2021-03-31 10:53:42 +00:00
|
|
|
# Title: PUP Domains Snort3 Ruleset
|
2021-04-02 12:08:00 +00:00
|
|
|
# Description: Block domains that host potentially unwanted programs (PUP)
|
2021-10-13 12:03:08 +00:00
|
|
|
# Updated: Wed, 13 Oct 2021 12:03:08 +0000
|
2021-03-31 10:53:42 +00:00
|
|
|
# Expires: 1 day (update frequency)
|
|
|
|
# Homepage: https://gitlab.com/curben/pup-filter
|
|
|
|
# License: https://gitlab.com/curben/pup-filter#license
|
|
|
|
# Source: https://github.com/zhouhanc/malware-discoverer
|
2021-10-07 00:03:25 +00:00
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"2021travel.net",nocase; classtype:web-application-activity; sid:300000001; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"4upgradingstablesafe.work",nocase; classtype:web-application-activity; sid:300000002; rev:1;)
|
2021-10-13 12:03:08 +00:00
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"affiliateland.io",nocase; classtype:web-application-activity; sid:300000003; rev:1;)
|
2021-10-09 00:23:41 +00:00
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"aikoo.club",nocase; classtype:web-application-activity; sid:300000004; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"amobil.online",nocase; classtype:web-application-activity; sid:300000005; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"appzfirer.biz",nocase; classtype:web-application-activity; sid:300000006; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"armorprovpn.me",nocase; classtype:web-application-activity; sid:300000007; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"atprofessor.fun",nocase; classtype:web-application-activity; sid:300000008; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"auto-car-search.site",nocase; classtype:web-application-activity; sid:300000009; rev:1;)
|
2021-10-12 00:02:58 +00:00
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"axisradio.ca",nocase; classtype:web-application-activity; sid:300000010; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"be-5hdo32xes-ok.live",nocase; classtype:web-application-activity; sid:300000011; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"be-n9lnns3n-ok.live",nocase; classtype:web-application-activity; sid:300000012; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"be-us-cars-for-seniors-ok.live",nocase; classtype:web-application-activity; sid:300000013; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"be-us-exercise-bikes-ok.live",nocase; classtype:web-application-activity; sid:300000014; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"beinspired.global",nocase; classtype:web-application-activity; sid:300000015; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"bestappland.me",nocase; classtype:web-application-activity; sid:300000016; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"bluetiger.cloud",nocase; classtype:web-application-activity; sid:300000017; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"boot-upcompletely-bestprecisefile.best",nocase; classtype:web-application-activity; sid:300000018; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"boot-upcompletely-bestsophisticatedfile.best",nocase; classtype:web-application-activity; sid:300000019; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"boot-upfree-bestuberfile.best",nocase; classtype:web-application-activity; sid:300000020; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"boot-upheavily-bestquickfile.best",nocase; classtype:web-application-activity; sid:300000021; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"boot-upheavily-bestsophisticatedfile.best",nocase; classtype:web-application-activity; sid:300000022; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"boot-upoverly-bestadvancedfile.best",nocase; classtype:web-application-activity; sid:300000023; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"boot-uprenewed-bestuberfile.best",nocase; classtype:web-application-activity; sid:300000024; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"boot-upsophisticated-bestoverlyfile.best",nocase; classtype:web-application-activity; sid:300000025; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"boot-upuber-bestfreefile.best",nocase; classtype:web-application-activity; sid:300000026; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"breaking-news.digital",nocase; classtype:web-application-activity; sid:300000027; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"calledbellc.fun",nocase; classtype:web-application-activity; sid:300000028; rev:1;)
|
2021-10-13 00:02:41 +00:00
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"checkstableaupdatinglinks.work",nocase; classtype:web-application-activity; sid:300000029; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"connecttheupgradingurls.work",nocase; classtype:web-application-activity; sid:300000030; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"consumerprotectioncybersecurity.org",nocase; classtype:web-application-activity; sid:300000031; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"contentamigo.ru",nocase; classtype:web-application-activity; sid:300000032; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"contentarea.ru",nocase; classtype:web-application-activity; sid:300000033; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"country-news.live",nocase; classtype:web-application-activity; sid:300000034; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"crazyprize.buzz",nocase; classtype:web-application-activity; sid:300000035; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"credit-monitoring-360.xyz",nocase; classtype:web-application-activity; sid:300000036; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"cryptotilt.club",nocase; classtype:web-application-activity; sid:300000037; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"curfiositystream.com",nocase; classtype:web-application-activity; sid:300000038; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"curiositydstream.com",nocase; classtype:web-application-activity; sid:300000039; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"darkview.org",nocase; classtype:web-application-activity; sid:300000040; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"dealmedia.club",nocase; classtype:web-application-activity; sid:300000041; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"dealmedia.website",nocase; classtype:web-application-activity; sid:300000042; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"dealmedia