From f5d6dae88ff8681cc1f702e0186d4f6a10862770 Mon Sep 17 00:00:00 2001 From: curben-bot <3048979-curben-bot@users.noreply.gitlab.com> Date: Sat, 31 Jul 2021 12:03:04 +0000 Subject: [PATCH] Filter updated: Sat, 31 Jul 2021 12:03:04 +0000 --- dist/pup-filter-ag.txt | 4 +- dist/pup-filter-agh.txt | 4 +- dist/pup-filter-bind.conf | 4 +- dist/pup-filter-dnscrypt-blocked-names.txt | 4 +- dist/pup-filter-dnsmasq.conf | 4 +- dist/pup-filter-domains.txt | 4 +- dist/pup-filter-hosts.txt | 4 +- dist/pup-filter-rpz.conf | 6 +- dist/pup-filter-snort2.rules | 98 +++++++++++----------- dist/pup-filter-snort3.rules | 98 +++++++++++----------- dist/pup-filter-suricata.rules | 98 +++++++++++----------- dist/pup-filter-unbound.conf | 4 +- dist/pup-filter-vivaldi.txt | 4 +- dist/pup-filter.tpl | 4 +- dist/pup-filter.txt | 4 +- 15 files changed, 172 insertions(+), 172 deletions(-) diff --git a/dist/pup-filter-ag.txt b/dist/pup-filter-ag.txt index 7487571..8bce71f 100644 --- a/dist/pup-filter-ag.txt +++ b/dist/pup-filter-ag.txt @@ -1,6 +1,6 @@ ! Title: PUP Domains Blocklist (AdGuard) ! Description: Block domains that host potentially unwanted programs (PUP) -! Updated: Sat, 31 Jul 2021 00:02:56 +0000 +! Updated: Sat, 31 Jul 2021 12:03:04 +0000 ! Expires: 1 day (update frequency) ! Homepage: https://gitlab.com/curben/pup-filter ! License: https://gitlab.com/curben/pup-filter#license @@ -321,7 +321,6 @@ ||rewardsluckygiveawayprize.cyou$all ||rewardspromotionwinnersuper.cyou$all ||ritaus.org$all -||robogarden.io$all ||rootessential.info$all ||runadvanced-bestextremelyfile.best$all ||runcurrent-bestextremelyfile.best$all @@ -369,6 +368,7 @@ ||startos.win$all ||stay-notified.cc$all ||stickr.co$all +||stogether.fun$all ||streamadvanced-bestcompletelyfile.best$all ||streamadvanced-bestextremelyfile.best$all ||streamdeveloped-bestoverlyfile.best$all diff --git a/dist/pup-filter-agh.txt b/dist/pup-filter-agh.txt index 733f024..318d159 100644 --- a/dist/pup-filter-agh.txt +++ b/dist/pup-filter-agh.txt @@ -1,6 +1,6 @@ ! Title: PUP Domains Blocklist (AdGuard Home) ! Description: Block domains that host potentially unwanted programs (PUP) -! Updated: Sat, 31 Jul 2021 00:02:56 +0000 +! Updated: Sat, 31 Jul 2021 12:03:04 +0000 ! Expires: 1 day (update frequency) ! Homepage: https://gitlab.com/curben/pup-filter ! License: https://gitlab.com/curben/pup-filter#license @@ -321,7 +321,6 @@ ||rewardsluckygiveawayprize.cyou^ ||rewardspromotionwinnersuper.cyou^ ||ritaus.org^ -||robogarden.io^ ||rootessential.info^ ||runadvanced-bestextremelyfile.best^ ||runcurrent-bestextremelyfile.best^ @@ -369,6 +368,7 @@ ||startos.win^ ||stay-notified.cc^ ||stickr.co^ +||stogether.fun^ ||streamadvanced-bestcompletelyfile.best^ ||streamadvanced-bestextremelyfile.best^ ||streamdeveloped-bestoverlyfile.best^ diff --git a/dist/pup-filter-bind.conf b/dist/pup-filter-bind.conf index d68bed2..cceabe1 100644 --- a/dist/pup-filter-bind.conf +++ b/dist/pup-filter-bind.conf @@ -1,6 +1,6 @@ # Title: PUP Domains BIND Blocklist # Description: Block domains that host potentially unwanted programs (PUP) -# Updated: Sat, 31 Jul 2021 00:02:56 +0000 +# Updated: Sat, 31 Jul 2021 12:03:04 +0000 # Expires: 1 day (update frequency) # Homepage: https://gitlab.com/curben/pup-filter # License: https://gitlab.com/curben/pup-filter#license @@ -321,7 +321,6 @@ zone "rewards-promotion-winner-super.cyou" { type master; notify no; file "null. zone "rewardsluckygiveawayprize.cyou" { type master; notify no; file "null.zone.file"; }; zone "rewardspromotionwinnersuper.cyou" { type master; notify no; file "null.zone.file"; }; zone "ritaus.org" { type master; notify no; file "null.zone.file"; }; -zone "robogarden.io" { type master; notify no; file "null.zone.file"; }; zone "rootessential.info" { type master; notify no; file "null.zone.file"; }; zone "runadvanced-bestextremelyfile.best" { type master; notify no; file "null.zone.file"; }; zone "runcurrent-bestextremelyfile.best" { type master; notify no; file "null.zone.file"; }; @@ -369,6 +368,7 @@ zone "start-page.one" { type master; notify no; file "null.zone.file"; }; zone "startos.win" { type master; notify no; file "null.zone.file"; }; zone "stay-notified.cc" { type master; notify no; file "null.zone.file"; }; zone "stickr.co" { type master; notify no; file "null.zone.file"; }; +zone "stogether.fun" { type master; notify no; file "null.zone.file"; }; zone "streamadvanced-bestcompletelyfile.best" { type master; notify no; file "null.zone.file"; }; zone "streamadvanced-bestextremelyfile.best" { type master; notify no; file "null.zone.file"; }; zone "streamdeveloped-bestoverlyfile.best" { type master; notify no; file "null.zone.file"; }; diff --git a/dist/pup-filter-dnscrypt-blocked-names.txt b/dist/pup-filter-dnscrypt-blocked-names.txt index ba95457..65d8200 100644 --- a/dist/pup-filter-dnscrypt-blocked-names.txt +++ b/dist/pup-filter-dnscrypt-blocked-names.txt @@ -1,6 +1,6 @@ # Title: PUP Names Blocklist # Description: Block domains that host potentially unwanted programs (PUP) -# Updated: Sat, 