2021-03-31 10:53:42 +00:00
|
|
|
# Title: PUP Domains Snort3 Ruleset
|
2021-04-02 12:08:00 +00:00
|
|
|
# Description: Block domains that host potentially unwanted programs (PUP)
|
2021-05-26 00:07:00 +00:00
|
|
|
# Updated: Wed, 26 May 2021 00:07:00 UTC
|
2021-03-31 10:53:42 +00:00
|
|
|
# Expires: 1 day (update frequency)
|
|
|
|
# Homepage: https://gitlab.com/curben/pup-filter
|
|
|
|
# License: https://gitlab.com/curben/pup-filter#license
|
|
|
|
# Source: https://github.com/zhouhanc/malware-discoverer
|
2021-05-08 00:07:36 +00:00
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"123news.website",nocase; classtype:web-application-activity; sid:300000001; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"20patogh.com",nocase; classtype:web-application-activity; sid:300000002; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"2kddbl.club",nocase; classtype:web-application-activity; sid:300000003; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"321movies.xyz",nocase; classtype:web-application-activity; sid:300000004; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"4uabs.club",nocase; classtype:web-application-activity; sid:300000005; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"7awwa2.xyz",nocase; classtype:web-application-activity; sid:300000006; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"abeah-security.xyz",nocase; classtype:web-application-activity; sid:300000007; rev:1;)
|
2021-05-18 12:07:31 +00:00
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"adrondespi.top",nocase; classtype:web-application-activity; sid:300000008; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"advancecare.info",nocase; classtype:web-application-activity; sid:300000009; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"akb48wrapup.com",nocase; classtype:web-application-activity; sid:300000010; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"altcasino.info",nocase; classtype:web-application-activity; sid:300000011; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"amateurxporn.com",nocase; classtype:web-application-activity; sid:300000012; rev:1;)
|
2021-05-25 00:06:47 +00:00
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"amobil.online",nocase; classtype:web-application-activity; sid:300000013; rev:1;)
|
2021-05-26 00:07:00 +00:00
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"animenation.org",nocase; classtype:web-application-activity; sid:300000014; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"apptool.me",nocase; classtype:web-application-activity; sid:300000015; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"ashtdi.cn",nocase; classtype:web-application-activity; sid:300000016; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"assuredhealth.info",nocase; classtype:web-application-activity; sid:300000017; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"asufij.xyz",nocase; classtype:web-application-activity; sid:300000018; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"auto-lawyer.site",nocase; classtype:web-application-activity; sid:300000019; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"baseofmp3.com",nocase; classtype:web-application-activity; sid:300000020; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"bestappland.me",nocase; classtype:web-application-activity; sid:300000021; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"bestlinkupgrade.info",nocase; classtype:web-application-activity; sid:300000022; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"bestlinkupgrades.info",nocase; classtype:web-application-activity; sid:300000023; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"bestlinkupgrading.info",nocase; classtype:web-application-activity; sid:300000024; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"bestresults.xyz",nocase; classtype:web-application-activity; sid:300000025; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"bestvideoplayerupgrades.work",nocase; classtype:web-application-activity; sid:300000026; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"bettercleanplayer.info",nocase; classtype:web-application-activity; sid:300000027; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"bettercleanplayers.info",nocase; classtype:web-application-activity; sid:300000028; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"betterfreedownloadplayer.info",nocase; classtype:web-application-activity; sid:300000029; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"betterfreedownloadplayers.info",nocase; classtype:web-application-activity; sid:300000030; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"bigcbd.info",nocase; classtype:web-application-activity; sid:300000031; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"bigdaycasino.info",nocase; classtype:web-application-activity; sid:300000032; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"bigwin-online-free-congrats.cyou",nocase; classtype:web-application-activity; sid:300000033; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"bigwinonlinefreecongrats.cyou",nocase; classtype:web-application-activity; sid:300000034; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"bitcoin-trader.me",nocase; classtype:web-application-activity; sid:300000035; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"bitcoinjunction.club",nocase; classtype:web-application-activity; sid:300000036; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"bittrend.com",nocase; classtype:web-application-activity; sid:300000037; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"biztherapy.info",nocase; classtype:web-application-activity; sid:300000038; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"blockchain-com.email",nocase; classtype:web-application-activity; sid:300000039; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"bodyamaze.club",nocase; classtype:web-application-activity; sid:300000040; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"bodyselfcare.info",nocase; classtype:web-application-activity; sid:300000041; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"boot-upcompletely-bestprecisefile.best",nocase; classtype:web-application-activity; sid:300000042; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"boot-upcompletely-bestspeedyfile.best",nocase; classtype:web-application-activity; sid:300000043; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"boot-upfree-bestuberfile.best",nocase; classtype:web-application-activity; sid:300000044; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"boot-upoverly-bestadvancedfile.best",nocase; classtype:web-application-activity; sid:300000045; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"boot-uprefined-bestcompletelyfile.best",nocase; classtype:web-application-activity; sid:300000046; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"boot-upuber-bestfreefile.best",nocase; classtype:web-application-activity; sid:300000047; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"browsercheck.site",nocase; classtype:web-application-activity; sid:300000048; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"btcinvesting.info",nocase; classtype:web-application-activity; sid:300000049; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"bulley.shop",nocase; classtype:web-application-activity; sid:300000050; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"cabins-r-us.com",nocase; classtype:web-application-activity; sid:300000051; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"calculateprint.xyz",nocase; classtype:web-application-activity; sid:300000052; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"care-connection.info",nocase; classtype:web-application-activity; sid:300000053; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"carebility.info",nocase; classtype:web-application-activity; sid:300000054; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"careerconnecthub.com",nocase; classtype:web-application-activity; sid:300000055; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"carevision.info",nocase; classtype:web-application-activity; sid:300000056; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"celebseven.com",nocase; classtype:web-application-activity; sid:300000057; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"centrodeartigos.com",nocase; classtype:web-application-activity; sid:300000058; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"check-your-profitzone.life",nocase; classtype:web-application-activity; sid:300000059; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"cheerplaceweb.xyz",nocase; classtype:web-application-activity; sid:300000060; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"cloudmedia.casa",nocase; classtype:web-application-activity; sid:300000061; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"cloudmedia.cyou",nocase; classtype:web-application-activity; sid:300000062; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"cloudmedia.fun",nocase; classtype:web-application-activity; sid:300000063; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"cloudmedia.surf",nocase; classtype:web-application-activity; sid:300000064; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"coachbelief.xyz",nocase; classtype:web-application-activity; sid:300000065; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"collectrewards.net",nocase; classtype:web-application-activity; sid:300000066; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"comphp.xyz",nocase; classtype:web-application-activity; sid:300000067; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"conceivecolor.xyz",nocase; classtype:web-application-activity; sid:300000068; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"conflaqpzc.info",nocase; classtype:web-application-activity; sid:300000069; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"congrats-lucky-giveaway-smart.cyou",nocase; classtype:web-application-activity; sid:300000070; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"congratsluckygiveawaysmart.cyou",nocase; classtype:web-application-activity; sid:300000071; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"connectionapplication.com",nocase; classtype:web-application-activity; sid:300000072; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"contentgate.cam",nocase; classtype:web-application-activity; sid:300000073; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"contentgate.club",nocase; classtype:web-application-activity; sid:300000074; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"contentgate.fun",nocase; classtype:web-application-activity; sid:300000075; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"contentgate.uno",nocase; classtype:web-application-activity; sid:300000076; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"cooing.top",nocase; classtype:web-application-activity; sid:300000077; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"credit-alerts.xyz",nocase; classtype:web-application-activity; sid:300000078; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"credit-monitor.xyz",nocase; classtype:web-application-activity; sid:300000079; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"credit-resources.xyz",nocase; classtype:web-application-activity; sid:300000080; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"cryptotilt.club",nocase; classtype:web-application-activity; sid:300000081; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"cryptotradingcourses.net",nocase; classtype:web-application-activity; sid:300000082; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"cryptounlimited.info",nocase; classtype:web-application-activity; sid:300000083; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"cs-alerts.xyz",nocase; classtype:web-application-activity; sid:300000084; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"cselfconnect.com",nocase; classtype:web-application-activity; sid:300000085; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"curesector.today",nocase; classtype:web-application-activity; sid:300000086; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"dailymedia.casa",nocase; classtype:web-application-activity; sid:300000087; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"dailymedia.cyou",nocase; classtype:web-application-activity; sid:300000088; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"dailymedia.monster",nocase; classtype:web-application-activity; sid:300000089; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"dailymedia.site",nocase; classtype:web-application-activity; sid:300000090; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"dailymedia.space",nocase; classtype:web-application-activity; sid:300000091; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"dailymedia.surf",nocase; classtype:web-application-activity; sid:300000092; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"dailymedia.work",nocase; classtype:web-application-activity; sid:300000093; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"dailyrep.net",nocase; classtype:web-application-activity; sid:300000094; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"degreenm.top",nocase; classtype:web-application-activity; sid:300000095; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"delightcmain.xyz",nocase; classtype:web-application-activity; sid:300000096; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"digitalinvest.news",nocase; classtype:web-application-activity; sid:300000097; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"displayfriend.xyz",nocase; classtype:web-application-activity; sid:300000098; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"ditvl.com",nocase; classtype:web-application-activity; sid:300000099; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"dragonballclub.com",nocase; classtype:web-application-activity; sid:300000100; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"eanswers.net",nocase; classtype:web-application-activity; sid:300000101; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"ehousan.top",nocase; classtype:web-application-activity; sid:300000102; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"eproute.info",nocase; classtype:web-application-activity; sid:300000103; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"eroanimeittyokusen.com",nocase; classtype:web-application-activity; sid:300000104; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"erotica.live",nocase; classtype:web-application-activity; sid:300000105; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"excitingthing.xyz",nocase; classtype:web-application-activity; sid:300000106; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"extrasafe.xyz",nocase; classtype:web-application-activity; sid:300000107; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"facebook-sex.com",nocase; classtype:web-application-activity; sid:300000108; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"fastmapc.xyz",nocase; classtype:web-application-activity; sid:300000109; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"fastmapf.xyz",nocase; classtype:web-application-activity; sid:300000110; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"fastplanetf.xyz",nocase; classtype:web-application-activity; sid:300000111; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"fastspota.xyz",nocase; classtype:web-application-activity; sid:300000112; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"fastspotb.xyz",nocase; classtype:web-application-activity; sid:300000113; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"fastwebe.xyz",nocase; classtype:web-application-activity; sid:300000114; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"filmesonlineturbo.net",nocase; classtype:web-application-activity; sid:300000115; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"filmrod.xyz",nocase; classtype:web-application-activity; sid:300000116; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"films-down.com",nocase; classtype:web-application-activity; sid:300000117; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"financial-deals.xyz",nocase; classtype:web-application-activity; sid:300000118; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"findforus.net",nocase; classtype:web-application-activity; sid:300000119; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"findoffers.co",nocase; classtype:web-application-activity; sid:300000120; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"findperfectplaces2download.work",nocase; classtype:web-application-activity; sid:300000121; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"findperfectplaces4download.work",nocase; classtype:web-application-activity; sid:300000122; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"findyourultimateplayersfirst.best",nocase; classtype:web-application-activity; sid:300000123; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"firststableplayer.work",nocase; classtype:web-application-activity; sid:300000124; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"fisham.site",nocase; classtype:web-application-activity; sid:300000125; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"fitandready.info",nocase; classtype:web-application-activity; sid:300000126; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"fitandstable.club",nocase; classtype:web-application-activity; sid:300000127; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"fitbodyandsoul.info",nocase; classtype:web-application-activity; sid:300000128; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"fitcourage.info",nocase; classtype:web-application-activity; sid:300000129; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"fithealthspark.info",nocase; classtype:web-application-activity; sid:300000130; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"fithealthspot.club",nocase; classtype:web-application-activity; sid:300000131; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"fithealthsure.info",nocase; classtype:web-application-activity; sid:300000132; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"fitlifevalue.info",nocase; classtype:web-application-activity; sid:300000133; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"fitnessdial.club",nocase; classtype:web-application-activity; sid:300000134; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"fitsure.info",nocase; classtype:web-application-activity; sid:300000135; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"flash-rewards.info",nocase; classtype:web-application-activity; sid:300000136; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"flatbellylife.info",nocase; classtype:web-application-activity; sid:300000137; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"flexroll.online",nocase; classtype:web-application-activity; sid:300000138; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"flyfreecostas.live",nocase; classtype:web-application-activity; sid:300000139; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"foregoingpump.xyz",nocase; classtype:web-application-activity; sid:300000140; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"forsalecheap.net",nocase; classtype:web-application-activity; sid:300000141; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"free-gifts.net",nocase; classtype:web-application-activity; sid:300000142; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"freeperfectupgrade.work",nocase; classtype:web-application-activity; sid:300000143; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"freeperfectupgrading.work",nocase; classtype:web-application-activity; sid:300000144; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"freshclover.info",nocase; classtype:web-application-activity; sid:300000145; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"fuck-me-hard.club",nocase; classtype:web-application-activity; sid:300000146; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"funmapc.xyz",nocase; classtype:web-application-activity; sid:300000147; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"funmapd.xyz",nocase; classtype:web-application-activity; sid:300000148; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"funplanetb.xyz",nocase; classtype:web-application-activity; sid:300000149; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"funsiteb.xyz",nocase; classtype:web-application-activity; sid:300000150; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"funspinf.xyz",nocase; classtype:web-application-activity; sid:300000151; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"funspotf.xyz",nocase; classtype:web-application-activity; sid:300000152; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"funwebd.xyz",nocase; classtype:web-application-activity; sid:300000153; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"fwsxqc.cn",nocase; classtype:web-application-activity; sid:300000154; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"gainhealth.info",nocase; classtype:web-application-activity; sid:300000155; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"gapingshame.xyz",nocase; classtype:web-application-activity; sid:300000156; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"generouscare.info",nocase; classtype:web-application-activity; sid:300000157; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"getmoregirls.net",nocase; classtype:web-application-activity; sid:300000158; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"getstablesystemupgrades.work",nocase; classtype:web-application-activity; sid:300000159; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"gladcboulevard.xyz",nocase; classtype:web-application-activity; sid:300000160; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"gladdboulevard.xyz",nocase; classtype:web-application-activity; sid:300000161; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"gladmstreet.xyz",nocase; classtype:web-application-activity; sid:300000162; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"gladplaceweb.xyz",nocase; classtype:web-application-activity; sid:300000163; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"gladslotweb.xyz",nocase; classtype:web-application-activity; sid:300000164; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"gladspaceplane.xyz",nocase; classtype:web-application-activity; sid:300000165; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"gladspotplay.xyz",nocase; classtype:web-application-activity; sid:300000166; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"gladspotwonder.xyz",nocase; classtype:web-application-activity; sid:300000167; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"gladvideo.fun",nocase; classtype:web-application-activity; sid:300000168; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"gladvideo.online",nocase; classtype:web-application-activity; sid:300000169; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"gladvideo.site",nocase; classtype:web-application-activity; sid:300000170; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"gladvideo.surf",nocase; classtype:web-application-activity; sid:300000171; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"gladvideo.website",nocase; classtype:web-application-activity; sid:300000172; rev:1;)