.xyz",nocase; classtype:web-application-activity; sid:300000043; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"dealsify.net",nocase; classtype:web-application-activity; sid:300000044; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"defensepro.me",nocase; classtype:web-application-activity; sid:300000045; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"desixxx.cloud",nocase; classtype:web-application-activity; sid:300000046; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"discoveryfeed.org",nocase; classtype:web-application-activity; sid:300000047; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"earlyprogress.info",nocase; classtype:web-application-activity; sid:300000048; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"efladn.club",nocase; classtype:web-application-activity; sid:300000049; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"elpelades.club",nocase; classtype:web-application-activity; sid:300000050; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"exploreshops.net",nocase; classtype:web-application-activity; sid:300000051; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"fast-app.xyz",nocase; classtype:web-application-activity; sid:300000052; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"fastfactsonline.co",nocase; classtype:web-application-activity; sid:300000053; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"fastmapc.xyz",nocase; classtype:web-application-activity; sid:300000054; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"fastspinc.xyz",nocase; classtype:web-application-activity; sid:300000055; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"fastspinf.xyz",nocase; classtype:web-application-activity; sid:300000056; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"fastspota.xyz",nocase; classtype:web-application-activity; sid:300000057; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"fastspotb.xyz",nocase; classtype:web-application-activity; sid:300000058; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"fastwebb.xyz",nocase; classtype:web-application-activity; sid:300000059; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"findaupgradingurls.work",nocase; classtype:web-application-activity; sid:300000060; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"finditquick.online",nocase; classtype:web-application-activity; sid:300000061; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"findwith.me",nocase; classtype:web-application-activity; sid:300000062; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"finreporter.net",nocase; classtype:web-application-activity; sid:300000063; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"fireapps.cloud",nocase; classtype:web-application-activity; sid:300000064; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"fisudauh.top",nocase; classtype:web-application-activity; sid:300000065; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"flash-rewards.info",nocase; classtype:web-application-activity; sid:300000066; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"freenationalsuperworldwide.cyou",nocase; classtype:web-application-activity; sid:300000067; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"freewareappsstreamfast-best.digital",nocase; classtype:web-application-activity; sid:300000068; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"freewareappsstreamfastall.digital",nocase; classtype:web-application-activity; sid:300000069; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"funanime.me",nocase; classtype:web-application-activity; sid:300000070; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"funny-media.ru",nocase; classtype:web-application-activity; sid:300000071; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"funspine.xyz",nocase; classtype:web-application-activity; sid:300000072; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"genertellife.it",nocase; classtype:web-application-activity; sid:300000073; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"get-your-score.club",nocase; classtype:web-application-activity; sid:300000074; rev:1;)
|
2021-10-13 12:03:08 +00:00
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"getmoregirls.net",nocase; classtype:web-application-activity; sid:300000075; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"girlsnearyou.online",nocase; classtype:web-application-activity; sid:300000076; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"gladmstreet.xyz",nocase; classtype:web-application-activity; sid:300000077; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"gladplacespin.xyz",nocase; classtype:web-application-activity; sid:300000078; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"global-track.space",nocase; classtype:web-application-activity; sid:300000079; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"goalmedia.cam",nocase; classtype:web-application-activity; sid:300000080; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"goalmedia.monster",nocase; classtype:web-application-activity; sid:300000081; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"golddellifewonder.rest",nocase; classtype:web-application-activity; sid:300000082; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"gonesteeldouble.top",nocase; classtype:web-application-activity; sid:300000083; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"grandencryptions.me",nocase; classtype:web-application-activity; sid:300000084; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"hailso.xyz",nocase; classtype:web-application-activity; sid:300000085; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"healthylives.today",nocase; classtype:web-application-activity; sid:300000086; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"heatwavereporter.org",nocase; classtype:web-application-activity; sid:300000087; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"help4.info",nocase; classtype:web-application-activity; sid:300000088; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"httqzq.vip",nocase; classtype:web-application-activity; sid:300000089; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"hypezen.info",nocase; classtype:web-application-activity; sid:300000090; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"ientsillness.fun",nocase; classtype:web-application-activity; sid:300000091; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"imagefind.org",nocase; classtype:web-application-activity; sid:300000092; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"incing-marganic.icu",nocase; classtype:web-application-activity; sid:300000093; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"incrediblebuzz.info",nocase; classtype:web-application-activity; sid:300000094; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"initiatecompletelyprecisethefile.vip",nocase; classtype:web-application-activity; sid:300000095; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"initiatecompletelyprogressivethefile.vip",nocase; classtype:web-application-activity; sid:300000096; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"initiatecompletelyspeedythefile.vip",nocase; classtype:web-application-activity; sid:300000097; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"initiateprogressivecompletelythefile.vip",nocase; classtype:web-application-activity; sid:300000098; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"initiatesophisticatedcompletelythefile.vip",nocase; classtype:web-application-activity; sid:300000099; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"intelectaction.ru",nocase; classtype:web-application-activity; sid:300000100; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"investinfo.net",nocase; classtype:web-application-activity; sid:300000101; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"ironprovpn.me",nocase; classtype:web-application-activity; sid:300000102; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"isystemupdate.cloud",nocase; classtype:web-application-activity; sid:300000103; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"jetsummer.xyz",nocase; classtype:web-application-activity; sid:300000104; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"jojomamanbebe.ie",nocase; classtype:web-application-activity; sid:300000105; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"joyspotmap.xyz",nocase; classtype:web-application-activity; sid:300000106; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"jtkszl.vip",nocase; classtype:web-application-activity; sid:300000107; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"juicydataadvance.ru",nocase; classtype:web-application-activity; sid:300000108; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"juicydataage.ru",nocase; classtype:web-application-activity; sid:300000109; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"juicydataair.ru",nocase; classtype:web-application-activity; sid:300000110; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"juicydataalt.ru",nocase; classtype:web-application-activity; sid:300000111; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"junemedia.bar",nocase; classtype:web-application-activity; sid:300000112; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"junemedia.club",nocase; classtype:web-application-activity; sid:300000113; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"junemedia.xyz",nocase; classtype:web-application-activity; sid:300000114; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"junesmile.xyz",nocase; classtype:web-application-activity; sid:300000115; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"keepinfit.net",nocase; classtype:web-application-activity; sid:300000116; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"koalaautumna.xyz",nocase; classtype:web-application-activity; sid:300000117; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"koalaautumnb.xyz",nocase; classtype:web-application-activity; sid:300000118; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"koalaautumnc.xyz",nocase; classtype:web-application-activity; sid:300000119; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"koalaautumnd.xyz",nocase; classtype:web-application-activity; sid:300000120; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"koalaautumne.xyz",nocase; classtype:web-application-activity; sid:300000121; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"koalaspringa.xyz",nocase; classtype:web-application-activity; sid:300000122; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"koalaspringb.xyz",nocase; classtype:web-application-activity; sid:300000123; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"koalaspringc.xyz",nocase; classtype:web-application-activity; sid:300000124; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"koalaspringd.xyz",nocase; classtype:web-application-activity; sid:300000125; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"koalaspringe.xyz",nocase; classtype:web-application-activity; sid:300000126; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"koalaspringf.xyz",nocase; classtype:web-application-activity; sid:300000127; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"koalasummera.xyz",nocase; classtype:web-application-activity; sid:300000128; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"koalasummerc.xyz",nocase; classtype:web-application-activity; sid:300000129; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"koalasummerd.xyz",nocase; classtype:web-application-activity; sid:300000130; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"koalasummere.xyz",nocase; classtype:web-application-activity; sid:300000131; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"koalasummerf.xyz",nocase; classtype:web-application-activity; sid:300000132; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"koalawintera.xyz",nocase; classtype:web-application-activity; sid:300000133; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"koalawinterb.xyz",nocase; classtype:web-application-activity; sid:300000134; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"koalawinterc.xyz",nocase; classtype:web-application-activity; sid:300000135; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"koalawinterd.xyz",nocase; classtype:web-application-activity; sid:300000136; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"koalawintere.xyz",nocase; classtype:web-application-activity; sid:300000137; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"kompsos.uk",nocase; classtype:web-application-activity; sid:300000138; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"ktpyzw.vip",nocase; classtype:web-application-activity; sid:300000139; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"lackystack.net",nocase; classtype:web-application-activity; sid:300000140; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"ligamedia.art",nocase; classtype:web-application-activity; sid:300000141; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