31 Jul 2021 00:02:56 +0000 +# Updated: Sat, 31 Jul 2021 12:03:04 +0000 # Expires: 1 day (update frequency) # Homepage: https://gitlab.com/curben/pup-filter # License: https://gitlab.com/curben/pup-filter#license @@ -321,7 +321,6 @@ rewards-promotion-winner-super.cyou rewardsluckygiveawayprize.cyou rewardspromotionwinnersuper.cyou ritaus.org -robogarden.io rootessential.info runadvanced-bestextremelyfile.best runcurrent-bestextremelyfile.best @@ -369,6 +368,7 @@ start-page.one startos.win stay-notified.cc stickr.co +stogether.fun streamadvanced-bestcompletelyfile.best streamadvanced-bestextremelyfile.best streamdeveloped-bestoverlyfile.best diff --git a/dist/pup-filter-dnsmasq.conf b/dist/pup-filter-dnsmasq.conf index db99420..b7f3873 100644 --- a/dist/pup-filter-dnsmasq.conf +++ b/dist/pup-filter-dnsmasq.conf @@ -1,6 +1,6 @@ # Title: PUP Domains dnsmasq Blocklist # Description: Block domains that host potentially unwanted programs (PUP) -# Updated: Sat, 31 Jul 2021 00:02:56 +0000 +# Updated: Sat, 31 Jul 2021 12:03:04 +0000 # Expires: 1 day (update frequency) # Homepage: https://gitlab.com/curben/pup-filter # License: https://gitlab.com/curben/pup-filter#license @@ -321,7 +321,6 @@ address=/rewards-promotion-winner-super.cyou/0.0.0.0 address=/rewardsluckygiveawayprize.cyou/0.0.0.0 address=/rewardspromotionwinnersuper.cyou/0.0.0.0 address=/ritaus.org/0.0.0.0 -address=/robogarden.io/0.0.0.0 address=/rootessential.info/0.0.0.0 address=/runadvanced-bestextremelyfile.best/0.0.0.0 address=/runcurrent-bestextremelyfile.best/0.0.0.0 @@ -369,6 +368,7 @@ address=/start-page.one/0.0.0.0 address=/startos.win/0.0.0.0 address=/stay-notified.cc/0.0.0.0 address=/stickr.co/0.0.0.0 +address=/stogether.fun/0.0.0.0 address=/streamadvanced-bestcompletelyfile.best/0.0.0.0 address=/streamadvanced-bestextremelyfile.best/0.0.0.0 address=/streamdeveloped-bestoverlyfile.best/0.0.0.0 diff --git a/dist/pup-filter-domains.txt b/dist/pup-filter-domains.txt index 844edb1..176fb01 100644 --- a/dist/pup-filter-domains.txt +++ b/dist/pup-filter-domains.txt @@ -1,6 +1,6 @@ # Title: PUP Domains Blocklist # Description: Block domains that host potentially unwanted programs (PUP) -# Updated: Sat, 31 Jul 2021 00:02:56 +0000 +# Updated: Sat, 31 Jul 2021 12:03:04 +0000 # Expires: 1 day (update frequency) # Homepage: https://gitlab.com/curben/pup-filter # License: https://gitlab.com/curben/pup-filter#license @@ -321,7 +321,6 @@ rewards-promotion-winner-super.cyou rewardsluckygiveawayprize.cyou rewardspromotionwinnersuper.cyou ritaus.org -robogarden.io rootessential.info runadvanced-bestextremelyfile.best runcurrent-bestextremelyfile.best @@ -369,6 +368,7 @@ start-page.one startos.win stay-notified.cc stickr.co +stogether.fun streamadvanced-bestcompletelyfile.best streamadvanced-bestextremelyfile.best streamdeveloped-bestoverlyfile.best diff --git a/dist/pup-filter-hosts.txt b/dist/pup-filter-hosts.txt index 78c1f1a..76ea7ac 100644 --- a/dist/pup-filter-hosts.txt +++ b/dist/pup-filter-hosts.txt @@ -1,6 +1,6 @@ # Title: PUP Hosts Blocklist # Description: Block domains that host potentially unwanted programs (PUP) -# Updated: Sat, 31 Jul 2021 00:02:56 +0000 +# Updated: Sat, 31 Jul 2021 12:03:04 +0000 # Expires: 1 day (update frequency) # Homepage: https://gitlab.com/curben/pup-filter # License: https://gitlab.com/curben/pup-filter#license @@ -321,7 +321,6 @@ 0.0.0.0 rewardsluckygiveawayprize.cyou 0.0.0.0 rewardspromotionwinnersuper.cyou 0.0.0.0 ritaus.org -0.0.0.0 robogarden.io 0.0.0.0 rootessential.info 0.0.0.0 runadvanced-bestextremelyfile.best 0.0.0.0 runcurrent-bestextremelyfile.best @@ -369,6 +368,7 @@ 0.0.0.0 startos.win 0.0.0.0 stay-notified.cc 0.0.0.0 stickr.co +0.0.0.0 stogether.fun 0.0.0.0 streamadvanced-bestcompletelyfile.best 0.0.0.0 streamadvanced-bestextremelyfile.best 0.0.0.0 streamdeveloped-bestoverlyfile.best diff --git a/dist/pup-filter-rpz.conf b/dist/pup-filter-rpz.conf index 685b4f7..e10d7c6 100644 --- a/dist/pup-filter-rpz.conf +++ b/dist/pup-filter-rpz.conf @@ -1,13 +1,13 @@ ; Title: PUP Domains RPZ Blocklist ; Description: Block domains that host potentially unwanted programs (PUP) -; Updated: Sat, 31 Jul 2021 00:02:56 +0000 +; Updated: Sat, 31 Jul 2021 12:03:04 +0000 ; Expires: 1 day (update frequency) ; Homepage: https://gitlab.com/curben/pup-filter ; License: https://gitlab.com/curben/pup-filter#license ; Source: https://github.com/zhouhanc/malware-discoverer $TTL 30 -@ IN SOA rpz.curben.gitlab.io. hostmaster.rpz.curben.gitlab.io. 1627689776 86400 3600 604800 30 +@ IN SOA rpz.curben.gitlab.io. hostmaster.rpz.curben.gitlab.io. 1627732984 86400 3600 604800 30 NS localhost. 