic or activity related to https://nl6rhf.lakepit.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://nl6rhf.lakepit.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://offerclinic.rockbay.in.net/verification.google id: auto-5dbf00ec1e9939fe58500cb479c6b7d2d787b8e7df9cc61ae8f5aac008497416 status: experimental description: Detects traffic or activity related to https://offerclinic.rockbay.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://offerclinic.rockbay.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://shieldretainer.rockbay.in.net/verification.google id: auto-3bf6ecaf01b98cb4a1d2c3062d12d40ea2b7aef403e405b13c11e8935d69bba7 status: experimental description: Detects traffic or activity related to https://shieldretainer.rockbay.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://shieldretainer.rockbay.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://bygesuy9.rockbay.in.net/verification.google id: auto-1dc07166942ae0d3f521e4e4734e25ac8ee7ac8cd40b0b82835aa75e30370125 status: experimental description: Detects traffic or activity related to https://bygesuy9.rockbay.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://bygesuy9.rockbay.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://anch0r-switch.bluebay.in.net/verification.google id: auto-1907ac45e23e3113bff6a043141a8cd223e9d5640bb81097927a88d381ae4265 status: experimental description: Detects traffic or activity related to https://anch0r-switch.bluebay.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://anch0r-switch.bluebay.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://loaderdrive.bluebay.in.net/verification.google id: auto-0d619d2c7c41fcf0650d48652b2d0cf74270b3e56d003ccec5e87ad89aba7b8f status: experimental description: Detects traffic or activity related to https://loaderdrive.bluebay.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://loaderdrive.bluebay.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://2umw.bluebay.in.net/verification.google id: auto-d7d6815be94274529f4fa85c0845031999bc90e72796b9b0148f2577d6cb1aaa status: experimental description: Detects traffic or activity related to https://2umw.bluebay.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://2umw.bluebay.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://couriframe.goldpit.in.net/verification.google id: auto-8cb6b68f3499c68f7445953edc1332d36f0e0731511575d240f99dec6aebfcd2 status: experimental description: Detects traffic or activity related to https://couriframe.goldpit.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://couriframe.goldpit.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://fbge7x.goldpit.in.net/verification.google id: auto-6b4f99b383d3481b0611149fbbc64e7b6621618779adfa4a1aa6a000b17927d1 status: experimental description: Detects traffic or activity related to https://fbge7x.goldpit.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://fbge7x.goldpit.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - http://158.94.208.7/files/7903503838/6NMKhZu.exe id: auto-5b44dc276f30928f5262512011deb15a6fa5a6d93a097299006f7e4457bb9dcb status: experimental description: Detects traffic or activity related to http://158.94.208.7/files/7903503838/6NMKhZu.exe which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*http://158.94.208.7/files/7903503838/6NMKhZu.exe*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://endpo2-craft.goldpit.in.net/verification.google id: auto-e14dcc15128e654359ac378639fa3ba50c0868cb4acac960a2c4a788d2a8d605 status: experimental description: Detects traffic or activity related to https://endpo2-craft.goldpit.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://endpo2-craft.goldpit.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://joqyh.windbay.in.net/verification.google id: auto-b73e3a4db40928fd231f97365fd6357b665ac51544ca0b1f5bdd853fcd0a626a status: experimental description: Detects traffic or activity related to https://joqyh.windbay.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://joqyh.windbay.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://exteneur.windbay.in.net/verification.google id: auto-066f9f1163f17f3259d3e3611df0da9269e5767d7f8e906902beb3dad715acb9 status: experimental description: Detects traffic or activity related to https://exteneur.windbay.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://exteneur.windbay.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dydqa.windbay.in.net/verification.google id: auto-76e8b2ba9e989183905c34faa49ca57dbcd1ba36f0fb7f4da292ecfd11d29c9c status: experimental description: Detects traffic or activity related to https://dydqa.windbay.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dydqa.windbay.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://tmzmig.redpit.in.net/verification.google id: auto-669d28e2a0496dec295618a82ecc77b79d3d18a0a8c2faf2e1acdd9388bc3a4f status: experimental description: Detects traffic or activity related to https://tmzmig.redpit.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://tmzmig.redpit.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://valleyreb.redpit.in.net/verification.google id: auto-eb48df2aae8e3b604d039405669cf8ac392d8e759f5ea7dbf6f3389ecffd04bd status: experimental description: Detects traffic or activity related to https://valleyreb.redpit.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://valleyreb.redpit.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://binar-vector.redpit.in.net/verification.google id: auto-84b73e2dadc123c83fc92389110aea35870b37a8784ab038d3b161d2c724ba1e status: experimental description: Detects traffic or activity related to https://binar-vector.redpit.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://binar-vector.redpit.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://slate-marsh.oakbay.in.net/verification.google id: auto-f3cfefb39c49be5f236f93a5fa9108977341cb9e147de7321d4712ec660fea53 status: experimental description: Detects traffic or activity related to https://slate-marsh.oakbay.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://slate-marsh.oakbay.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://proto-re4ge.oakbay.in.net/verification.google id: auto-791601c61f863b0de86b151cc74820d696e10235688017f309b7f7193db86f8c status: experimental description: Detects traffic or activity related to https://proto-re4ge.oakbay.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://proto-re4ge.oakbay.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://summ-rural.oakbay.in.net/verification.google id: auto-03af31408d36823d22e686e9599b3b975602decc43bc488cbfbb2227210f6d91 status: experimental description: Detects traffic or activity related to https://summ-rural.oakbay.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://summ-rural.oakbay.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://glzabh.sunpit.in.net/verification.google id: auto-b0f5cd473e867f9113c23ddc78d32ccb607b4a93b795580b78c7fdd776bcb077 status: experimental description: Detects traffic or activity related to https://glzabh.sunpit.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://glzabh.sunpit.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dep0t9-well.sunpit.in.net/verification.google id: auto-51b57d88e3db6c42b59ad63e01bcc74d466688677aad6d8e2a12b19a02bb8f28 status: experimental description: Detects traffic or activity related to https://dep0t9-well.sunpit.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dep0t9-well.sunpit.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://2g1jl.sunpit.in.net/verification.google id: auto-2e252956e33332083871d7f107859f1427bb6b52a61e3446a23209b7b301152d status: experimental description: Detects traffic or activity related to https://2g1jl.sunpit.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://2g1jl.sunpit.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://sa17ql.sunpit.in.net/verification.google id: auto-35ae333cc5dc7c48e60746be7638c01af2df14f4d09e4f64dce543dea0c6553c status: experimental description: Detects traffic or activity related to https://sa17ql.sunpit.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://sa17ql.sunpit.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://qdqhkub.restpay.in.net/verification.google id: auto-b791f2cc6445186a327bf882da36cd3d1079d34c1d7afe370e5b016f71a1d85c status: experimental description: Detects traffic or activity related to https://qdqhkub.restpay.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://qdqhkub.restpay.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://urt925.restpay.in.net/verification.google id: auto-cd6d7be2b5173f492f190bb0c877ce2823359d9138e7b6926f75fb1c447cff9c status: experimental description: Detects traffic or activity related to https://urt925.restpay.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://urt925.restpay.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://brasyn.restpay.in.net/verification.google id: auto-48ff590e0fc20380c270da888ae77e2684d36a6008777e0c6674327ca6288132 status: experimental description: Detects traffic or activity related to https://brasyn.restpay.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://brasyn.restpay.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://vorspire4ex.restpay.in.net/verification.google id: auto-386c4eb72ed06eaa17764d354e3a162dd0da7281925b5f44c258e2a1c393aafe status: experimental description: Detects traffic or activity related to https://vorspire4ex.restpay.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://vorspire4ex.restpay.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://01n680.calloak.in.net/verification.google id: auto-9c88972bde45348556d961ed76c1db6a5f9a16184720cafb36e7a1307677598c status: experimental description: Detects traffic or activity related to https://01n680.calloak.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://01n680.calloak.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://eubz.calloak.in.net/verification.google id: auto-c090bbabd1d686795bb629b58155efc6bcebddfda5d41c9dc0c8133896e32f79 status: experimental description: Detects traffic or activity related to https://eubz.calloak.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://eubz.calloak.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://9jmu.calloak.in.net/verification.google id: auto-038d0b82f4ef187d0703618e190ac437d5fa1afa74dc28a657897e40a8eccefa status: experimental description: Detects traffic or activity related to https://9jmu.calloak.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://9jmu.calloak.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://growt1-field.calloak.in.net/verification.google id: auto-04bd2961fbed7726b031db44084f73b4a398db02ed9afcdf09390528232958a3 status: experimental description: Detects traffic or activity related to https://growt1-field.calloak.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://growt1-field.calloak.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://refineterminal.jacksend.in.net/verification.google id: auto-6c1b7d0efe0644f0bad6a153e0a57214d149ed6f55906535cfb7510e2f6d216d status: experimental description: Detects traffic or activity related to https://refineterminal.jacksend.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://refineterminal.jacksend.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://strictinspect.jacksend.in.net/verification.google id: auto-ce659ca4cd0047c6c2377bd5e28b1355098db7fc1200574879d5ac3776c7578b status: experimental description: Detects traffic or activity related to https://strictinspect.jacksend.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://strictinspect.jacksend.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - http://91.219.23.145/predator-varying id: auto-2c5621a2d9dbef86f7c05bf49f391c6f04c90d951b3dcd46ef0edea172d453ce status: experimental description: Detects traffic or activity related to http://91.219.23.145/predator-varying which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*http://91.219.23.145/predator-varying*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://myspace.ambertide.in.net/verification.google id: auto-c141275fbb1859a7365a2443f515beaeb29674b96503cbbe2514fbb7313dc328 status: experimental description: Detects traffic or activity related to https://myspace.ambertide.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://myspace.ambertide.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://light-way.ambertide.in.net/verification.google id: auto-e30b3144a401a791796e0ac790e05aa3a3108346179fb73b40b14ab974ebbd9f status: experimental description: Detects traffic or activity related to https://light-way.ambertide.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://light-way.ambertide.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://fire-v12.ambertide.in.net/verification.google id: auto-5429ba620f0420c0b84fc5528e9568c826a5909fd1aae8747a25c176cdb3ebe9 status: experimental description: Detects traffic or activity related to https://fire-v12.ambertide.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://fire-v12.ambertide.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cold-peak.ambertide.in.net/verification.google id: auto-63f033af375fbbdca2bb545ac73b378811609ae877acb8b2d5cc2c00bf5f9bb1 status: experimental description: Detects traffic or activity related to https://cold-peak.ambertide.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cold-peak.ambertide.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://datalink.valeriana.in.net/verification.google id: auto-af4df02e0d1848c9f84cef4de5ec0cc8d9d42c3f9cacb58a38d24926f8f10785 status: experimental description: Detects traffic or activity related to https://datalink.valeriana.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://datalink.valeriana.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://point-up.valeriana.in.net/verification.google id: auto-e8f65ac587035d6fe24ed08e5943092970435a0384e20f534c52d2e751b8a529 status: experimental description: Detects traffic or activity related to https://point-up.valeriana.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://point-up.valeriana.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://home-90.valeriana.in.net/verification.google id: auto-24e3deb89137ced5b4d2e132813c766a232483f3bcc791d495a2b92bad637bd8 status: experimental description: Detects traffic or activity related to https://home-90.valeriana.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://home-90.valeriana.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://smart-fix.valeriana.in.net/verification.google id: auto-a2c727c657d77638b3ca9f3a7c2ec09a1049b9cd8b8c53eaa52f58796fcc66d5 status: experimental description: Detects traffic or activity related to https://smart-fix.valeriana.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://smart-fix.valeriana.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://stepforward.novalento.in.net/verification.google id: auto-a1efc0dce44311f317d6d8030cc855321d6dbbb84b399b779a6a770b794d609c status: experimental description: Detects traffic or activity related to https://stepforward.novalento.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://stepforward.novalento.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://quick-7.novalento.in.net/verification.google id: auto-e0d33dfc433cde25851fc62a68364f4a6600b1d6ed1f0689c5f45fac2669a0c1 status: experimental description: Detects traffic or activity related to https://quick-7.novalento.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://quick-7.novalento.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://red-stone.novalento.in.net/verification.google id: auto-e9ed0259bd417a55cb8c8b131dfb4e5c476670f4819cb9c9ae3152417eef9640 status: experimental description: Detects traffic or activity related to https://red-stone.novalento.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://red-stone.novalento.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://softweb.silvaterra.in.net/verification.google id: auto-ce4a074f70dca000b6a373bc39f011b7b3e87df1cb8c1df438d37d68340a2b8b status: experimental description: Detects traffic or activity related to https://softweb.silvaterra.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://softweb.silvaterra.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://main-hub.silvaterra.in.net/verification.google id: auto-a0330033007abe325a68a8790e4e55aeed3d6ab8dd03f7b7d784f3e2e47b9bc6 status: experimental description: Detects traffic or activity related to https://main-hub.silvaterra.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://main-hub.silvaterra.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://urban-01.silvaterra.in.net/verification.google id: auto-2b6ad5699f7f00f4f20aee804bb0dbbe3defa68baafec4709d53d4130b3fa524 status: experimental description: Detects traffic or activity related to https://urban-01.silvaterra.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://urban-01.silvaterra.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://long-path.silvaterra.in.net/verification.google id: auto-76020130ed2dbe8ef825d9d0a8d7ffe3ee30e1b0208fd427d3b68d5634940b6a status: experimental description: Detects traffic or activity related to https://long-path.silvaterra.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://long-path.silvaterra.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://bestway.miravento.in.net/verification.google id: auto-6acd488d34f55a1883a7c7d14959a10c9d59059f5c9ebd296fda1eeeaad48576 status: experimental description: Detects traffic or activity related to https://bestway.miravento.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://bestway.miravento.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://go-99.miravento.in.net/verification.google id: auto-08fdacc8558517586f3620d95d0b1323858e402b7b55423da7987918462e723b status: experimental description: Detects traffic or activity related to https://go-99.miravento.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://go-99.miravento.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://site-top.miravento.in.net/verification.google id: auto-9cb7cc96658af8f5d5dc34b5f8c9201cb86c5d645d48ba5fcfec0cc9e2e3cbc5 status: experimental description: Detects traffic or activity related to https://site-top.miravento.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://site-top.miravento.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://fresh-air.miravento.in.net/verification.google id: auto-c0dfe095449a4495e1638ff83baf7c753a0d0e2c69c8e2b07423e7b9b748f49e status: experimental description: Detects traffic or activity related to https://fresh-air.miravento.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://fresh-air.miravento.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - http://158.94.211.222/files/7903503838/R3NzF65.exe id: auto-8e1ac04f3fc2e079176a21a59816a8827b5537bafadd20ae541c3fc7b42e52b9 status: experimental description: Detects traffic or activity related to http://158.94.211.222/files/7903503838/R3NzF65.exe which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*http://158.94.211.222/files/7903503838/R3NzF65.exe*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cool-11.lunavilla.in.net/verification.google id: auto-0c11376dcd0d4f47dd573e969fcd290dd700dbdfe303ec156af44757112cdb56 status: experimental description: Detects traffic or activity related to https://cool-11.lunavilla.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cool-11.lunavilla.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://starlink.lunavilla.in.net/verification.google id: auto-3bffa05b4a0b8a5bc22d60100bf7326958c2ac3bec33b1194e3d78d1f520c086 status: experimental description: Detects traffic or activity related to https://starlink.lunavilla.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://starlink.lunavilla.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://gold-v5.lunavilla.in.net/verification.google id: auto-9f084788cc460b9f86dcc8eafae3c9d983434908b030783dd3f7e58468061c5d status: experimental description: Detects traffic or activity related to https://gold-v5.lunavilla.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://gold-v5.lunavilla.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://deep-space.lunavilla.in.net/verification.google id: auto-a8464dda40d416308441c4881a4259a636b329ef7279c345abed08d4e9817e3c status: experimental description: Detects traffic or activity related to https://deep-space.lunavilla.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://deep-space.lunavilla.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://newpoint.estrellis.in.net/verification.google id: auto-d4cf5bc171ec6a32215a46693b026d5168651cefb1e6ebb56b5819ee449403b9 status: experimental description: Detects traffic or activity related to https://newpoint.estrellis.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://newpoint.estrellis.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://just-up.estrellis.in.net/verification.google id: auto-6d49442d617fa7769e3e1d4c2bdd1c0e138256a346110b5b22f07bf1246e8758 status: experimental description: Detects traffic or activity related to https://just-up.estrellis.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://just-up.estrellis.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://pureland3.estrellis.in.net/verification.google id: auto-36ab08a9f8c6b6fbaa4cdc6ad603b32983d4d1254cf854d3697ae415bca8d076 status: experimental description: Detects traffic or activity related to https://pureland3.estrellis.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://pureland3.estrellis.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://wild-river.estrellis.in.net/verification.google id: auto-ac4ec165184e7c5eecdaf8e3998dc0a364f4a3c99ed53787a1e65cb46a9e9726 status: experimental description: Detects traffic or activity related to https://wild-river.estrellis.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://wild-river.estrellis.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://fastcloud.solariana.in.net/verification.google id: auto-4e879e3879cd419ea81f1790b8c32ac9a0613d93b5f6d8f0e616b5fad2af6b2a status: experimental description: Detects traffic or activity related to https://fastcloud.solariana.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://fastcloud.solariana.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://clear-sky.solariana.in.net/verification.google id: auto-8c9f05e3c29ceecb0622d036e44efdf96fe4fb82b29ea04d7408ef1571bf1240 status: experimental description: Detects traffic or activity related to https://clear-sky.solariana.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://clear-sky.solariana.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://bright-9.solariana.in.net/verification.google id: auto-7d873c7f3b2ef4950e98455af595fc3d9425b6d35e5107c4cfc92e157a1f2621 status: experimental description: Detects traffic or activity related to https://bright-9.solariana.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://bright-9.solariana.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://easygo.altovante.in.net/verification.google id: auto-256dbfd0321adf5d5dc0aa09a97ab1701b48b14b00614d9123cf6e2da3cb7072 status: experimental description: Detects traffic or activity related to https://easygo.altovante.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://easygo.altovante.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://top-line1.altovante.in.net/verification.google id: auto-be745e709ae611eee9db690dd1af42123b3d285518bb21c8f0e7fc4a90205f35 status: experimental description: Detects traffic or activity related to https://top-line1.altovante.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://top-line1.altovante.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://skydream.altovante.in.net/verification.google id: auto-651fbd9281b62d52256a793fb0af90632d8ac537503e53b9c7658e622d0ad987 status: experimental description: Detects traffic or activity related to https://skydream.altovante.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://skydream.altovante.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://green-road.altovante.in.net/verification.google id: auto-c5d90da80221a0bca4cd8b46d7e0d1acde344d93c0d91118de37054bf25c211f status: experimental description: Detects traffic or activity related to https://green-road.altovante.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://green-road.altovante.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://openview.ventomaris.in.net/verification.google id: auto-7e24867066b433fa9adaf03c739511082e0d957339401a34bbc081f7149f8d86 status: experimental description: Detects traffic or activity related to https://openview.ventomaris.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://openview.ventomaris.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://sun-88.ventomaris.in.net/verification.google id: auto-cea65c7c4e9424095af14259a0769cc677029792a5a4380feb96934c10992e94 status: experimental description: Detects traffic or activity related to https://sun-88.ventomaris.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://sun-88.ventomaris.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://quickpage.ventomaris.in.net/verification.google id: auto-da2462f0ef750c8491fd4cd55107fc6a04b89f9b73037520637244d02c82f9a7 status: experimental description: Detects traffic or activity related to https://quickpage.ventomaris.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://quickpage.ventomaris.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://blue-forest7.ventomaris.in.net/verification.google id: auto-e0fb3e134a67fe13db103eb4ffd0016253ba9cf67bd00712f571ab21f4d612d9 status: experimental description: Detects traffic or activity related to https://blue-forest7.ventomaris.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://blue-forest7.ventomaris.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://mer-forgea.sightup.in.net/verification.google id: auto-e5ff43c7917d96456362c7a8230b22491633bd579591bcbb395ae3ba934ad487 status: experimental description: Detects traffic or activity related to https://mer-forgea.sightup.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://mer-forgea.sightup.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://refinewinter.sightup.in.net/verification.google id: auto-924a94649d6a5aa849fb9d213fc6dd35fb7e28cb720afe6d310704bb7994e617 status: experimental description: Detects traffic or activity related to https://refinewinter.sightup.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://refinewinter.sightup.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ultra-5tric.sightup.in.net/verification.google id: auto-a2400f8950d254534a8a1c3b663e66bfe80bc42050a63d23a9e9d53a45207eaa status: experimental description: Detects traffic or activity related to https://ultra-5tric.sightup.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ultra-5tric.sightup.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://metr1-hinge.skyip.in.net/verification.google id: auto-42b53e653037f108027153da3031c7b0c0b7b8a42c37ed47c7a53845c66dfc97 status: experimental description: Detects traffic or activity related to https://metr1-hinge.skyip.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://metr1-hinge.skyip.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://uxcas7x8.skyip.in.net/verification.google id: auto-485815664e750815be74e69e0e93f192c13d835b3b463b765c1ab40253ce517a status: experimental description: Detects traffic or activity related to https://uxcas7x8.skyip.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://uxcas7x8.skyip.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://thicketglobal.skyip.in.net/verification.google id: auto-80f71494299173bafd2ad4c94a0db9aff677180ac5d07fff6dd2118dbc626a31 status: experimental description: Detects traffic or activity related to https://thicketglobal.skyip.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://thicketglobal.skyip.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://napc.skyip.in.net/verification.google id: auto-884dccef1b2d81515f27d1ad83edd0940fadc3eb3feefed70ba0112ea6e8219c status: experimental description: Detects traffic or activity related to https://napc.skyip.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://napc.skyip.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://fjnghv.fastlog.in.net/verification.google id: auto-71e593317c53a3930669df874132be6e57f52c03aa5227c33e533d94db20b35e status: experimental description: Detects traffic or activity related to https://fjnghv.fastlog.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://fjnghv.fastlog.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://gate-gri.fastlog.in.net/verification.google id: auto-3f708cecd68e92b6babc9fb0a4037b90282eb97915226f8a3ec327d24651adfe status: experimental description: Detects traffic or activity related to https://gate-gri.fastlog.