"ligamedia.casa",nocase; classtype:web-application-activity; sid:300000142; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"ligamedia.club",nocase; classtype:web-application-activity; sid:300000143; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"link4updatingcentral.work",nocase; classtype:web-application-activity; sid:300000144; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"listenthisso.top",nocase; classtype:web-application-activity; sid:300000145; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"lltrsknoob.click",nocase; classtype:web-application-activity; sid:300000146; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"loadadvancedextremelythefile.vip",nocase; classtype:web-application-activity; sid:300000147; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"loaddevelopeduberfile.digital",nocase; classtype:web-application-activity; sid:300000148; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"loadextremelycurrentthefile.vip",nocase; classtype:web-application-activity; sid:300000149; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"loadextremelyquickfile.digital",nocase; classtype:web-application-activity; sid:300000150; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"loadextremelyrecentthefile.vip",nocase; classtype:web-application-activity; sid:300000151; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"loadfree-bestheavilyfile.best",nocase; classtype:web-application-activity; sid:300000152; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"loadfreeextremelyfile.digital",nocase; classtype:web-application-activity; sid:300000153; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"loadgreatlynewestthefile.vip",nocase; classtype:web-application-activity; sid:300000154; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"loadgreatlyoriginalthefile.vip",nocase; classtype:web-application-activity; sid:300000155; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"loadgreatlyprogressivethefile.vip",nocase; classtype:web-application-activity; sid:300000156; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"loadgreatlyrenewedthefile.vip",nocase; classtype:web-application-activity; sid:300000157; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"loadhighlyadvancedthefile.vip",nocase; classtype:web-application-activity; sid:300000158; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"loadintenselyquickthefile.vip",nocase; classtype:web-application-activity; sid:300000159; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"loadintenselyspeedythefile.vip",nocase; classtype:web-application-activity; sid:300000160; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"loadintenselystrongthefile.vip",nocase; classtype:web-application-activity; sid:300000161; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"loadintenselyswiftthefile.vip",nocase; classtype:web-application-activity; sid:300000162; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"loadnewestextremelythefile.vip",nocase; classtype:web-application-activity; sid:300000163; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"loadnewestgreatlythefile.vip",nocase; classtype:web-application-activity; sid:300000164; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"loadoriginalextremelythefile.vip",nocase; classtype:web-application-activity; sid:300000165; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"loadoriginalgreatlythefile.vip",nocase; classtype:web-application-activity; sid:300000166; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"loadpreciseintenselythefile.vip",nocase; classtype:web-application-activity; sid:300000167; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"loadpreciseuberfile.digital",nocase; classtype:web-application-activity; sid:300000168; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"loadprogressivegreatlythefile.vip",nocase; classtype:web-application-activity; sid:300000169; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"loadquickextremelyfile.digital",nocase; classtype:web-application-activity; sid:300000170; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"loadrecentextremelythefile.vip",nocase; classtype:web-application-activity; sid:300000171; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"loadrecentoverlyfile.digital",nocase; classtype:web-application-activity; sid:300000172; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"loadrefineduberfile.digital",nocase; classtype:web-application-activity; sid:300000173; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"loadrenewedgreatlythefile.vip",nocase; classtype:web-application-activity; sid:300000174; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"loadsophisticateduberfile.digital",nocase; classtype:web-application-activity; sid:300000175; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"loadstreamlaunch.digital",nocase; classtype:web-application-activity; sid:300000176; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"loadstrongextremelyfile.digital",nocase; classtype:web-application-activity; sid:300000177; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"loadstrongintenselythefile.vip",nocase; classtype:web-application-activity; sid:300000178; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"loadswiftintenselythefile.vip",nocase; classtype:web-application-activity; sid:300000179; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"loaduberprecisefile.digital",nocase; classtype:web-application-activity; sid:300000180; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"loaduberspeedyfile.digital",nocase; classtype:web-application-activity; sid:300000181; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"louisvillegigs.net",nocase; classtype:web-application-activity; sid:300000182; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"loveorfun.cc",nocase; classtype:web-application-activity; sid:300000183; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"lubbockeda.org",nocase; classtype:web-application-activity; sid:300000184; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"marketloans.net",nocase; classtype:web-application-activity; sid:300000185; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"matchyourgirl.online",nocase; classtype:web-application-activity; sid:300000186; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"mathison.io",nocase; classtype:web-application-activity; sid:300000187; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"media