123news.website CNAME . @@ -326,7 +326,6 @@ rewards-promotion-winner-super.cyou CNAME . rewardsluckygiveawayprize.cyou CNAME . rewardspromotionwinnersuper.cyou CNAME . ritaus.org CNAME . -robogarden.io CNAME . rootessential.info CNAME . runadvanced-bestextremelyfile.best CNAME . runcurrent-bestextremelyfile.best CNAME . @@ -374,6 +373,7 @@ start-page.one CNAME . startos.win CNAME . stay-notified.cc CNAME . stickr.co CNAME . +stogether.fun CNAME . streamadvanced-bestcompletelyfile.best CNAME . streamadvanced-bestextremelyfile.best CNAME . streamdeveloped-bestoverlyfile.best CNAME . diff --git a/dist/pup-filter-snort2.rules b/dist/pup-filter-snort2.rules index 5e303a2..41c228c 100644 --- a/dist/pup-filter-snort2.rules +++ b/dist/pup-filter-snort2.rules @@ -1,6 +1,6 @@ # Title: PUP Domains Snort2 Ruleset # Description: Block domains that host potentially unwanted programs (PUP) -# Updated: Sat, 31 Jul 2021 00:02:56 +0000 +# Updated: Sat, 31 Jul 2021 12:03:04 +0000 # Expires: 1 day (update frequency) # Homepage: https://gitlab.com/curben/pup-filter # License: https://gitlab.com/curben/pup-filter#license @@ -321,54 +321,54 @@ alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"pup-filter PUP website d alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"pup-filter PUP website detected"; flow:established,from_client; content:"GET"; http_method; content:"rewardsluckygiveawayprize.cyou"; content:"Host"; http_header; classtype:web-application-activity; sid:300000314; rev:1;) alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"pup-filter PUP website detected"; flow:established,from_client; content:"GET"; http_method; content:"rewardspromotionwinnersuper.cyou"; content:"Host"; http_header; classtype:web-application-activity; sid:300000315; rev:1;) alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"pup-filter PUP website detected"; flow:established,from_client; content:"GET"; http_method; content:"ritaus.org"; content:"Host"; http_header; classtype:web-application-activity; sid:300000316; rev:1;) -alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"pup-filter PUP website detected"; flow:established,from_client; content:"GET"; http_method; content:"robogarden.io"; content:"Host"; http_header; classtype:web-application-activity; sid:300000317; rev:1;) -alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"pup-filter PUP website detected"; flow:established,from_client; content:"GET"; http_method; content:"rootessential.info"; content:"Host"; http_header; classtype:web-application-activity; sid:300000318; rev:1;) -alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"pup-filter PUP website detected"; flow:established,from_client; content:"GET"; http_method; content:"runadvanced-bestextremelyfile.best"; content:"Host"; http_header; classtype:web-application-activity; sid:300000319; rev:1;) -alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"pup-filter PUP website detected"; flow:established,from_client; content:"GET"; http_method; content:"runcurrent-bestextremelyfile.best"; content:"Host"; http_header; classtype:web-application-activity; sid:300000320; rev:1;) -alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"pup-filter PUP website detected"; flow:established,from_client; content:"GET"; http_method; content:"rundeveloped-bestoverlyfile.best"; content:"Host"; http_header; classtype:web-application-activity; sid:300000321; rev:1;) -alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"pup-filter PUP website detected"; flow:established,from_client; content:"GET"; http_method; content:"runextremely-bestadvancedfile.best"; content:"Host"; http_header; classtype:web-application-activity; sid:300000322; rev:1;) -alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"pup-filter PUP website detected"; flow:established,from_client; content:"GET"; http_method; content:"runextremely-bestcurrentfile.best"; content:"Host"; http_header; classtype:web-application-activity; sid:300000323; rev:1;) -alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"pup-filter PUP website detected"; flow:established,from_client; content:"GET"; http_method; content:"runextremely-bestlatestfile.best"; content:"Host"; http_header; classtype:web-application-activity; sid:300000324; rev:1;) -alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"pup-filter PUP website detected"; flow:established,from_client; content:"GET"; http_method; content:"runextremely-bestrecentfile.best"; content:"Host"; http_header; classtype:web-application-activity; sid:300000325; rev:1;) -alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"pup-filter PUP website detected"; flow:established,from_client; content:"GET"; http_method; content:"runfree-bestoverlyfile.best"; content:"Host"; http_header; classtype:web-application-activity; sid:300000326; rev:1;) -alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"pup-filter PUP website detected"; flow:established,from_client; content:"GET"; http_method; content:"runintensely-bestrenewedfile.best"; content:"Host"; http_header; classtype:web-application-activity; sid:300000327; rev:1;) -alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"pup-filter PUP website detected"; flow:established,from_client; content:"GET"; http_method; content:"runlatest-besthighlyfile.best"; content:"Host"; http_header; classtype:web-application-activity; sid:300000328; rev:1;) -alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"pup-filter PUP website detected"; flow:established,from_client; content:"GET"; http_method; content:"runnewest-bestextremelyfile.best"; content:"Host"; http_header; classtype:web-application-activity; sid:300000329; rev:1;) -alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"pup-filter PUP website detected"; flow:established,from_client; content:"GET"; http_method; content:"runoriginal-bestextremelyfile.best"; content:"Host"; http_header; classtype:web-application-activity; sid:300000330; rev:1;) -alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"pup-filter PUP website detected"; flow:established,from_client; content:"GET"; http_method; content:"runoriginal-bestintenselyfile.best"; content:"Host"; http_header; classtype:web-application-activity; sid:300000331; rev:1;) -alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"pup-filter PUP website detected"; flow:established,from_client; content:"GET"; http_method; content:"runoverly-bestdevelopedfile.best"; content:"Host"; http_header; classtype:web-application-activity; sid:300000332; rev:1;) -alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"pup-filter PUP website detected"; flow:established,from_client; content:"GET"; http_method; content:"runoverly-bestquickfile.best"; content:"Host"; http_header; classtype:web-application-activity; sid:300000333; rev:1;) -alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"pup-filter PUP website detected"; flow:established,from_client; content:"GET"; http_method; content:"runoverly-bestsophisticatedfile.best"; content:"Host"; http_header; classtype:web-application-activity; sid:300000334; rev:1;) -alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"pup-filter PUP website detected"; flow:established,from_client; content:"GET"; http_method; content:"runprogressive-bestmostfile.best"; content:"Host"; http_header; classtype:web-application-activity; sid:300000335; rev:1;) -alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"pup-filter PUP website detected"; flow:established,from_client; content:"GET"; http_method; content:"runrecent-bestextremelyfile.best"; content:"Host"; http_header; classtype:web-application-activity; sid:300000336; rev:1;) -alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"pup-filter PUP website detected"; flow:established,from_client; content:"GET"; http_method; content:"runrecent-besthighlyfile.best"; content:"Host"; http_header; classtype:web-application-activity; sid:300000337; rev:1;) -alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"pup-filter PUP website detected"; flow:established,from_client; content:"GET"; http_method; content:"safest4placeupdate.info"; content:"Host"; http_header; classtype:web-application-activity; sid:300000338; rev:1;) -alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"pup-filter PUP website detected"; flow:established,from_client; content:"GET"; http_method; content:"safest4placeupdates.info"; content:"Host"; http_header; classtype:web-application-activity; sid:300000339; rev:1;) -alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"pup-filter PUP website detected"; flow:established,from_client; content:"GET"; http_method; content:"savagegrowplus.net"; content:"Host"; http_header; classtype:web-application-activity; sid:300000340; rev:1;) -alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"pup-filter PUP website detected"; flow:established,from_client; content:"GET"; http_method; content:"scoopswoop.info"; content:"Host"; http_header; classtype:web-application-activity; sid:300000341; rev:1;) -alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"pup-filter PUP website detected"; flow:established,from_client; content:"GET"; http_method; content:"score-monitoring.xyz"; content:"Host"; http_header; classtype:web-application-activity; sid:300000342; rev:1;) -alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"pup-filter PUP website detected"; flow:established,from_client; content:"GET"; http_method; content:"search4theupdatefree.work"; content:"Host"; http_header; classtype:web-application-activity; sid:300000343; rev:1;) -alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"pup-filter PUP website detected"; flow:established,from_client; content:"GET"; http_method; content:"searchoffers.info"; content:"Host"; http_header; classtype:web-application-activity; sid:300000344; rev:1;) -alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"pup-filter PUP website detected"; flow:established,from_client; content:"GET"; http_method; content:"seasoned.co"; content:"Host"; http_header; classtype:web-application-activity; sid:300000345; rev:1;) -alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"pup-filter PUP website detected"; flow:established,from_client; content:"GET"; http_method; content:"sec-alert.xyz"; content:"Host"; http_header; classtype:web-application-activity; sid:300000346; rev:1;) -alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"pup-filter PUP website