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://gate-gri.fastlog.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://iondawn.checksum.in.net/verification.google id: auto-7c0239aa88a387ae92d51cb6b43d2a41a3921f040e002277143f62826f39a9fe status: experimental description: Detects traffic or activity related to https://iondawn.checksum.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://iondawn.checksum.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://n4rro5-panel.checksum.in.net/verification.google id: auto-2f444245a5ff8c3abadd504f23537b2a8b5d01b06820eac8a349151d740efc52 status: experimental description: Detects traffic or activity related to https://n4rro5-panel.checksum.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://n4rro5-panel.checksum.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://civilsandbo.whitelist.in.net/verification.google id: auto-17f797633b7940fbdb35eaaeef466f4303906b6c395ab28df615493b906c253a status: experimental description: Detects traffic or activity related to https://civilsandbo.whitelist.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://civilsandbo.whitelist.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://root3-layer.whitelist.in.net/verification.google id: auto-07be562327d495fbdf0864220621af8431a38f102534bd724df59805e5374740 status: experimental description: Detects traffic or activity related to https://root3-layer.whitelist.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://root3-layer.whitelist.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ukixhx.whitelist.in.net/verification.google id: auto-449178388b6d2dcf8676117a0dc983f2321253a6f965e5acce3435db44f9645a status: experimental description: Detects traffic or activity related to https://ukixhx.whitelist.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ukixhx.whitelist.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://zrvkmhps.bestlog.in.net/verification.google id: auto-5749195b0a997d000b8dfc044a2d04545ff354d6455b6eb5b7fe1f7a9d4fba45 status: experimental description: Detects traffic or activity related to https://zrvkmhps.bestlog.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://zrvkmhps.bestlog.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ch3ck-spark.bestlog.in.net/verification.google id: auto-0942e01db3ee968ea815202b80750056439c9db9ffc955cf97d5028e8aa42dc1 status: experimental description: Detects traffic or activity related to https://ch3ck-spark.bestlog.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ch3ck-spark.bestlog.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://uth9.bestlog.in.net/verification.google id: auto-338c0d2bad8c8aec86c77f34fefe0be72d47498af3ccb78f1a69896653285851 status: experimental description: Detects traffic or activity related to https://uth9.bestlog.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://uth9.bestlog.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://gran-pra.bestlog.in.net/verification.google id: auto-c11731b8959615b1813a844c66c7fb9ccff75bc1438c4454e9e02d357f7e08ba status: experimental description: Detects traffic or activity related to https://gran-pra.bestlog.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://gran-pra.bestlog.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ri4w.backlog.in.net/verification.google id: auto-f7756493ec5c2466d505e7add1c735b5243b1b623278fdd249431f520e2290b4 status: experimental description: Detects traffic or activity related to https://ri4w.backlog.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ri4w.backlog.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://parsegri.backlog.in.net/verification.google id: auto-74ee4d4da056206e6d947272f7172649de453c862ed301d888a77156660664c0 status: experimental description: Detects traffic or activity related to https://parsegri.backlog.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://parsegri.backlog.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://hw94h.backlog.in.net/verification.google id: auto-f5158dc98c29d3414b348c473659ff5eec03212194bd35291c11d2240ab22514 status: experimental description: Detects traffic or activity related to https://hw94h.backlog.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://hw94h.backlog.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://9rfio.backlog.in.net/verification.google id: auto-6f59f77cbf12af0e08b4c841f7eda367f0058eecd95e34c48378e1e4ae0d42eb status: experimental description: Detects traffic or activity related to https://9rfio.backlog.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://9rfio.backlog.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://sixmexicos.com/ENCRYPT.Ps1 id: auto-c360d2db7901ecaa90e5949c2db5340107f511ff7195888dc5ccfaef70b97e87 status: experimental description: Detects traffic or activity related to https://sixmexicos.com/ENCRYPT.Ps1 which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://sixmexicos.com/ENCRYPT.Ps1*' condition: selection level: high tags: - attack.t1059.001 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://flowpassive.logcheck.in.net/verification.google id: auto-8ded1820fb736bf5f705d2b2069bce0bf0c3a29a30ef630943019b22b13694e2 status: experimental description: Detects traffic or activity related to https://flowpassive.logcheck.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://flowpassive.logcheck.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://iqkd.logcheck.in.net/verification.google id: auto-1fadd72d47a062560ad761957083f609136ef1bf17d266b2949d076ccc48f03e status: experimental description: Detects traffic or activity related to https://iqkd.logcheck.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://iqkd.logcheck.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://neo-tru3.logcheck.in.net/verification.google id: auto-0637d170ed45b6a9ff228cf39e645f286bf8e113c5e5daf872aa742bb8fd78a2 status: experimental description: Detects traffic or activity related to https://neo-tru3.logcheck.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://neo-tru3.logcheck.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://greenfields-world.cc/dev/jeFopmg.txt id: auto-7465d02671da036a057f692b6e94d217973c7ca7afb4d4d6ea11b693bf0e3333 status: experimental description: Detects traffic or activity related to https://greenfields-world.cc/dev/jeFopmg.txt which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://greenfields-world.cc/dev/jeFopmg.txt*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://rkxv.keysum.in.net/verification.google id: auto-48e72b204bef7420fd11dc68a41da7951bf1cc3f5331ee2e92ef3fe3d0f17850 status: experimental description: Detects traffic or activity related to https://rkxv.keysum.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://rkxv.keysum.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://modern8-signal.logcheck.in.net/verification.google id: auto-6a5db842ca156958527dc96607e42b2309e582a4b82184fabd08a38b052ea26f status: experimental description: Detects traffic or activity related to https://modern8-signal.logcheck.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://modern8-signal.logcheck.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://genefrost.keysum.in.net/verification.google id: auto-3b8b8522d4e29dc02c63f5908d1d5c81c4437517a24349af07803d9e63d7b3e1 status: experimental description: Detects traffic or activity related to https://genefrost.keysum.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://genefrost.keysum.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://tr4c-craft.keysum.in.net/verification.google id: auto-6ae7fd28e95f19b84e234dad679c7b87d58370c186877bf02eecfb00556243e9 status: experimental description: Detects traffic or activity related to https://tr4c-craft.keysum.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://tr4c-craft.keysum.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://8uasm.keysum.in.net/verification.google id: auto-acc353d1ef28832f143f9624e4f9ecd7fef02dcc2b895aff5fa31e6eb01f9cd0 status: experimental description: Detects traffic or activity related to https://8uasm.keysum.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://8uasm.keysum.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://5wif5-leaf.testload.in.net/verification.google id: auto-1b92cbd1d48018db6e795c76f19874f4fbbd85b21e2b52965dbba84eac7b410f status: experimental description: Detects traffic or activity related to https://5wif5-leaf.testload.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://5wif5-leaf.testload.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://crat-mas.testload.in.net/verification.google id: auto-8ad2f061441bd8c0df17555cb9f456781fe06409e57c2074b3c4cdab1d07215e status: experimental description: Detects traffic or activity related to https://crat-mas.testload.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://crat-mas.testload.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://jvrkh.testload.in.net/verification.google id: auto-cebee7c66e7683716f99a38119f4a017c5c1dcc940825879273b579cf024ab12 status: experimental description: Detects traffic or activity related to https://jvrkh.testload.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://jvrkh.testload.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://audiosolar.testload.in.net/verification.google id: auto-e9be35066011d802973cb28b2f8165510414be79de0d88cc66115f0118c4223c status: experimental description: Detects traffic or activity related to https://audiosolar.testload.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://audiosolar.testload.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://crestrai.backtest.in.net/verification.google id: auto-857d55a100c6f2e0374c89340713091cd658483b426c2a310277e172fbea48da status: experimental description: Detects traffic or activity related to https://crestrai.backtest.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://crestrai.backtest.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://inv0ic-line.backtest.in.net/verification.google id: auto-e8ef5747a07c7dbc1b77006111dd3b0af43cd544bbe551de8d17c1ad69737b63 status: experimental description: Detects traffic or activity related to https://inv0ic-line.backtest.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://inv0ic-line.backtest.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://lumvenos.backtest.in.net/verification.google id: auto-e1a025de6a9cc25abf2b99aee47fac32e6e1b3061edb3314b53b240083e8024c status: experimental description: Detects traffic or activity related to https://lumvenos.backtest.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://lumvenos.backtest.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://bridg3-scope.backtest.in.net/verification.google id: auto-f1d6d93085a716f2670d636b05e43432855f3633228db117929a20e388ac5f77 status: experimental description: Detects traffic or activity related to https://bridg3-scope.backtest.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://bridg3-scope.backtest.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://alt-un1oad.lockoak.in.net/verification.google id: auto-c3e634d63cc6899852ec43fcc3603fee5e5a5088ad956f5157a861644c3e3a50 status: experimental description: Detects traffic or activity related to https://alt-un1oad.lockoak.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://alt-un1oad.lockoak.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://nwul2j.lockoak.in.net/verification.google id: auto-1359f5b262804c32e573ab2a68770b2c7fb06f144e50431a27ce43ee847061d9 status: experimental description: Detects traffic or activity related to https://nwul2j.lockoak.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://nwul2j.lockoak.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://biiev.lockoak.in.net/verification.google id: auto-e110720c2052f57ead10a55f4172a9b8686d277dc5c41980ea8e4b3debbbec28 status: experimental description: Detects traffic or activity related to https://biiev.lockoak.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://biiev.lockoak.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://timb-point.lockoak.in.net/verification.google id: auto-ee222d5fc70848c01b8ab58a222d8e8f42e00515d750cfc7fb925a535e996da6 status: experimental description: Detects traffic or activity related to https://timb-point.lockoak.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://timb-point.lockoak.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://fast-web.luminos.in.net/verification.google id: auto-da83c96fde1c6bef9e8b0c78554bb6dea5e68984e7c4d316208b9442173a90e6 status: experimental description: Detects traffic or activity related to https://fast-web.luminos.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://fast-web.luminos.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://gold-day.luminos.in.net/verification.google id: auto-1f0956adb65b962a4caba73302e4a2f0e67d0511e8220508b5c3e394c648d57a status: experimental description: Detects traffic or activity related to https://gold-day.luminos.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://gold-day.luminos.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://space-hub.luminos.in.net/verification.google id: auto-905a0ad64ebdc93f5b22e122f7f142ca5ec4d7b339cdae09d5652778ee6e791b status: experimental description: Detects traffic or activity related to https://space-hub.luminos.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://space-hub.luminos.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://night-0.luminos.in.net/verification.google id: auto-614a9cb68db7f789cc0b36c9b0d099d3edc4c38aa01760b532507e7de90d2feb status: experimental description: Detects traffic or activity related to https://night-0.luminos.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://night-0.luminos.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://all-stars.velante.in.net/verification.google id: auto-b2dfe91d70f8ee08f1a7ca0ec710151ff8b86248512622000b3f5336b5b683f8 status: experimental description: Detects traffic or activity related to https://all-stars.velante.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://all-stars.velante.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://point-v.velante.in.net/verification.google id: auto-102c708e24031b8208a31974096ba8ea48d324c116110064b38acdcfafbfef7f status: experimental description: Detects traffic or activity related to https://point-v.velante.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://point-v.velante.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://up-down.velante.in.net/verification.google id: auto-10a2f841a34b12cef4b6887cb802455489f002f3df1b193bad2b7bd4e0be937e status: experimental description: Detects traffic or activity related to https://up-down.velante.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://up-down.velante.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://soft-touch.velante.in.net/verification.google id: auto-614a5d8205dd8502dbc6c9678d0efc89b649a9a5ab37b8e7e36ad9617435d3ab status: experimental description: Detects traffic or activity related to https://soft-touch.velante.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://soft-touch.velante.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://free-99.silvura.in.net/verification.google id: auto-20a8fd6946de8a64e64a6042dcc17df834164161417dfef5c0e4e518712512bf status: experimental description: Detects traffic or activity related to https://free-99.silvura.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://free-99.silvura.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://land-site.silvura.in.net/verification.google id: auto-499bc3ddb8c5a041cdb1185f4a6dc86e32c4a423b9b137a60a51c18d10e672d2 status: experimental description: Detects traffic or activity related to https://land-site.silvura.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://land-site.silvura.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://quick-go.silvura.in.net/verification.google id: auto-fd084d07cc962a6041c578fa163b4b401d5610c7381c0ba6d718758273d29d6a status: experimental description: Detects traffic or activity related to https://quick-go.silvura.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://quick-go.silvura.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://small-hub.silvura.in.net/verification.google id: auto-366ee2c019c4521039051ae5d6110f528b6c44bd3ce672df39055b7568d15f35 status: experimental description: Detects traffic or activity related to https://small-hub.silvura.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://small-hub.silvura.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://deep-sea.estoria.in.net/verification.google id: auto-0f7df88939553a33ed5a3eeef8cb4197196c2767b12a43dffaf04ec41cf2a2e9 status: experimental description: Detects traffic or activity related to https://deep-sea.estoria.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://deep-sea.estoria.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://sunny9.estoria.in.net/verification.google id: auto-85d4fd2e436d7df4c92d1e60e6d35fa3f1580f4facd46cba7aa63d2c823369a5 status: experimental description: Detects traffic or activity related to https://sunny9.estoria.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://sunny9.estoria.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://new-place.estoria.in.net/verification.google id: auto-237ca97d3132ec1d2e11e400e12886dbb2afbd7456873d4e8633ec98356f396c status: experimental description: Detects traffic or activity related to https://new-place.estoria.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://new-place.estoria.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://wild-cat.estoria.in.net/verification.google id: auto-b1bdf2c6562aa7cae3c12cba0b8ac2470e36a02c10c0b26e11f8ce694be405c5 status: experimental description: Detects traffic or activity related to https://wild-cat.estoria.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://wild-cat.estoria.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://start01.alverto.in.net/verification.google id: auto-8bd25403247dafe91afab8ee410e40481e79f2605c308035135e253227b85c79 status: experimental description: Detects traffic or activity related to https://start01.alverto.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://start01.alverto.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://top-map.alverto.in.net/verification.google id: auto-1528963b90632386ec2fe5b227e91109de22a104aa209eda5338beb2a51fc18e status: experimental description: Detects traffic or activity related to https://top-map.alverto.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://top-map.alverto.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://easy-fix.alverto.in.net/verification.google id: auto-d31ad505766c3d0e5dc878a904f917c7f22383d7d5437fb44d65b20e4b69d884 status: experimental description: Detects traffic or activity related to https://easy-fix.alverto.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://easy-fix.alverto.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://long-way.alverto.in.net/verification.google id: auto-e89985bd2edfd777b4525bbce9b07facf121b5a7b58e9521acce9335560c860a status: experimental description: Detects traffic or activity related to https://long-way.alverto.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://long-way.alverto.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://super-day.novalis.in.net/verification.google id: auto-11df028d22496ccf0d4fd24c815e744d33fb286cb992bae173a11fdb2cb04df2 status: experimental description: Detects traffic or activity related to https://super-day.novalis.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://super-day.novalis.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://best7.novalis.in.net/verification.google id: auto-58cfa59a5196853165155a38292e38c93c2bcb96554cd22a042c788c221eba5a status: experimental description: Detects traffic or activity related to https://best7.novalis.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://best7.novalis.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://only-one.novalis.in.net/verification.google id: auto-6dbf2aa7d60c9ca7068f78cff8b816a439fb3b3c775d79c3abbe220061c49ebd status: experimental description: Detects traffic or activity related to https://only-one.novalis.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://only-one.novalis.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://bright-up.novalis.in.net/verification.google id: auto-900b3f43ca848649eec289bfea3a3ce4251225ac14e807fe3685b0a747f51886 status: experimental description: Detects traffic or activity related to https://bright-up.novalis.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://bright-up.novalis.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://hot-line.mirante.in.net/verification.google id: auto-3f72fc860a35e72da0973c894320a2ba49facbe36009da09f8c14180b5540798 status: experimental description: Detects traffic or activity related to https://hot-line.mirante.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://hot-line.mirante.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://clear-sky.mirante.in.net/verification.google id: auto-ca49473a3ec5c08818a2a15f57848b547f2af6798d34ab99ab8408da54f8ebd9 status: experimental description: Detects traffic or activity related to https://clear-sky.mirante.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://clear-sky.mirante.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://simpleweb.mirante.in.net/verification.google id: auto-5baf7625c5695a5f8205a55d055a15dd3aeea3817065305c991cc9677f8d334e status: experimental description: Detects traffic or activity related to https://simpleweb.mirante.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://simpleweb.mirante.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dream-12.mirante.in.net/verification.google id: auto-e6452cccce38b49a4d7fdaa3ae111fbde10ae773e9355f05fa63a25b39e2725d status: experimental description: Detects traffic or activity related to https://dream-12.mirante.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dream-12.mirante.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://nextstep.solenta.in.net/verification.google id: auto-88763715fa48bba347e1c946d33b09b70b65d45304a028b50be83977ec75b3cf status: experimental description: Detects traffic or activity related to https://nextstep.solenta.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://nextstep.solenta.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://old-3.solenta.in.net/verification.google id: auto-e36703721692a279e3ebb1caf81719f3b09f4a2fb40f9e1f6f74d0b5955b3238 status: experimental description: Detects traffic or activity related to https://old-3.solenta.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://old-3.solenta.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://big-city.solenta.in.net/verification.google id: auto-abe4887f98b1fb7e90fb0d0f4342b84789df52800e7c66ad883c4463595570c4 status: experimental description: Detects traffic or activity related to https://big-city.solenta.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://big-city.solenta.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://coolstory.solenta.in.net/verification.google id: auto-4ed4ea28ccf2674d44dc1efb7a8df5f0e98b736c7ed5b95ecadade14a691a507 status: experimental description: Detects traffic or activity related to https://coolstory.solenta.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://coolstory.solenta.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://just-do.valora.in.net/verification.google id: auto-0e018be6f24468c3cd97093c175ee1d67bd51cc7a91cf89bfa47279a9601508f status: experimental description: Detects traffic or activity related to https://just-do.valora.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://just-do.valora.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://green-land.valora.in.net/verification.google id: auto-8653e4e95d1d28a6ca473adf344f03d5834bc2937e077a3e82a1b8a9071e3bd4 status: experimental description: Detects traffic or activity related to https://green-land.valora.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://green-land.valora.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://top88.valora.in.net/verification.google id: auto-2a9b2d14f4b0be83b532395cd447efe4fd2c201e0c2b84787d4c309777e99356 status: experimental description: Detects traffic or activity related to https://top88.valora.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://top88.valora.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://lucky-point.valora.in.net/verification.google id: auto-cc070f254caa277999527902538c25371531de177b354009b46b0cb637c5bde9 status: experimental description: Detects traffic or activity related to https://lucky-point.valora.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://lucky-point.valora.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://myfolder.eluvia.in.net/verification.google id: auto-5cf037264930d34d71f5502cb00b93316c26221865c0970293fd8f3f2075a9b0 status: experimental description: Detects traffic or activity related to https://myfolder.eluvia.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://myfolder.eluvia.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://fast-9.eluvia.in.net/verification.google id: auto-9b20a20fc9c16078ac9155bf6eea01b206ee7ecb077dfe18046c22b4a34fc50f status: experimental description: Detects traffic or activity related to https://fast-9.eluvia.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://fast-9.eluvia.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://openview.eluvia.in.net/verification.google id: auto-a403bbbef32cae650beb2af97e723d812f49b8db4875cbfcf4c8620eb823f3d9 status: experimental description: Detects traffic or activity related to https://openview.eluvia.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://openview.eluvia.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://blue-sky4.eluvia.in.net/verification.google id: auto-37a4bfcf85ae70ea5d36fff046fe1a09ac0fd6d29755bb4c8c460223494f86c9 status: experimental description: Detects traffic or activity related to https://blue-sky4.eluvia.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://blue-sky4.eluvia.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://vw-8.weldoxis.in.net/verification.google id: auto-131c849acfb2d572ed5b9f93dfefceeeb599cdc5a95f7e40cc26f4170e8bfa92 status: experimental description: Detects traffic or activity related to https://vw-8.weldoxis.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://vw-8.weldoxis.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://st-4.weldoxis.in.net/verification.google id: auto-5725170664072247e1ccd4eff0cf986b25ee15be88db9520d3b69f10fdf238d1 status: experimental description: Detects traffic or activity related to https://st-4.weldoxis.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://st-4.weldoxis.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://qr-2.weldoxis.in.net/verification.google id: auto-fbff02863da3930af87cb91959b4f25f4b7fc1178a55456dae0b192c0b11756a status: experimental description: Detects traffic or activity related to https://qr-2.weldoxis.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://qr-2.weldoxis.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://mx-9.weldoxis.in.net/verification.google id: auto-4b6b9795ee724ebea8649e4c4547e4af33739d252648458f40735b9b51e3e9f2 status: experimental description: Detects traffic or activity related to https://mx-9.weldoxis.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://mx-9.weldoxis.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://l0t05.exoruby.in.net/verification.google id: auto-3af9b29557787992340acef8eca2ea3b64208a24750f039fe071955c45e03bef status: experimental description: Detects traffic or activity related to https://l0t05.exoruby.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://l0t05.exoruby.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://k7r11.exoruby.in.net/verification.google id: auto-0a05c681bc76fee90becfeed8f4f9dc3de2a022cc58744d1811adea97ef5829a status: experimental description: Detects traffic or activity related to https://k7r11.exoruby.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://k7r11.exoruby.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://j1m44.exoruby.in.net/verification.google id: auto-c04b4f60ee7e9e9e6bbebcb3da63125424c499e309287d8d3307e5ba5c018340 status: experimental description: Detects traffic or activity related to https://j1m44.exoruby.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://j1m44.exoruby.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://h9v22.exoruby.in.net/verification.google id: auto-8142e23b1da0a2cc6ff807259d233a58470f1151addbbf1d18c9a641c26bed6a status: experimental description: Detects traffic or activity related to https://h9v22.exoruby.