-cloud.ru",nocase; classtype:web-application-activity; sid:300000188; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"mediaadvanced.ru",nocase; classtype:web-application-activity; sid:300000189; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"meeryslotspin.xyz",nocase; classtype:web-application-activity; sid:300000190; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"mindmatch.ai",nocase; classtype:web-application-activity; sid:300000191; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"mobileluckywinner.site",nocase; classtype:web-application-activity; sid:300000192; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"money-hero.org",nocase; classtype:web-application-activity; sid:300000193; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"movievod.me",nocase; classtype:web-application-activity; sid:300000194; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"mynutriplan.co",nocase; classtype:web-application-activity; sid:300000195; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"n95o0fxvvw.top",nocase; classtype:web-application-activity; sid:300000196; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"nettrafficpartners.net",nocase; classtype:web-application-activity; sid:300000197; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"newbuy.xyz",nocase; classtype:web-application-activity; sid:300000198; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"newsinformer.net",nocase; classtype:web-application-activity; sid:300000199; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"offerpage.link",nocase; classtype:web-application-activity; sid:300000200; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"offersearch.info",nocase; classtype:web-application-activity; sid:300000201; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"official-bigwin-national-free.cyou",nocase; classtype:web-application-activity; sid:300000202; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"officialbigwinnationalfree.cyou",nocase; classtype:web-application-activity; sid:300000203; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"oldharper.xyz",nocase; classtype:web-application-activity; sid:300000204; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"olivedinflats.space",nocase; classtype:web-application-activity; sid:300000205; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"online-prize-super-promotion.cyou",nocase; classtype:web-application-activity; sid:300000206; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"onlineprize.cyou",nocase; classtype:web-application-activity; sid:300000207; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"onlineprizesuperpromotion.cyou",nocase; classtype:web-application-activity; sid:300000208; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"onlinewinnerluckyrewards.cyou",nocase; classtype:web-application-activity; sid:300000209; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"ouldthepat.fun",nocase; classtype:web-application-activity; sid:300000210; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"pandaautumna.xyz",nocase; classtype:web-application-activity; sid:300000211; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"pandaautumnb.xyz",nocase; classtype:web-application-activity; sid:300000212; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"pandaautumnc.xyz",nocase; classtype:web-application-activity; sid:300000213; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"pandaautumnd.xyz",nocase; classtype:web-application-activity; sid:300000214; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"pandaautumnf.xyz",nocase; classtype:web-application-activity; sid:300000215; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"pandaspringa.xyz",nocase; classtype:web-application-activity; sid:300000216; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"pandaspringb.xyz",nocase; classtype:web-application-activity; sid:300000217; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"pandaspringc.xyz",nocase; classtype:web-application-activity; sid:300000218; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"pandaspringd.xyz",nocase; classtype:web-application-activity; sid:300000219; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"pandaspringe.xyz",nocase; classtype:web-application-activity; sid:300000220; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"pandasummera.xyz",nocase; classtype:web-application-activity; sid:300000221; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"pandasummerc.xyz",nocase; classtype:web-application-activity; sid:300000222; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"pandasummerd.xyz",nocase; classtype:web-application-activity; sid:300000223; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"pandasummere.xyz",nocase; classtype:web-application-activity; sid:300000224; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"pandasummerf.xyz",nocase; classtype:web-application-activity; sid:300000225; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"pandawintera.xyz",nocase; classtype:web-application-activity; sid:300000226; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"pandawinterb.xyz",nocase; classtype:web-application-activity; sid:300000227; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"pandawinterc.xyz",nocase; classtype:web-application-activity; sid:300000228; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"pandawinterd.xyz",nocase; classtype:web-application-activity; sid:300000229; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"pandawintere.xyz",nocase; classtype:web-application-activity; sid:300000230; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"pcsecurity-live.xyz",nocase; classtype:web-application-activity; sid:300000231; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"photo-explorer.org",nocase; classtype:web-application-activity; sid:300000232; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"placefortheupgradesset.work",nocase; classtype:web-application-activity; sid:300000233; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"placesiteb.xyz",nocase; classtype:web-application-activity; sid:300000234; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"placespina.xyz",nocase; classtype:web-application-activity; sid:300000235; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"playautumna.xyz",nocase; classtype:web-application-activity; sid:300000236; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"playautumnb.xyz",nocase; classtype:web-application-activity; sid:300000237; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"playautumnc.xyz",nocase; classtype:web-application-activity; sid:300000238; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"playautumnd.xyz",nocase; classtype:web-application-activity; sid:300000239; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"playautumne.xyz",nocase; classtype:web-application-activity; sid:300000240; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"playautumnf.xyz",nocase; classtype:web-application-activity; sid:300000241; rev:1;)