detected"; flow:established,from_client; content:"GET"; http_method; content:"sec-alerts.xyz"; content:"Host"; http_header; classtype:web-application-activity; sid:300000347; rev:1;) -alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"pup-filter PUP website detected"; flow:established,from_client; content:"GET"; http_method; content:"securitevpn.me"; content:"Host"; http_header; classtype:web-application-activity; sid:300000348; rev:1;) -alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"pup-filter PUP website detected"; flow:established,from_client; content:"GET"; http_method; content:"security-made-easy.xyz"; content:"Host"; http_header; classtype:web-application-activity; sid:300000349; rev:1;) -alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"pup-filter PUP website detected"; flow:established,from_client; content:"GET"; http_method; content:"securityvpnpro.me"; content:"Host"; http_header; classtype:web-application-activity; sid:300000350; rev:1;) -alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"pup-filter PUP website detected"; flow:established,from_client; content:"GET"; http_method; content:"seemlast.monster"; content:"Host"; http_header; classtype:web-application-activity; sid:300000351; rev:1;) -alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"pup-filter PUP website detected"; flow:established,from_client; content:"GET"; http_method; content:"sergey-tracks.xyz"; content:"Host"; http_header; classtype:web-application-activity; sid:300000352; rev:1;) -alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"pup-filter PUP website detected"; flow:established,from_client; content:"GET"; http_method; content:"service-care.space"; content:"Host"; http_header; classtype:web-application-activity; sid:300000353; rev:1;) -alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"pup-filter PUP website detected"; flow:established,from_client; content:"GET"; http_method; content:"settothereliableupgradingnew.work"; content:"Host"; http_header; classtype:web-application-activity; sid:300000354; rev:1;) -alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"pup-filter PUP website detected"; flow:established,from_client; content:"GET"; http_method; content:"shopnsave.world"; content:"Host"; http_header; classtype:web-application-activity; sid:300000355; rev:1;) -alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"pup-filter PUP website detected"; flow:established,from_client; content:"GET"; http_method; content:"signupandturnyourscreenoffsafepowernow.date"; content:"Host"; http_header; classtype:web-application-activity; sid:300000356; rev:1;) -alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"pup-filter PUP website detected"; flow:established,from_client; content:"GET"; http_method; content:"smartys.link"; content:"Host"; http_header; classtype:web-application-activity; sid:300000357; rev:1;) -alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"pup-filter PUP website detected"; flow:established,from_client; content:"GET"; http_method; content:"sorrectionki.space"; content:"Host"; http_header; classtype:web-application-activity; sid:300000358; rev:1;) -alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"pup-filter PUP website detected"; flow:established,from_client; content:"GET"; http_method; content:"spotmapd.xyz"; content:"Host"; http_header; classtype:web-application-activity; sid:300000359; rev:1;) -alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"pup-filter PUP website detected"; flow:established,from_client; content:"GET"; http_method; content:"springplanetf.xyz"; content:"Host"; http_header; classtype:web-application-activity; sid:300000360; rev:1;) -alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"pup-filter PUP website detected"; flow:established,from_client; content:"GET"; http_method; content:"start-page.one"; content:"Host"; http_header; classtype:web-application-activity; sid:300000361; rev:1;) -alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"pup-filter PUP website detected"; flow:established,from_client; content:"GET"; http_method; content:"startos.win"; content:"Host"; http_header; classtype:web-application-activity; sid:300000362; rev:1;) -alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"pup-filter PUP website detected"; flow:established,from_client; content:"GET"; http_method; content:"stay-notified.cc"; content:"Host"; http_header; classtype:web-application-activity; sid:300000363; rev:1;) -alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"pup-filter PUP website detected"; flow:established,from_client; content:"GET"; http_method; content:"stickr.co"; content:"Host"; http_header; classtype:web-application-activity; sid:300000364; rev:1;) +alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"pup-filter PUP website detected"; flow:established,from_client; content:"GET"; http_method; content:"rootessential.info"; content:"Host"; http_header; classtype:web-application-activity; sid:300000317; rev:1;) +alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"pup-filter PUP website