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://h9v22.exoruby.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://88-m02.bryzand.in.net/verification.google id: auto-181da92c32439c2d20948d372f6eb270ba536980ab212d1cf0ab75ab96ba1d0b status: experimental description: Detects traffic or activity related to https://88-m02.bryzand.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://88-m02.bryzand.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://55-j30.bryzand.in.net/verification.google id: auto-b2f7f16599d77e6c6f5a21e84bc0252d3e06700b94e8647980ff7e552a6d0f59 status: experimental description: Detects traffic or activity related to https://55-j30.bryzand.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://55-j30.bryzand.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://11-k44.bryzand.in.net/verification.google id: auto-417586a09ffbae668dece550a4340b865620febc62f07c53dca6fd7c6fd49fe1 status: experimental description: Detects traffic or activity related to https://11-k44.bryzand.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://11-k44.bryzand.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://99-f21.bryzand.in.net/verification.google id: auto-0a17e7fdfe94708fa7a3fc3390498e2ebb0018426409072f00f4f719b5238f2f status: experimental description: Detects traffic or activity related to https://99-f21.bryzand.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://99-f21.bryzand.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dv-77k.moxitron.in.net/verification.google id: auto-87c18153e78e2cfa549df7376677b96d6dc00ff5845ae9a2c2fa90dd92466948 status: experimental description: Detects traffic or activity related to https://dv-77k.moxitron.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dv-77k.moxitron.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ct-11q.moxitron.in.net/verification.google id: auto-cf479706f4ee88a8b598a7f903d5e22c0a16944bf6fd5662c75b381c359347dc status: experimental description: Detects traffic or activity related to https://ct-11q.moxitron.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ct-11q.moxitron.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://br-44z.moxitron.in.net/verification.google id: auto-7de9970d31f4836b94b085c1afe3ad9e4a51cbd131c7face9067376db2405d57 status: experimental description: Detects traffic or activity related to https://br-44z.moxitron.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://br-44z.moxitron.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ap-90x.moxitron.in.net/verification.google id: auto-858d0168dd1e482750bb8dcd1fa7610583ba92a286f32414e301355bb73f8abe status: experimental description: Detects traffic or activity related to https://ap-90x.moxitron.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ap-90x.moxitron.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://0-rw1-t.jelvax.in.net/verification.google id: auto-fb73d7f5a516457143b1d373e9089298c8461a56e2768c210468762272cf6738 status: experimental description: Detects traffic or activity related to https://0-rw1-t.jelvax.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://0-rw1-t.jelvax.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://5-sw8-q.jelvax.in.net/verification.google id: auto-c9fb90dc810556306efab40c8201740efe0182e8dc798c3f28e4d8de3b4c9fc1 status: experimental description: Detects traffic or activity related to https://5-sw8-q.jelvax.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://5-sw8-q.jelvax.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://2-nw4-z.jelvax.in.net/verification.google id: auto-6087ecb8c16ec4c67a9f2b5ef5297e519e9640b0b8e89a860a94c20c801f810d status: experimental description: Detects traffic or activity related to https://2-nw4-z.jelvax.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://2-nw4-z.jelvax.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://7-tw9-x.jelvax.in.net/verification.google id: auto-d244ddd3cd21230a8ce7a5677f2b7f32788d8e7f9dee739364bc2ba0150a893c status: experimental description: Detects traffic or activity related to https://7-tw9-x.jelvax.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://7-tw9-x.jelvax.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://v1107.fythoria.in.net/verification.google id: auto-be8e1624c5c7ffa702bbcb4c6412aa507afca9523259a76ba9a6edb3605d248c status: experimental description: Detects traffic or activity related to https://v1107.fythoria.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://v1107.fythoria.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://c5543.fythoria.in.net/verification.google id: auto-f51e4057bef75b0525b15ac03fbcb818703162d0a2d474252d864c632b6df628 status: experimental description: Detects traffic or activity related to https://c5543.fythoria.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://c5543.fythoria.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://x2281.fythoria.in.net/verification.google id: auto-a1387a315e5a8565422888b48aa876449945d361fb1499ee56485f47060b361d status: experimental description: Detects traffic or activity related to https://x2281.fythoria.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://x2281.fythoria.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://q9910.fythoria.in.net/verification.google id: auto-48f0d097b3cd6a847d7f3b0a081d5586619af548f829eab93d01a83a3dd5c6bf status: experimental description: Detects traffic or activity related to https://q9910.fythoria.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://q9910.fythoria.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://k77.vokriz.in.net/verification.google id: auto-330171f3601fa55a1199dc802bcc70de9278ec7d33c730bbd1e408a6c4b217af status: experimental description: Detects traffic or activity related to https://k77.vokriz.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://k77.vokriz.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://v-qr14.vokriz.in.net/verification.google id: auto-0b0e23430175a77936d6b23644aa31918f8bfa1d9efc24b11dc4d91f60c186d9 status: experimental description: Detects traffic or activity related to https://v-qr14.vokriz.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://v-qr14.vokriz.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://z1-mk88.vokriz.in.net/verification.google id: auto-f8429745d1c96c89e4126a50aa22843c0016da2ede0fc129e171a41b87f3fbcd status: experimental description: Detects traffic or activity related to https://z1-mk88.vokriz.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://z1-mk88.vokriz.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://x9-pt22.vokriz.in.net/verification.google id: auto-a6deffac71c4186a66477ee7017c19181764cca71853dc8d7b380d5a9b732b18 status: experimental description: Detects traffic or activity related to https://x9-pt22.vokriz.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://x9-pt22.vokriz.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://v1120.brythos.in.net/verification.google id: auto-947741074a8ab22c5f2f5c8da5fbc08945fe0c84b79d4add2bb67ec0b44d3309 status: experimental description: Detects traffic or activity related to https://v1120.brythos.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://v1120.brythos.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://z0091.brythos.in.net/verification.google id: auto-fa3920cac715834087e2cc56e5356e414688b85482168b50ca4e322f740e1004 status: experimental description: Detects traffic or activity related to https://z0091.brythos.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://z0091.brythos.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://x1y2.jovianth.in.net/verification.google id: auto-db1b7daf21381a8d8325160786ac5a1f4dddceb467689bdf4723a04dc5c5b8ec status: experimental description: Detects traffic or activity related to https://x1y2.jovianth.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://x1y2.jovianth.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://wr776.vylocore.in.net/verification.google id: auto-725e7a8b612a5e5a482470eba4d8a4f05965e92ebe5b39244af200699cc9917f status: experimental description: Detects traffic or activity related to https://wr776.vylocore.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://wr776.vylocore.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://pt554.vylocore.in.net/verification.google id: auto-0a4c4b9e1ef01e7c01da98e3b9129f9dfb0f1baf7c9058c5c90b79fd730906c8 status: experimental description: Detects traffic or activity related to https://pt554.vylocore.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://pt554.vylocore.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://mj118.vylocore.in.net/verification.google id: auto-711595ecc6707b31cf6db8fe329fe4dac78c04b966d07970613346ba07ebd41a status: experimental description: Detects traffic or activity related to https://mj118.vylocore.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://mj118.vylocore.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://kx992.vylocore.in.net/verification.google id: auto-2471da21d722353b5f8cf5ec68d94746398760abe1baabac51b64ada89e6fa21 status: experimental description: Detects traffic or activity related to https://kx992.vylocore.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://kx992.vylocore.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://88dd44.quobix.in.net/verification.google id: auto-653d6ca6498afc5bb639a197f175a75a74e443c09c412bd3bae29fe3a03a700b status: experimental description: Detects traffic or activity related to https://88dd44.quobix.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://88dd44.quobix.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://99bb22.quobix.in.net/verification.google id: auto-00e851358b0414adb6158e0438c8a05b076a7301e78a5b9465812c5f65f2bf94 status: experimental description: Detects traffic or activity related to https://99bb22.quobix.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://99bb22.quobix.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://55aa11.quobix.in.net/verification.google id: auto-eb6cb104e1b58b397edbc5b5771817518b36ea328e37e7e91120b936d3a72ada status: experimental description: Detects traffic or activity related to https://55aa11.quobix.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://55aa11.quobix.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://y11m.zylotech.in.net/verification.google id: auto-5223d51295b4c8978181b768041c57320d2ef656cc1d2abf47cb72e3d34f6b45 status: experimental description: Detects traffic or activity related to https://y11m.zylotech.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://y11m.zylotech.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://t88j.zylotech.in.net/verification.google id: auto-b62407a23ced4aa0339a04bf181905c75c9377a30923c6f00b88124ac18d9d9b status: experimental description: Detects traffic or activity related to https://t88j.zylotech.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://t88j.zylotech.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://r55k.zylotech.in.net/verification.google id: auto-79312722c5cd29fad30b2656d75e5bcb47e9ddebb9933f9d33bcaafbd89ce01b status: experimental description: Detects traffic or activity related to https://r55k.zylotech.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://r55k.zylotech.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://w22p.zylotech.in.net/verification.google id: auto-9c18160bb36c596a99c664344d0679ea0a178069c8e68830ff0c704bbaf9f752 status: experimental description: Detects traffic or activity related to https://w22p.zylotech.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://w22p.zylotech.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://fny913.zenithax.in.net/verification.google id: auto-5701594c99cb938f4dffaa4615abd4511def3a72be953f6d73fcb4a3c5dafdd9 status: experimental description: Detects traffic or activity related to https://fny913.zenithax.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://fny913.zenithax.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dxt405.zenithax.in.net/verification.google id: auto-486b7a8455989444d3ac33dbb4fbb5f723a8384745cd25f773068125045b6183 status: experimental description: Detects traffic or activity related to https://dxt405.zenithax.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dxt405.zenithax.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://qlm299.zenithax.in.net/verification.google id: auto-35cf2f014edc4afdb08e78621a48bfad4eced553b6098022296de001d9abcbf6 status: experimental description: Detects traffic or activity related to https://qlm299.zenithax.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://qlm299.zenithax.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://z-66-d4.velotronic.in.net/verification.google id: auto-ccffc2a1f79c3070c3881e7471a5718bd9fb9c61454f8617b30a8fac0c822401 status: experimental description: Detects traffic or activity related to https://z-66-d4.velotronic.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://z-66-d4.velotronic.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://x-12-c7.velotronic.in.net/verification.google id: auto-2063ce1484de4c05eb93850f6e835a1745f608a59338a463eb221a1946c9d596 status: experimental description: Detects traffic or activity related to https://x-12-c7.velotronic.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://x-12-c7.velotronic.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://n-44-b9.velotronic.in.net/verification.google id: auto-dd13578f4c2dbe5da49da537b8c4ef95cd587199cefe75583324044355a4e573 status: experimental description: Detects traffic or activity related to https://n-44-b9.velotronic.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://n-44-b9.velotronic.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://v-89-a2.velotronic.in.net/verification.google id: auto-a1821c0a72882fac0a29e96a46096a2279bc725b8b845ec325acff3ef138f2f8 status: experimental description: Detects traffic or activity related to https://v-89-a2.velotronic.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://v-89-a2.velotronic.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://mn776-t.dervishcore.in.net/verification.google id: auto-bb7c49b095831577a7a0c58f3bca667f30f1db00210951f9deebb8e2c56570a1 status: experimental description: Detects traffic or activity related to https://mn776-t.dervishcore.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://mn776-t.dervishcore.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://lp440-q.dervishcore.in.net/verification.google id: auto-c3bea33293a9029a969e6399bf6385602aa78fb1b9fb8ac3f3a0d6bbe54bb6e2 status: experimental description: Detects traffic or activity related to https://lp440-q.dervishcore.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://lp440-q.dervishcore.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ka221-z.dervishcore.in.net/verification.google id: auto-f12651fcf6b07cc8123b4184763e746bd334dabcf8c85a28d53686d0e9d6163f status: experimental description: Detects traffic or activity related to https://ka221-z.dervishcore.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ka221-z.dervishcore.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://jd899-x.dervishcore.in.net/verification.google id: auto-f9ee288bb9c4bbfe63a578b38b575f4763766e78c1fbce6ec3283e74ff42ad13 status: experimental description: Detects traffic or activity related to https://jd899-x.dervishcore.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://jd899-x.dervishcore.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://p9d-x77j.xylophis.in.net/verification.google id: auto-d926c9c0e87604cae53faf14c7a8f3bc605d463b0905510f6424fe9ad0219359 status: experimental description: Detects traffic or activity related to https://p9d-x77j.xylophis.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://p9d-x77j.xylophis.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://k3l-55v6.xylophis.in.net/verification.google id: auto-d70d5638a7f90ae711655295e402fb87676420d8afd4dc995a288bd4f143fa7f status: experimental description: Detects traffic or activity related to https://k3l-55v6.xylophis.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://k3l-55v6.xylophis.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://z8t-m11q.xylophis.in.net/verification.google id: auto-3d1e8a2036bb3094b0c220d60952a3e0a9264dff5a1797596d0596812447f118 status: experimental description: Detects traffic or activity related to https://z8t-m11q.xylophis.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://z8t-m11q.xylophis.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://a4x-99f2.xylophis.in.net/verification.google id: auto-45a6f8969a854cf7ebf89fb7c2acfa4e24b098a84237b6a71822439b4466d428 status: experimental description: Detects traffic or activity related to https://a4x-99f2.xylophis.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://a4x-99f2.xylophis.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://learsup.webback.in.net/verification.google id: auto-deb83105e82b9e9299584919f9e10b162d0a99bff70b92a437504cdb6af9f84b status: experimental description: Detects traffic or activity related to https://learsup.webback.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://learsup.webback.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://importuni.webback.in.net/verification.google id: auto-e2e2d08bfe612f74ed6406727748a156209029bd38dda4d390cfda92f172b70e status: experimental description: Detects traffic or activity related to https://importuni.webback.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://importuni.webback.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://comp7-stack.webback.in.net/verification.google id: auto-7674975afc5437f8cd6153a7eb6de18a6521cb3803f522b7523e68021336299c status: experimental description: Detects traffic or activity related to https://comp7-stack.webback.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://comp7-stack.webback.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://hodz.webback.in.net/verification.google id: auto-127bf4f7a868fcc13bc6a204c479861da11d99199590bc9668a31f9241135d39 status: experimental description: Detects traffic or activity related to https://hodz.webback.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://hodz.webback.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://canv-shi.oakstart.in.net/verification.google id: auto-1176acb82dfee446eff1d3a9a04dfa1fcb8aad960fb0e7a3a6a3c2a5a8ff2e79 status: experimental description: Detects traffic or activity related to https://canv-shi.oakstart.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://canv-shi.oakstart.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://nd77.oakstart.in.net/verification.google id: auto-fa9a9043f13440c29b463706908382939d84fe2065c1df2ce2e6b0760354c061 status: experimental description: Detects traffic or activity related to https://nd77.oakstart.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://nd77.oakstart.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://runtim-grid.oakstart.in.net/verification.google id: auto-5ed5c512006112731d6a75ca08cab9979cfa351ff3081b158b6af82b7e094bf4 status: experimental description: Detects traffic or activity related to https://runtim-grid.oakstart.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://runtim-grid.oakstart.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://fdgq.oakstart.in.net/verification.google id: auto-91c5a822ca21ef7ec27c4efeeb053fcde4d40fef8ae776b16209a722f5f19e6f status: experimental description: Detects traffic or activity related to https://fdgq.oakstart.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://fdgq.oakstart.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://sub-ve1v.starload.in.net/verification.google id: auto-5f6ae2d2018066baf0d983c9091502bbd98402dd00aab86f4f717f66e8f0df00 status: experimental description: Detects traffic or activity related to https://sub-ve1v.starload.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://sub-ve1v.starload.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://rs95h.starload.in.net/verification.google id: auto-4ea24235af03fc9e3758ca6b51df373ec9e4b851f519772c28625e1c4c420c1d status: experimental description: Detects traffic or activity related to https://rs95h.starload.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://rs95h.starload.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://outl-grove.starload.in.net/verification.google id: auto-34269f4542ce7cf9b43e0ff53618bd6925388347757c7a2df54e3604e063e9e4 status: experimental description: Detects traffic or activity related to https://outl-grove.starload.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://outl-grove.starload.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://metric2-route.starload.in.net/verification.google id: auto-1a0ba663a4d483d1bf32b35fa7ce21de1b2a8d5e40d333ca0f915ccee9bee49b status: experimental description: Detects traffic or activity related to https://metric2-route.starload.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://metric2-route.starload.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://r3cor-wave.appcheck.in.net/verification.google id: auto-6d43318b0ef2234826c86e3fe0bb113d02742ea36d2ab8e9c07ca01fe29c5e81 status: experimental description: Detects traffic or activity related to https://r3cor-wave.appcheck.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://r3cor-wave.appcheck.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://layotra.appcheck.in.net/verification.google id: auto-71aeec5f8a6d4882ee856fc34d476bdf64da8b47e661e7d6c5b633ba417650c1 status: experimental description: Detects traffic or activity related to https://layotra.appcheck.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://layotra.appcheck.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://zen-draum.appcheck.in.net/verification.google id: auto-8274a73d58a8b7f231edcea410efb81904940173622d4061df7434659fb51f88 status: experimental description: Detects traffic or activity related to https://zen-draum.appcheck.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://zen-draum.appcheck.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://quormarkix.appcheck.in.net/verification.google id: auto-1591fce38637485db6e703e83c50636cd2dc343e937842340277ce184b1b89ed status: experimental description: Detects traffic or activity related to https://quormarkix.appcheck.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://quormarkix.appcheck.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://chefacto.appdeck.in.net/verification.google id: auto-85dfe53e3b02c76d139ebdfb83f5602822e1a420f3773fcbcc68902e19955642 status: experimental description: Detects traffic or activity related to https://chefacto.appdeck.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://chefacto.appdeck.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://merlineos4.appdeck.in.net/verification.google id: auto-5361d8f3cee6ab206931979f1a29de1278fc9b9294ecb25765619692cc8e37de status: experimental description: Detects traffic or activity related to https://merlineos4.appdeck.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://merlineos4.appdeck.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://thr3a-reach.appdeck.in.net/verification.google id: auto-739e6b7374fba1a20068c58ecdb218652e8db28d8044aba9ff4c8a526c6c472c status: experimental description: Detects traffic or activity related to https://thr3a-reach.appdeck.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://thr3a-reach.appdeck.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://signalcraft.appdeck.in.net/verification.google id: auto-6bbf0edf51e966f8d963f014b9cccf92bab2fa4606ddf5a65ee470ca9da3bec7 status: experimental description: Detects traffic or activity related to https://signalcraft.appdeck.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://signalcraft.appdeck.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://handlerasset.winlog.in.net/verification.google id: auto-0d5241dfd08ad883a65073757e398ba0e31a8cbab3233cebe5dc7a79d482ca7e status: experimental description: Detects traffic or activity related to https://handlerasset.winlog.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://handlerasset.winlog.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://arkcoreex.winlog.in.net/verification.google id: auto-8402d185416a12e0c0d0c47ceb9e17a3a9822ec160baaef6443e5b0ca0b3019c status: experimental description: Detects traffic or activity related to https://arkcoreex.winlog.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://arkcoreex.winlog.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://nobclo.winlog.in.net/verification.google id: auto-8730052e68ca81ae8458fa0916f8393abfe9bbc496f23aaee35f2e5c0be15096 status: experimental description: Detects traffic or activity related to https://nobclo.winlog.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://nobclo.winlog.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dispatchercasc.winlog.in.net/verification.google id: auto-8703600ffaff5ec3bb7305001af94218d85d3718514edc40d88662f1352fb517 status: experimental description: Detects traffic or activity related to https://dispatchercasc.winlog.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dispatchercasc.winlog.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://icetermi.decktop.in.net/verification.google id: auto-b3cedf103e7166662f15b7ad02604d93c0ab159a30af33a511ea9fbfd2e6d015 status: experimental description: Detects traffic or activity related to https://icetermi.decktop.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://icetermi.decktop.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://1ink9-bridge.decktop.in.net/verification.google id: auto-adda50362e90babaf81e59a01d14178775ff6a8c03bcedd103e7d8c11e0e2ce6 status: experimental description: Detects traffic or activity related to https://1ink9-bridge.decktop.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://1ink9-bridge.decktop.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://invoicepixe.decktop.in.net/verification.google id: auto-c69c67ebfb48bd0c2e2aff2ad95ec2c3444ad39ebd634c27e9bdc1692de14154 status: experimental description: Detects traffic or activity related to https://invoicepixe.decktop.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://invoicepixe.decktop.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://splitboos.decktop.in.net/verification.google id: auto-e12c7f069171bdef09583ff3735f5fb67a13a9950649330746b5231c390dc2fb status: experimental description: Detects traffic or activity related to https://splitboos.decktop.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://splitboos.decktop.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://velnex4ex.soldop.in.net/verification.google id: auto-ec191f4dbe6cb6cedf1a164c2c197722ccb8422038d5c743fe24d711e5d9dbcd status: experimental description: Detects traffic or activity related to https://velnex4ex.soldop.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://velnex4ex.soldop.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://en3vikif.soldop.in.net/verification.google id: auto-b1f1e6300ccb7a7a31fb25200c8dcb8ea9f5eae1566dd78ae11f5a9ba482ebc8 status: experimental description: Detects traffic or activity related to https://en3vikif.soldop.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://en3vikif.soldop.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://tqiauc.soldop.in.net/verification.google id: auto-6ffb95d04a22bead785f4daf3dc9a303fd17ea4abee02eeb1c86c19f386f3ac2 status: experimental description: Detects traffic or activity related to https://tqiauc.soldop.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://tqiauc.soldop.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://h4rd-cache.soldop.in.net/verification.google id: auto-3c00a8ad998ac85eb2bede80f992309c2f64a695cb764b31ebecc89de9a40f4d status: experimental description: Detects traffic or activity related to https://h4rd-cache.soldop.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://h4rd-cache.soldop.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dispatc-tra.windev.in.net/verification.google id: auto-fa4d4104da1dea65c0c582f1ede7d71e3998b80e70f74d313b53c21b29e89fb3 status: experimental description: Detects traffic or activity related to https://dispatc-tra.windev.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dispatc-tra.windev.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://vor-crestet.windev.in.net/verification.google id: auto-60c374d58659f6692956562bee0c728b1be16fa12fbfe2434c5d4bdf69839a3b status: experimental description: Detects traffic or activity related to https://vor-crestet.windev.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://vor-crestet.windev.