|
2021-10-13 00:02:41 +00:00
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"playplanete.xyz",nocase; classtype:web-application-activity; sid:300000242; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"playspind.xyz",nocase; classtype:web-application-activity; sid:300000243; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"playspringa.xyz",nocase; classtype:web-application-activity; sid:300000244; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"playspringb.xyz",nocase; classtype:web-application-activity; sid:300000245; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"playspringc.xyz",nocase; classtype:web-application-activity; sid:300000246; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"playspringd.xyz",nocase; classtype:web-application-activity; sid:300000247; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"playspringe.xyz",nocase; classtype:web-application-activity; sid:300000248; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"playsummera.xyz",nocase; classtype:web-application-activity; sid:300000249; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"playsummerb.xyz",nocase; classtype:web-application-activity; sid:300000250; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"playsummerc.xyz",nocase; classtype:web-application-activity; sid:300000251; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"playsummere.xyz",nocase; classtype:web-application-activity; sid:300000252; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"playsummerf.xyz",nocase; classtype:web-application-activity; sid:300000253; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"playwintera.xyz",nocase; classtype:web-application-activity; sid:300000254; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"playwinterb.xyz",nocase; classtype:web-application-activity; sid:300000255; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"playwinterc.xyz",nocase; classtype:web-application-activity; sid:300000256; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"playwinterd.xyz",nocase; classtype:web-application-activity; sid:300000257; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"playwintere.xyz",nocase; classtype:web-application-activity; sid:300000258; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"playwinterf.xyz",nocase; classtype:web-application-activity; sid:300000259; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"ppploanchoices.site",nocase; classtype:web-application-activity; sid:300000260; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"prize-messsages.casa",nocase; classtype:web-application-activity; sid:300000261; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"profitsurvey365.online",nocase; classtype:web-application-activity; sid:300000262; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"profitsurvey365.org",nocase; classtype:web-application-activity; sid:300000263; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"proprotect.me",nocase; classtype:web-application-activity; sid:300000264; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"prosecurityvpn.me",nocase; classtype:web-application-activity; sid:300000265; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"protect-ios.com",nocase; classtype:web-application-activity; sid:300000266; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"protecttool.me",nocase; classtype:web-application-activity; sid:300000267; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"provpn.me",nocase; classtype:web-application-activity; sid:300000268; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"provpnsecurity.me",nocase; classtype:web-application-activity; sid:300000269; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"provpnservice.me",nocase; classtype:web-application-activity; sid:300000270; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"prtctapp.me",nocase; classtype:web-application-activity; sid:300000271; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"qfind.net",nocase; classtype:web-application-activity; sid:300000272; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"quatrefeuillepolonaise.xyz",nocase; classtype:web-application-activity; sid:300000273; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"quizshein.shop",nocase; classtype:web-application-activity; sid:300000274; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"rancy.xyz",nocase; classtype:web-application-activity; sid:300000275; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"rewardgivingrealspecialoffer.cyou",nocase; classtype:web-application-activity; sid:300000276; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"rewards-promotion-winner-super.cyou",nocase; classtype:web-application-activity; sid:300000277; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"rewardspromotionwinnersuper.cyou",nocase; classtype:web-application-activity; sid:300000278; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"robogarden.io",nocase; classtype:web-application-activity; sid:300000279; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"runadvanced-bestgreatlyfile.best",nocase; classtype:web-application-activity; sid:300000280; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"rungreatly-bestadvancedfile.best",nocase; classtype:web-application-activity; sid:300000281; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"safeguide.net",nocase; classtype:web-application-activity; sid:300000282; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"savagegrowplus.net",nocase; classtype:web-application-activity; sid:300000283; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"scoopswoop.info",nocase; classtype:web-application-activity; sid:300000284; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"search4theupdatefree.work",nocase; classtype:web-application-activity; sid:300000285; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"search4theupgradeset.info",nocase; classtype:web-application-activity; sid:300000286; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"search4upgradingset.info",nocase; classtype:web-application-activity; sid:300000287; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"searchmgr.online",nocase; classtype:web-application-activity; sid:300000288; rev:1;)