detected"; flow:established,from_client; content:"GET"; http_method; content:"runadvanced-bestextremelyfile.best"; content:"Host"; http_header; classtype:web-application-activity; sid:300000318; rev:1;) +alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"pup-filter PUP website detected"; flow:established,from_client; content:"GET"; http_method; content:"runcurrent-bestextremelyfile.best"; content:"Host"; http_header; classtype:web-application-activity; sid:300000319; rev:1;) +alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"pup-filter PUP website detected"; flow:established,from_client; content:"GET"; http_method; content:"rundeveloped-bestoverlyfile.best"; content:"Host"; http_header; classtype:web-application-activity; sid:300000320; rev:1;) +alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"pup-filter PUP website detected"; flow:established,from_client; content:"GET"; http_method; content:"runextremely-bestadvancedfile.best"; content:"Host"; http_header; classtype:web-application-activity; sid:300000321; rev:1;) +alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"pup-filter PUP website detected"; flow:established,from_client; content:"GET"; http_method; content:"runextremely-bestcurrentfile.best"; content:"Host"; http_header; classtype:web-application-activity; sid:300000322; rev:1;) +alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"pup-filter PUP website detected"; flow:established,from_client; content:"GET"; http_method; content:"runextremely-bestlatestfile.best"; content:"Host"; http_header; classtype:web-application-activity; sid:300000323; rev:1;) +alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"pup-filter PUP website detected"; flow:established,from_client; content:"GET"; http_method; content:"runextremely-bestrecentfile.best"; content:"Host"; http_header; classtype:web-application-activity; sid:300000324; rev:1;) +alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"pup-filter PUP website detected"; flow:established,from_client; content:"GET"; http_method; content:"runfree-bestoverlyfile.best"; content:"Host"; http_header; classtype:web-application-activity; sid:300000325; rev:1;) +alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"pup-filter PUP website detected"; flow:established,from_client; content:"GET"; http_method; content:"runintensely-bestrenewedfile.best"; content:"Host"; http_header; classtype:web-application-activity; sid:300000326; rev:1;) +alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"pup-filter PUP website detected"; flow:established,from_client; content:"GET"; http_method; content:"runlatest-besthighlyfile.best"; content:"Host"; http_header; classtype:web-application-activity; sid:300000327; rev:1;) +alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"pup-filter PUP website detected"; flow:established,from_client; content:"GET"; http_method; content:"runnewest-bestextremelyfile.best"; content:"Host"; http_header; classtype:web-application-activity; sid:300000328; rev:1;) +alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"pup-filter PUP website detected"; flow:established,from_client; content:"GET"; http_method; content:"runoriginal-bestextremelyfile.best"; content:"Host"; http_header; classtype:web-application-activity; sid:300000329; rev:1;) +alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"pup-filter PUP website detected"; flow:established,from_client; content:"GET"; http_method; content:"runoriginal-bestintenselyfile.best"; content:"Host"; http_header; classtype:web-application-activity; sid:300000330; rev:1;) +alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"pup-filter PUP website detected"; flow:established,from_client; content:"GET"; http_method; content:"runoverly-bestdevelopedfile.best"; content:"Host"; http_header; classtype:web-application-activity; sid:300000331; rev:1;) +alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"pup-filter PUP website detected"; flow:established,from_client; content:"GET"; http_method; content:"runoverly-bestquickfile.best"; content:"Host"; http_header; classtype:web-application-activity; sid:300000332; rev:1;) +alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"pup-filter PUP website detected"; flow:established,from_client; content:"GET"; http_method; content:"runoverly-bestsophisticatedfile.best"; content:"Host"; http_header; classtype:web-application-activity; sid:300000333; rev:1;) +alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"pup-filter PUP website detected"; flow:established,from_client; content:"GET"; http_method; content:"runprogressive-bestmostfile.best"; content:"Host"; http_header; classtype:web-application-activity; sid:300000334; rev:1;) +alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"pup-filter PUP website detected"; flow:established,from_client; content:"GET"; http_method; content:"runrecent-bestextremelyfile.best"; content:"Host"; http_header; classtype:web-application-activity; sid:300000335; rev:1;) +alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"pup-filter PUP website