2021-03-31 10:53:42 +00:00
|
|
|
# Title: PUP Domains Suricata Ruleset
|
2021-04-02 12:08:00 +00:00
|
|
|
# Description: Block domains that host potentially unwanted programs (PUP)
|
2021-10-13 12:03:08 +00:00
|
|
|
# Updated: Wed, 13 Oct 2021 12:03:08 +0000
|
2021-03-31 10:53:42 +00:00
|
|
|
# Expires: 1 day (update frequency)
|
|
|
|
# Homepage: https://gitlab.com/curben/pup-filter
|
|
|
|
# License: https://gitlab.com/curben/pup-filter#license
|
|
|
|
# Source: https://github.com/zhouhanc/malware-discoverer
|
2021-10-07 00:03:25 +00:00
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"2021travel.net"; classtype:web-application-activity; sid:300000001; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"4upgradingstablesafe.work"; classtype:web-application-activity; sid:300000002; rev:1;)
|
2021-10-13 12:03:08 +00:00
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"affiliateland.io"; classtype:web-application-activity; sid:300000003; rev:1;)
|
2021-10-09 00:23:41 +00:00
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"aikoo.club"; classtype:web-application-activity; sid:300000004; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"amobil.online"; classtype:web-application-activity; sid:300000005; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"appzfirer.biz"; classtype:web-application-activity; sid:300000006; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"armorprovpn.me"; classtype:web-application-activity; sid:300000007; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"atprofessor.fun"; classtype:web-application-activity; sid:300000008; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"auto-car-search.site"; classtype:web-application-activity; sid:300000009; rev:1;)
|
2021-10-12 00:02:58 +00:00
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"axisradio.ca"; classtype:web-application-activity; sid:300000010; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"be-5hdo32xes-ok.live"; classtype:web-application-activity; sid:300000011; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"be-n9lnns3n-ok.live"; classtype:web-application-activity; sid:300000012; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"be-us-cars-for-seniors-ok.live"; classtype:web-application-activity; sid:300000013; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"be-us-exercise-bikes-ok.live"; classtype:web-application-activity; sid:300000014; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"beinspired.global"; classtype:web-application-activity; sid:300000015; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"bestappland.me"; classtype:web-application-activity; sid:300000016; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"bluetiger.cloud"; classtype:web-application-activity; sid:300000017; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"boot-upcompletely-bestprecisefile.best"; classtype:web-application-activity; sid:300000018; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"boot-upcompletely-bestsophisticatedfile.best"; classtype:web-application-activity; sid:300000019; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"boot-upfree-bestuberfile.best"; classtype:web-application-activity; sid:300000020; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"boot-upheavily-bestquickfile.best"; classtype:web-application-activity; sid:300000021; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"boot-upheavily-bestsophisticatedfile.best"; classtype:web-application-activity; sid:300000022; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"boot-upoverly-bestadvancedfile.best"; classtype:web-application-activity; sid:300000023; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"boot-uprenewed-bestuberfile.best"; classtype:web-application-activity; sid:300000024; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"boot-upsophisticated-bestoverlyfile.best"; classtype:web-application-activity; sid:300000025; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"boot-upuber-bestfreefile.best"; classtype:web-application-activity; sid:300000026; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"breaking-news.digital"; classtype:web-application-activity; sid:300000027; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"calledbellc.fun"; classtype:web-application-activity; sid:300000028; rev:1;)
|
2021-10-13 00:02:41 +00:00
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"checkstableaupdatinglinks.work"; classtype:web-application-activity; sid:300000029; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"connecttheupgradingurls.work"; classtype:web-application-activity; sid:300000030; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"consumerprotectioncybersecurity.org"; classtype:web-application-activity; sid:300000031; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"contentamigo.ru"; classtype:web-application-activity; sid:300000032; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"contentarea.ru"; classtype:web-application-activity; sid:300000033; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"country-news.live"; classtype:web-application-activity; sid:300000034; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"crazyprize.buzz"; classtype:web-application-activity; sid:300000035; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"credit-monitoring-360.xyz"; classtype:web-application-activity; sid:300000036; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"cryptotilt.club"; classtype:web-application-activity; sid:300000037; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"curfiositystream.com"; classtype:web-application-activity; sid:300000038; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"curiositydstream.com"; classtype:web-application-activity; sid:300000039; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"darkview.org"; classtype:web-application-activity; sid:300000040; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"dealmedia.club"; classtype:web-application-activity; sid:300000041; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"dealmedia.website"; classtype:web-application-activity; sid:300000042; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"dealmedia.xyz"; classtype:web-application-activity; sid:300000043; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"dealsify.net"; classtype:web-application-activity; sid:300000044; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"defensepro.me"; classtype:web-application-activity; sid:300000045; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"desixxx.cloud"; classtype:web-application-activity; sid:300000046; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"discoveryfeed.org"; classtype:web-application-activity; sid:300000047; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"earlyprogress.info"; classtype:web-application-activity; sid:300000048; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"efladn.club"; classtype:web-application-activity; sid:300000049; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"elpelades.club"; classtype:web-application-activity; sid:300000050; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"exploreshops.net"; classtype:web-application-activity; sid:300000051; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"fast-app.xyz"; classtype:web-application-activity; sid:300000052; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"fastfactsonline.co"; classtype:web-application-activity; sid:300000053; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"fastmapc.xyz"; classtype:web-application-activity; sid:300000054; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"fastspinc.xyz"; classtype:web-application-activity; sid:300000055; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"fastspinf.xyz"; classtype:web-application-activity; sid:300000056; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"fastspota.xyz"; classtype:web-application-activity; sid:300000057; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"fastspotb.xyz"; classtype:web-application-activity; sid:300000058; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"fastwebb.xyz"; classtype:web-application-activity; sid:300000059; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"findaupgradingurls.work"; classtype:web-application-activity; sid:300000060; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"finditquick.online"; classtype:web-application-activity; sid:300000061; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"findwith.me"; classtype:web-application-activity; sid:300000062; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"finreporter.net"; classtype:web-application-activity; sid:300000063; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"fireapps.cloud"; classtype:web-application-activity; sid:300000064; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"fisudauh.top"; classtype:web-application-activity; sid:300000065; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"flash-rewards.info"; classtype:web-application-activity; sid:300000066; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"freenationalsuperworldwide.cyou"; classtype:web-application-activity; sid:300000067; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"freewareappsstreamfast-best.digital"; classtype:web-application-activity; sid:300000068; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"freewareappsstreamfastall.digital"; classtype:web-application-activity; sid:300000069; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"funanime.me"; classtype:web-application-activity; sid:300000070; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"funny-media.ru"; classtype:web-application-activity; sid:300000071; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"funspine.xyz"; classtype:web-application-activity; sid:300000072; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"genertellife.it"; classtype:web-application-activity; sid:300000073; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"get-your-score.club"; classtype:web-application-activity; sid:300000074; rev:1;)
|
2021-10-13 12:03:08 +00:00
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"getmoregirls.net"; classtype:web-application-activity; sid:300000075; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"girlsnearyou.online"; classtype:web-application-activity; sid:300000076; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"gladmstreet.xyz"; classtype:web-application-activity; sid:300000077; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"gladplacespin.xyz"; classtype:web-application-activity; sid:300000078; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"global-track.space"; classtype:web-application-activity; sid:300000079; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"goalmedia.cam"; classtype:web-application-activity; sid:300000080; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"goalmedia.monster"; classtype:web-application-activity; sid:300000081; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"golddellifewonder.rest"; classtype:web-application-activity; sid:300000082; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"gonesteeldouble.top"; classtype:web-application-activity; sid:300000083; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"grandencryptions.me"; classtype:web-application-activity; sid:300000084; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"hailso.xyz"; classtype:web-application-activity; sid:300000085; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"healthylives.today"; classtype:web-application-activity; sid:300000086; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"heatwavereporter.org"; classtype:web-application-activity; sid:300000087; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"help4.info"; classtype:web-application-activity; sid:300000088; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"httqzq.vip"; classtype:web-application-activity; sid:300000089; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"hypezen.info"; classtype:web-application-activity; sid:300000090; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"ientsillness.fun"; classtype:web-application-activity; sid:300000091; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"imagefind.org"; classtype:web-application-activity; sid:300000092; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"incing-marganic.icu"; classtype:web-application-activity; sid:300000093; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"incrediblebuzz.info"; classtype:web-application-activity; sid:300000094; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"initiatecompletelyprecisethefile.vip"; classtype:web-application-activity; sid:300000095; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"initiatecompletelyprogressivethefile.vip"; classtype:web-application-activity; sid:300000096; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"initiatecompletelyspeedythefile.vip"; classtype:web-application-activity; sid:300000097; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"initiateprogressivecompletelythefile.vip"; classtype:web-application-activity; sid:300000098; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"initiatesophisticatedcompletelythefile.vip"; classtype:web-application-activity; sid:300000099; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"intelectaction.ru"; classtype:web-application-activity; sid:300000100; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"investinfo.net"; classtype:web-application-activity; sid:300000101; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"ironprovpn.me"; classtype:web-application-activity; sid:300000102; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"isystemupdate.cloud"; classtype:web-application-activity; sid:300000103; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"jetsummer.xyz"; classtype:web-application-activity; sid:300000104; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"jojomamanbebe.ie"; classtype:web-application-activity; sid:300000105; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"joyspotmap.xyz"; classtype:web-application-activity; sid:300000106; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"jtkszl.vip"; classtype:web-application-activity; sid:300000107; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"juicydataadvance.ru"; classtype:web-application-activity; sid:300000108; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"juicydataage.ru"; classtype:web-application-activity; sid:300000109; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"juicydataair.ru"; classtype:web-application-activity; sid:300000110; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"juicydataalt.ru"; classtype:web-application-activity; sid:300000111; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"junemedia.bar"; classtype:web-application-activity; sid:300000112; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"junemedia.club"; classtype:web-application-activity; sid:300000113; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"junemedia.xyz"; classtype:web-application-activity; sid:300000114; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"junesmile.xyz"; classtype:web-application-activity; sid:300000115; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"keepinfit.net"; classtype:web-application-activity; sid:300000116; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"koalaautumna.xyz"; classtype:web-application-activity; sid:300000117; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"koalaautumnb.xyz"; classtype:web-application-activity; sid:300000118; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"koalaautumnc.xyz"; classtype:web-application-activity; sid:300000119; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"koalaautumnd.xyz"; classtype:web-application-activity; sid:300000120; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"koalaautumne.xyz"; classtype:web-application-activity; sid:300000121; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"koalaspringa.xyz"; classtype:web-application-activity; sid:300000122; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"koalaspringb.xyz"; classtype:web-application-activity; sid:300000123; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"koalaspringc.xyz"; classtype:web-application-activity; sid:300000124; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"koalaspringd.xyz"; classtype:web-application-activity; sid:300000125; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"koalaspringe.xyz"; classtype:web-application-activity; sid:300000126; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"koalaspringf.xyz"; classtype:web-application-activity; sid:300000127; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"koalasummera.xyz"; classtype:web-application-activity; sid:300000128; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"koalasummerc.xyz"; classtype:web-application-activity; sid:300000129; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"koalasummerd.xyz"; classtype:web-application-activity; sid:300000130; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"koalasummere.xyz"; classtype:web-application-activity; sid:300000131; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"koalasummerf.xyz"; classtype:web-application-activity; sid:300000132; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"koalawintera.xyz"; classtype:web-application-activity; sid:300000133; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"koalawinterb.xyz"; classtype:web-application-activity; sid:300000134; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"koalawinterc.xyz"; classtype:web-application-activity; sid:300000135; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"koalawinterd.xyz"; classtype:web-application-activity; sid:300000136; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"koalawintere.xyz"; classtype:web-application-activity; sid:300000137; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"kompsos.uk"; classtype:web-application-activity; sid:300000138; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"ktpyzw.vip"; classtype:web-application-activity; sid:300000139; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"lackystack.net"; classtype:web-application-activity; sid:300000140; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"ligamedia.art"; classtype:web-application-activity; sid:300000141; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"ligamedia.casa"; classtype:web-application-activity; sid:300000142; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"ligamedia.club"; classtype:web-application-activity; sid:300000143; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"link4updatingcentral.work"; classtype:web-application-activity; sid:300000144; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"listenthisso.top"; classtype:web-application-activity; sid:300000145; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"lltrsknoob.click"; classtype:web-application-activity; sid:300000146; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"loadadvancedextremelythefile.vip"; classtype:web-application-activity; sid:300000147; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"loaddevelopeduberfile.digital"; classtype:web-application-activity; sid:300000148; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"loadextremelycurrentthefile.vip"; classtype:web-application-activity; sid:300000149; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"loadextremelyquickfile.digital"; classtype:web-application-activity; sid:300000150; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"loadextremelyrecentthefile.vip"; classtype:web-application-activity; sid:300000151; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"loadfree-bestheavilyfile.best"; classtype:web-application-activity; sid:300000152; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"loadfreeextremelyfile.digital"; classtype:web-application-activity; sid:300000153; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"loadgreatlynewestthefile.vip"; classtype:web-application-activity; sid:300000154; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"loadgreatlyoriginalthefile.vip"; classtype:web-application-activity; sid:300000155; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"loadgreatlyprogressivethefile.vip"; classtype:web-application-activity; sid:300000156; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"loadgreatlyrenewedthefile.vip"; classtype:web-application-activity; sid:300000157; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"loadhighlyadvancedthefile.vip"; classtype:web-application-activity; sid:300000158; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"loadintenselyquickthefile.vip"; classtype:web-application-activity; sid:300000159; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"loadintenselyspeedythefile.vip"; classtype:web-application-activity; sid:300000160; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"loadintenselystrongthefile.vip"; classtype:web-application-activity; sid:300000161; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"loadintenselyswiftthefile.vip"; classtype:web-application-activity; sid:300000162; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"loadnewestextremelythefile.vip"; classtype:web-application-activity; sid:300000163; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"loadnewestgreatlythefile.vip"; classtype:web-application-activity; sid:300000164; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"loadoriginalextremelythefile.vip"; classtype:web-application-activity; sid:300000165; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"loadoriginalgreatlythefile.vip"; classtype:web-application-activity; sid:300000166; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"loadpreciseintenselythefile.vip"; classtype:web-application-activity; sid:300000167; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"loadpreciseuberfile.digital"; classtype:web-application-activity; sid:300000168; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"loadprogressivegreatlythefile.vip"; classtype:web-application-activity; sid:300000169; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"loadquickextremelyfile.digital"; classtype:web-application-activity; sid:300000170; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"loadrecentextremelythefile.vip"; classtype:web-application-activity; sid:300000171; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"loadrecentoverlyfile.digital"; classtype:web-application-activity; sid:300000172; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"loadrefineduberfile.digital"; classtype:web-application-activity; sid:300000173; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"loadrenewedgreatlythefile.vip"; classtype:web-application-activity; sid:300000174; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"loadsophisticateduberfile.digital"; classtype:web-application-activity; sid:300000175; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"loadstreamlaunch.digital"; classtype:web-application-activity; sid:300000176; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"loadstrongextremelyfile.digital"; classtype:web-application-activity; sid:300000177; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"loadstrongintenselythefile.vip"; classtype:web-application-activity; sid:300000178; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"loadswiftintenselythefile.vip"; classtype:web-application-activity; sid:300000179; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"loaduberprecisefile.digital"; classtype:web-application-activity; sid:300000180; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"loaduberspeedyfile.digital"; classtype:web-application-activity; sid:300000181; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"louisvillegigs.net"; classtype:web-application-activity; sid:300000182; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"loveorfun.cc"; classtype:web-application-activity; sid:300000183; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"lubbockeda.org"; classtype:web-application-activity; sid:300000184; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"marketloans.net"; classtype:web-application-activity; sid:300000185; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"matchyourgirl.online"; classtype:web-application-activity; sid:300000186; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"mathison.io"; classtype:web-application-activity; sid:300000187; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