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://v4ul6-scope.windev.in.net/verification.google id: auto-4b718f095308916fa04bbab43193853af1eee2518ff487c94a15f7e488627f83 status: experimental description: Detects traffic or activity related to https://v4ul6-scope.windev.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://v4ul6-scope.windev.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://open1-branch.windev.in.net/verification.google id: auto-f37c897cf79881dfe936742a9b28cfc8e634512e96db4b506714ba49e70ef5c8 status: experimental description: Detects traffic or activity related to https://open1-branch.windev.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://open1-branch.windev.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://basa-cod.skyroad.in.net/verification.google id: auto-66a69d3d4a69dc851bb49d483de4e7136610fae430c7b7756dcede4360192cf3 status: experimental description: Detects traffic or activity related to https://basa-cod.skyroad.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://basa-cod.skyroad.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://mastoken.skyroad.in.net/verification.google id: auto-fbb9145eb4e5c2a0e2867ba9a14ab6693dd61755031615c5d2a65f58ac162f92 status: experimental description: Detects traffic or activity related to https://mastoken.skyroad.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://mastoken.skyroad.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://st0n-index.skyroad.in.net/verification.google id: auto-be146ff41032e634beb94b6f4ae0f19ae43178492931f99d468e1ca19d59ce31 status: experimental description: Detects traffic or activity related to https://st0n-index.skyroad.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://st0n-index.skyroad.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://72jk.skyroad.in.net/verification.google id: auto-7476fad0173474bcb159056b6cd153bc5c52991a0579f96bf82c594d024e65a1 status: experimental description: Detects traffic or activity related to https://72jk.skyroad.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://72jk.skyroad.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://gath3r1-phase.skybit.in.net/verification.google id: auto-d7567304a57c02cc4a58ae57a3e72f78845d8a768d7cda2133cb98be677a0d46 status: experimental description: Detects traffic or activity related to https://gath3r1-phase.skybit.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://gath3r1-phase.skybit.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://glyphcrest.skybit.in.net/verification.google id: auto-ecb6b79a30344d30873611b9bb20181da842d015bf7719cc8383f1e2f77f4788 status: experimental description: Detects traffic or activity related to https://glyphcrest.skybit.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://glyphcrest.skybit.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://t3rm-trace.skybit.in.net/verification.google id: auto-4a7004630a0dab62ee3d7c38b1af7de2d8f6182cc0eaef5ad508506631df84da status: experimental description: Detects traffic or activity related to https://t3rm-trace.skybit.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://t3rm-trace.skybit.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://xhepy.skybit.in.net/verification.google id: auto-90122a65e212b417bd913540c01dc6fde2d1278127035483ba0099692e8e4b2e status: experimental description: Detects traffic or activity related to https://xhepy.skybit.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://xhepy.skybit.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://5xt2jam.moondev.in.net/verification.google id: auto-17039cab8df6fd9921a4a593dec80ad4c00b6c192f2ab7a0d7d57cc985e5f5ad status: experimental description: Detects traffic or activity related to https://5xt2jam.moondev.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://5xt2jam.moondev.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://sdkwinter.moondev.in.net/verification.google id: auto-c5781e65540fe9e97de9be382a2651e29c63fdaffeee36cdd5b07c76c44ffd17 status: experimental description: Detects traffic or activity related to https://sdkwinter.moondev.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://sdkwinter.moondev.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://canvsoc.moondev.in.net/verification.google id: auto-3ef72d5e5df8d920ddaab25a728ed90b8fac8b581348654712dd0c48078b03a2 status: experimental description: Detects traffic or activity related to https://canvsoc.moondev.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://canvsoc.moondev.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://focufield.moondev.in.net/verification.google id: auto-ed2cfe19c887052a9f805a70d7b48d5ed4c36e29ea259b8a4a78a0d18f824ee3 status: experimental description: Detects traffic or activity related to https://focufield.moondev.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://focufield.moondev.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://st4r-field.starapi.in.net/verification.google id: auto-d1946b1f02bf56fa2e017dc6a7eb839fec27eb406a931474051d5e5ee1ff275a status: experimental description: Detects traffic or activity related to https://st4r-field.starapi.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://st4r-field.starapi.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://kelcoreet.starapi.in.net/verification.google id: auto-31e4b61941007ab3f1e0977edde8ee6b066a87f10a2cd3a45e730ddb32480734 status: experimental description: Detects traffic or activity related to https://kelcoreet.starapi.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://kelcoreet.starapi.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://nad1d.starapi.in.net/verification.google id: auto-52d2afbbb2c3105472326468100a63f2a593777e8702069a5d623a88ae5540f3 status: experimental description: Detects traffic or activity related to https://nad1d.starapi.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://nad1d.starapi.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://kelmesha3.ironhub.in.net/verification.google id: auto-f5577009b56ada436ff61a183049e584631869cf7559c1627cadc29a776c930e status: experimental description: Detects traffic or activity related to https://kelmesha3.ironhub.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://kelmesha3.ironhub.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://google-2gy.pages.dev/chrome.exe id: auto-edb2d9a3d1c7caa8911131c3ffd530087eac0c0864894781a318f82e44052bb2 status: experimental description: Detects traffic or activity related to https://google-2gy.pages.dev/chrome.exe which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://google-2gy.pages.dev/chrome.exe*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://eastvine.ironhub.in.net/verification.google id: auto-54deec420f845d7a0a8204ec834623fbe914acea3e32843930db474e47e448ef status: experimental description: Detects traffic or activity related to https://eastvine.ironhub.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://eastvine.ironhub.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://garde-sha.ironhub.in.net/verification.google id: auto-bafe7b4e5048b7956ec0deda34b811ac2186bb6887a451d2d7b855993789a7f9 status: experimental description: Detects traffic or activity related to https://garde-sha.ironhub.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://garde-sha.ironhub.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://u68ojr.ironhub.in.net/verification.google id: auto-9af2025d216917ec087aadc6d9fabed877ecc1c822d74624c40be4a43af5a43d status: experimental description: Detects traffic or activity related to https://u68ojr.ironhub.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://u68ojr.ironhub.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://48z9.lakeweb.in.net/verification.google id: auto-dd10985d961b1d24f84dc2f56a3144d5dfb3e9191ca2bb68fcaf2796984fcbc7 status: experimental description: Detects traffic or activity related to https://48z9.lakeweb.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://48z9.lakeweb.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://supplybrave.lakeweb.in.net/verification.google id: auto-79d6160bad877f8dbd08a319af76cc89884c74feed59e540cd3fbad4e7d6ec90 status: experimental description: Detects traffic or activity related to https://supplybrave.lakeweb.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://supplybrave.lakeweb.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://quornexum.lakeweb.in.net/verification.google id: auto-16eb3d7de246a5e4c0a603556de56dd6faaee2c5394db704fbc5564e498ab089 status: experimental description: Detects traffic or activity related to https://quornexum.lakeweb.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://quornexum.lakeweb.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://vellithos7.lakeweb.in.net/verification.google id: auto-c6c3f35800f293f9a5d8a8dd8e4648713a9c2af50af46ec76f9d7478d1c6c5f1 status: experimental description: Detects traffic or activity related to https://vellithos7.lakeweb.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://vellithos7.lakeweb.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://lagoo-craft.rockapp.in.net/verification.google id: auto-a00a393310aec4a6f9e4a9d23c6cdeae95c4d695633a0c5500e21a38def2e3dc status: experimental description: Detects traffic or activity related to https://lagoo-craft.rockapp.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://lagoo-craft.rockapp.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://grovalue.rockapp.in.net/verification.google id: auto-4baea0b2e431e89f4688ee5710afd788ac865eec98eea34b4925c256300a07a2 status: experimental description: Detects traffic or activity related to https://grovalue.rockapp.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://grovalue.rockapp.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://studiosha.rockapp.in.net/verification.google id: auto-771fce27bf24583a9b791476794ddb7cffb28dd3e0814c019e70b1763ba1f261 status: experimental description: Detects traffic or activity related to https://studiosha.rockapp.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://studiosha.rockapp.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://importsan.rockapp.in.net/verification.google id: auto-4ae8428c9c34df5d7b4afd084af6f07b1aff6a9ec12416b79c19ee8fa85a72ff status: experimental description: Detects traffic or activity related to https://importsan.rockapp.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://importsan.rockapp.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://kel-tideix.goldsys.in.net/verification.google id: auto-83ffbc04837290929a6c7e7d59f0a957428b13a4c65fb739d9d23d96a5d52cbb status: experimental description: Detects traffic or activity related to https://kel-tideix.goldsys.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://kel-tideix.goldsys.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://buildsprou.goldsys.in.net/verification.google id: auto-841e31b411c1a9b8360cb374c7ba9f5ecf7c492dce448115999a090c8dc77d9b status: experimental description: Detects traffic or activity related to https://buildsprou.goldsys.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://buildsprou.goldsys.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://x2zev.goldsys.in.net/verification.google id: auto-1b2fb8e28c4e68f3eca47a25cd6ec25a7dbefcb1afdf367984bcc2a18e431ba6 status: experimental description: Detects traffic or activity related to https://x2zev.goldsys.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://x2zev.goldsys.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ioqdz.winddev.in.net/verification.google id: auto-c75d42c89462e1456fe1583dad9d3472b02a0cd2632f457d706ea66edb2115f1 status: experimental description: Detects traffic or activity related to https://ioqdz.winddev.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ioqdz.winddev.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://meta-tr3n.winddev.in.net/verification.google id: auto-995acf8d7c177ce3b28e22dfc5fb5afcdb3b1c0b4ed0670905198fd3d93d3065 status: experimental description: Detects traffic or activity related to https://meta-tr3n.winddev.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://meta-tr3n.winddev.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://lum-forgear.winddev.in.net/verification.google id: auto-28e0a00413740f9c38e51c52b967841cf9e38b41c0c4574eb2ae68f45fad56e6 status: experimental description: Detects traffic or activity related to https://lum-forgear.winddev.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://lum-forgear.winddev.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://report-gold.winddev.in.net/verification.google id: auto-ed60d5029d65c17947ccdf98c146f8b00e26d642738b570f0502ffdb89f0d3db status: experimental description: Detects traffic or activity related to https://report-gold.winddev.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://report-gold.winddev.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://mhrmjphd.oaknet.in.net/verification.google id: auto-5b6b0e17387309dc8145f64ee19cddd7258d7cdbf4e4efa909c92e1284668082 status: experimental description: Detects traffic or activity related to https://mhrmjphd.oaknet.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://mhrmjphd.oaknet.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://deploymesh.oaknet.in.net/verification.google id: auto-23fb6a80ec202ebe2a273fe997bd774f0a67d3ebdb410c093b63b558d9db2d17 status: experimental description: Detects traffic or activity related to https://deploymesh.oaknet.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://deploymesh.oaknet.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://jbstvz.oaknet.in.net/verification.google id: auto-d613e5454c365ff5307f7935908e7d1a93eb334142c053801bbd9379272d1a37 status: experimental description: Detects traffic or activity related to https://jbstvz.oaknet.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://jbstvz.oaknet.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://p4cket-signal.oaknet.in.net/verification.google id: auto-5924a3cd3b65b92a1f7962f6dc9d2dd348d8151810ff21e56d3e614d44dc98de status: experimental description: Detects traffic or activity related to https://p4cket-signal.oaknet.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://p4cket-signal.oaknet.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://t3mp0-zone.sunbit.in.net/verification.google id: auto-c9a41c44450176d86b116286e9b9fb98d09c8ca0a7e730e3b35a7d503b14a1c1 status: experimental description: Detects traffic or activity related to https://t3mp0-zone.sunbit.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://t3mp0-zone.sunbit.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://c1ip-scope.sunbit.in.net/verification.google id: auto-0b7b405505779857f52c7617d203f8272c0b91b8b89a22d61642d44c244c90d6 status: experimental description: Detects traffic or activity related to https://c1ip-scope.sunbit.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://c1ip-scope.sunbit.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://parceldusk.sunbit.in.net/verification.google id: auto-c9fb49bfffadc6e3150de0c429c96d04532ed7c1c723d38f14aefafe790678bb status: experimental description: Detects traffic or activity related to https://parceldusk.sunbit.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://parceldusk.sunbit.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://nodesteri.sunbit.in.net/verification.google id: auto-8a12d7b70a549e8bf1af17c1ae1899edc2aa00ae8b1bdc698ae7e4ed67da192a status: experimental description: Detects traffic or activity related to https://nodesteri.sunbit.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://nodesteri.sunbit.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://glob-k2.siliconcanyon.in.net/verification.google id: auto-ff18cb845f9fa2c6b5d5ead085283e8b1d640611ecea48b123d7be2a8a3672bd status: experimental description: Detects traffic or activity related to https://glob-k2.siliconcanyon.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://glob-k2.siliconcanyon.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://unit-r1.siliconcanyon.in.net/verification.google id: auto-00417575573bb94d0ea1c1806d4cf349ed823dda95fd2408fcaec3b42932753c status: experimental description: Detects traffic or activity related to https://unit-r1.siliconcanyon.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://unit-r1.siliconcanyon.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://sili-h7.siliconcanyon.in.net/verification.google id: auto-e8b9fb8b69269be7d5fea800a3da156a783bfa54266ead04ade598e4e17fb8e0 status: experimental description: Detects traffic or activity related to https://sili-h7.siliconcanyon.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://sili-h7.siliconcanyon.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://pl5-zw18.siliconcanyon.in.net/verification.google id: auto-05cf358ae559ceaec00251d3130acd9f74ab8fd5fac06e6902fe2049c5590926 status: experimental description: Detects traffic or activity related to https://pl5-zw18.siliconcanyon.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://pl5-zw18.siliconcanyon.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://node-s0.quartzhorizon.in.net/verification.google id: auto-dbee54a5b36df8bafb3745a3af79c7f626ec6470f7eb4b0c5ef48c045ff809a5 status: experimental description: Detects traffic or activity related to https://node-s0.quartzhorizon.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://node-s0.quartzhorizon.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://orig-m4.quartzhorizon.in.net/verification.google id: auto-fc99159b75f7ed3a84e70b8f8d59c7dd622c7193115a659cce11c112b02c4c0c status: experimental description: Detects traffic or activity related to https://orig-m4.quartzhorizon.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://orig-m4.quartzhorizon.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://quar-c2.quartzhorizon.in.net/verification.google id: auto-91741b59c2080ea7ae84c673001d56bdabe10276432c7f4d6343f12fa150ddda status: experimental description: Detects traffic or activity related to https://quar-c2.quartzhorizon.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://quar-c2.quartzhorizon.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://github.com/pesanuntukanda/chatgpt-enterprise-premium-unlocked/raw/branch/scourwort/unlocked_chatgpt_premium_enterprise_1.9.zip id: auto-1f02db803fa3cd9bd7a7cfa79e1a4e5cd92125a83153fca7956ef7d0b55cd3ce status: experimental description: Detects traffic or activity related to https://github.com/pesanuntukanda/chatgpt-enterprise-premium-unlocked/raw/branch/scourwort/unlocked_chatgpt_premium_enterprise_1.9.zip which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://github.com/pesanuntukanda/chatgpt-enterprise-premium-unlocked/raw/branch/scourwort/unlocked_chatgpt_premium_enterprise_1.9.zip*' condition: selection level: high tags: - attack.t1555 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://hx9-mv33.quartzhorizon.in.net/verification.google id: auto-6e68ec4e2ea03b83ef76bf321675e8b8208a250ed89b67b43a064dcd90a6b29d status: experimental description: Detects traffic or activity related to https://hx9-mv33.quartzhorizon.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://hx9-mv33.quartzhorizon.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://flow-x3.staticmotion.in.net/verification.google id: auto-9c34738fb6d174e65ad73dc5e500faa6e826d1407fe65e1bd05c2677d62f05fb status: experimental description: Detects traffic or activity related to https://flow-x3.staticmotion.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://flow-x3.staticmotion.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://srv-p8.staticmotion.in.net/verification.google id: auto-454cd57ba195e290250ffea5da8e33a72fd273d3685728b6147cdf3385698a12 status: experimental description: Detects traffic or activity related to https://srv-p8.staticmotion.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://srv-p8.staticmotion.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://stat-d6.staticmotion.in.net/verification.google id: auto-6b4b5fe2e80c57a8ff132cedb58ba6870e098a6ce295e42089153b34c9b3ba9a status: experimental description: Detects traffic or activity related to https://stat-d6.staticmotion.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://stat-d6.staticmotion.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://jn2-bt04.staticmotion.in.net/verification.google id: auto-c4772c04fa834a939231404c7f2d6914a4170264e0e21b62543890d36f1b6a1c status: experimental description: Detects traffic or activity related to https://jn2-bt04.staticmotion.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://jn2-bt04.staticmotion.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://auth-z1.motiongravity.in.net/verification.google id: auto-b5d6cd80f3777ddbea306acc7aeab18cfd4f57cfa83c7f744adfc68a2d0d59eb status: experimental description: Detects traffic or activity related to https://auth-z1.motiongravity.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://auth-z1.motiongravity.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://web-k9.motiongravity.in.net/verification.google id: auto-467ef6ecf926c2b4268bde5cdf399199ba499c15ce54f35c67c132c2a478a394 status: experimental description: Detects traffic or activity related to https://web-k9.motiongravity.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://web-k9.motiongravity.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://moti-u5.motiongravity.in.net/verification.google id: auto-1561a5147a20050323a9f0888ff7466eb6a0074289dd7e3184a035df44e97ca4 status: experimental description: Detects traffic or activity related to https://moti-u5.motiongravity.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://moti-u5.motiongravity.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cr4-xw90.motiongravity.in.net/verification.google id: auto-9b78e2ca8dbd66664997d8a594eb524bd0258c21592b3e95df42b8454546114e status: experimental description: Detects traffic or activity related to https://cr4-xw90.motiongravity.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cr4-xw90.motiongravity.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://data-f6.orbitcapture.in.net/verification.google id: auto-5db9ac470f15025a54392d5d2bd184d6cec05bc578ebdedbdcb6408d803e0426 status: experimental description: Detects traffic or activity related to https://data-f6.orbitcapture.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://data-f6.orbitcapture.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://edge-v3.orbitcapture.in.net/verification.google id: auto-986e4fee48e1471fdbf17d805906fc3f3aeeeaf3f8f58b360611230ff951c0be status: experimental description: Detects traffic or activity related to https://edge-v3.orbitcapture.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://edge-v3.orbitcapture.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://orbi-q7.orbitcapture.in.net/verification.google id: auto-5b5b04c85707b4ecbfe8507b3fdffe4c3006a8357bcecf9a4c2ddabcd175257c status: experimental description: Detects traffic or activity related to https://orbi-q7.orbitcapture.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://orbi-q7.orbitcapture.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://link-y5.vertexanchor.in.net/verification.google id: auto-5c2809fad1eff37dc28d9f06fe0f3bca076f875086c90a7029cd693b7d897f36 status: experimental description: Detects traffic or activity related to https://link-y5.vertexanchor.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://link-y5.vertexanchor.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://host-b1.vertexanchor.in.net/verification.google id: auto-efca576cbcf0e85bb9bc325f2029c6da1dfe5bbe1392fbfcd69a67122fa1b4df status: experimental description: Detects traffic or activity related to https://host-b1.vertexanchor.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://host-b1.vertexanchor.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://lp3-qv06.vertexanchor.in.net/verification.google id: auto-c34850b7fdcb067b878aba875863f93e2aec55919010a09cdb5f59e76ec27416 status: experimental description: Detects traffic or activity related to https://lp3-qv06.vertexanchor.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://lp3-qv06.vertexanchor.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://core-t9.tensorfield.in.net/verification.google id: auto-1b11e5c85032ea7475bf9497a5ecd1b0f2bc273624a1277446151a65f6480f79 status: experimental description: Detects traffic or activity related to https://core-t9.tensorfield.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://core-t9.tensorfield.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://main-p4.tensorfield.in.net/verification.google id: auto-8801d6820f0af5eb30335f6384e3318bc41639a98f81d4bb05f1b58d02d61023 status: experimental description: Detects traffic or activity related to https://main-p4.tensorfield.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://main-p4.tensorfield.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://tens-r8.tensorfield.in.net/verification.google id: auto-6d2165d620aa055dea33ee8a4dfbde7e857421e8a18d9188f53f8dc193396927 status: experimental description: Detects traffic or activity related to https://tens-r8.tensorfield.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://tens-r8.tensorfield.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://bz1-gh55.tensorfield.in.net/verification.google id: auto-02ce7527c46fef62286341e8c265c68fec524129d7bf899f60ad37b07b4f0da3 status: experimental description: Detects traffic or activity related to https://bz1-gh55.tensorfield.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://bz1-gh55.tensorfield.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://root-x2.metricfusion.in.net/verification.google id: auto-3a464c91dd708500bfe2502ee26025f648ba175de80efc0d1ebb0d9fccf596af status: experimental description: Detects traffic or activity related to https://root-x2.metricfusion.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://root-x2.metricfusion.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://metr-k44.metricfusion.in.net/verification.google id: auto-ac2bcf5680220a213077a9571c9b34086816186e05aff1faecc0a05362b8ae45 status: experimental description: Detects traffic or activity related to https://metr-k44.metricfusion.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://metr-k44.metricfusion.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://serv-z9.metricfusion.in.net/verification.google id: auto-961f16d618251cd998f645075f0e1fbb9df9563edd67017f6d1e46211e486831 status: experimental description: Detects traffic or activity related to https://serv-z9.metricfusion.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://serv-z9.metricfusion.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://local-s1.patternshadow.in.net/verification.google id: auto-7c7ff4c9e094adf1d8795d0e4d64ac4d81206329d770787218fba107de0dad0a status: experimental description: Detects traffic or activity related to https://local-s1.patternshadow.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://local-s1.patternshadow.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://patt-f21.patternshadow.in.net/verification.google id: auto-ed3435da8ea592f2c1a5387a562cc03b1894dc49b00be749bda40c96e7ea63c4 status: experimental description: Detects traffic or activity related to https://patt-f21.patternshadow.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://patt-f21.patternshadow.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dist-mx5.patternshadow.in.net/verification.google id: auto-14360057ca154a4b6d95ef1cd035bfde2cbcac17c5209cffd2734f0c190a871c status: experimental description: Detects traffic or activity related to https://dist-mx5.patternshadow.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dist-mx5.patternshadow.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://term-sync.vibratronic.in.net/verification.google id: auto-77afa8ee9276604f365f5b4d62cfff2cc6b7eba2d23fcdf71efbbeeb1f74f767 status: experimental description: Detects traffic or activity related to https://term-sync.vibratronic.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://term-sync.vibratronic.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://vibr-v08.vibratronic.in.net/verification.google id: auto-2f345a3e9903729e76c91a32d1d70e368dae35962c25b1c99acafae8eb0608ce status: experimental description: Detects traffic or activity related to https://vibr-v08.vibratronic.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://vibr-v08.vibratronic.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://main-peak.obsidianix.in.net/verification.google id: auto-28de13099924820c296993b36111e920dd2134dc77d220b5e08b41b2f31d4286 status: experimental description: Detects traffic or activity related to https://main-peak.obsidianix.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://main-peak.obsidianix.