PHISHING landing & ET MALWARE All Numerical .ru Domain IDS alerts!

See: https://urlquery.net/report/6925de15-e02a-4ccd-9f9f-a3bd4d62ca29
Missed: https://www.virustotal.com/#/url/aa81a9ef7f45df583c6233a6f2a0123674022aa95bfc1f7a5379b9ad19d2c0a5/details
Malware on IP: https://www.scumware.org/report/80.78.250.67.html
and https://www.malwareurl.com/listing.php?domain=80.78.250.67
Flagged: https://checkphish.ai/ip/80.78.250.67
Detected and blacklisted: https://www.malwareurl.com/listing.php?domain=80.78.250.67
Bad rep: https://access.watch/database/addresses/80.78.250.67

polonus

L.S.

On this particular Intrusion Detection Rule: https://www.metaflows.com/stats/high_priority_ids_rules/

Also: http://doc.emergingthreats.net/bin/view/Main/2012649

Also: https://www.hybrid-analysis.com/sample/1306a895c12ed250a2bfd1c727d5916ab2ba84419ff170ae926067e8c7011c8d?environmentId=100

And where we also treated such a detection earlier here: https://forum.avast.com/index.php?topic=98322.0

Also consider a Russian introduction about this alert: http://www.avsoft.ru/newforum/forum21/topic10331/

polonus (volunteer website security analyst and website error-hunter)