"media-cloud.ru"; classtype:web-application-activity; sid:300000188; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"mediaadvanced.ru"; classtype:web-application-activity; sid:300000189; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"meeryslotspin.xyz"; classtype:web-application-activity; sid:300000190; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"mindmatch.ai"; classtype:web-application-activity; sid:300000191; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"mobileluckywinner.site"; classtype:web-application-activity; sid:300000192; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"money-hero.org"; classtype:web-application-activity; sid:300000193; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"movievod.me"; classtype:web-application-activity; sid:300000194; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"mynutriplan.co"; classtype:web-application-activity; sid:300000195; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"n95o0fxvvw.top"; classtype:web-application-activity; sid:300000196; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"nettrafficpartners.net"; classtype:web-application-activity; sid:300000197; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"newbuy.xyz"; classtype:web-application-activity; sid:300000198; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"newsinformer.net"; classtype:web-application-activity; sid:300000199; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"offerpage.link"; classtype:web-application-activity; sid:300000200; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"offersearch.info"; classtype:web-application-activity; sid:300000201; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"official-bigwin-national-free.cyou"; classtype:web-application-activity; sid:300000202; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"officialbigwinnationalfree.cyou"; classtype:web-application-activity; sid:300000203; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"oldharper.xyz"; classtype:web-application-activity; sid:300000204; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"olivedinflats.space"; classtype:web-application-activity; sid:300000205; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"online-prize-super-promotion.cyou"; classtype:web-application-activity; sid:300000206; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"onlineprize.cyou"; classtype:web-application-activity; sid:300000207; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"onlineprizesuperpromotion.cyou"; classtype:web-application-activity; sid:300000208; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"onlinewinnerluckyrewards.cyou"; classtype:web-application-activity; sid:300000209; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"ouldthepat.fun"; classtype:web-application-activity; sid:300000210; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"pandaautumna.xyz"; classtype:web-application-activity; sid:300000211; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"pandaautumnb.xyz"; classtype:web-application-activity; sid:300000212; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"pandaautumnc.xyz"; classtype:web-application-activity; sid:300000213; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"pandaautumnd.xyz"; classtype:web-application-activity; sid:300000214; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"pandaautumnf.xyz"; classtype:web-application-activity; sid:300000215; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"pandaspringa.xyz"; classtype:web-application-activity; sid:300000216; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"pandaspringb.xyz"; classtype:web-application-activity; sid:300000217; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"pandaspringc.xyz"; classtype:web-application-activity; sid:300000218; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"pandaspringd.xyz"; classtype:web-application-activity; sid:300000219; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"pandaspringe.xyz"; classtype:web-application-activity; sid:300000220; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"pandasummera.xyz"; classtype:web-application-activity; sid:300000221; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"pandasummerc.xyz"; classtype:web-application-activity; sid:300000222; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"pandasummerd.xyz"; classtype:web-application-activity; sid:300000223; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"pandasummere.xyz"; classtype:web-application-activity; sid:300000224; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"pandasummerf.xyz"; classtype:web-application-activity; sid:300000225; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"pandawintera.xyz"; classtype:web-application-activity; sid:300000226; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"pandawinterb.xyz"; classtype:web-application-activity; sid:300000227; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"pandawinterc.xyz"; classtype:web-application-activity; sid:300000228; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"pandawinterd.xyz"; classtype:web-application-activity; sid:300000229; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"pandawintere.xyz"; classtype:web-application-activity; sid:300000230; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"pcsecurity-live.xyz"; classtype:web-application-activity; sid:300000231; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"photo-explorer.org"; classtype:web-application-activity; sid:300000232; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"placefortheupgradesset.work"; classtype:web-application-activity; sid:300000233; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"placesiteb.xyz"; classtype:web-application-activity; sid:300000234; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"placespina.xyz"; classtype:web-application-activity; sid:300000235; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"playautumna.xyz"; classtype:web-application-activity; sid:300000236; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"playautumnb.xyz"; classtype:web-application-activity; sid:300000237; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"playautumnc.xyz"; classtype:web-application-activity; sid:300000238; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"playautumnd.xyz"; classtype:web-application-activity; sid:300000239; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"playautumne.xyz"; classtype:web-application-activity; sid:300000240; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"playautumnf.xyz"; classtype:web-application-activity; sid:300000241; rev:1;)