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://vult-hub.spectrometric.in.net/verification.google id: auto-156427e07319c53573676efac7839491ffb68bbdd89a4df434a807e5e388d373 status: experimental description: Detects traffic or activity related to https://vult-hub.spectrometric.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://vult-hub.spectrometric.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://quan-v3.quantovault.in.net/verification.google id: auto-76aed7b3cc1e1a74085b92adbf01a182e563fe34052cb32849be7f45b7c2274b status: experimental description: Detects traffic or activity related to https://quan-v3.quantovault.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://quan-v3.quantovault.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://alti-flow.altimetrica.in.net/verification.google id: auto-31a287932ffc4dde40b56cf91b6788b311ed882e8fa595dc3ccb2f95be806f83 status: experimental description: Detects traffic or activity related to https://alti-flow.altimetrica.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://alti-flow.altimetrica.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cent-base.centurionix.in.net/verification.google id: auto-e759ecd5bfa3e1d20bcf9fc6ef8e304be0d8e6680d9b27d9bf4a855e2ea4a8f8 status: experimental description: Detects traffic or activity related to https://cent-base.centurionix.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cent-base.centurionix.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://syst-node.centurionix.in.net/verification.google id: auto-020ad04b33fed91ff594e8954cb881ffab9c3bbc3e1545a45c8d5a5d3d14da72 status: experimental description: Detects traffic or activity related to https://syst-node.centurionix.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://syst-node.centurionix.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://stru-run.structovista.in.net/verification.google id: auto-098160b783f70235eba87e3a387e732ba65e24f74b036617512251b57fc0d57f status: experimental description: Detects traffic or activity related to https://stru-run.structovista.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://stru-run.structovista.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://link-net.structovista.in.net/verification.google id: auto-15d803578505f0735be8360367d63fd725acdaf993bd3414fe715c08afad4e52 status: experimental description: Detects traffic or activity related to https://link-net.structovista.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://link-net.structovista.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://stru-v77.structovista.in.net/verification.google id: auto-c8d8376da2fd815563e26582e4bf801c27051c6bc8880dd9155ff64db312a993 status: experimental description: Detects traffic or activity related to https://stru-v77.structovista.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://stru-v77.structovista.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://link-node.structovista.in.net/verification.google id: auto-d06f3d108b354adc46c35e39273f5d542364feb089a35c8b804555e5f08e7341 status: experimental description: Detects traffic or activity related to https://link-node.structovista.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://link-node.structovista.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://gala-net.galactoview.in.net/verification.google id: auto-f4e5a00df9f0fd1a11d2de38a0fbc01da2e86f347577bd68fcedddaa4dae0891 status: experimental description: Detects traffic or activity related to https://gala-net.galactoview.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://gala-net.galactoview.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://tech-base.galactoview.in.net/verification.google id: auto-ad24c63cad797cac42d4bfa2ce7c6ca604f0567c1942f828d3c04d57d3c7db30 status: experimental description: Detects traffic or activity related to https://tech-base.galactoview.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://tech-base.galactoview.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://gala-v11.galactoview.in.net/verification.google id: auto-62ff02f7d5c1f7a8e70a07311cda92784569e7fdc093872778c597dd042858c8 status: experimental description: Detects traffic or activity related to https://gala-v11.galactoview.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://gala-v11.galactoview.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://tech-ref.galactoview.in.net/verification.google id: auto-1b3db23330b741a766055c7e819f00765ae51b90f8de800d1d10787afec8e773 status: experimental description: Detects traffic or activity related to https://tech-ref.galactoview.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://tech-ref.galactoview.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://sync-unit.synchromesh.in.net/verification.google id: auto-46107182cf246b828b617a33cea7c724413be3dc193561055a7117d7640414af status: experimental description: Detects traffic or activity related to https://sync-unit.synchromesh.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://sync-unit.synchromesh.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://flow-gate.synchromesh.in.net/verification.google id: auto-66c3f36451710424af1659422f2d1fe52b3b83de8f4bab8bec7da0bae7ec173a status: experimental description: Detects traffic or activity related to https://flow-gate.synchromesh.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://flow-gate.synchromesh.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://sync-v09.synchromesh.in.net/verification.google id: auto-8f83bc3974f07993d74bb2aa9818cf219b75a04bf9c24ebf3ad6962d36525a90 status: experimental description: Detects traffic or activity related to https://sync-v09.synchromesh.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://sync-v09.synchromesh.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://vibr-flow.vibratronic.in.net/verification.google id: auto-0b8fcbaa4d750ac0388a1f142f257ee0df469195e838da6337b024c0c613139d status: experimental description: Detects traffic or activity related to https://vibr-flow.vibratronic.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://vibr-flow.vibratronic.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://term-way.vibratronic.in.net/verification.google id: auto-6fd16fa13cdf23e6d2567c58a0937bb600514c1a9f08f4d8a988c6750f74feae status: experimental description: Detects traffic or activity related to https://term-way.vibratronic.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://term-way.vibratronic.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://obsi-base.obsidianix.in.net/verification.google id: auto-9a3648a6032902b436a12e54a69259cd2440aca87ed9884b409cddd7315a30e7 status: experimental description: Detects traffic or activity related to https://obsi-base.obsidianix.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://obsi-base.obsidianix.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://main-sys.obsidianix.in.net/verification.google id: auto-38004609bcd49ae6fc3634d8c6072e85aeba2db0eb1d9f675a3863c73feb21d1 status: experimental description: Detects traffic or activity related to https://main-sys.obsidianix.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://main-sys.obsidianix.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://obsi-v6.obsidianix.in.net/verification.google id: auto-b68f88d338fff1d65ebafff010d0cc58ffe0a1a0d9856d4e6acdd96feca01e68 status: experimental description: Detects traffic or activity related to https://obsi-v6.obsidianix.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://obsi-v6.obsidianix.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://spec-node.spectrometric.in.net/verification.google id: auto-57331da8fecbaebc0c400801b582ba3265d005d0af97148e75c51a1366638f68 status: experimental description: Detects traffic or activity related to https://spec-node.spectrometric.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://spec-node.spectrometric.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://spec-v05.spectrometric.in.net/verification.google id: auto-548122a40feff08531fb7c4f49f152236611424921ca98a0eda7fc720a60904e status: experimental description: Detects traffic or activity related to https://spec-v05.spectrometric.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://spec-v05.spectrometric.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://vult-vault.spectrometric.in.net/verification.google id: auto-c1f24154e5592130b4846daea8b0e4be4156739405f356b2f1a0fdde112f266d status: experimental description: Detects traffic or activity related to https://vult-vault.spectrometric.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://vult-vault.spectrometric.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://prim-data.primordialis.in.net/verification.google id: auto-ec9861f342aff8ae20b05c28ce940ef4333646f4e2c38e7ad9cbfe445e81eb90 status: experimental description: Detects traffic or activity related to https://prim-data.primordialis.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://prim-data.primordialis.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://prim-v44.primordialis.in.net/verification.google id: auto-a589c1489b4179f6e8f42a5b48e820d7bafb71371d056cb5ad4df035001ec286 status: experimental description: Detects traffic or activity related to https://prim-v44.primordialis.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://prim-v44.primordialis.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://logic-core.primordialis.in.net/verification.google id: auto-2b49fe0d8d555cf13e2a15b38aa9b012d1e02ab4f73f8f293781cde2a8338fee status: experimental description: Detects traffic or activity related to https://logic-core.primordialis.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://logic-core.primordialis.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://quan-edge.quantovault.in.net/verification.google id: auto-c9478105f0ef1e912af1da9231358e2db7ae03202fffb058c836c3960cb03637 status: experimental description: Detects traffic or activity related to https://quan-edge.quantovault.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://quan-edge.quantovault.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://data-unit.quantovault.in.net/verification.google id: auto-97160e8c9881b1221daf8bcac2520a0a0f68c4d10d2f96dc1a8daaa229d3db67 status: experimental description: Detects traffic or activity related to https://data-unit.quantovault.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://data-unit.quantovault.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://data-gate.quantovault.in.net/verification.google id: auto-a4e8cbaa0febf0d4aaf6963ddc8d2e21561eefe8197b0babe4e3ebf1c4976079 status: experimental description: Detects traffic or activity related to https://data-gate.quantovault.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://data-gate.quantovault.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://infra-net.altimetrica.in.net/verification.google id: auto-a9bfdcc3092d75974c8b35c03532211f1391e9360e37cd840d96458e7e04ef46 status: experimental description: Detects traffic or activity related to https://infra-net.altimetrica.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://infra-net.altimetrica.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://alti-v12.altimetrica.in.net/verification.google id: auto-e8ceb83d4c753549c01453a466948229147d0499ec670f3f023c4efb03029968 status: experimental description: Detects traffic or activity related to https://alti-v12.altimetrica.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://alti-v12.altimetrica.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://syst-sync.centurionix.in.net/verification.google id: auto-9fe92dc8c01813697e77e4577336c9332d5f56be5106a0c23fe97e59944f461c status: experimental description: Detects traffic or activity related to https://syst-sync.centurionix.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://syst-sync.centurionix.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cent-v01.centurionix.in.net/verification.google id: auto-32b8fa71235d078e631fc5da1f86bc5cac2c291f9ac55cf385f8355ca3e2c955 status: experimental description: Detects traffic or activity related to https://cent-v01.centurionix.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cent-v01.centurionix.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://syncryp.bestink.in.net/verification.google id: auto-a526194bfc35af5eaee01b24011d0d57f26a8658f99928527bcaa541bfe845c2 status: experimental description: Detects traffic or activity related to https://syncryp.bestink.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://syncryp.bestink.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ch3c-line.bestink.in.net/verification.google id: auto-c89312f61fa93076f012ecb45c84aeebd0d33b501128cd3d0e006186bb3e63ca status: experimental description: Detects traffic or activity related to https://ch3c-line.bestink.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ch3c-line.bestink.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://u1tr5-bridge.lookback.in.net/verification.google id: auto-885f856ea03c8aec5f7858998e6c2c05f8a204e643421563a69888727dc9b320 status: experimental description: Detects traffic or activity related to https://u1tr5-bridge.lookback.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://u1tr5-bridge.lookback.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://sp4rrow-phase.lookback.in.net/verification.google id: auto-1fc4f602ec35aede7727ec9a4ff44690a8b7a614ea203556a8d48bd9675ba269 status: experimental description: Detects traffic or activity related to https://sp4rrow-phase.lookback.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://sp4rrow-phase.lookback.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://eaec4m.droplast.in.net/verification.google id: auto-ac6972f22c005969f9615d51c61c3f9c737d57b1dfbb8a3b640e5b0b413a6c65 status: experimental description: Detects traffic or activity related to https://eaec4m.droplast.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://eaec4m.droplast.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dark-shi.droplast.in.net/verification.google id: auto-7951f4244940df96ab87eef6b7a4f493129cd567a19af3e02a86f816ccf91ed0 status: experimental description: Detects traffic or activity related to https://dark-shi.droplast.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dark-shi.droplast.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://reel-tok.costfee.in.net/verification.google id: auto-2846d74261b12009269ebfc9b1b42fd4f1fa9fae2214732f3d456929b918aa21 status: experimental description: Detects traffic or activity related to https://reel-tok.costfee.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://reel-tok.costfee.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - http://158.94.211.222/files/825476364/6HMd4Pg.exe id: auto-8c2640d71a7533e5466ae1309655931e5226b94bda7c43a25b45991f524882cb status: experimental description: Detects traffic or activity related to http://158.94.211.222/files/825476364/6HMd4Pg.exe which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*http://158.94.211.222/files/825476364/6HMd4Pg.exe*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://deal1-point.greentea.in.net/verification.google id: auto-7befb7d635abee9dfa7d5a44d63aa64230b7c2bfe64addff89f5958c624f8db5 status: experimental description: Detects traffic or activity related to https://deal1-point.greentea.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://deal1-point.greentea.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://guid-route.greentea.in.net/verification.google id: auto-b8cc12a87e325816e757c7a096a5c3d5328298c1f35a8e2d28be80895bf48245 status: experimental description: Detects traffic or activity related to https://guid-route.greentea.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://guid-route.greentea.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://render5-line.wayton.in.net/verification.google id: auto-b53c185a02e21495eb10f638f4daee3fc6ef895f375733f16d1caf2506761d80 status: experimental description: Detects traffic or activity related to https://render5-line.wayton.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://render5-line.wayton.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://faitdem.wayton.in.net/verification.google id: auto-27b2acf67f5756ba07a0415c856e13dabb6f283d961b378a4c5bb857b8ea2878 status: experimental description: Detects traffic or activity related to https://faitdem.wayton.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://faitdem.wayton.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://transmfield.wayton.in.net/verification.google id: auto-3ed108520617ee9e23b0d1aaec7db20b443830abed2102555b9f4f4d2277f5e2 status: experimental description: Detects traffic or activity related to https://transmfield.wayton.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://transmfield.wayton.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://quin-net.quintura.in.net/verification.google id: auto-028a2cc8fcc8923071d6a9cea8fa84c0ef1872bf2f38531eacc5fbec07085c4f status: experimental description: Detects traffic or activity related to https://quin-net.quintura.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://quin-net.quintura.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://tech-base.quintura.in.net/verification.google id: auto-be44056e61444b765535f74371b50e4bb9d300205072a179380e3a6bf1edad66 status: experimental description: Detects traffic or activity related to https://tech-base.quintura.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://tech-base.quintura.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://quin-v11.quintura.in.net/verification.google id: auto-e3501913aab18359df81b5b2c39b6f69ba9b5611565625fd703d9aa019e38191 status: experimental description: Detects traffic or activity related to https://quin-v11.quintura.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://quin-v11.quintura.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://tech-ref.quintura.in.net/verification.google id: auto-d841dda36f0b286f8149621d743292f370d408a557c1cfdf6b76a446872a9d64 status: experimental description: Detects traffic or activity related to https://tech-ref.quintura.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://tech-ref.quintura.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://spec-unit.spectris.in.net/verification.google id: auto-17e77efe0a893635d8cf647c0c78043f0c26d21f603ba665c6ade1de6b873240 status: experimental description: Detects traffic or activity related to https://spec-unit.spectris.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://spec-unit.spectris.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://link-gate.spectris.in.net/verification.google id: auto-233628e585607a42cd9cccd9853c5080297ab7bd7c827f9d14473d10d9f30869 status: experimental description: Detects traffic or activity related to https://link-gate.spectris.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://link-gate.spectris.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://spec-v09.spectris.in.net/verification.google id: auto-41a5344de82c7fcd206f13b6b3c63de0b0b93c48d29a2b68d8d6781cef165b46 status: experimental description: Detects traffic or activity related to https://spec-v09.spectris.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://spec-v09.spectris.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://link-logic.spectris.in.net/verification.google id: auto-61a29b7a47e9b30b145855a8ccac4029b77d2d6af72b10de053a3337188a1e62 status: experimental description: Detects traffic or activity related to https://link-logic.spectris.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://link-logic.spectris.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://vibr-flow.vibrante.in.net/verification.google id: auto-01de55bbeb46f0193b26499338f06f3e20cf8cd8775752f8fbfe60480d762048 status: experimental description: Detects traffic or activity related to https://vibr-flow.vibrante.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://vibr-flow.vibrante.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://term-sync.vibrante.in.net/verification.google id: auto-a04c9a372b15935e8fe90933c30fb874040ca6127a810f27b37af118bfcf4e72 status: experimental description: Detects traffic or activity related to https://term-sync.vibrante.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://term-sync.vibrante.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://vibr-v08.vibrante.in.net/verification.google id: auto-cb6dcd644453fd97b6d288fa672e958067f3e113050e43655ed2bf832ca022e4 status: experimental description: Detects traffic or activity related to https://vibr-v08.vibrante.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://vibr-v08.vibrante.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://term-way.vibrante.in.net/verification.google id: auto-42aa42b2a3b98594963754e0c6da92f49e6706e2e333604f0d9194ff86f087aa status: experimental description: Detects traffic or activity related to https://term-way.vibrante.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://term-way.vibrante.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://flux-run.fluxoris.in.net/verification.google id: auto-5dad55ae402bea14ddecc4d7189529eac02be7138e4f3ac8c24c54ec222f3eef status: experimental description: Detects traffic or activity related to https://flux-run.fluxoris.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://flux-run.fluxoris.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://site-net.fluxoris.in.net/verification.google id: auto-774b54d46c6202d0479cccc059e7da32248b722ab7ff27601aaffb0a2546c895 status: experimental description: Detects traffic or activity related to https://site-net.fluxoris.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://site-net.fluxoris.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://flux-v77.fluxoris.in.net/verification.google id: auto-94f53cbcb447790a56f508cb4bae4d5d28f3b50738e3c2930ab95c247003eeeb status: experimental description: Detects traffic or activity related to https://flux-v77.fluxoris.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://flux-v77.fluxoris.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://site-node.fluxoris.in.net/verification.google id: auto-f51e7947c84a902a1345de908bb3fe561320b8291e67c294db05ab515698e893 status: experimental description: Detects traffic or activity related to https://site-node.fluxoris.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://site-node.fluxoris.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://orbi-base.orbisura.in.net/verification.google id: auto-ceec8558a7207f06b14b50918c367ddc34f3571b4ed5cf0d26fdc2609986bece status: experimental description: Detects traffic or activity related to https://orbi-base.orbisura.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://orbi-base.orbisura.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://main-sys.orbisura.in.net/verification.google id: auto-e457cc57f0c949aca240726e1cd6cef9074d79d1560b4695385fec2676243565 status: experimental description: Detects traffic or activity related to https://main-sys.orbisura.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://main-sys.orbisura.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://orbi-v6.orbisura.in.net/verification.google id: auto-d818d1bf76e2bbe5d6759f8c34466611d44c9d0b910a26fda6cfc162214fcfaa status: experimental description: Detects traffic or activity related to https://orbi-v6.orbisura.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://orbi-v6.orbisura.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://main-peak.orbisura.in.net/verification.google id: auto-094b136b086e6272e4024a51e6cc7a378638a219f2fe13681b839da1edd00be4 status: experimental description: Detects traffic or activity related to https://main-peak.orbisura.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://main-peak.orbisura.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://zent-node.zentalis.in.net/verification.google id: auto-06d6c1f9421cc39f1e22c1540e735ee0461f69804fa9bc3338a33a08e5911ce0 status: experimental description: Detects traffic or activity related to https://zent-node.zentalis.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://zent-node.zentalis.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://bit-hub.zentalis.in.net/verification.google id: auto-51813ac5ef024a698557792f2fe464455b070d1d9b865ea452094f5d5ee3e0ef status: experimental description: Detects traffic or activity related to https://bit-hub.zentalis.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://bit-hub.zentalis.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://zent-v05.zentalis.in.net/verification.google id: auto-36759be4f80f00072072f16bd585f4c64d0d8c714b2d6c92c9005f4972a27ce0 status: experimental description: Detects traffic or activity related to https://zent-v05.zentalis.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://zent-v05.zentalis.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://bit-vault.zentalis.in.net/verification.google id: auto-7c6604bf81f4c95eed4e0e4e5678fa3fd305a3e34af8a687be5f5778f0fc1f8b status: experimental description: Detects traffic or activity related to https://bit-vault.zentalis.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://bit-vault.zentalis.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://nexu-data.nexulon.in.net/verification.google id: auto-75eed5ce8532d0dfd9a73e106e6df4b7da22b52cc1141f265b961c4622ef19ff status: experimental description: Detects traffic or activity related to https://nexu-data.nexulon.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://nexu-data.nexulon.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dist-sync.nexulon.in.net/verification.google id: auto-27a0acc04f90a3f21a2b5928b70c5ab92e0fe2bf9700f9cd7ae27f35f1145c2b status: experimental description: Detects traffic or activity related to https://dist-sync.nexulon.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dist-sync.nexulon.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://nexu-v44.nexulon.in.net/verification.google id: auto-ea0e8919c7df30e1af2ecd4e87b9695a963584d1dd65cbb9b7149e2204fc2aee status: experimental description: Detects traffic or activity related to https://nexu-v44.nexulon.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://nexu-v44.nexulon.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dist-core.nexulon.in.net/verification.google id: auto-950d72c94c9c24d2b40d1bf0a968bbf98a52e754f10e820503662fb732df8a84 status: experimental description: Detects traffic or activity related to https://dist-core.nexulon.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dist-core.nexulon.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dyna-edge.dynastis.in.net/verification.google id: auto-cc61696b9e401776e6f11d1b9dba2a81436b505f42901a6eb8c73d7217cc2d2f status: experimental description: Detects traffic or activity related to https://dyna-edge.dynastis.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dyna-edge.dynastis.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ops-unit.dynastis.in.net/verification.google id: auto-bbc9b2368ea7f1f05a901b5f11b4f040c74632025d1dc60d4c3b370fc7ef3792 status: experimental description: Detects traffic or activity related to https://ops-unit.dynastis.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ops-unit.dynastis.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dyna-v3.dynastis.in.net/verification.google id: auto-e885236f241e03209e6db96a763afa1b98570ddf5bf812bebe0f56317d9c670e status: experimental description: Detects traffic or activity related to https://dyna-v3.dynastis.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dyna-v3.dynastis.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ops-gate.dynastis.in.net/verification.google id: auto-d827226eb849c728e4d4a32b4cfc1ed2137a0156824f3967d5d171da371077b6 status: experimental description: Detects traffic or activity related to https://ops-gate.dynastis.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ops-gate.dynastis.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - http://158.94.211.222/files/8261736065/6QBuVkN.exe id: auto-b5a966a9b597736fce064bcf8fe54789106de3485b55558e1199b71d433f1138 status: experimental description: Detects traffic or activity related to http://158.94.211.222/files/8261736065/6QBuVkN.exe which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*http://158.94.211.222/files/8261736065/6QBuVkN.exe*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://clay-logic.redclay.in.net/verification.google id: auto-1549a5a154b4352ed9b0ac5cff53abdb9ede81d94d884048bfef898a814c38d8 status: experimental description: Detects traffic or activity related to https://clay-logic.redclay.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://clay-logic.redclay.