|
2021-10-13 12:03:08 +00:00
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"securitevpn.me",nocase; classtype:web-application-activity; sid:300000289; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"securityvpnpro.me",nocase; classtype:web-application-activity; sid:300000290; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"sergey-tracks.xyz",nocase; classtype:web-application-activity; sid:300000291; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"settothereliableupgradingnew.work",nocase; classtype:web-application-activity; sid:300000292; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"shopadvisors.net",nocase; classtype:web-application-activity; sid:300000293; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"shopin.nyc",nocase; classtype:web-application-activity; sid:300000294; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"shopnsave.world",nocase; classtype:web-application-activity; sid:300000295; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"signupandturnyourscreenoffsafepowernow.date",nocase; classtype:web-application-activity; sid:300000296; rev:1;)
|
2021-10-13 00:02:41 +00:00
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"smartideas.pro",nocase; classtype:web-application-activity; sid:300000297; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"spotmapd.xyz",nocase; classtype:web-application-activity; sid:300000298; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"spotmapf.xyz",nocase; classtype:web-application-activity; sid:300000299; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"spotplanetc.xyz",nocase; classtype:web-application-activity; sid:300000300; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"springplanetf.xyz",nocase; classtype:web-application-activity; sid:300000301; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"start-page.one",nocase; classtype:web-application-activity; sid:300000302; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"startos.win",nocase; classtype:web-application-activity; sid:300000303; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"stickr.co",nocase; classtype:web-application-activity; sid:300000304; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"stogether.fun",nocase; classtype:web-application-activity; sid:300000305; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"streamdevelopedintenselythefile.vip",nocase; classtype:web-application-activity; sid:300000306; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"streamintenselyrefinedthefile.vip",nocase; classtype:web-application-activity; sid:300000307; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"streamintenselysophisticatedthefile.vip",nocase; classtype:web-application-activity; sid:300000308; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"streampreciseintenselythefile.vip",nocase; classtype:web-application-activity; sid:300000309; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"streamrecent-bestuberfile.best",nocase; classtype:web-application-activity; sid:300000310; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"streamspeedyintenselythefile.vip",nocase; classtype:web-application-activity; sid:300000311; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"subeamy.pw",nocase; classtype:web-application-activity; sid:300000312; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"sudoo.net",nocase; classtype:web-application-activity; sid:300000313; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"summermedia.club",nocase; classtype:web-application-activity; sid:300000314; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"superpromotion.cyou",nocase; classtype:web-application-activity; sid:300000315; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"support-notify.space",nocase; classtype:web-application-activity; sid:300000316; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"sweetalt.ru",nocase; classtype:web-application-activity; sid:300000317; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"sweetgirls.buzz",nocase; classtype:web-application-activity; sid:300000318; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"synccurrentmostthefile.vip",nocase; classtype:web-application-activity; sid:300000319; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"synclatestintenselythefile.vip",nocase; classtype:web-application-activity; sid:300000320; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"syncmostprecisethefile.vip",nocase; classtype:web-application-activity; sid:300000321; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"syncnewestmostthefile.vip",nocase; classtype:web-application-activity; sid:300000322; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"syncnewestuberthefile.vip",nocase; classtype:web-application-activity; sid:300000323; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"syncrecentintenselythefile.vip",nocase; classtype:web-application-activity; sid:300000324; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"syncubercurrentfiles.best",nocase; classtype:web-application-activity; sid:300000325; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"systemupdateme.solutions",nocase; classtype:web-application-activity; sid:300000326; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"systemupdatit.club",nocase; classtype:web-application-activity; sid:300000327; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"technoblogs.net",nocase; classtype:web-application-activity; sid:300000328; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"technologypartners.net",nocase; classtype:web-application-activity; sid:300000329; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"thanksyoursupport.club",nocase; classtype:web-application-activity; sid:300000330; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"thecryptozone.website",nocase; classtype:web-application-activity; sid:300000331; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"theirproviderock.top",nocase; classtype:web-application-activity; sid:300000332; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"thelastpicture.show",nocase; classtype:web-application-activity; sid:300000333; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