|
2021-10-13 00:02:41 +00:00
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"playplanete.xyz"; classtype:web-application-activity; sid:300000242; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"playspind.xyz"; classtype:web-application-activity; sid:300000243; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"playspringa.xyz"; classtype:web-application-activity; sid:300000244; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"playspringb.xyz"; classtype:web-application-activity; sid:300000245; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"playspringc.xyz"; classtype:web-application-activity; sid:300000246; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"playspringd.xyz"; classtype:web-application-activity; sid:300000247; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"playspringe.xyz"; classtype:web-application-activity; sid:300000248; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"playsummera.xyz"; classtype:web-application-activity; sid:300000249; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"playsummerb.xyz"; classtype:web-application-activity; sid:300000250; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"playsummerc.xyz"; classtype:web-application-activity; sid:300000251; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"playsummere.xyz"; classtype:web-application-activity; sid:300000252; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"playsummerf.xyz"; classtype:web-application-activity; sid:300000253; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"playwintera.xyz"; classtype:web-application-activity; sid:300000254; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"playwinterb.xyz"; classtype:web-application-activity; sid:300000255; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"playwinterc.xyz"; classtype:web-application-activity; sid:300000256; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"playwinterd.xyz"; classtype:web-application-activity; sid:300000257; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"playwintere.xyz"; classtype:web-application-activity; sid:300000258; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"playwinterf.xyz"; classtype:web-application-activity; sid:300000259; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"ppploanchoices.site"; classtype:web-application-activity; sid:300000260; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"prize-messsages.casa"; classtype:web-application-activity; sid:300000261; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"profitsurvey365.online"; classtype:web-application-activity; sid:300000262; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"profitsurvey365.org"; classtype:web-application-activity; sid:300000263; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"proprotect.me"; classtype:web-application-activity; sid:300000264; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"prosecurityvpn.me"; classtype:web-application-activity; sid:300000265; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"protect-ios.com"; classtype:web-application-activity; sid:300000266; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"protecttool.me"; classtype:web-application-activity; sid:300000267; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"provpn.me"; classtype:web-application-activity; sid:300000268; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"provpnsecurity.me"; classtype:web-application-activity; sid:300000269; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"provpnservice.me"; classtype:web-application-activity; sid:300000270; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"prtctapp.me"; classtype:web-application-activity; sid:300000271; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"qfind.net"; classtype:web-application-activity; sid:300000272; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"quatrefeuillepolonaise.xyz"; classtype:web-application-activity; sid:300000273; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"quizshein.shop"; classtype:web-application-activity; sid:300000274; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"rancy.xyz"; classtype:web-application-activity; sid:300000275; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"rewardgivingrealspecialoffer.cyou"; classtype:web-application-activity; sid:300000276; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"rewards-promotion-winner-super.cyou"; classtype:web-application-activity; sid:300000277; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"rewardspromotionwinnersuper.cyou"; classtype:web-application-activity; sid:300000278; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"robogarden.io"; classtype:web-application-activity; sid:300000279; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"runadvanced-bestgreatlyfile.best"; classtype:web-application-activity; sid:300000280; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"rungreatly-bestadvancedfile.best"; classtype:web-application-activity; sid:300000281; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"safeguide.net"; classtype:web-application-activity; sid:300000282; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"savagegrowplus.net"; classtype:web-application-activity; sid:300000283; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"scoopswoop.info"; classtype:web-application-activity; sid:300000284; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"search4theupdatefree.work"; classtype:web-application-activity; sid:300000285; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"search4theupgradeset.info"; classtype:web-application-activity; sid:300000286; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"search4upgradingset.info"; classtype:web-application-activity; sid:300000287; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"searchmgr.online"; classtype:web-application-activity; sid:300000288; rev:1;)