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://wind-flow.winddock.in.net/verification.google id: auto-494392fdbefe4741c9e4ce39367af69874b0a7b99dc1f6f6be9b6710bb6f25ba status: experimental description: Detects traffic or activity related to https://wind-flow.winddock.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://wind-flow.winddock.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dock-sync.winddock.in.net/verification.google id: auto-ccd25a39cdeb073d4e348d6393407b1418441a2612f36cb4a016cb8afc1739f6 status: experimental description: Detects traffic or activity related to https://dock-sync.winddock.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dock-sync.winddock.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://wind-v08.winddock.in.net/verification.google id: auto-3f87beca5a14d48bfc6bee562646a4955d3b7ecf4fb5ef2137fa99f62bfb4974 status: experimental description: Detects traffic or activity related to https://wind-v08.winddock.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://wind-v08.winddock.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dock-way.winddock.in.net/verification.google id: auto-2b81c1fd0f86d61f2b2075c15cb2be2945827755b4c3725aaba8cfa92388aab5 status: experimental description: Detects traffic or activity related to https://dock-way.winddock.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dock-way.winddock.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://gold-run.goldpath.in.net/verification.google id: auto-9a417de62072fee8f2f25d79f4cc00ed345a631501d47143858ac5b51aae1cbe status: experimental description: Detects traffic or activity related to https://gold-run.goldpath.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://gold-run.goldpath.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://path-net.goldpath.in.net/verification.google id: auto-2c7f26805254926fddda7182188d0f1a07f276558695718d935ba8e211abbd36 status: experimental description: Detects traffic or activity related to https://path-net.goldpath.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://path-net.goldpath.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://gold-v77.goldpath.in.net/verification.google id: auto-8cc746b7dda4f8f539a5b14c86c929ffa6fca479cc456aa0680809ccd652a743 status: experimental description: Detects traffic or activity related to https://gold-v77.goldpath.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://gold-v77.goldpath.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://path-site.goldpath.in.net/verification.google id: auto-b24bb1f63b80a3beeae0a3a0b0f679fc63fdefd40e93231804879d3a35cdb902 status: experimental description: Detects traffic or activity related to https://path-site.goldpath.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://path-site.goldpath.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://rock-sys.rockbend.in.net/verification.google id: auto-dd2b95531c77fcf8347201490f35fabfffdd96fc46372418b20c154202e6d19e status: experimental description: Detects traffic or activity related to https://rock-sys.rockbend.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://rock-sys.rockbend.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://bend-v6.rockbend.in.net/verification.google id: auto-8379db5100c11f7093909ebada615c94eb20e1e01895645c2f390cdb91c37972 status: experimental description: Detects traffic or activity related to https://bend-v6.rockbend.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://bend-v6.rockbend.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://rock-spot.rockbend.in.net/verification.google id: auto-37cc3355618ab6b8f716e27109f90c26a59eddf3a626db9f8b0b3f749b74cafe status: experimental description: Detects traffic or activity related to https://rock-spot.rockbend.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://rock-spot.rockbend.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://gate-node.lakegate.in.net/verification.google id: auto-049bf1ed8fe73ff034156d44b932313e0bef7b9abdd5fe4ef0ebc029bd68e3f5 status: experimental description: Detects traffic or activity related to https://gate-node.lakegate.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://gate-node.lakegate.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://lake-hub.lakegate.in.net/verification.google id: auto-40a652c72e4b97365c25dd2213b55baeee948fbfc3b59a42e3331443b6d525c4 status: experimental description: Detects traffic or activity related to https://lake-hub.lakegate.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://lake-hub.lakegate.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://gate-v05.lakegate.in.net/verification.google id: auto-4d2f788de253712ebd4e0485e9f15e7c3f3c6ad6df987aed1eae7fc3d481af39 status: experimental description: Detects traffic or activity related to https://gate-v05.lakegate.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://gate-v05.lakegate.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://lake-vault.lakegate.in.net/verification.google id: auto-c367909fce0fa904d3e042b663013e011dc23f8ac7bf317fe0a3db1eafafad55 status: experimental description: Detects traffic or activity related to https://lake-vault.lakegate.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://lake-vault.lakegate.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://iron-data.ironford.in.net/verification.google id: auto-6ba8ed0958d7155c68dd38ce81da7994defda4d1f9abc13ea23d16479153f140 status: experimental description: Detects traffic or activity related to https://iron-data.ironford.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://iron-data.ironford.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ford-sync.ironford.in.net/verification.google id: auto-b4cabfc087ed2d3496b16dbff6ea4fd231398f22fc1caec5fd7683cfbe602698 status: experimental description: Detects traffic or activity related to https://ford-sync.ironford.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ford-sync.ironford.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://iron-v44.ironford.in.net/verification.google id: auto-61beb67db2b430a48d8c5f8cd93fea3929eb009c4df9abc64bc5073730dfede3 status: experimental description: Detects traffic or activity related to https://iron-v44.ironford.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://iron-v44.ironford.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ford-core.ironford.in.net/verification.google id: auto-79bd30140c69cc225a910bd9dfff7c253a76129b5e45539618dc782621eed622 status: experimental description: Detects traffic or activity related to https://ford-core.ironford.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ford-core.ironford.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://bend-edge.starbend.in.net/verification.google id: auto-b6eb1cab3da01951b9c2bf2337a2f654d69ec5c3da7c086096ce1f6ca341f1f5 status: experimental description: Detects traffic or activity related to https://bend-edge.starbend.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://bend-edge.starbend.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://star-unit.starbend.in.net/verification.google id: auto-1b562b8481615f7503df3e41daebf844915a07e05275deaeef0e633bea013cbe status: experimental description: Detects traffic or activity related to https://star-unit.starbend.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://star-unit.starbend.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://bend-v3.starbend.in.net/verification.google id: auto-4cfbd35da28dd2732e961409a204fb2b103b0f70e2156c7fd34b0fd7162a2f83 status: experimental description: Detects traffic or activity related to https://bend-v3.starbend.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://bend-v3.starbend.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://fuckcartel.icu/download/gitlol id: auto-27b2a8e4c0ec33d5a7a4b2bc5f86723c12c2ad41d59e3fcbd12e5bb0882c0f16 status: experimental description: Detects traffic or activity related to https://fuckcartel.icu/download/gitlol which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://fuckcartel.icu/download/gitlol*' condition: selection level: high tags: - attack.t1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - http://158.94.211.222/files/8437455245/ByDG8Kl.exe id: auto-7e6e211be5ee8aef6574d709ae2ba82ae59db0361dd4827aa14c01885538ee60 status: experimental description: Detects traffic or activity related to http://158.94.211.222/files/8437455245/ByDG8Kl.exe which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*http://158.94.211.222/files/8437455245/ByDG8Kl.exe*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://valley-node.sunvalley.in.net/verification.google id: auto-a80a2105f7a64e78da7d6cb40572c4621e08b13d3691e40ddf6763f4011a7529 status: experimental description: Detects traffic or activity related to https://valley-node.sunvalley.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://valley-node.sunvalley.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://way-logic.clingway.in.net/verification.google id: auto-dd1030bb64bad0cd706e3f8543904d08bd2730fb7a44f6ac0d02eed927e99e70 status: experimental description: Detects traffic or activity related to https://way-logic.clingway.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://way-logic.clingway.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cling-05.clingway.in.net/verification.google id: auto-05db8d24ccea3ba9dd98f42e55c1fba312f49ee763e4634383b3bbb2b42dcd60 status: experimental description: Detects traffic or activity related to https://cling-05.clingway.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cling-05.clingway.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://way-v1.clingway.in.net/verification.google id: auto-4e73c76a6c24f0765700bbfa74494caa12629787fdaf8ee4ca7e867b7d7a24c3 status: experimental description: Detects traffic or activity related to https://way-v1.clingway.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://way-v1.clingway.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cling-way.clingway.in.net/verification.google id: auto-18bf90c5808e12ac5c239f9909979b38170c6e3edee3ef18d987002a99cfc43f status: experimental description: Detects traffic or activity related to https://cling-way.clingway.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cling-way.clingway.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://par-node.parishwhale.in.net/verification.google id: auto-27422899c907917d1a319a89e55d0f77e71901cc1c0a2d7e03a15788d4bf6a8e status: experimental description: Detects traffic or activity related to https://par-node.parishwhale.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://par-node.parishwhale.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://whale-sync.parishwhale.in.net/verification.google id: auto-e3aba0fba5e258aa1b5104b7c7a18dab807a7cde0725362a571c23f77d38b759 status: experimental description: Detects traffic or activity related to https://whale-sync.parishwhale.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://whale-sync.parishwhale.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://par-v33.parishwhale.in.net/verification.google id: auto-8f5a1387b844ec821b22403e495fb634473a89f30566392a2e0a48e5552a876f status: experimental description: Detects traffic or activity related to https://par-v33.parishwhale.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://par-v33.parishwhale.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://whale-port.parishwhale.in.net/verification.google id: auto-f55352da96f9cf39ae575cb1f130ce5c97c8ef2cf6c4edb76549641c4bdfc083 status: experimental description: Detects traffic or activity related to https://whale-port.parishwhale.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://whale-port.parishwhale.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://volup-net.antivoluptuous.in.net/verification.google id: auto-527838d43f0497506a52b50e9a87016642adc84c85030b10cff9806e8ba12987 status: experimental description: Detects traffic or activity related to https://volup-net.antivoluptuous.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://volup-net.antivoluptuous.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://anti-02.antivoluptuous.in.net/verification.google id: auto-9e462c2810c634c41e6e0a9c68e9a420566715236a6c32d28059ffbaada5cd83 status: experimental description: Detects traffic or activity related to https://anti-02.antivoluptuous.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://anti-02.antivoluptuous.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://volup-v6.antivoluptuous.in.net/verification.google id: auto-17773cbc30201da1de266cd9a840960e1a3b07be026c38d408691a45d8430015 status: experimental description: Detects traffic or activity related to https://volup-v6.antivoluptuous.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://volup-v6.antivoluptuous.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://anti-vol.antivoluptuous.in.net/verification.google id: auto-2a293c051fe944a9c215670c25dfbad1e5b67784780c7223fb937edd846af753 status: experimental description: Detects traffic or activity related to https://anti-vol.antivoluptuous.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://anti-vol.antivoluptuous.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://crea-sync.nightcreate.in.net/verification.google id: auto-edaa3aca34919008bd5748e6c885df181f2e4c06d450afecc832323ea5bf83e9 status: experimental description: Detects traffic or activity related to https://crea-sync.nightcreate.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://crea-sync.nightcreate.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://night-gate.nightcreate.in.net/verification.google id: auto-fcfe95caf4e64e58aebc5569560a92444b3f17e1f9433591a5ad16823c279af3 status: experimental description: Detects traffic or activity related to https://night-gate.nightcreate.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://night-gate.nightcreate.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://crea-v11.nightcreate.in.net/verification.google id: auto-6a9c1d110b2cca6d88d5f801643db02f9789298fd60319ed899678c1235e1499 status: experimental description: Detects traffic or activity related to https://crea-v11.nightcreate.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://crea-v11.nightcreate.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - http://46.149.73.60/4SLEYpfAk57hGubo/wslservice.mp3 id: auto-193a14480542e10889aeb8e0158a5549a6141a64d368738e0078442a5f193bd0 status: experimental description: Detects traffic or activity related to http://46.149.73.60/4SLEYpfAk57hGubo/wslservice.mp3 which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*http://46.149.73.60/4SLEYpfAk57hGubo/wslservice.mp3*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - http://46.149.73.60/4SLEYpfAk57hGubo/messagebus.pdf id: auto-f00111bb1fd4040ff470cb18d2e6c44fad93f4e217dca54019bf165a33d66a46 status: experimental description: Detects traffic or activity related to http://46.149.73.60/4SLEYpfAk57hGubo/messagebus.pdf which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*http://46.149.73.60/4SLEYpfAk57hGubo/messagebus.pdf*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - http://46.149.73.60/4SLEYpfAk57hGubo/FNPLicensingService.php id: auto-083ba066d52ba5da50b64134d10aad6a96d93f9cc506cc905b7169bf2b41666f status: experimental description: Detects traffic or activity related to http://46.149.73.60/4SLEYpfAk57hGubo/FNPLicensingService.php which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*http://46.149.73.60/4SLEYpfAk57hGubo/FNPLicensingService.php*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://acecareer.edu/wp-includes/certificates/acr-karimichikstrelyaet-639081475329349420.exe id: auto-15414cf36cad770360576cf0ad241e50bf643bf7477ecf0c4246a91b8d5ded94 status: experimental description: Detects traffic or activity related to https://acecareer.edu/wp-includes/certificates/acr-karimichikstrelyaet-639081475329349420.exe which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://acecareer.edu/wp-includes/certificates/acr-karimichikstrelyaet-639081475329349420.exe*' condition: selection level: high tags: - attack.t1204.002 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://acecareer.edu/wp-includes/certificates/Ocher.exe id: auto-21e8970ffe5d001488e762f251541ebf6ec8e447d7a7acee7b6ac06d1ca5dd7d status: experimental description: Detects traffic or activity related to https://acecareer.edu/wp-includes/certificates/Ocher.exe which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://acecareer.edu/wp-includes/certificates/Ocher.exe*' condition: selection level: high tags: - attack.t1204.002 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://night-mode.nightcreate.in.net/verification.google id: auto-7e6b6a46ef7b7bab96e8d51a25338e361e1037eaae5faca60fe3b32e766fae94 status: experimental description: Detects traffic or activity related to https://night-mode.nightcreate.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://night-mode.nightcreate.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - http://185.242.3.239/kfhogts id: auto-8b2e2b1394490080db4af9fe6f169c2927284c15f53a576b24314cabd78f51dc status: experimental description: Detects traffic or activity related to http://185.242.3.239/kfhogts which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*http://185.242.3.239/kfhogts*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - http://185.242.3.239/oqqqqoa.mp3 id: auto-692a3cece22219e6ca863dfda6db558e77d7385d31f2fc051020b41552c967e7 status: experimental description: Detects traffic or activity related to http://185.242.3.239/oqqqqoa.mp3 which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*http://185.242.3.239/oqqqqoa.mp3*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://up-flow.anyutkiup.in.net/verification.google id: auto-9b23afdecb169edbfc7dad4bfd673461255109eb72a500834be3bc515614fb34 status: experimental description: Detects traffic or activity related to https://up-flow.anyutkiup.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://up-flow.anyutkiup.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://any-08.anyutkiup.in.net/verification.google id: auto-d25d1169b25aa935a52244091d9247a4bc03b325b3ce65ccd58f02b31a9ff685 status: experimental description: Detects traffic or activity related to https://any-08.anyutkiup.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://any-08.anyutkiup.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://utki-v3.anyutkiup.in.net/verification.google id: auto-a647184cf7146730e2bda76d5a241ecdd0c37517b446ef04f2efeb8c9981d807 status: experimental description: Detects traffic or activity related to https://utki-v3.anyutkiup.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://utki-v3.anyutkiup.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://any-up.anyutkiup.in.net/verification.google id: auto-56c512e6dc2c6329baea45cf21af29766c7106495d5ea61b5b161584a876c5a3 status: experimental description: Detects traffic or activity related to https://any-up.anyutkiup.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://any-up.anyutkiup.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://oral-net.cavalieroral.in.net/verification.google id: auto-176e8a34224063521b8151ddd0c7a66fdce8713ba3a4cad364944cfdfe9c2841 status: experimental description: Detects traffic or activity related to https://oral-net.cavalieroral.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://oral-net.cavalieroral.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cav-base.cavalieroral.in.net/verification.google id: auto-4756a59c5c0f3262f9c5cfcc80eac7217281f8522de779f84a06e1c7513fb733 status: experimental description: Detects traffic or activity related to https://cav-base.cavalieroral.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cav-base.cavalieroral.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://oral-v4.cavalieroral.in.net/verification.google id: auto-caaebd05d39aada81c88b7ffd6ea819f148e03f2a98ac065f934020127c7c3f0 status: experimental description: Detects traffic or activity related to https://oral-v4.cavalieroral.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://oral-v4.cavalieroral.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cav-oral.cavalieroral.in.net/verification.google id: auto-a0159f33df45122566975abf020f66bcecea4d7899c94dd454e8028c74d2513f status: experimental description: Detects traffic or activity related to https://cav-oral.cavalieroral.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cav-oral.cavalieroral.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://kizarmenu.top/get-file.php id: auto-216ac384c4119e8cfb61785e42ebaecef7939bcb6df3910a758d917f247e5be1 status: experimental description: Detects traffic or activity related to https://kizarmenu.top/get-file.php which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://kizarmenu.top/get-file.php*' condition: selection level: high tags: - attack.t1218.011 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://rel-sync.lamarelativ.in.net/verification.google id: auto-855e492ab293e55745c589afc104366b85e3403e4bbc2e81297aee188501e38e status: experimental description: Detects traffic or activity related to https://rel-sync.lamarelativ.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://rel-sync.lamarelativ.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://lama-v5.lamarelativ.in.net/verification.google id: auto-776a67291e6cc9394713dd86db0e5e22cc6ff7278743b59168f3413a953863b5 status: experimental description: Detects traffic or activity related to https://lama-v5.lamarelativ.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://lama-v5.lamarelativ.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://rel-node.lamarelativ.in.net/verification.google id: auto-518703ea35a871d533f3a6dd08bc84cddbc2889b3785317232a0f8b80d1e0ab5 status: experimental description: Detects traffic or activity related to https://rel-node.lamarelativ.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://rel-node.lamarelativ.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://lama-rel.lamarelativ.in.net/verification.google id: auto-832eb830953b3f8500f5a93e9d09638d78dffe654f33002639f303e567cf3f62 status: experimental description: Detects traffic or activity related to https://lama-rel.lamarelativ.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://lama-rel.lamarelativ.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://salv-net.crucifionsalval.in.net/verification.google id: auto-90b3ee22b33e4f69afbc6f0151fab8b03405a7dbb82e97c453dab2245f85e0be status: experimental description: Detects traffic or activity related to https://salv-net.crucifionsalval.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://salv-net.crucifionsalval.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://salv-unit.crucifionsalval.in.net/verification.google id: auto-e91a8f5ba879fa823a47f151efd9a3fd5dc7297ec2fc111d760b15c886e666b6 status: experimental description: Detects traffic or activity related to https://salv-unit.crucifionsalval.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://salv-unit.crucifionsalval.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cruc-base.crucifionsalval.in.net/verification.google id: auto-2297ec57995083e3f44c7782bbbb18007508e61d949e51176da2e069bc67ac70 status: experimental description: Detects traffic or activity related to https://cruc-base.crucifionsalval.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cruc-base.crucifionsalval.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://sens-track.repeatsensat.in.net/verification.google id: auto-020344bd81815e2a005c3f605f1f2165e7ef893519f019fd2e083dd86795de8d status: experimental description: Detects traffic or activity related to https://sens-track.repeatsensat.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://sens-track.repeatsensat.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://repeat-01.repeatsensat.in.net/verification.google id: auto-e8ece018e6a7277b7476dc04c8196217d25eb232acd4ee08a3f4432672b71c56 status: experimental description: Detects traffic or activity related to https://repeat-01.repeatsensat.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://repeat-01.repeatsensat.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://sens-v2.repeatsensat.in.net/verification.google id: auto-9dbd913fe956dec5d7ff5b4417145e0fb438581e486493b67285aa8eb6778c72 status: experimental description: Detects traffic or activity related to https://sens-v2.repeatsensat.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://sens-v2.repeatsensat.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://repeat-hub.repeatsensat.in.net/verification.google id: auto-a958c5427e160950d4ef4accd6fd731550b9f5257577711963e38338202196fd status: experimental description: Detects traffic or activity related to https://repeat-hub.repeatsensat.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://repeat-hub.repeatsensat.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://b-node.freebspirit.in.net/verification.google id: auto-a7094bfe1315719c6b43c1cbfe1d59aa61450864ccb591562ca7d10d55e80c63 status: experimental description: Detects traffic or activity related to https://b-node.freebspirit.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://b-node.freebspirit.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://free-spirit.freebspirit.in.net/verification.google id: auto-1ae52d36731f157a736f1ff95fae6d451922c987f608897610e7c5414579f67a status: experimental description: Detects traffic or activity related to https://free-spirit.freebspirit.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://free-spirit.freebspirit.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://norflux0os.starfield.in.net/verification.google id: auto-25adc3d20a2c990fcb01ad5a603a18a043ba14f26ad32fad90c7bd9d7e2b2681 status: experimental description: Detects traffic or activity related to https://norflux0os.starfield.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://norflux0os.starfield.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://norvenen9.ironcrest.in.net/verification.google id: auto-893641386aab5b350f7a0b5c1803d75a8e5499a077f91db4a80618e92369e1d8 status: experimental description: Detects traffic or activity related to https://norvenen9.ironcrest.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://norvenen9.ironcrest.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://opticspower.ironcrest.in.net/verification.google id: auto-4f412acd647b4dc1e6bca0d4c41b6fda4a6fac09f4c588773488fcd526b91c33 status: experimental description: Detects traffic or activity related to https://opticspower.ironcrest.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://opticspower.ironcrest.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ultraautumn.ironcrest.in.net/verification.google id: auto-319036c21590e7168d23daf86f5743bfcd9f00d6cd7be7a3a66b3b509ea0840b status: experimental description: Detects traffic or activity related to https://ultraautumn.ironcrest.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ultraautumn.ironcrest.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://bytebin.ironcrest.in.net/verification.google id: auto-ab4841e0f1e94643869874b0dd7066da24f2355f69140755e7971f37d0de4067 status: experimental description: Detects traffic or activity related to https://bytebin.ironcrest.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://bytebin.ironcrest.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://mora-branch.oakridge.in.net/verification.google id: auto-18f3aba627987f8239f3153d0b701eb2e9aabb3318255114390acf0ba518dce4 status: experimental description: Detects traffic or activity related to https://mora-branch.oakridge.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://mora-branch.oakridge.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://scriptsprout.oakridge.in.net/verification.google id: auto-65473863661f981b0b4fb5530380830f82f80bf85f09cba8b4820ec750e5e9fa status: experimental description: Detects traffic or activity related to https://scriptsprout.oakridge.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://scriptsprout.oakridge.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://smarttrue.oakridge.in.net/verification.google id: auto-92e172c5d0ccd5f24b8d7c37ceaa64da5dfba2c6dfc90363819511247466c7e4 status: experimental description: Detects traffic or activity related to https://smarttrue.oakridge.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://smarttrue.oakridge.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://hyper-rap1d.lakecrest.in.net/verification.google id: auto-87cb9333f7f83246a1558dcde56b13d1f42b2dafd3996e8a580aaeb08fc8fd65 status: experimental description: Detects traffic or activity related to https://hyper-rap1d.lakecrest.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://hyper-rap1d.lakecrest.