|
2021-05-25 12:06:53 +00:00
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"globalvideo.fun",nocase; classtype:web-application-activity; sid:300000173; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"globalvideo.store",nocase; classtype:web-application-activity; sid:300000174; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"go-x34n7wbcoes-ok.live",nocase; classtype:web-application-activity; sid:300000175; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"googsistem.live",nocase; classtype:web-application-activity; sid:300000176; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"govpshosting.com",nocase; classtype:web-application-activity; sid:300000177; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"graburprize.net",nocase; classtype:web-application-activity; sid:300000178; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"gramp.xyz",nocase; classtype:web-application-activity; sid:300000179; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"grandcasinoprize.info",nocase; classtype:web-application-activity; sid:300000180; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"greatplaceofstubs.work",nocase; classtype:web-application-activity; sid:300000181; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"greatsearch.xyz",nocase; classtype:web-application-activity; sid:300000182; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"growthnetic.club",nocase; classtype:web-application-activity; sid:300000183; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"hailso.xyz",nocase; classtype:web-application-activity; sid:300000184; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"haircarepro.info",nocase; classtype:web-application-activity; sid:300000185; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"happyactive.today",nocase; classtype:web-application-activity; sid:300000186; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"happymakesite.xyz",nocase; classtype:web-application-activity; sid:300000187; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"happymakeworld.xyz",nocase; classtype:web-application-activity; sid:300000188; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"healandgrow.club",nocase; classtype:web-application-activity; sid:300000189; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"healthdefine.info",nocase; classtype:web-application-activity; sid:300000190; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"healthdome.info",nocase; classtype:web-application-activity; sid:300000191; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"healtheezy.info",nocase; classtype:web-application-activity; sid:300000192; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"healthemerge.info",nocase; classtype:web-application-activity; sid:300000193; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"healthjolly.info",nocase; classtype:web-application-activity; sid:300000194; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"healthmainly.info",nocase; classtype:web-application-activity; sid:300000195; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"healthmaintain.info",nocase; classtype:web-application-activity; sid:300000196; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"healthmama.info",nocase; classtype:web-application-activity; sid:300000197; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"healthmanic.info",nocase; classtype:web-application-activity; sid:300000198; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"healthmarlin.club",nocase; classtype:web-application-activity; sid:300000199; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"healthneo.club",nocase; classtype:web-application-activity; sid:300000200; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"healthomega.club",nocase; classtype:web-application-activity; sid:300000201; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"healthready.info",nocase; classtype:web-application-activity; sid:300000202; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"healthreportsweb.info",nocase; classtype:web-application-activity; sid:300000203; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"healthreward.info",nocase; classtype:web-application-activity; sid:300000204; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"healthroll.info",nocase; classtype:web-application-activity; sid:300000205; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"healthscale.club",nocase; classtype:web-application-activity; sid:300000206; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"healthschedule.club",nocase; classtype:web-application-activity; sid:300000207; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"healthspark.today",nocase; classtype:web-application-activity; sid:300000208; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"healthsupreme.club",nocase; classtype:web-application-activity; sid:300000209; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"healthtag.club",nocase; classtype:web-application-activity; sid:300000210; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"healthupper.club",nocase; classtype:web-application-activity; sid:300000211; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"healthvenue.club",nocase; classtype:web-application-activity; sid:300000212; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"healthvibe.live",nocase; classtype:web-application-activity; sid:300000213; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"healthwella.club",nocase; classtype:web-application-activity; sid:300000214; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"healthy-lifestyle.club",nocase; classtype:web-application-activity; sid:300000215; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"healthyideal.club",nocase; classtype:web-application-activity; sid:300000216; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"healthyparker.info",nocase; classtype:web-application-activity; sid:300000217; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"healthyspirit.info",nocase; classtype:web-application-activity; sid:300000218; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"healthysure.info",nocase; classtype:web-application-activity; sid:300000219; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"httqzq.vip",nocase; classtype:web-application-activity; sid:300000220; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"idtheft-alert.xyz",nocase; classtype:web-application-activity; sid:300000221; rev:1;)
|
2021-05-26 00:07:00 +00:00
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"inappropriate.top",nocase; classtype:web-application-activity; sid:300000222; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"information.casa",nocase; classtype:web-application-activity; sid:300000223; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"instablog.club",nocase; classtype:web-application-activity; sid:300000224; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"installcompletely-theoriginalfile.best",nocase; classtype:web-application-activity; sid:300000225; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"insuredhealth.info",nocase; classtype:web-application-activity; sid:300000226; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"iosdfnc.com",nocase; classtype:web-application-activity; sid:300000227; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"iosrecommendedvpn.com",nocase; classtype:web-application-activity; sid:300000228; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"iosvpnsecure.com",nocase; classtype:web-application-activity; sid:300000229; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"izipik.com",nocase; classtype:web-application-activity; sid:300000230; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"java-forum.org",nocase; classtype:web-application-activity; sid:300000231; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"joyplaceplay.xyz",nocase; classtype:web-application-activity; sid:300000232; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"joyspotmap.xyz",nocase; classtype:web-application-activity; sid:300000233; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"joyspotspin.xyz",nocase; classtype:web-application-activity; sid:300000234; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"jsrenthouse.com",nocase; classtype:web-application-activity; sid:300000235; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"jubilantdstreet.xyz",nocase; classtype:web-application-activity; sid:300000236; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"kad3md.cn",nocase; classtype:web-application-activity; sid:300000237; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"keepithealthy.info",nocase; classtype:web-application-activity; sid:300000238; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"ketodietrecipes.org",nocase; classtype:web-application-activity; sid:300000239; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"leeching.net",nocase; classtype:web-application-activity; sid:300000240; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"legendaryplaceupgrade.info",nocase; classtype:web-application-activity; sid:300000241; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"legendaryplaceupgrades.info",nocase; classtype:web-application-activity; sid:300000242; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"legendaryplaceupgrading.info",nocase; classtype:web-application-activity; sid:300000243; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"legendaryplayerupdates.work",nocase; classtype:web-application-activity; sid:300000244; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"legendarysiteupgrading.work",nocase; classtype:web-application-activity; sid:300000245; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"legendaryvideoupgrade.info",nocase; classtype:web-application-activity; sid:300000246; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"legendaryvideoupgrades.info",nocase; classtype:web-application-activity; sid:300000247; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"legendaryvideoupgrading.info",nocase; classtype:web-application-activity; sid:300000248; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"life-esteem.info",nocase; classtype:web-application-activity; sid:300000249; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"lifecaregoal.info",nocase; classtype:web-application-activity; sid:300000250; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"lightstop.xyz",nocase; classtype:web-application-activity; sid:300000251; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"livehealthcare.today",nocase; classtype:web-application-activity; sid:300000252; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"livelyyroad.xyz",nocase; classtype:web-application-activity; sid:300000253; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"livingmighty.club",nocase; classtype:web-application-activity; sid:300000254; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"loaddevelopeduberfile.digital",nocase; classtype:web-application-activity; sid:300000255; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"loadfree-bestheavilyfile.best",nocase; classtype:web-application-activity; sid:300000256; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"loadfreeextremelyfile.digital",nocase; classtype:web-application-activity; sid:300000257; rev:1;)