|
2021-10-13 12:03:08 +00:00
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"securitevpn.me"; classtype:web-application-activity; sid:300000289; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"securityvpnpro.me"; classtype:web-application-activity; sid:300000290; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"sergey-tracks.xyz"; classtype:web-application-activity; sid:300000291; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"settothereliableupgradingnew.work"; classtype:web-application-activity; sid:300000292; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"shopadvisors.net"; classtype:web-application-activity; sid:300000293; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"shopin.nyc"; classtype:web-application-activity; sid:300000294; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"shopnsave.world"; classtype:web-application-activity; sid:300000295; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"signupandturnyourscreenoffsafepowernow.date"; classtype:web-application-activity; sid:300000296; rev:1;)
|
2021-10-13 00:02:41 +00:00
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"smartideas.pro"; classtype:web-application-activity; sid:300000297; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"spotmapd.xyz"; classtype:web-application-activity; sid:300000298; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"spotmapf.xyz"; classtype:web-application-activity; sid:300000299; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"spotplanetc.xyz"; classtype:web-application-activity; sid:300000300; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"springplanetf.xyz"; classtype:web-application-activity; sid:300000301; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"start-page.one"; classtype:web-application-activity; sid:300000302; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"startos.win"; classtype:web-application-activity; sid:300000303; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"stickr.co"; classtype:web-application-activity; sid:300000304; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"stogether.fun"; classtype:web-application-activity; sid:300000305; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"streamdevelopedintenselythefile.vip"; classtype:web-application-activity; sid:300000306; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"streamintenselyrefinedthefile.vip"; classtype:web-application-activity; sid:300000307; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"streamintenselysophisticatedthefile.vip"; classtype:web-application-activity; sid:300000308; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"streampreciseintenselythefile.vip"; classtype:web-application-activity; sid:300000309; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"streamrecent-bestuberfile.best"; classtype:web-application-activity; sid:300000310; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"streamspeedyintenselythefile.vip"; classtype:web-application-activity; sid:300000311; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"subeamy.pw"; classtype:web-application-activity; sid:300000312; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"sudoo.net"; classtype:web-application-activity; sid:300000313; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"summermedia.club"; classtype:web-application-activity; sid:300000314; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"superpromotion.cyou"; classtype:web-application-activity; sid:300000315; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"support-notify.space"; classtype:web-application-activity; sid:300000316; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"sweetalt.ru"; classtype:web-application-activity; sid:300000317; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"sweetgirls.buzz"; classtype:web-application-activity; sid:300000318; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"synccurrentmostthefile.vip"; classtype:web-application-activity; sid:300000319; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"synclatestintenselythefile.vip"; classtype:web-application-activity; sid:300000320; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"syncmostprecisethefile.vip"; classtype:web-application-activity; sid:300000321; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"syncnewestmostthefile.vip"; classtype:web-application-activity; sid:300000322; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"syncnewestuberthefile.vip"; classtype:web-application-activity; sid:300000323; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"syncrecentintenselythefile.vip"; classtype:web-application-activity; sid:300000324; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"syncubercurrentfiles.best"; classtype:web-application-activity; sid:300000325; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"systemupdateme.solutions"; classtype:web-application-activity; sid:300000326; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"systemupdatit.club"; classtype:web-application-activity; sid:300000327; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"technoblogs.net"; classtype:web-application-activity; sid:300000328; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"technologypartners.net"; classtype:web-application-activity; sid:300000329; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"thanksyoursupport.club"; classtype:web-application-activity; sid:300000330; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"thecryptozone.website"; classtype:web-application-activity; sid:300000331; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"theirproviderock.top"; classtype:web-application-activity; sid:300000332; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"thelastpicture.show"; classtype:web-application-activity; sid:300000333; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