detected"; flow:established,from_client; content:"GET"; http_method; content:"runrecent-besthighlyfile.best"; content:"Host"; http_header; classtype:web-application-activity; sid:300000336; rev:1;) +alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"pup-filter PUP website detected"; flow:established,from_client; content:"GET"; http_method; content:"safest4placeupdate.info"; content:"Host"; http_header; classtype:web-application-activity; sid:300000337; rev:1;) +alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"pup-filter PUP website detected"; flow:established,from_client; content:"GET"; http_method; content:"safest4placeupdates.info"; content:"Host"; http_header; classtype:web-application-activity; sid:300000338; rev:1;) +alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"pup-filter PUP website detected"; flow:established,from_client; content:"GET"; http_method; content:"savagegrowplus.net"; content:"Host"; http_header; classtype:web-application-activity; sid:300000339; rev:1;) +alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"pup-filter PUP website detected"; flow:established,from_client; content:"GET"; http_method; content:"scoopswoop.info"; content:"Host"; http_header; classtype:web-application-activity; sid:300000340; rev:1;) +alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"pup-filter PUP website detected"; flow:established,from_client; content:"GET"; http_method; content:"score-monitoring.xyz"; content:"Host"; http_header; classtype:web-application-activity; sid:300000341; rev:1;) +alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"pup-filter PUP website detected"; flow:established,from_client; content:"GET"; http_method; content:"search4theupdatefree.work"; content:"Host"; http_header; classtype:web-application-activity; sid:300000342; rev:1;) +alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"pup-filter PUP website detected"; flow:established,from_client; content:"GET"; http_method; content:"searchoffers.info"; content:"Host"; http_header; classtype:web-application-activity; sid:300000343; rev:1;) +alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"pup-filter PUP website detected"; flow:established,from_client; content:"GET"; http_method; content:"seasoned.co"; content:"Host"; http_header; classtype:web-application-activity; sid:300000344; rev:1;) +alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"pup-filter PUP website detected"; flow:established,from_client; content:"GET"; http_method; content:"sec-alert.xyz"; content:"Host"; http_header; classtype:web-application-activity; sid:300000345; rev:1;) +alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"pup-filter PUP website detected"; flow:established,from_client; content:"GET"; http_method; content:"sec-alerts.xyz"; content:"Host"; http_header; classtype:web-application-activity; sid:300000346; rev:1;) +alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"pup-filter PUP website detected"; flow:established,from_client; content:"GET"; http_method; content:"securitevpn.me"; content:"Host"; http_header; classtype:web-application-activity; sid:300000347; rev:1;) +alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"pup-filter PUP website detected"; flow:established,from_client; content:"GET"; http_method; content:"security-made-easy.xyz"; content:"Host"; http_header; classtype:web-application-activity; sid:300000348; rev:1;) +alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"pup-filter PUP website detected"; flow:established,from_client; content:"GET"; http_method; content:"securityvpnpro.me"; content:"Host"; http_header; classtype:web-application-activity; sid:300000349; rev:1;) +alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"pup-filter PUP website detected"; flow:established,from_client; content:"GET"; http_method; content:"seemlast.monster"; content:"Host"; http_header; classtype:web-application-activity; sid:300000350; rev:1;) +alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"pup-filter PUP website detected"; flow:established,from_client; content:"GET"; http_method; content:"sergey-tracks.xyz"; content:"Host"; http_header; classtype:web-application-activity; sid:300000351; rev:1;) +alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"pup-filter PUP website detected"; flow:established,from_client; content:"GET"; http_method; content:"service-care.space"; content:"Host"; http_header; classtype:web-application-activity; sid:300000352; rev:1;) +alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"pup-filter PUP website detected"; flow:established,from_client; content:"GET"; http_method; content:"settothereliableupgradingnew.work"; content:"Host"; http_header; classtype:web-application-activity; sid:300000353; rev:1;) +alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"pup-filter PUP website detected"; flow:established,from_client; content:"GET"; http_method; content:"shopnsave.world"; content:"Host"; http_header; classtype:web-application-activity; sid:300000354; rev:1;) +alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"pup-filter PUP website