|
2021-05-25 12:06:53 +00:00
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"loadgreatly-bestadvancedfile.best",nocase; classtype:web-application-activity; sid:300000258; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"loadgreatly-bestquickfile.best",nocase; classtype:web-application-activity; sid:300000259; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"loadgreatly-bestrenewedfile.best",nocase; classtype:web-application-activity; sid:300000260; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"loadheavily-bestfreefile.best",nocase; classtype:web-application-activity; sid:300000261; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"loadpreciseuberfile.digital",nocase; classtype:web-application-activity; sid:300000262; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"loadrecentoverlyfile.digital",nocase; classtype:web-application-activity; sid:300000263; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"loadrefineduberfile.digital",nocase; classtype:web-application-activity; sid:300000264; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"loadsophisticateduberfile.digital",nocase; classtype:web-application-activity; sid:300000265; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"loaduberprecisefile.digital",nocase; classtype:web-application-activity; sid:300000266; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"loaduberspeedyfile.digital",nocase; classtype:web-application-activity; sid:300000267; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"locationtracker.services",nocase; classtype:web-application-activity; sid:300000268; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"loosefit.info",nocase; classtype:web-application-activity; sid:300000269; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"louisvillegigs.net",nocase; classtype:web-application-activity; sid:300000270; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"loveorfun.cc",nocase; classtype:web-application-activity; sid:300000271; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"lubbockeda.org",nocase; classtype:web-application-activity; sid:300000272; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"luckjackcasino.info",nocase; classtype:web-application-activity; sid:300000273; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"luckymedia.casa",nocase; classtype:web-application-activity; sid:300000274; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"luckymedia.cyou",nocase; classtype:web-application-activity; sid:300000275; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"luckymedia.fun",nocase; classtype:web-application-activity; sid:300000276; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"luckymedia.space",nocase; classtype:web-application-activity; sid:300000277; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"luckymedia.website",nocase; classtype:web-application-activity; sid:300000278; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"madpandatv.net",nocase; classtype:web-application-activity; sid:300000279; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"majorhealthpro.info",nocase; classtype:web-application-activity; sid:300000280; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"makemesafeios.com",nocase; classtype:web-application-activity; sid:300000281; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"managestrong-theuberfile.best",nocase; classtype:web-application-activity; sid:300000282; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"manageuber-thenewestfile.best",nocase; classtype:web-application-activity; sid:300000283; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"manageuber-therecentfile.best",nocase; classtype:web-application-activity; sid:300000284; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"manageuber-thestrongfile.best",nocase; classtype:web-application-activity; sid:300000285; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"manageuber-theswiftfile.best",nocase; classtype:web-application-activity; sid:300000286; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"mapopts.top",nocase; classtype:web-application-activity; sid:300000287; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"mathison.io",nocase; classtype:web-application-activity; sid:300000288; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"max-care.info",nocase; classtype:web-application-activity; sid:300000289; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"mediagate.casa",nocase; classtype:web-application-activity; sid:300000290; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"mediagate.club",nocase; classtype:web-application-activity; sid:300000291; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"mediagate.cyou",nocase; classtype:web-application-activity; sid:300000292; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"mediagate.fun",nocase; classtype:web-application-activity; sid:300000293; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"mediagate.surf",nocase; classtype:web-application-activity; sid:300000294; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"mediaplayer24.ml",nocase; classtype:web-application-activity; sid:300000295; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"medicomatic.info",nocase; classtype:web-application-activity; sid:300000296; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"medicreed.club",nocase; classtype:web-application-activity; sid:300000297; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"medjournalketo.info",nocase; classtype:web-application-activity; sid:300000298; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"medsjournal.info",nocase; classtype:web-application-activity; sid:300000299; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"meeryslotspin.xyz",nocase; classtype:web-application-activity; sid:300000300; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"merryplayglobal.xyz",nocase; classtype:web-application-activity; sid:300000301; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"merryplayworld.xyz",nocase; classtype:web-application-activity; sid:300000302; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"mindbank.ai",nocase; classtype:web-application-activity; sid:300000303; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"mindmatch.ai",nocase; classtype:web-application-activity; sid:300000304; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"mistraffic.me",nocase; classtype:web-application-activity; sid:300000305; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"modern-security.xyz",nocase; classtype:web-application-activity; sid:300000306; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"monitoring-credit.xyz",nocase; classtype:web-application-activity; sid:300000307; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"movievod.me",nocase; classtype:web-application-activity; sid:300000308; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"multitax.xyz",nocase; classtype:web-application-activity; sid:300000309; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"my-credit-score.xyz",nocase; classtype:web-application-activity; sid:300000310; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"mynutriplan.co",nocase; classtype:web-application-activity; sid:300000311; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"news-new19.net",nocase; classtype:web-application-activity; sid:300000312; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"newsitedowloads.site",nocase; classtype:web-application-activity; sid:300000313; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"nogfw.pro",nocase; classtype:web-application-activity; sid:300000314; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"nosyknot.xyz",nocase; classtype:web-application-activity; sid:300000315; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"nutrahealth.info",nocase; classtype:web-application-activity; sid:300000316; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"nutrinamic.info",nocase; classtype:web-application-activity; sid:300000317; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"official-prize-national-random.cyou",nocase; classtype:web-application-activity; sid:300000318; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"officialprizenationalrandom.cyou",nocase; classtype:web-application-activity; sid:300000319; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"onegowc.pw",nocase; classtype:web-application-activity; sid:300000320; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"online-prize-super-promotion.cyou",nocase; classtype:web-application-activity; sid:300000321; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"online-survey.org",nocase; classtype:web-application-activity; sid:300000322; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"onlinecinema.eu",nocase; classtype:web-application-activity; sid:300000323; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"onlineprize.cyou",nocase; classtype:web-application-activity; sid:300000324; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"onlineprizesuperpromotion.cyou",nocase; classtype:web-application-activity; sid:300000325; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"operatecompletely-theprecisefile.best",nocase; classtype:web-application-activity; sid:300000326; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"operatecompletely-thespeedyfile.best",nocase; classtype:web-application-activity; sid:300000327; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"operateextremely-theprogressivefile.best",nocase; classtype:web-application-activity; sid:300000328; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"operateextremely-therenewedfile.best",nocase; classtype:web-application-activity; sid:300000329; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"operatefree-theuberfile.best",nocase; classtype:web-application-activity; sid:300000330; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"operategreatly-therefinedfile.best",nocase; classtype:web-application-activity; sid:300000331; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"operategreatly-theswiftfile.best",nocase; classtype:web-application-activity; sid:300000332; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"operatehighly-thespeedyfile.best",nocase; classtype:web-application-activity; sid:300000333; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"operatehighly-thestrongfile.best",nocase; classtype:web-application-activity; sid:300000334; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"operateintensely-theprogressivefile.best",nocase; classtype:web-application-activity; sid:300000335; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"operateintensely-thestrongfile.best",nocase; classtype:web-application-activity; sid:300000336; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"operatenewest-theuberfile.best",nocase; classtype:web-application-activity; sid:300000337; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"operateoriginal-themostfile.best",nocase; classtype:web-application-activity; sid:300000338; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"operateoriginal-theuberfile.best",nocase; classtype:web-application-activity; sid:300000339; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"operateoverly-thesophisticatedfile.best",nocase; classtype:web-application-activity; sid:300000340; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"operateprecise-thecompletelyfile.best",nocase; classtype:web-application-activity; sid:300000341; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"operateprogressive-theintenselyfile.best",nocase; classtype:web-application-activity; sid:300000342; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"operatequick-themostfile.best",nocase; classtype:web-application-activity; sid:300000343; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"operaterefined-thegreatlyfile.best",nocase; classtype:web-application-activity; sid:300000344; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"operaterenewed-theextremelyfile.best",nocase; classtype:web-application-activity; sid:300000345; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"operatesophisticated-theoverlyfile.best",nocase; classtype:web-application-activity; sid:300000346; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"operatespeedy-thehighlyfile.best",nocase; classtype:web-application-activity; sid:300000347; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"operateuber-thefreefile.best",nocase; classtype:web-application-activity; sid:300000348; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"operateuber-theoriginalfile.best",nocase; classtype:web-application-activity; sid:300000349; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"patriothealth.today",nocase; classtype:web-application-activity; sid:300000350; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"pcicompliancemanager.xyz",nocase; classtype:web-application-activity; sid:300000351; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"perfectplaceonnetforplayers.work",nocase; classtype:web-application-activity; sid:300000352; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"performcompletely-thelatestfile.best",nocase; classtype:web-application-activity; sid:300000353; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"performcompletely-thequickfile.best",nocase; classtype:web-application-activity; sid:300000354; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"performextremely-theprecisefile.best",nocase; classtype:web-application-activity; sid:300000355; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"performfree-thehighlyfile.best",nocase; classtype:web-application-activity; sid:300000356; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"performgreatly-thespeedyfile.best",nocase; classtype:web-application-activity; sid:300000357; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"performheavily-theoriginalfile.best",nocase; classtype:web-application-activity; sid:300000358; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"performhighly-thefreefile.best",nocase; classtype:web-application-activity; sid:300000359; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"performhighly-theprecisefile.best",nocase; classtype:web-application-activity; sid:300000360; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"performhighly-therecentfile.best",nocase; classtype:web-application-activity; sid:300000361; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"performintensely-thedevelopedfile.best",nocase; classtype:web-application-activity; sid:300000362; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"performlatest-thecompletelyfile.best",nocase; classtype:web-application-activity; sid:300000363; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"performlatestoverlyapplication.icu",nocase; classtype:web-application-activity; sid:300000364; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"performmost-thenewestfile.best",nocase; classtype:web-application-activity; sid:300000365; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"performmost-therecentfile.best",nocase; classtype:web-application-activity; sid:300000366; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"performoriginal-theheavilyfile.best",nocase; classtype:web-application-activity; sid:300000367; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"performoriginal-theuberfile.best",nocase; classtype:web-application-activity; sid:300000368; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"performoverly-theprogressivefile.best",nocase; classtype:web-application-activity; sid:300000369; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"performprecise-theextremelyfile.best",nocase; classtype:web-application-activity; sid:300000370; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"performprecise-thehighlyfile.best",nocase; classtype:web-application-activity; sid:300000371; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"performprecise-theuberfile.best",nocase; classtype:web-application-activity; sid:300000372; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"performprogressive-theintenselyfile.best",nocase; classtype:web-application-activity; sid:300000373; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"performprogressive-theoverlyfile.best",nocase; classtype:web-application-activity; sid:300000374; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"performquick-thecompletelyfile.best",nocase; classtype:web-application-activity; sid:300000375; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"performrecent-themostfile.best",nocase; classtype:web-application-activity; sid:300000376; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"performrefined-theextremelyfile.best",nocase; classtype:web-application-activity; sid:300000377; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"performrefineduberapplication.icu",nocase; classtype:web-application-activity; sid:300000378; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"performrenewed-theoverlyfile.best",nocase; classtype:web-application-activity; sid:300000379; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"performsophisticated-thehighlyfile.best",nocase; classtype:web-application-activity; sid:300000380; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"performspeedy-thegreatlyfile.best",nocase; classtype:web-application-activity; sid:300000381; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"performstrong-thegreatlyfile.digital",nocase; classtype:web-application-activity; sid:300000382; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"performuber-theoriginalfile.best",nocase; classtype:web-application-activity; sid:300000383; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"performuber-therenewedfile.best",nocase; classtype:web-application-activity; sid:300000384; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"performuberquickapplication.icu",nocase; classtype:web-application-activity; sid:300000385; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"piorkeepi.top",nocase; classtype:web-application-activity; sid:300000386; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"placesitee.xyz",nocase; classtype:web-application-activity; sid:300000387; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"placewebe.xyz",nocase; classtype:web-application-activity; sid:300000388; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"plampo.xyz",nocase; classtype:web-application-activity; sid:300000389; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"playspina.xyz",nocase; classtype:web-application-activity; sid:300000390; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"playspind.xyz",nocase; classtype:web-application-activity; sid:300000391; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"playspote.xyz",nocase; classtype:web-application-activity; sid:300000392; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"premiernursingacademy.org",nocase; classtype:web-application-activity; sid:300000393; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"preparedforsafeupgrading.work",nocase; classtype:web-application-activity; sid:300000394; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"primawise.info",nocase; classtype:web-application-activity; sid:300000395; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"primecare.today",nocase; classtype:web-application-activity; sid:300000396; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"privacykeeper.net",nocase; classtype:web-application-activity; sid:300000397; rev:1;)
|
2021-05-26 00:07:00 +00:00
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"prohealthroutine.info",nocase; classtype:web-application-activity; sid:300000398; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"protect-connection.com",nocase; classtype:web-application-activity; sid:300000399; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"protecttool.me",nocase; classtype:web-application-activity; sid:300000400; rev:1;)
|
2021-05-25 12:06:53 +00:00
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"protectyourvpn.com",nocase; classtype:web-application-activity; sid:300000401; rev:1;)
|
2021-05-26 00:07:00 +00:00
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"provpnservice.me",nocase; classtype:web-application-activity; sid:300000402; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"quantum.work",nocase; classtype:web-application-activity; sid:300000403; rev:1;)
|
2021-05-25 12:06:53 +00:00
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"rainlonginsect23.life",nocase; classtype:web-application-activity; sid:300000404; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"random-prize-bigwin-official.cyou",nocase; classtype:web-application-activity; sid:300000405; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"randomprizebigwinofficial.cyou",nocase; classtype:web-application-activity; sid:300000406; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"readyhealth.info",nocase; classtype:web-application-activity; sid:300000407; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"readyhealthgo.today",nocase; classtype:web-application-activity; sid:300000408; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"recontent.casa",nocase; classtype:web-application-activity; sid:300000409; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"recontent.cyou",nocase; classtype:web-application-activity; sid:300000410; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"recontent.fun",nocase; classtype:web-application-activity; sid:300000411; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"recontent.site",nocase; classtype:web-application-activity; sid:300000412; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"recontent.space",nocase; classtype:web-application-activity; sid:300000413; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"recontent.surf",nocase; classtype:web-application-activity; sid:300000414; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"recontent.website",nocase; classtype:web-application-activity; sid:300000415; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"reliablesoftwarevideos.info",nocase; classtype:web-application-activity; sid:300000416; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"remedify.info",nocase; classtype:web-application-activity; sid:300000417; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"renewvideo.casa",nocase; classtype:web-application-activity; sid:300000418; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"renewvideo.fun",nocase; classtype:web-application-activity; sid:300000419; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"renewvideo.online",nocase; classtype:web-application-activity; sid:300000420; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"renewvideo.site",nocase; classtype:web-application-activity; sid:300000421; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"renewvideo.website",nocase; classtype:web-application-activity; sid:300000422; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"resignation.top",nocase; classtype:web-application-activity; sid:300000423; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"rewardsluckygiveawayprize.cyou",nocase; classtype:web-application-activity; sid:300000424; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"ritaus.org",nocase; classtype:web-application-activity; sid:300000425; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"roadtoyourhealth.info",nocase; classtype:web-application-activity; sid:300000426; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"robogarden.io",nocase; classtype:web-application-activity; sid:300000427; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"rootessential.info",nocase; classtype:web-application-activity; sid:300000428; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"rotharbor.xyz",nocase; classtype:web-application-activity; sid:300000429; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"runadvanced-bestextremelyfile.best",nocase; classtype:web-application-activity; sid:300000430; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"runcurrent-bestextremelyfile.best",nocase; classtype:web-application-activity; sid:300000431; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"rundeveloped-bestoverlyfile.best",nocase; classtype:web-application-activity; sid:300000432; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"runextremely-bestadvancedfile.best",nocase; classtype:web-application-activity; sid:300000433; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"runextremely-bestcurrentfile.best",nocase; classtype:web-application-activity; sid:300000434; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"runextremely-bestlatestfile.best",nocase; classtype:web-application-activity; sid:300000435; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"runextremely-bestrecentfile.best",nocase; classtype:web-application-activity; sid:300000436; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"runfree-bestoverlyfile.best",nocase; classtype:web-application-activity; sid:300000437; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"runintensely-bestrenewedfile.best",nocase; classtype:web-application-activity; sid:300000438; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"runlatest-besthighlyfile.best",nocase; classtype:web-application-activity; sid:300000439; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"runnewest-bestextremelyfile.best",nocase; classtype:web-application-activity; sid:300000440; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"runoriginal-bestextremelyfile.best",nocase; classtype:web-application-activity; sid:300000441; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"runoriginal-bestintenselyfile.best",nocase; classtype:web-application-activity; sid:300000442; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"runoverly-bestdevelopedfile.best",nocase; classtype:web-application-activity; sid:300000443; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"runoverly-bestquickfile.best",nocase; classtype:web-application-activity; sid:300000444; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"runoverly-bestsophisticatedfile.best",nocase; classtype:web-application-activity; sid:300000445; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"runprogressive-bestmostfile.best",nocase; classtype:web-application-activity; sid:300000446; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"runrecent-bestextremelyfile.best",nocase; classtype:web-application-activity; sid:300000447; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"runrecent-besthighlyfile.best",nocase; classtype:web-application-activity; sid:300000448; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"safelyonline.tech",nocase; classtype:web-application-activity; sid:300000449; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"safest4placeupdate.info",nocase; classtype:web-application-activity; sid:300000450; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"safest4placeupdates.info",nocase; classtype:web-application-activity; sid:300000451; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"scheduleagreement.xyz",nocase; classtype:web-application-activity; sid:300000452; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"scoopswoop.info",nocase; classtype:web-application-activity; sid:300000453; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"score-monitoring.xyz",nocase; classtype:web-application-activity; sid:300000454; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"search-tool.net",nocase; classtype:web-application-activity; sid:300000455; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"search-trends.co",nocase; classtype:web-application-activity; sid:300000456; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"searchfeed.co",nocase; classtype:web-application-activity; sid:300000457; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"sec-alert.xyz",nocase; classtype:web-application-activity; sid:300000458; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"sec-alerts.xyz",nocase; classtype:web-application-activity; sid:300000459; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"sec-monitoring.xyz",nocase; classtype:web-application-activity; sid:300000460; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"second-handjam.xyz",nocase; classtype:web-application-activity; sid:300000461; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"security-made-easy.xyz",nocase; classtype:web-application-activity; sid:300000462; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"security-pro.xyz",nocase; classtype:web-application-activity; sid:300000463; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"security-protection.xyz",nocase; classtype:web-application-activity; sid:300000464; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"seemlast.monster",nocase; classtype:web-application-activity; sid:300000465; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"selfradiance.info",nocase; classtype:web-application-activity; sid:300000466; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"service-care.space",nocase; classtype:web-application-activity; sid:300000467; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"shkshk.site",nocase; classtype:web-application-activity; sid:300000468; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"shopnsave.world",nocase; classtype:web-application-activity; sid:300000469; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"shoppingexp.xyz",nocase; classtype:web-application-activity; sid:300000470; rev:1;)
|
2021-05-26 00:07:00 +00:00
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"signupandturnyourscreenoffsafepowernow.date",nocase; classtype:web-application-activity; sid:300000471; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"spotplanetc.xyz",nocase; classtype:web-application-activity; sid:300000472; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"spotplanetd.xyz",nocase; classtype:web-application-activity; sid:300000473; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"spotspinb.xyz",nocase; classtype:web-application-activity; sid:300000474; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"spotspotf.xyz",nocase; classtype:web-application-activity; sid:300000475; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"springplanetb.xyz",nocase; classtype:web-application-activity; sid:300000476; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"springplanetf.xyz",nocase; classtype:web-application-activity; sid:300000477; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"springsitea.xyz",nocase; classtype:web-application-activity; sid:300000478; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"springsitef.xyz",nocase; classtype:web-application-activity; sid:300000479; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"stay-notified.cc",nocase; classtype:web-application-activity; sid:300000480; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"stingyscent.xyz",nocase; classtype:web-application-activity; sid:300000481; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"storeheavily-thefreefile.best",nocase; classtype:web-application-activity; sid:300000482; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"storeheavily-thequickfile.best",nocase; classtype:web-application-activity; sid:300000483; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"storeheavily-thespeedyfile.best",nocase; classtype:web-application-activity; sid:300000484; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"storeheavily-thestrongfile.best",nocase; classtype:web-application-activity; sid:300000485; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"storelatest-theoverlyfile.best",nocase; classtype:web-application-activity; sid:300000486; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"storenewest-theoverlyfile.best",nocase; classtype:web-application-activity; sid:300000487; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"storeoverly-theadvancedfile.best",nocase; classtype:web-application-activity; sid:300000488; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"storeoverly-thecurrentfile.best",nocase; classtype:web-application-activity; sid:300000489; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"storeoverly-thelatestfile.best",nocase; classtype:web-application-activity; sid:300000490; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"storeoverly-thenewestfile.best",nocase; classtype:web-application-activity; sid:300000491; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"storerecent-theoverlyfile.best",nocase; classtype:web-application-activity; sid:300000492; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"storespeedy-theheavilyfile.best",nocase; classtype:web-application-activity; sid:300000493; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"storeswift-theheavilyfile.best",nocase; classtype:web-application-activity; sid:300000494; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"streamadvanced-bestcompletelyfile.best",nocase; classtype:web-application-activity; sid:300000495; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"streamadvanced-bestextremelyfile.best",nocase; classtype:web-application-activity; sid:300000496; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"streamextremely-bestlatestfile.best",nocase; classtype:web-application-activity; sid:300000497; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"streamextremely-bestnewestfile.best",nocase; classtype:web-application-activity; sid:300000498; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"streamfree-bestmostfile.best",nocase; classtype:web-application-activity; sid:300000499; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"streamintensely-bestadvancedfile.best",nocase; classtype:web-application-activity; sid:300000500; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"streamintensely-bestcurrentfile.best",nocase; classtype:web-application-activity; sid:300000501; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"streamintensely-bestlatestfile.best",nocase; classtype:web-application-activity; sid:300000502; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"streamintensely-bestquickfile.best",nocase; classtype:web-application-activity; sid:300000503; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"streamlatest-bestextremelyfile.best",nocase; classtype:web-application-activity; sid:300000504; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"streamlatest-bestoverlyfile.best",nocase; classtype:web-application-activity; sid:300000505; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"streamquick-bestmostfile.best",nocase; classtype:web-application-activity; sid:300000506; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"streamrecent-bestintenselyfile.best",nocase; classtype:web-application-activity; sid:300000507; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"studentslearnintogether.club",nocase; classtype:web-application-activity; sid:300000508; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"styleandhealth.info",nocase; classtype:web-application-activity; sid:300000509; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"subeamy.pw",nocase; classtype:web-application-activity; sid:300000510; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"sudoo.net",nocase; classtype:web-application-activity; sid:300000511; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"sugar-legal-about13.fun",nocase; classtype:web-application-activity; sid:300000512; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"superiorcare.info",nocase; classtype:web-application-activity; sid:300000513; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"superplace4upgrade.work",nocase; classtype:web-application-activity; sid:300000514; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"superplace4upgrading.work",nocase; classtype:web-application-activity; sid:300000515; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"superplaceforupgrade.info",nocase; classtype:web-application-activity; sid:300000516; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"superpromotion.cyou",nocase; classtype:web-application-activity; sid:300000517; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"support-notify.space",nocase; classtype:web-application-activity; sid:300000518; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"survey-club.club",nocase; classtype:web-application-activity; sid:300000519; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"survey-review.club",nocase; classtype:web-application-activity; sid:300000520; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"syncadvanced-bestuberfile.best",nocase; classtype:web-application-activity; sid:300000521; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"synccompletely-bestoriginalfile.best",nocase; classtype:web-application-activity; sid:300000522; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"synccompletely-bestprogressivefile.best",nocase; classtype:web-application-activity; sid:300000523; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"synccompletely-bestrecentfile.best",nocase; classtype:web-application-activity; sid:300000524; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"syncgreatly-bestrenewedfile.best",nocase; classtype:web-application-activity; sid:300000525; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"syncheavily-bestlatestfile.best",nocase; classtype:web-application-activity; sid:300000526; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"synchighly-bestfreefile.best",nocase; classtype:web-application-activity; sid:300000527; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"synchighly-bestoriginalfile.best",nocase; classtype:web-application-activity; sid:300000528; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"synchighly-bestprogressivefile.best",nocase; classtype:web-application-activity; sid:300000529; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"synchighly-bestrecentfile.best",nocase; classtype:web-application-activity; sid:300000530; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"synchighly-bestsophisticatedfile.best",nocase; classtype:web-application-activity; sid:300000531; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"synchighly-bestspeedyfile.best",nocase; classtype:web-application-activity; sid:300000532; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"syncintensely-bestprogressivefile.best",nocase; classtype:web-application-activity; sid:300000533; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"synclatest-bestuberfile.best",nocase; classtype:web-application-activity; sid:300000534; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"syncoriginal-bestcompletelyfile.best",nocase; classtype:web-application-activity; sid:300000535; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"syncprogressive-bestcompletelyfile.best",nocase; classtype:web-application-activity; sid:300000536; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"syncprogressive-besthighlyfile.best",nocase; classtype:web-application-activity; sid:300000537; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"syncrenewed-bestcompletelyfile.best",nocase; classtype:web-application-activity; sid:300000538; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"syncstrong-bestextremelyfile.best",nocase; classtype:web-application-activity; sid:300000539; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"syncuber-bestlatestfile.best",nocase; classtype:web-application-activity; sid:300000540; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"syncuber-bestoriginalfile.best",nocase; classtype:web-application-activity; sid:300000541; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"syncuber-bestprecisefile.best",nocase; classtype:web-application-activity; sid:300000542; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"syncuber-bestprogressivefile.best",nocase; classtype:web-application-activity; sid:300000543; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"syncuber-bestrefinedfile.best",nocase; classtype:web-application-activity; sid:300000544; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"syncuber-bestsophisticatedfile.best",nocase; classtype:web-application-activity; sid:300000545; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"talskingest.top",nocase; classtype:web-application-activity; sid:300000546; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"tastefulwood.xyz",nocase; classtype:web-application-activity; sid:300000547; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"tdstraffic.xyz",nocase; classtype:web-application-activity; sid:300000548; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"theable.me",nocase; classtype:web-application-activity; sid:300000549; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"thebettercleanplayer.info",nocase; classtype:web-application-activity; sid:300000550; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"thebettercleanplayers.info",nocase; classtype:web-application-activity; sid:300000551; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"theconnectvpn.com",nocase; classtype:web-application-activity; sid:300000552; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"thecryptomoney.info",nocase; classtype:web-application-activity; sid:300000553; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"thefatburner.info",nocase; classtype:web-application-activity; sid:300000554; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"thefitproject.club",nocase; classtype:web-application-activity; sid:300000555; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"thehealthcurve.info",nocase; classtype:web-application-activity; sid:300000556; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"thehealthcycle.club",nocase; classtype:web-application-activity; sid:300000557; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"thehealthgo.info",nocase; classtype:web-application-activity; sid:300000558; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"thehealthpedia.info",nocase; classtype:web-application-activity; sid:300000559; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"thehealthystyle.info",nocase; classtype:web-application-activity; sid:300000560; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"thehealthyvibe.info",nocase; classtype:web-application-activity; sid:300000561; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"thehotshot.info",nocase; classtype:web-application-activity; sid:300000562; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"