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://medi3-graph.lakecrest.in.net/verification.google id: auto-06d49975e741b88c5a9e364e6b07d1557d2ec37158d8ef7ac53a39148138f764 status: experimental description: Detects traffic or activity related to https://medi3-graph.lakecrest.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://medi3-graph.lakecrest.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://veltideis.lakecrest.in.net/verification.google id: auto-bc95c43641c2828c14cae32c77725f0e25b01d905628da75f6d858d90c4a35e2 status: experimental description: Detects traffic or activity related to https://veltideis.lakecrest.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://veltideis.lakecrest.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://e66c3.lakecrest.in.net/verification.google id: auto-c523b45ff0c63773f663367d74f410065c8ca724badaac9a41044379454c39e2 status: experimental description: Detects traffic or activity related to https://e66c3.lakecrest.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://e66c3.lakecrest.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://fernsecur.windfield.in.net/verification.google id: auto-f38007af3520c5efb16fa7eade51479e2d2a152e818dc65a0d7ac1e4afbd19cf status: experimental description: Detects traffic or activity related to https://fernsecur.windfield.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://fernsecur.windfield.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://sens0-core.windfield.in.net/verification.google id: auto-60f17e6a54a463966d3a8e5c59cf5503f3d2a7810e7de696444e611ff9739f0a status: experimental description: Detects traffic or activity related to https://sens0-core.windfield.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://sens0-core.windfield.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://route-spa.windfield.in.net/verification.google id: auto-343dc461efc0c29b536160bf204f1168ce44c92502de94d37dc00a2fcc101bec status: experimental description: Detects traffic or activity related to https://route-spa.windfield.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://route-spa.windfield.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cora-clu.stonefield.in.net/verification.google id: auto-dd2232d43694a21b4f169a22bbbedebf0ddde68b81d70cf4b992a6b5b21098e4 status: experimental description: Detects traffic or activity related to https://cora-clu.stonefield.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cora-clu.stonefield.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://formalcraft.stonefield.in.net/verification.google id: auto-6c71c7d410b9acb185abeb7de091ae28d7bba70b67718f009ca55ef969e8c624 status: experimental description: Detects traffic or activity related to https://formalcraft.stonefield.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://formalcraft.stonefield.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://jqicypl.stonefield.in.net/verification.google id: auto-c18f6ffa8badb3b5ce07a8bfa07129912197ab3262afd0b0d094c4dac1fea45c status: experimental description: Detects traffic or activity related to https://jqicypl.stonefield.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://jqicypl.stonefield.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://fallshie.stonefield.in.net/verification.google id: auto-ddf73de0c87207f7d0b2cd28589cacf4f21ce46f71cb4bed1c88cc9600d5cad5 status: experimental description: Detects traffic or activity related to https://fallshie.stonefield.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://fallshie.stonefield.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://azuro.pro/Launcher.zip id: auto-169d0a12244da7af96ad7c2692aea185413861a2386131ef1381e22e6acda51b status: experimental description: Detects traffic or activity related to https://azuro.pro/Launcher.zip which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://azuro.pro/Launcher.zip*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://alt-cor3.darkridge.in.net/verification.google id: auto-35193a93b5369962b9d6e7d178a058d129876431b2ad7704e2a887f3fd95952b status: experimental description: Detects traffic or activity related to https://alt-cor3.darkridge.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://alt-cor3.darkridge.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://tintttw.darkridge.in.net/verification.google id: auto-06dd60c48c571a8c561592125cbba5cbfdbb600c7062aac1d56f3dad0646abb0 status: experimental description: Detects traffic or activity related to https://tintttw.darkridge.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://tintttw.darkridge.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://min0r-stream.darkridge.in.net/verification.google id: auto-e5dd1d90d58c3ee2b24a36488a7ee698312261f89d8f33d0c5f1dfb1014e59c6 status: experimental description: Detects traffic or activity related to https://min0r-stream.darkridge.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://min0r-stream.darkridge.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://vvest-route.darkridge.in.net/verification.google id: auto-3b60f4dac042b2af4fd603427b7a85fbdd3617970b91cad848a3d37e4973f1cb status: experimental description: Detects traffic or activity related to https://vvest-route.darkridge.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://vvest-route.darkridge.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://5ync4-loop.goldridge.in.net/verification.google id: auto-c297b286f05994a2bcf168ac7ba87a826effad8ae3ab90add7bf748b326ec4b4 status: experimental description: Detects traffic or activity related to https://5ync4-loop.goldridge.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://5ync4-loop.goldridge.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://alignion.goldridge.in.net/verification.google id: auto-f50c40e012e2ed83929140f1eea3a6540719d6cef6563333dc0a865f2122d4af status: experimental description: Detects traffic or activity related to https://alignion.goldridge.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://alignion.goldridge.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://udfu.goldridge.in.net/verification.google id: auto-94cc635055cd82d9fea7a33c1a3bc0a695a61b6880bf143140900f319cf60314 status: experimental description: Detects traffic or activity related to https://udfu.goldridge.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://udfu.goldridge.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://drifstac.bluecrest.in.net/verification.google id: auto-3b3badcd9f5fb7361c8489df65006b378a2ecd30a88478c7cab7ac26bb8bfe43 status: experimental description: Detects traffic or activity related to https://drifstac.bluecrest.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://drifstac.bluecrest.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ship-spark.redcrest.in.net/verification.google id: auto-9ba39d2b67eac15f09ab2a449947ffc29759aedffe9ce628d234c118bd15dcd3 status: experimental description: Detects traffic or activity related to https://ship-spark.redcrest.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ship-spark.redcrest.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://crafshi.getreplay.in.net/verification.google id: auto-f335f34cc7ac157a331a41ce48714b2ad5b9f580079942dadc060b9279e67b17 status: experimental description: Detects traffic or activity related to https://crafshi.getreplay.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://crafshi.getreplay.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://geneexp.getreplay.in.net/verification.google id: auto-fc3bb5271f40434f3e78200d7df96e5fbcdddca517d8b4c3fe67534f0af7e29f status: experimental description: Detects traffic or activity related to https://geneexp.getreplay.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://geneexp.getreplay.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://73rgwdew.getreplay.in.net/verification.google id: auto-4f9408c6c08e40ddcc0ba8a30e9cd7f108f4055ca39d554db969acb1380be2bd status: experimental description: Detects traffic or activity related to https://73rgwdew.getreplay.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://73rgwdew.getreplay.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://neo-5ound.caseoptional.in.net/verification.google id: auto-185ffda3162fa50e746cccd087483a4113bcb0912cb654eea9892b16789f26cc status: experimental description: Detects traffic or activity related to https://neo-5ound.caseoptional.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://neo-5ound.caseoptional.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://passiveasset.caseoptional.in.net/verification.google id: auto-98552750d97a3e9841e33632181f1506dc0cd9c383e16cebe32d4094f7165290 status: experimental description: Detects traffic or activity related to https://passiveasset.caseoptional.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://passiveasset.caseoptional.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://103.27.157.144/api/download id: auto-bcdaa63d1fe1d8e2cb3973c06b4d4efa08df79b31472f49c5b6d52826f48abc3 status: experimental description: Detects traffic or activity related to https://103.27.157.144/api/download which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://103.27.157.144/api/download*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - http://158.94.211.222/files/6902778688/uxQfUNw.exe id: auto-076665254e2217722980737c800c300ed3cd0a49fc90c54050257443fb25f505 status: experimental description: Detects traffic or activity related to http://158.94.211.222/files/6902778688/uxQfUNw.exe which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*http://158.94.211.222/files/6902778688/uxQfUNw.exe*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://austro02.austrodouble.in.net/verification.google id: auto-3bd944d114878ff459c0ebb96c5714b5f92c6a3815ea6e899179711e6c393bb2 status: experimental description: Detects traffic or activity related to https://austro02.austrodouble.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://austro02.austrodouble.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://blood04.dialectblood.in.net/verification.google id: auto-f119264f06db387d0637aa9fbea1739837faa03d7d7ffa86dfbb845d84ff7a95 status: experimental description: Detects traffic or activity related to https://blood04.dialectblood.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://blood04.dialectblood.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://dia-v5.dialectblood.in.net/verification.google id: auto-b0d99aad7d7a33c5e1d40c81b87f4c8dca186b741435e32a5fac10e77e2fea70 status: experimental description: Detects traffic or activity related to https://dia-v5.dialectblood.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://dia-v5.dialectblood.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://blood-unit.dialectblood.in.net/verification.google id: auto-a3cfaa9669ad74adc1231af94cd4dc34e1891bf2a87453b77f362985c5c7a9de status: experimental description: Detects traffic or activity related to https://blood-unit.dialectblood.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://blood-unit.dialectblood.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://svet09.moroshkasvet.in.net/verification.google id: auto-728ab16387f61671511315067253d25aa8032d422775a1e757a8b8edc00855db status: experimental description: Detects traffic or activity related to https://svet09.moroshkasvet.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://svet09.moroshkasvet.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://moro-v4.moroshkasvet.in.net/verification.google id: auto-4a14ac5cf73b92dd6f1f171b7993ec87bf51ba660f5e8b65762c2fa1e3d9b387 status: experimental description: Detects traffic or activity related to https://moro-v4.moroshkasvet.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://moro-v4.moroshkasvet.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://woman-flow.youngwoman.in.net/verification.google id: auto-205f920073e9a18f1cc1ea3c2cd09f74419f22df8deb7ac1748cbbab92e3f5f1 status: experimental description: Detects traffic or activity related to https://woman-flow.youngwoman.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://woman-flow.youngwoman.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://young01.youngwoman.in.net/verification.google id: auto-e12fc74c2973e34c12aa290f5fe83c2304c1d7d41d18c57777948b72fd432feb status: experimental description: Detects traffic or activity related to https://young01.youngwoman.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://young01.youngwoman.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - http://158.94.211.222/files/7044575709/ABbqsJz.exe id: auto-f6c57f7d2e9b1df2eacd955e39d3124d2dead4e7fd1cad118801f635a3436120 status: experimental description: Detects traffic or activity related to http://158.94.211.222/files/7044575709/ABbqsJz.exe which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*http://158.94.211.222/files/7044575709/ABbqsJz.exe*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - http://158.94.211.222/files/8468794285/sBC01fa.exe id: auto-70c8cd7e5591f344e6067d31b6369d536f269203ec3460202e6ede71dd200c1a status: experimental description: Detects traffic or activity related to http://158.94.211.222/files/8468794285/sBC01fa.exe which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*http://158.94.211.222/files/8468794285/sBC01fa.exe*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://rantier-loopnode.rantiercling.in.net/verification.google id: auto-01f756ae4c5314cd723b0f643bba42d3077105b2994a87e74dfd5bffcece51e7 status: experimental description: Detects traffic or activity related to https://rantier-loopnode.rantiercling.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://rantier-loopnode.rantiercling.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://anondrop.net/1479090540531421216/1.png id: auto-db139f7977c2c687da1bdbdfb8b06a55d961bd75a955383dec5f30469e5b8dbd status: experimental description: Detects traffic or activity related to https://anondrop.net/1479090540531421216/1.png which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://anondrop.net/1479090540531421216/1.png*' condition: selection level: high tags: - attack.t1587.001 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://pixelcraft.abcdesign.in.net/verification.google id: auto-4d8ecc097e228f31eba4004ef30da0cff8f6cdcd60d4b6025b72265b620dbc37 status: experimental description: Detects traffic or activity related to https://pixelcraft.abcdesign.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://pixelcraft.abcdesign.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://rx8qk.abcdesign.in.net/verification.google id: auto-8daebdb54a0cbcd6e0df1da4158460a1b0800b36c8bca2d72430c59b208fcf82 status: experimental description: Detects traffic or activity related to https://rx8qk.abcdesign.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://rx8qk.abcdesign.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://stre06.aquastream.in.net/verification.google id: auto-74cdabf0b103f8b1c79a9c4eaf5cb8d86ab261acc030d4327eab5ba712ae46d5 status: experimental description: Detects traffic or activity related to https://stre06.aquastream.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://stre06.aquastream.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://aqua-sync.aquastream.in.net/verification.google id: auto-699238b2827d2c649ab352a02517e36a7e4e24bd6d9d8520a9a35a5ac144c576 status: experimental description: Detects traffic or activity related to https://aqua-sync.aquastream.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://aqua-sync.aquastream.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://stre-v9.aquastream.in.net/verification.google id: auto-4c6e1b9f1b47aba1387f8ef0833e081058b406bbe924a6a28b2dd39823307ed7 status: experimental description: Detects traffic or activity related to https://stre-v9.aquastream.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://stre-v9.aquastream.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://hydro-run.aquastream.in.net/verification.google id: auto-5860ab2665fd659fb6f5b4d59fd67deb06911a062e21a42520f619086e368a5f status: experimental description: Detects traffic or activity related to https://hydro-run.aquastream.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://hydro-run.aquastream.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://vant05.trailvantage.in.net/verification.google id: auto-b4c9a1cef7a623eddfa2f29a1274d02ce5adbe50f8caea1a3ca438dc71405e8d status: experimental description: Detects traffic or activity related to https://vant05.trailvantage.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://vant05.trailvantage.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://trail-net.trailvantage.in.net/verification.google id: auto-c76acc08376e2c848491c637c8e374ba81bf8bdb744cf04de12cd8f6e5d6e843 status: experimental description: Detects traffic or activity related to https://trail-net.trailvantage.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://trail-net.trailvantage.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://vant-v8.trailvantage.in.net/verification.google id: auto-f5a663ee5535cbc50360e4f09baa08457bc85819a6dcc568f43f48b38195be11 status: experimental description: Detects traffic or activity related to https://vant-v8.trailvantage.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://vant-v8.trailvantage.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://logi-base.trailvantage.in.net/verification.google id: auto-b5e0d9a104fcf09b62a2003d4e8c2374f5c2cb00b884c07618c50f0ddee01632 status: experimental description: Detects traffic or activity related to https://logi-base.trailvantage.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://logi-base.trailvantage.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://sent03.skysentry.in.net/verification.google id: auto-3bc216993f8ca8fdecb1c85066f2b3f474df4d98541a9218e2f9c6c0ef925291 status: experimental description: Detects traffic or activity related to https://sent03.skysentry.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://sent03.skysentry.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://sky-gate.skysentry.in.net/verification.google id: auto-b6e5b7aac90469c1ce9edc0f885f2b19ee1fd2755e16f506b2f81c9957475824 status: experimental description: Detects traffic or activity related to https://sky-gate.skysentry.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://sky-gate.skysentry.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://sent-v7.skysentry.in.net/verification.google id: auto-5a700147509f53e1eae036b53e6a3b947b98cc3c70b3acc3d5078825ef6a0c02 status: experimental description: Detects traffic or activity related to https://sent-v7.skysentry.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://sent-v7.skysentry.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://aero-hub.skysentry.in.net/verification.google id: auto-827a79b31b7b0e48eba1eeba1b3c5a796b811fedc52a2c0d71f1fa3b1c671f20 status: experimental description: Detects traffic or activity related to https://aero-hub.skysentry.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://aero-hub.skysentry.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://link08.organiclink.in.net/verification.google id: auto-86eff3c7bebb5ce791ff790a1af9c3132782908cca089aa0a76aba729e0c145e status: experimental description: Detects traffic or activity related to https://link08.organiclink.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://link08.organiclink.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://orga-sync.organiclink.in.net/verification.google id: auto-96e8b57fee146103e9fef822b28faa8507f02cf24f4b632dc57f4fefd226a0b0 status: experimental description: Detects traffic or activity related to https://orga-sync.organiclink.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://orga-sync.organiclink.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://link-v6.organiclink.in.net/verification.google id: auto-af2cf8b3f61c5bfeec09958c15a5213730faf22f51926bee049c3a8e58fc91fd status: experimental description: Detects traffic or activity related to https://link-v6.organiclink.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://link-v6.organiclink.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://bio-trace.organiclink.in.net/verification.google id: auto-9e7cab13c81b88dd44201365a744e14332d85cd79f71d28dfb7bca57311b601b status: experimental description: Detects traffic or activity related to https://bio-trace.organiclink.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://bio-trace.organiclink.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://pulse02.metropulse.in.net/verification.google id: auto-56a5934d7f2148ab6df8b283147f2e6fdfb00c3e19a43b068733a54a9a30a2f6 status: experimental description: Detects traffic or activity related to https://pulse02.metropulse.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://pulse02.metropulse.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://metro-net.metropulse.in.net/verification.google id: auto-19e3a241ac4997a29e73e3e6495e55e3dcaa9b9056b478a3a44ff3cc97a1ac16 status: experimental description: Detects traffic or activity related to https://metro-net.metropulse.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://metro-net.metropulse.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://pulse-v5.metropulse.in.net/verification.google id: auto-1a85be92899a5fabe53893e3bf59f23e30a7a7c5856f16c9618b158eab5dd232 status: experimental description: Detects traffic or activity related to https://pulse-v5.metropulse.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://pulse-v5.metropulse.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://urban-sys.metropulse.in.net/verification.google id: auto-fd3d3a90033a49eef67cf6e883a65171451d69bd50ace0c79bde8cb1452d4515 status: experimental description: Detects traffic or activity related to https://urban-sys.metropulse.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://urban-sys.metropulse.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://nest09.cryptonest.in.net/verification.google id: auto-b866038ded9bfddc374d05f62540b7959bd9f3a3fb282a5ecef5388ef90bbbdf status: experimental description: Detects traffic or activity related to https://nest09.cryptonest.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://nest09.cryptonest.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cryp-sync.cryptonest.in.net/verification.google id: auto-3c758e248942c7099d471d6795521f320352ebc686e61d5b692d035f21f9797a status: experimental description: Detects traffic or activity related to https://cryp-sync.cryptonest.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cryp-sync.cryptonest.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://nest-v4.cryptonest.in.net/verification.google id: auto-6800538a9805e742ca3fe384e8484546252d8330971dda6fd2796a15f29b9c01 status: experimental description: Detects traffic or activity related to https://nest-v4.cryptonest.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://nest-v4.cryptonest.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://data-vault.cryptonest.in.net/verification.google id: auto-81c0468822950c265a3e9f95480cbdd4a6e32be66e5d4fe0fa54a4122dc6705f status: experimental description: Detects traffic or activity related to https://data-vault.cryptonest.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://data-vault.cryptonest.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://brid01.fluxbridge.in.net/verification.google id: auto-dc458d83e065f3a8add66bd9ce5731c87576c910a386321d3a8c740da49ba8ad status: experimental description: Detects traffic or activity related to https://brid01.fluxbridge.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://brid01.fluxbridge.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://flux-net.fluxbridge.in.net/verification.google id: auto-0b2c1020cca4321aa4bb7064ff535c2143b1f0fbde5053bb50d5e3a13457e807 status: experimental description: Detects traffic or activity related to https://flux-net.fluxbridge.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://flux-net.fluxbridge.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://brid-v3.fluxbridge.in.net/verification.google id: auto-4f993a0e29afa0442483a033ec4ec5d4b7c4be3e83710ba88687d4dc4c685f5f status: experimental description: Detects traffic or activity related to https://brid-v3.fluxbridge.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://brid-v3.fluxbridge.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://flow-core.fluxbridge.in.net/verification.google id: auto-f02a0b0e37147c6d2f3491bf822eb403637ef3c4f97bc900984c0c568f3df0b2 status: experimental description: Detects traffic or activity related to https://flow-core.fluxbridge.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://flow-core.fluxbridge.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://matr07.fieldmatrix.in.net/verification.google id: auto-fc7d6cfcfb5f2528a668d21a56c16c736c8335edd31e184daaa77a4a3f9d8d20 status: experimental description: Detects traffic or activity related to https://matr07.fieldmatrix.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://matr07.fieldmatrix.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://field-sync.fieldmatrix.in.net/verification.google id: auto-f1e2f0fab8bd851e67246b1328bce660299c6f4ce63caf9edbc83ed9d17907d3 status: experimental description: Detects traffic or activity related to https://field-sync.fieldmatrix.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://field-sync.fieldmatrix.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://matr-v2.fieldmatrix.in.net/verification.google id: auto-117462a362ed083274b88047a2004f764247b7560c36130fc96832d7af7e7b60 status: experimental description: Detects traffic or activity related to https://matr-v2.fieldmatrix.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://matr-v2.fieldmatrix.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://agro-unit.fieldmatrix.in.net/verification.google id: auto-37deb9e69ecd638ea0b894160b69ffcf761355f9bb081e1ded2a14637309cbdc status: experimental description: Detects traffic or activity related to https://agro-unit.fieldmatrix.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://agro-unit.fieldmatrix.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://view04.tectoniview.in.net/verification.google id: auto-2f3b51f78c97bd2706e6ad16d585d2e29dfdd838407ead473963ddb373dd292c status: experimental description: Detects traffic or activity related to https://view04.tectoniview.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://view04.tectoniview.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://tecto-sync.tectoniview.in.net/verification.google id: auto-6769dc7ce0234d1c18871296e66ba9e331094b59c4a9a0d167254497cd50fff7 status: experimental description: Detects traffic or activity related to https://tecto-sync.tectoniview.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://tecto-sync.tectoniview.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://view-v1.tectoniview.in.net/verification.google id: auto-4c239d7ac5f05a884617e2a25095f12638f8bd24c88aee0070515c641dcfceb8 status: experimental description: Detects traffic or activity related to https://view-v1.tectoniview.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://view-v1.tectoniview.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://cyber-node.tectoniview.in.net/verification.google id: auto-ec74a7437c389f558907ed7076cd44c2208f1b263ae61d7a77696b7ff7188777 status: experimental description: Detects traffic or activity related to https://cyber-node.tectoniview.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://cyber-node.tectoniview.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://lose06.amperelose.in.net/verification.google id: auto-d235e4dddcf057b04b065427999d192e052dddc02c2655de0edfa83f8a908fca status: experimental description: Detects traffic or activity related to https://lose06.amperelose.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://lose06.amperelose.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://amp-v1.amperelose.in.net/verification.google id: auto-6447674270247ce63c3e443b96cadd4e8e4e120aba6832591b30e1387287eba1 status: experimental description: Detects traffic or activity related to https://amp-v1.amperelose.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://amp-v1.amperelose.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://volt-sync.amperelose.in.net/verification.google id: auto-fe43db8f7642e2c541a80593ab2964f6588564d5703c476ebf979aeb17832b35 status: experimental description: Detects traffic or activity related to https://volt-sync.amperelose.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://volt-sync.amperelose.