Another example for this IDS alert: FILE-FLASH Action InitArray stack overflow attempt
See: https://urlquery.net/report.php?id=767696
and the accompanying VT results: https://www.virustotal.com/nl/url/b60fbe6aa2089f040f683b662071d5e010a3e3e8055e55962e9721e532476887/analysis/
Nothing detected! Understandable: https://www.virustotal.com/nl/domain/www.dl.bazisaz.com/information/
and https://www.virustotal.com/nl/ip-address/95.211.80.118/information/

The IDS alerts comes from theseso-called flash rules:
1 24889 FILE-FLASH Action InitArray stack overflow attempt off off drop
1 24890 FILE-FLASH Action InitArray stack overflow attempt off drop off
1 24891 FILE-FLASH Action InitArray stack overflow attempt off off drop
1 24892 FILE-FLASH Action InitArray stack overflow attempt off off drop
1 24893 FILE-FLASH Action InitArray stack overflow attempt off drop off
1 24894 FILE-FLASH Action InitArray stack overflow attempt off off drop
1 24895 FILE-FLASH Adobe Flash Player ActionScript bytecode symbolclass tag type confusion attempt off drop drop
1 24896 FILE-FLASH Adobe Flash Player ActionScript bytecode symbolclass tag type confusion attempt off drop drop

Domain seems down: Down: NA RIPE NL abuse at leaseweb.com 95.211.80.118 to 95.211.80.118 bazisaz.com htxp://www.dl.bazisaz.com/edu/gamemaker/gamemaker-01.flv

polonus