thenewjourney.info",nocase; classtype:web-application-activity; sid:300000563; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"thepackage.club",nocase; classtype:web-application-activity; sid:300000564; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"thesafestplayerlinks.work",nocase; classtype:web-application-activity; sid:300000565; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"thesafestreliablelink.work",nocase; classtype:web-application-activity; sid:300000566; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"theslotomania.info",nocase; classtype:web-application-activity; sid:300000567; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"thestablealwayssafeupdates.work",nocase; classtype:web-application-activity; sid:300000568; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"thestablegreatupdates.work",nocase; classtype:web-application-activity; sid:300000569; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"thestablegreatupgrades.best",nocase; classtype:web-application-activity; sid:300000570; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"thrillqueen.xyz",nocase; classtype:web-application-activity; sid:300000571; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"toovolution.club",nocase; classtype:web-application-activity; sid:300000572; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"topnotchsports.tips",nocase; classtype:web-application-activity; sid:300000573; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"trafficbounce.net",nocase; classtype:web-application-activity; sid:300000574; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"trafficgate.cc",nocase; classtype:web-application-activity; sid:300000575; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"trafficmind.pro",nocase; classtype:web-application-activity; sid:300000576; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"trane.fun",nocase; classtype:web-application-activity; sid:300000577; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"trktraf.club",nocase; classtype:web-application-activity; sid:300000578; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"tryoneshot-keto.net",nocase; classtype:web-application-activity; sid:300000579; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"uclaimrewards.net",nocase; classtype:web-application-activity; sid:300000580; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"unequalfaucet.xyz",nocase; classtype:web-application-activity; sid:300000581; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"uniremedy.info",nocase; classtype:web-application-activity; sid:300000582; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"unitehealth.club",nocase; classtype:web-application-activity; sid:300000583; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"upbeatcboulevard.xyz",nocase; classtype:web-application-activity; sid:300000584; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"upbeatmstreet.xyz",nocase; classtype:web-application-activity; sid:300000585; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"upbeatmway.xyz",nocase; classtype:web-application-activity; sid:300000586; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"updatecurrent-thegreatlyfile.best",nocase; classtype:web-application-activity; sid:300000587; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"updategreatly-thecurrentfile.best",nocase; classtype:web-application-activity; sid:300000588; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"updategreatly-thenewestfile.best",nocase; classtype:web-application-activity; sid:300000589; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"updategreatly-therecentfile.best",nocase; classtype:web-application-activity; sid:300000590; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"updatelatest-thegreatlyfile.best",nocase; classtype:web-application-activity; sid:300000591; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"updaterecent-thegreatlyfile.best",nocase; classtype:web-application-activity; sid:300000592; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"upmakesite.xyz",nocase; classtype:web-application-activity; sid:300000593; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"upplayglobal.xyz",nocase; classtype:web-application-activity; sid:300000594; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"vexearth.xyz",nocase; classtype:web-application-activity; sid:300000595; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"viral-surveys.win",nocase; classtype:web-application-activity; sid:300000596; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"viralarticles.net",nocase; classtype:web-application-activity; sid:300000597; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"vital-health.club",nocase; classtype:web-application-activity; sid:300000598; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"vitalrole.info",nocase; classtype:web-application-activity; sid:300000599; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"vpn-pro.info",nocase; classtype:web-application-activity; sid:300000600; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"vpn1aprotectplus.com",nocase; classtype:web-application-activity; sid:300000601; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"vpnadefenceplus.com",nocase; classtype:web-application-activity; sid:300000602; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"vpnservice.me",nocase; classtype:web-application-activity; sid:300000603; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"vpntool.me",nocase; classtype:web-application-activity; sid:300000604; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"vpnupdatesnow.com",nocase; classtype:web-application-activity; sid:300000605; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"watchadvanced-bestgreatlyfile.best",nocase; classtype:web-application-activity; sid:300000606; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"watchgreatly-bestcurrentfile.best",nocase; classtype:web-application-activity; sid:300000607; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"watchlatest-bestgreatlyfile.best",nocase; classtype:web-application-activity; sid:300000608; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"website4all.info",nocase; classtype:web-application-activity; sid:300000609; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"websiteforall.work",nocase; classtype:web-application-activity; sid:300000610; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"websitetoget.work",nocase; classtype:web-application-activity; sid:300000611; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"webtip.co",nocase; classtype:web-application-activity; sid:300000612; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"wellnessgram.info",nocase; classtype:web-application-activity; sid:300000613; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"wellnessplum.info",nocase; classtype:web-application-activity; sid:300000614; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"wherentlybrane.site",nocase; classtype:web-application-activity; sid:300000615; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"worldwideofficialrewardssuper.cyou",nocase; classtype:web-application-activity; sid:300000616; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"wowlifestyle.info",nocase; classtype:web-application-activity; sid:300000617; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"yourbestlinkupgrade.info",nocase; classtype:web-application-activity; sid:300000618; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"yourbestlinkupgrades.info",nocase; classtype:web-application-activity; sid:300000619; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"yourbestlinkupgrading.info",nocase; classtype:web-application-activity; sid:300000620; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"yourbestvideoconnection.info",nocase; classtype:web-application-activity; sid:300000621; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"yourbestvideoconnections.info",nocase; classtype:web-application-activity; sid:300000622; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"yourbettercleanplayer.info",nocase; classtype:web-application-activity; sid:300000623; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"yourbettercleanplayers.info",nocase; classtype:web-application-activity; sid:300000624; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"yourlegendaryplaceupgrade.info",nocase; classtype:web-application-activity; sid:300000625; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"yourlegendaryplaceupgrades.info",nocase; classtype:web-application-activity; sid:300000626; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"yourlegendaryplaceupgrading.work",nocase; classtype:web-application-activity; sid:300000627; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"yourlegendaryplayerupdate.work",nocase; classtype:web-application-activity; sid:300000628; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"yourlegendaryplayerupdating.work",nocase; classtype:web-application-activity; sid:300000629; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"yourlegendarysystemsupgrade.work",nocase; classtype:web-application-activity; sid:300000630; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"yourlegendaryvideoupgrades.info",nocase; classtype:web-application-activity; sid:300000631; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"yourlegendaryvideoupgrading.info",nocase; classtype:web-application-activity; sid:300000632; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"yourlinkplaceupdatingfree.work",nocase; classtype:web-application-activity; sid:300000633; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"yoursafestplayerlink.best",nocase; classtype:web-application-activity; sid:300000634; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"yoursafestreliablelink.work",nocase; classtype:web-application-activity; sid:300000635; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"yoursafeststablelink.info",nocase; classtype:web-application-activity; sid:300000636; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"yoursafeststablelinks.info",nocase; classtype:web-application-activity; sid:300000637; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"yoursafesystemsupdating.work",nocase; classtype:web-application-activity; sid:300000638; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"yourstablegreatupdate.work",nocase; classtype:web-application-activity; sid:300000639; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"yourstablegreatupdates.work",nocase; classtype:web-application-activity; sid:300000640; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"yourtechplaceforupgrades.info",nocase; classtype:web-application-activity; sid:300000641; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"yourultimateperfectupgrades.work",nocase; classtype:web-application-activity; sid:300000642; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"ysfetinora.tk",nocase; classtype:web-application-activity; sid:300000643; rev:1;)
|