"thrawdmn55.xyz",nocase; classtype:web-application-activity; sid:300000334; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"timeoffers.net",nocase; classtype:web-application-activity; sid:300000335; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"timesamerica.net",nocase; classtype:web-application-activity; sid:300000336; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"toolvpn.me",nocase; classtype:web-application-activity; sid:300000337; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"top-offers2.club",nocase; classtype:web-application-activity; sid:300000338; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"topdating.online",nocase; classtype:web-application-activity; sid:300000339; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"tracking-landers.xyz",nocase; classtype:web-application-activity; sid:300000340; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"trafficmind.pro",nocase; classtype:web-application-activity; sid:300000341; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"trane.fun",nocase; classtype:web-application-activity; sid:300000342; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"truecompassion.net",nocase; classtype:web-application-activity; sid:300000343; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"trustappstreamsall.digital",nocase; classtype:web-application-activity; sid:300000344; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"updatefix.xyz",nocase; classtype:web-application-activity; sid:300000345; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"upplaysite.xyz",nocase; classtype:web-application-activity; sid:300000346; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"usepro.me",nocase; classtype:web-application-activity; sid:300000347; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"useprovpn.me",nocase; classtype:web-application-activity; sid:300000348; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"usevpnpro.me",nocase; classtype:web-application-activity; sid:300000349; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"usforeclosure.net",nocase; classtype:web-application-activity; sid:300000350; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"videoau.ru",nocase; classtype:web-application-activity; sid:300000351; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"videoauthor.ru",nocase; classtype:web-application-activity; sid:300000352; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"vpn-pro.club",nocase; classtype:web-application-activity; sid:300000353; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"vpnprosecurity.me",nocase; classtype:web-application-activity; sid:300000354; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"vpnsecurity.me",nocase; classtype:web-application-activity; sid:300000355; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"vpnservice.me",nocase; classtype:web-application-activity; sid:300000356; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"watchadvanced-bestgreatlyfile.best",nocase; classtype:web-application-activity; sid:300000357; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"watchextremely-bestsophisticatedfile.best",nocase; classtype:web-application-activity; sid:300000358; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"watchgreatly-bestcurrentfile.best",nocase; classtype:web-application-activity; sid:300000359; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"watchgreatly-bestlatestfile.best",nocase; classtype:web-application-activity; sid:300000360; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"watchlatest-bestgreatlyfile.best",nocase; classtype:web-application-activity; sid:300000361; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"watchprogressive-bestmostfile.best",nocase; classtype:web-application-activity; sid:300000362; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"watchquick-bestheavilyfile.best",nocase; classtype:web-application-activity; sid:300000363; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"watchrefined-bestextremelyfile.best",nocase; classtype:web-application-activity; sid:300000364; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"web-security.ml",nocase; classtype:web-application-activity; sid:300000365; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"webtactics.ca",nocase; classtype:web-application-activity; sid:300000366; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"winnerbigwingiveawaysuper.cyou",nocase; classtype:web-application-activity; sid:300000367; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"winnerz.icu",nocase; classtype:web-application-activity; sid:300000368; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"winnerz.site",nocase; classtype:web-application-activity; sid:300000369; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"worivo.info",nocase; classtype:web-application-activity; sid:300000370; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"worldwide-national-claim-free.cyou",nocase; classtype:web-application-activity; sid:300000371; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"worldwide-prize-giveaway-free.cyou",nocase; classtype:web-application-activity; sid:300000372; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"worldwideluckypromotionfree.cyou",nocase; classtype:web-application-activity; sid:300000373; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"worldwidenationalclaimfree.cyou",nocase; classtype:web-application-activity; sid:300000374; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"worldwideofficialpromotion.cyou",nocase; classtype:web-application-activity; sid:300000375; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"worldwideprizegiveawayfree.cyou",nocase; classtype:web-application-activity; sid:300000376; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"yourlegendarysystemsupgrade.work",nocase; classtype:web-application-activity; sid:300000377; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"yourlinkplaceupdatingfree.work",nocase; classtype:web-application-activity; sid:300000378; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"yourluckytoday.club",nocase; classtype:web-application-activity; sid:300000379; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"yourmoneymachine.cc",nocase; classtype:web-application-activity; sid:300000380; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"yoursafestgreatplaceupdates.work",nocase; classtype:web-application-activity; sid:300000381; rev:1;)
|