"thrawdmn55.xyz"; classtype:web-application-activity; sid:300000334; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"timeoffers.net"; classtype:web-application-activity; sid:300000335; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"timesamerica.net"; classtype:web-application-activity; sid:300000336; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"toolvpn.me"; classtype:web-application-activity; sid:300000337; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"top-offers2.club"; classtype:web-application-activity; sid:300000338; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"topdating.online"; classtype:web-application-activity; sid:300000339; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"tracking-landers.xyz"; classtype:web-application-activity; sid:300000340; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"trafficmind.pro"; classtype:web-application-activity; sid:300000341; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"trane.fun"; classtype:web-application-activity; sid:300000342; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"truecompassion.net"; classtype:web-application-activity; sid:300000343; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"trustappstreamsall.digital"; classtype:web-application-activity; sid:300000344; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"updatefix.xyz"; classtype:web-application-activity; sid:300000345; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"upplaysite.xyz"; classtype:web-application-activity; sid:300000346; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"usepro.me"; classtype:web-application-activity; sid:300000347; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"useprovpn.me"; classtype:web-application-activity; sid:300000348; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"usevpnpro.me"; classtype:web-application-activity; sid:300000349; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"usforeclosure.net"; classtype:web-application-activity; sid:300000350; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"videoau.ru"; classtype:web-application-activity; sid:300000351; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"videoauthor.ru"; classtype:web-application-activity; sid:300000352; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"vpn-pro.club"; classtype:web-application-activity; sid:300000353; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"vpnprosecurity.me"; classtype:web-application-activity; sid:300000354; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"vpnsecurity.me"; classtype:web-application-activity; sid:300000355; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"vpnservice.me"; classtype:web-application-activity; sid:300000356; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"watchadvanced-bestgreatlyfile.best"; classtype:web-application-activity; sid:300000357; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"watchextremely-bestsophisticatedfile.best"; classtype:web-application-activity; sid:300000358; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"watchgreatly-bestcurrentfile.best"; classtype:web-application-activity; sid:300000359; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"watchgreatly-bestlatestfile.best"; classtype:web-application-activity; sid:300000360; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"watchlatest-bestgreatlyfile.best"; classtype:web-application-activity; sid:300000361; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"watchprogressive-bestmostfile.best"; classtype:web-application-activity; sid:300000362; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"watchquick-bestheavilyfile.best"; classtype:web-application-activity; sid:300000363; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"watchrefined-bestextremelyfile.best"; classtype:web-application-activity; sid:300000364; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"web-security.ml"; classtype:web-application-activity; sid:300000365; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"webtactics.ca"; classtype:web-application-activity; sid:300000366; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"winnerbigwingiveawaysuper.cyou"; classtype:web-application-activity; sid:300000367; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"winnerz.icu"; classtype:web-application-activity; sid:300000368; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"winnerz.site"; classtype:web-application-activity; sid:300000369; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"worivo.info"; classtype:web-application-activity; sid:300000370; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"worldwide-national-claim-free.cyou"; classtype:web-application-activity; sid:300000371; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"worldwide-prize-giveaway-free.cyou"; classtype:web-application-activity; sid:300000372; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"worldwideluckypromotionfree.cyou"; classtype:web-application-activity; sid:300000373; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"worldwidenationalclaimfree.cyou"; classtype:web-application-activity; sid:300000374; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"worldwideofficialpromotion.cyou"; classtype:web-application-activity; sid:300000375; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"worldwideprizegiveawayfree.cyou"; classtype:web-application-activity; sid:300000376; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"yourlegendarysystemsupgrade.work"; classtype:web-application-activity; sid:300000377; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"yourlinkplaceupdatingfree.work"; classtype:web-application-activity; sid:300000378; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"yourluckytoday.club"; classtype:web-application-activity; sid:300000379; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"yourmoneymachine.cc"; classtype:web-application-activity; sid:300000380; rev:1;)
|
|
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"yoursafestgreatplaceupdates.work"; classtype:web-application-activity; sid:300000381; rev:1;)
|