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://amp-lose.amperelose.in.net/verification.google id: auto-30f9de7eefd79a4b6949f607d4336fdb879545372cd65df941cb4342c804ecb1 status: experimental description: Detects traffic or activity related to https://amp-lose.amperelose.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://amp-lose.amperelose.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://kero01.avonkerosene.in.net/verification.google id: auto-246d67c8a662d37d4f3ffb1765c8c8673945b07c39e33afb2b2cd998534f50d4 status: experimental description: Detects traffic or activity related to https://kero01.avonkerosene.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://kero01.avonkerosene.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://avon-v9.avonkerosene.in.net/verification.google id: auto-562cfc9d9803321ccf0b7a59dfa43e3de5e05f8c9e1d466462c376bb42fd9274 status: experimental description: Detects traffic or activity related to https://avon-v9.avonkerosene.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://avon-v9.avonkerosene.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://kero-net.avonkerosene.in.net/verification.google id: auto-8ca5106534ee9bc9922ec4cb5011da55d14db0704984a94d96ab6b6cc2c37d81 status: experimental description: Detects traffic or activity related to https://kero-net.avonkerosene.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://kero-net.avonkerosene.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://avon-core.avonkerosene.in.net/verification.google id: auto-0e3ad7d61a59691081ec41e5c6d22addbc7960840eabd22b3ee51e002b9bad2e status: experimental description: Detects traffic or activity related to https://avon-core.avonkerosene.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://avon-core.avonkerosene.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://maku07.makuhaportfol.in.net/verification.google id: auto-ec2ae2bf5e977dc18d7c618dc3a6072bb5990702a8236587eb7f0f72fcf5a650 status: experimental description: Detects traffic or activity related to https://maku07.makuhaportfol.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://maku07.makuhaportfol.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://port-v8.makuhaportfol.in.net/verification.google id: auto-e5c851c4483b0e95d0b2023b180af65a4521ccccaad6a9766d63303ae8582e6d status: experimental description: Detects traffic or activity related to https://port-v8.makuhaportfol.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://port-v8.makuhaportfol.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://maku-base.makuhaportfol.in.net/verification.google id: auto-f891aeb0cc6bbe24ef13cae64a47ebe7538f157fc8437eb9273b7bc4610a4747 status: experimental description: Detects traffic or activity related to https://maku-base.makuhaportfol.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://maku-base.makuhaportfol.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://port-fol.makuhaportfol.in.net/verification.google id: auto-d4ffcab1ad58a2b1c1d0fadc5b3bfabc48dacc9c31893ac3644ee0fff017f6db status: experimental description: Detects traffic or activity related to https://port-fol.makuhaportfol.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://port-fol.makuhaportfol.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://synch03.corvetsynchron.in.net/verification.google id: auto-9a482fd076ce15d873b9501a535e2582bcf64246727258d57458c64e07e3713e status: experimental description: Detects traffic or activity related to https://synch03.corvetsynchron.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://synch03.corvetsynchron.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://corvet-v7.corvetsynchron.in.net/verification.google id: auto-bea41d76e51b4f7bbc8637a7d238dd9b8bd7af762b1cac4aee4f6790335a1ace status: experimental description: Detects traffic or activity related to https://corvet-v7.corvetsynchron.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://corvet-v7.corvetsynchron.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://synch-node.corvetsynchron.in.net/verification.google id: auto-c3f1fbd1e83fdcc69e1ae402de86bf730abc0c886d67de9fa1590f600c859006 status: experimental description: Detects traffic or activity related to https://synch-node.corvetsynchron.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://synch-node.corvetsynchron.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://corvet-sync.corvetsynchron.in.net/verification.google id: auto-27ea148d4504e1463271cfae4b04e595deeab88d0faa5ec8f5b08be34ab5b802 status: experimental description: Detects traffic or activity related to https://corvet-sync.corvetsynchron.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://corvet-sync.corvetsynchron.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://big02.bigamyprogramm.in.net/verification.google id: auto-04658365cd39c7adf3f81158e3c5035cbb3486bfaa12f0e30063d43384d6dece status: experimental description: Detects traffic or activity related to https://big02.bigamyprogramm.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://big02.bigamyprogramm.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://prog-v6.bigamyprogramm.in.net/verification.google id: auto-73cdcb149f75259915d8ff6f163840f74d7b84ca87c60a558152c0a3310189ac status: experimental description: Detects traffic or activity related to https://prog-v6.bigamyprogramm.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://prog-v6.bigamyprogramm.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://sys-node.bigamyprogramm.in.net/verification.google id: auto-259c59613abdb9457f3ff064654f6eded86599117c1cc1bc5ff6d5dc535e9ae2 status: experimental description: Detects traffic or activity related to https://sys-node.bigamyprogramm.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://sys-node.bigamyprogramm.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://big-prog.bigamyprogramm.in.net/verification.google id: auto-6441c4adfe6728f529dea7873e60506423147fbef6f57ac98580bc25263bdd9a status: experimental description: Detects traffic or activity related to https://big-prog.bigamyprogramm.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://big-prog.bigamyprogramm.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://hryv08.hryvmicrobiol.in.net/verification.google id: auto-5be027702ee9743d651fec0c55332d13cfd61587b250f93e052033f788b2cffa status: experimental description: Detects traffic or activity related to https://hryv08.hryvmicrobiol.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://hryv08.hryvmicrobiol.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://micro-v5.hryvmicrobiol.in.net/verification.google id: auto-5b6aa616ffe59dd86028bbe428d10f8391935f0cc397c82346fdcafdb62ec29d status: experimental description: Detects traffic or activity related to https://micro-v5.hryvmicrobiol.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://micro-v5.hryvmicrobiol.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://hryv-node.hryvmicrobiol.in.net/verification.google id: auto-e4f0274ebf448bf171be4d225246e1c4d98ff5a54028a936ac69b177fcacba39 status: experimental description: Detects traffic or activity related to https://hryv-node.hryvmicrobiol.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://hryv-node.hryvmicrobiol.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://micro-bio.hryvmicrobiol.in.net/verification.google id: auto-ac52400d657075018641ac1f4cd3491db0ca28bd9e35d88791cb5edf85e04e33 status: experimental description: Detects traffic or activity related to https://micro-bio.hryvmicrobiol.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://micro-bio.hryvmicrobiol.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://skird05.breakskird.in.net/verification.google id: auto-262818f3f1357e9a0a44d05147c3ed9415a150bd2648433683cca2a2d609b754 status: experimental description: Detects traffic or activity related to https://skird05.breakskird.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://skird05.breakskird.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://break-v4.breakskird.in.net/verification.google id: auto-734a8bdb8b4dfcd3e12961066d0ae2a510cc1f6265c4800aef1be4b6bd132d55 status: experimental description: Detects traffic or activity related to https://break-v4.breakskird.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://break-v4.breakskird.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://skird-net.breakskird.in.net/verification.google id: auto-d3dc77273df4bca0259d4ba751b8c90424fdc542f49731e977a45e0ff7effb4f status: experimental description: Detects traffic or activity related to https://skird-net.breakskird.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://skird-net.breakskird.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://break-unit.breakskird.in.net/verification.google id: auto-8a1c44940a09971a557abe11c912cffbb452fd8842efd1abd4841560f59eaba9 status: experimental description: Detects traffic or activity related to https://break-unit.breakskird.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://break-unit.breakskird.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://trav01.constelluntrav.in.net/verification.google id: auto-fbbd90ac48296f5693dc1398696d1a528e1cb054b1e59c05a00ee843f976fa43 status: experimental description: Detects traffic or activity related to https://trav01.constelluntrav.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://trav01.constelluntrav.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://const-v3.constelluntrav.in.net/verification.google id: auto-7b97a49e65c2a8863268ba3ee079913abf9aae5ce2e3235d3783e5bbe12d4339 status: experimental description: Detects traffic or activity related to https://const-v3.constelluntrav.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://const-v3.constelluntrav.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://trav-base.constelluntrav.in.net/verification.google id: auto-f476eab32e55db1213b8b54c967085ea25365864f45e6693415b2efb1cb7a930 status: experimental description: Detects traffic or activity related to https://trav-base.constelluntrav.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://trav-base.constelluntrav.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://const-gate.constelluntrav.in.net/verification.google id: auto-1b282824a1efb08819295bb4dfc5cffb99e82a48fcf8d39164a0e8ed9f9bd1ff status: experimental description: Detects traffic or activity related to https://const-gate.constelluntrav.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://const-gate.constelluntrav.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://soup09.coachsoup.in.net/verification.google id: auto-fd6f47f5f55967a22505dd1e157aae5ee9510d8c84920624ed86403e70303157 status: experimental description: Detects traffic or activity related to https://soup09.coachsoup.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://soup09.coachsoup.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://coach-v2.coachsoup.in.net/verification.google id: auto-d77cde99c7a5465899f353ea6064d84f8bd203fe162a969c0deaccb948939035 status: experimental description: Detects traffic or activity related to https://coach-v2.coachsoup.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://coach-v2.coachsoup.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://soup-node.coachsoup.in.net/verification.google id: auto-aecd9769178cd708b8d428e0ca7b1a2b20b75727b73d8c0e8bd29a3ad976e5bd status: experimental description: Detects traffic or activity related to https://soup-node.coachsoup.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://soup-node.coachsoup.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://coach-sync.coachsoup.in.net/verification.google id: auto-296fe6f4686556910de7495e71310063a9d28bb12b2e6175dc30d69b65b19841 status: experimental description: Detects traffic or activity related to https://coach-sync.coachsoup.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://coach-sync.coachsoup.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://com04.commundesign.in.net/verification.google id: auto-b5a0bea8596abb296f9d61eed96c45a198b7ddd5af0e213a98692bf84c22249d status: experimental description: Detects traffic or activity related to https://com04.commundesign.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://com04.commundesign.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://design-v1.commundesign.in.net/verification.google id: auto-674170bc190a672a416dcff58bad12f52d9ae69848065d4497691f655114a52a status: experimental description: Detects traffic or activity related to https://design-v1.commundesign.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://design-v1.commundesign.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://net-hub.commundesign.in.net/verification.google id: auto-ef82918d6008a5ddc5eeececccdf087a3f76cb05cdaee8dc827e9884ad87322d status: experimental description: Detects traffic or activity related to https://net-hub.commundesign.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://net-hub.commundesign.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://com-design.commundesign.in.net/verification.google id: auto-6b38bfc7308881aa3453904178e623c267c9078535bda2700c78c44cf7b3c393 status: experimental description: Detects traffic or activity related to https://com-design.commundesign.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://com-design.commundesign.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://mimi-knotline.mimisttie.in.net/verification.google id: auto-2d503b14fa2fb3d2a108a3923baa6742e275150141135d26e1851e9e575fbf20 status: experimental description: Detects traffic or activity related to https://mimi-knotline.mimisttie.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://mimi-knotline.mimisttie.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://tinythread.mimisttie.in.net/verification.google id: auto-dfc767897a45a12f58ba89b38b01a1a7526e82e49a761d2fe2dfb5810567273a status: experimental description: Detects traffic or activity related to https://tinythread.mimisttie.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://tinythread.mimisttie.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://zk8q4.mimisttie.in.net/verification.google id: auto-7eff5e17600582c10a38c9510997d03f91e7da627f7193d63111138edab4f7a4 status: experimental description: Detects traffic or activity related to https://zk8q4.mimisttie.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://zk8q4.mimisttie.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://geo-p1levector.geodesistpile.in.net/verification.google id: auto-5a8bb4867c47e1b0a4d389f137e91f03b6b153d99c881ebe08ff249d7701146b status: experimental description: Detects traffic or activity related to https://geo-p1levector.geodesistpile.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://geo-p1levector.geodesistpile.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://surveyrock.geodesistpile.in.net/verification.google id: auto-aa4954c509362647b8a99696150397b3f2886e947693d1ee1adb295785efd176 status: experimental description: Detects traffic or activity related to https://surveyrock.geodesistpile.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://surveyrock.geodesistpile.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://q7wz3.geodesistpile.in.net/verification.google id: auto-b37ecde4ba96c03c8de44b1101840ce282a3e2bb19ceaaf507fe49656e35a44f status: experimental description: Detects traffic or activity related to https://q7wz3.geodesistpile.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://q7wz3.geodesistpile.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://engrave-vel0ur.engravevelvet.in.net/verification.google id: auto-24e9b199b4c733fd647e5424beb3f12086c0fdac0261bf8fc7df72a6de1060c7 status: experimental description: Detects traffic or activity related to https://engrave-vel0ur.engravevelvet.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://engrave-vel0ur.engravevelvet.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://softcarve.engravevelvet.in.net/verification.google id: auto-d5b5fd66137fbd4a5962fed5a7207859b2a1c1f0772d93cbd4697f9b018d301a status: experimental description: Detects traffic or activity related to https://softcarve.engravevelvet.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://softcarve.engravevelvet.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://y6xq9.engravevelvet.in.net/verification.google id: auto-739e81e93d8255df918bd2f56c75043b96eca50160cc4e49b91764fa6d122ff1 status: experimental description: Detects traffic or activity related to https://y6xq9.engravevelvet.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://y6xq9.engravevelvet.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://esaul-frostline.esaulsnow.in.net/verification.google id: auto-a360a8c50e191eb3bb1ce8037c519aea9253dd79c04f2e7efe3b80808715a2ca status: experimental description: Detects traffic or activity related to https://esaul-frostline.esaulsnow.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://esaul-frostline.esaulsnow.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://wintertrail.esaulsnow.in.net/verification.google id: auto-67eb202aeadc4ff8b73ed02a00745af2060f91691e9014d89fdb7e423ca99dd4 status: experimental description: Detects traffic or activity related to https://wintertrail.esaulsnow.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://wintertrail.esaulsnow.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://v8q2r.esaulsnow.in.net/verification.google id: auto-066045ce258e37dd29905512af954c07d86e260ade86c4e9d264e713617830bd status: experimental description: Detects traffic or activity related to https://v8q2r.esaulsnow.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://v8q2r.esaulsnow.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://infant-woodgrid.infantwoodman.in.net/verification.google id: auto-6ebe6c99bd87c4e8a785ab3604c02c58113aa6dec833acc63439524949597c0c status: experimental description: Detects traffic or activity related to https://infant-woodgrid.infantwoodman.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://infant-woodgrid.infantwoodman.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://youngtimber.infantwoodman.in.net/verification.google id: auto-07d2e1b8e8006b2bc47361aa712b33b801cee62ba7fef487f3707303b13c4481 status: experimental description: Detects traffic or activity related to https://youngtimber.infantwoodman.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://youngtimber.infantwoodman.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://xk39q.infantwoodman.in.net/verification.google id: auto-49b3846a808cac85e701cc7146b0f103d5d6de1c9656f0582e532b36a3ae4abb status: experimental description: Detects traffic or activity related to https://xk39q.infantwoodman.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://xk39q.infantwoodman.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://sabbathforge.magnesshabas.in.net/verification.google id: auto-179ed90ab8cc47badb0e53e2cc6e92f8e0637576f6924141d6ebe423ab3f1c91 status: experimental description: Detects traffic or activity related to https://sabbathforge.magnesshabas.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://sabbathforge.magnesshabas.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://magnes-core.magnesshabas.in.net/verification.google id: auto-d056d62fec14661fb426983a5bcbc11bc315bc8849d95172d3d55d1b6ab8ea1e status: experimental description: Detects traffic or activity related to https://magnes-core.magnesshabas.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://magnes-core.magnesshabas.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://nq7w5.magnesshabas.in.net/verification.google id: auto-f330dcb3f8d542c09afe38577253518e124d92f7144fdf612fc2ea4dd4cf6e07 status: experimental description: Detects traffic or activity related to https://nq7w5.magnesshabas.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://nq7w5.magnesshabas.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://pasteur0-lab.alaspasteur.in.net/verification.google id: auto-04557e172b8008d39b1c3af9919e84a2f4c10d6339ee449bdbb59d25752b0919 status: experimental description: Detects traffic or activity related to https://pasteur0-lab.alaspasteur.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://pasteur0-lab.alaspasteur.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://labculture.alaspasteur.in.net/verification.google id: auto-a356d4a4573f2d862b3d8ebb51fa41a15ba7a63044894b277658f3e021bb5da8 status: experimental description: Detects traffic or activity related to https://labculture.alaspasteur.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://labculture.alaspasteur.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://w9m2kx.alaspasteur.in.net/verification.google id: auto-f8cc169515907452ca2a0bd67f5e98fad3e66f65e1f5becd2757fa9e85c6f05d status: experimental description: Detects traffic or activity related to https://w9m2kx.alaspasteur.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://w9m2kx.alaspasteur.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://gl4ss-hollow.sheetglass.in.net/verification.google id: auto-b78012d0d06bfa8127831c7d730858246bb685e2be2e3b75f266409ecea1fb37 status: experimental description: Detects traffic or activity related to https://gl4ss-hollow.sheetglass.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://gl4ss-hollow.sheetglass.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://clearpane.sheetglass.in.net/verification.google id: auto-9ce5a374e9f0f34aac3a8147b6998fd0757237fd5d51cca7abfffba38e7bd4d5 status: experimental description: Detects traffic or activity related to https://clearpane.sheetglass.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://clearpane.sheetglass.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://t8qzr.sheetglass.in.net/verification.google id: auto-7d2678d14dfde8af9b3192c9a7168949358432c8f5a0901d40ebbd6d0672aed9 status: experimental description: Detects traffic or activity related to https://t8qzr.sheetglass.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://t8qzr.sheetglass.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://vityaz1-edge.bulgarvityaz.in.net/verification.google id: auto-6d3cf2b75dd15cd6fc2c59f1b795159427c54871b6ec9c90df69b3ad2bc3024b status: experimental description: Detects traffic or activity related to https://vityaz1-edge.bulgarvityaz.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://vityaz1-edge.bulgarvityaz.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ironknight.bulgarvityaz.in.net/verification.google id: auto-461b7a0bc8ca3ba270479ead237fb7b2924ab35e6dc0d0e0171944bb64ee03a8 status: experimental description: Detects traffic or activity related to https://ironknight.bulgarvityaz.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ironknight.bulgarvityaz.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://qz3x8v.bulgarvityaz.in.net/verification.google id: auto-3f76baebdcc3ece15b422f8c1ed54bc918a71f1048ba92ec92775220ab6d6550 status: experimental description: Detects traffic or activity related to https://qz3x8v.bulgarvityaz.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://qz3x8v.bulgarvityaz.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://ecuad0r-mesh.ecuadoriangas.in.net/verification.google id: auto-ada56f9b7b61b477c3c3f7b6e959ca2bc7d7832f21423b08013b5e0c1d9622db status: experimental description: Detects traffic or activity related to https://ecuad0r-mesh.ecuadoriangas.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://ecuad0r-mesh.ecuadoriangas.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://andesfuel.ecuadoriangas.in.net/verification.google id: auto-f398706fd7a2bbb433b3fd050b1aa16e342bc218ab2c44158c2dedda18a97fe6 status: experimental description: Detects traffic or activity related to https://andesfuel.ecuadoriangas.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://andesfuel.ecuadoriangas.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://shahamanatme.com/web/ENCRYPT.Ps1 id: auto-d08def8749219d462169af6242153fc670ed599a53c3fd4fe157944bf8f71457 status: experimental description: Detects traffic or activity related to https://shahamanatme.com/web/ENCRYPT.Ps1 which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://shahamanatme.com/web/ENCRYPT.Ps1*' condition: selection level: high tags: - attack.t1059.001 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://rabbit-net.rabbitfarm.in.net/verification.google id: auto-5251457ad2e956634f6ec2c62e10c08453546683483d9b015f59d270e3c53b4e status: experimental description: Detects traffic or activity related to https://rabbit-net.rabbitfarm.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://rabbit-net.rabbitfarm.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://farm03.rabbitfarm.in.net/verification.google id: auto-4221428bd9e331faa86d0dad8c964dce6aef70d3a1a7cdbf34c5ddf4549f7297 status: experimental description: Detects traffic or activity related to https://farm03.rabbitfarm.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://farm03.rabbitfarm.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://rabbit-v1.rabbitfarm.in.net/verification.google id: auto-41fc782f9e2cc6bbf40c1a6f6230b382e5b3058d743a673c68a7dee59d8400f6 status: experimental description: Detects traffic or activity related to https://rabbit-v1.rabbitfarm.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://rabbit-v1.rabbitfarm.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://farm-run.rabbitfarm.in.net/verification.google id: auto-a48edf6c22badad81112359df8698d0d1f6d4a4023a448648b7eb8d082f5bbed status: experimental description: Detects traffic or activity related to https://farm-run.rabbitfarm.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://farm-run.rabbitfarm.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://talk-sync.grimasdiscuss.in.net/verification.google id: auto-c28083c6b62089cc813d1ebd90810f038563bd702b06525dfcdb1b9d689782cd status: experimental description: Detects traffic or activity related to https://talk-sync.grimasdiscuss.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://talk-sync.grimasdiscuss.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://grim06.grimasdiscuss.in.net/verification.google id: auto-1ea9920cce0ec67833b1f601faba1072863967b0bdf9bae155194b4d8c16d668 status: experimental description: Detects traffic or activity related to https://grim06.grimasdiscuss.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://grim06.grimasdiscuss.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://disc-v9.grimasdiscuss.in.net/verification.google id: auto-61429cb6fb924cea783eb231683f76bc43683b5cd463e827507a138172e07aec status: experimental description: Detects traffic or activity related to https://disc-v9.grimasdiscuss.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://disc-v9.grimasdiscuss.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://grim-vault.grimasdiscuss.in.net/verification.google id: auto-76e6920959a1ac2c8f18a3ef3c192b797e8bc252429571c53487725732c4dcad status: experimental description: Detects traffic or activity related to https://grim-vault.grimasdiscuss.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://grim-vault.grimasdiscuss.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://down-path.falldown.in.net/verification.google id: auto-11e5409a7dd866b2d40bc21f4e91e9c083e8fb0ef011fb49770ea422a2d8938b status: experimental description: Detects traffic or activity related to https://down-path.falldown.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://down-path.falldown.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://fall05.falldown.in.net/verification.google id: auto-21a1b9d4b0c6ce039f5cf6284acdb746415be144598f7b0cfd920a2f3191463b status: experimental description: Detects traffic or activity related to https://fall05.falldown.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://fall05.falldown.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://down-v8.falldown.in.net/verification.google id: auto-1ae6a756a4dbefbf342f8b9fa2268fb81e0b12a39d668bbeed5fe78b56253263 status: experimental description: Detects traffic or activity related to https://down-v8.falldown.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://down-v8.falldown.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus --- title: Detect Activity to Known Malicious Indicator - https://fall-node.falldown.in.net/verification.google id: auto-c0b66c52395947949938c94ffbaec10046bed1e5684960079533ad01ab954c08 status: experimental description: Detects traffic or activity related to https://fall-node.falldown.in.net/verification.google which is a known malicious url. logsource: category: proxy detection: selection: c-uri: - '*https://fall-node.falldown.in.net/verification.google*' condition: selection level: high tags: - attack.T1071 - source.URLhaus