detected"; flow:established,from_client; content:"GET"; http_method; content:"signupandturnyourscreenoffsafepowernow.date"; content:"Host"; http_header; classtype:web-application-activity; sid:300000355; rev:1;) +alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"pup-filter PUP website detected"; flow:established,from_client; content:"GET"; http_method; content:"smartys.link"; content:"Host"; http_header; classtype:web-application-activity; sid:300000356; rev:1;) +alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"pup-filter PUP website detected"; flow:established,from_client; content:"GET"; http_method; content:"sorrectionki.space"; content:"Host"; http_header; classtype:web-application-activity; sid:300000357; rev:1;) +alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"pup-filter PUP website detected"; flow:established,from_client; content:"GET"; http_method; content:"spotmapd.xyz"; content:"Host"; http_header; classtype:web-application-activity; sid:300000358; rev:1;) +alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"pup-filter PUP website detected"; flow:established,from_client; content:"GET"; http_method; content:"springplanetf.xyz"; content:"Host"; http_header; classtype:web-application-activity; sid:300000359; rev:1;) +alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"pup-filter PUP website detected"; flow:established,from_client; content:"GET"; http_method; content:"start-page.one"; content:"Host"; http_header; classtype:web-application-activity; sid:300000360; rev:1;) +alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"pup-filter PUP website detected"; flow:established,from_client; content:"GET"; http_method; content:"startos.win"; content:"Host"; http_header; classtype:web-application-activity; sid:300000361; rev:1;) +alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"pup-filter PUP website detected"; flow:established,from_client; content:"GET"; http_method; content:"stay-notified.cc"; content:"Host"; http_header; classtype:web-application-activity; sid:300000362; rev:1;) +alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"pup-filter PUP website detected"; flow:established,from_client; content:"GET"; http_method; content:"stickr.co"; content:"Host"; http_header; classtype:web-application-activity; sid:300000363; rev:1;) +alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"pup-filter PUP website detected"; flow:established,from_client; content:"GET"; http_method; content:"stogether.fun"; content:"Host"; http_header; classtype:web-application-activity; sid:300000364; rev:1;) alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"pup-filter PUP website detected"; flow:established,from_client; content:"GET"; http_method; content:"streamadvanced-bestcompletelyfile.best"; content:"Host"; http_header; classtype:web-application-activity; sid:300000365; rev:1;) alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"pup-filter PUP website detected"; flow:established,from_client; content:"GET"; http_method; content:"streamadvanced-bestextremelyfile.best"; content:"Host"; http_header; classtype:web-application-activity; sid:300000366; rev:1;) alert tcp $HOME_NET any -> $EXTERNAL_NET [80,443] (msg:"pup-filter PUP website detected"; flow:established,from_client; content:"GET"; http_method; content:"streamdeveloped-bestoverlyfile.best"; content:"Host"; http_header; classtype:web-application-activity; sid:300000367; rev:1;) diff --git a/dist/pup-filter-snort3.rules b/dist/pup-filter-snort3.rules index 50026f7..65e36d1 100644 --- a/dist/pup-filter-snort3.rules +++ b/dist/pup-filter-snort3.rules @@ -1,6 +1,6 @@ # Title: PUP Domains Snort3 Ruleset # Description: Block domains that host potentially unwanted programs (PUP) -# Updated: Sat, 31 Jul 2021 00:02:56 +0000 +# Updated: Sat, 31 Jul 2021 12:03:04 +0000 # Expires: 1 day (update frequency) # Homepage: https://gitlab.com/curben/pup-filter # License: https://gitlab.com/curben/pup-filter#license @@ -321,54 +321,54 @@ alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detec alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"rewardsluckygiveawayprize.cyou",nocase; classtype:web-application-activity; sid:300000314; rev:1;) alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"rewardspromotionwinnersuper.cyou",nocase; classtype:web-application-activity; sid:300000315; rev:1;) alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"ritaus.org",nocase; classtype:web-application-activity; sid:300000316; rev:1;) -alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"robogarden.io",nocase; classtype:web-application-activity; sid:300000317; rev:1;) -alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"rootessential.info",nocase; classtype:web-application-activity; sid:300000318; rev:1;) -alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"runadvanced-bestextremelyfile.best",nocase; classtype:web-application-activity; sid:300000319; rev:1;) -alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"runcurrent-bestextremelyfile.best",nocase; classtype:web-application-activity; sid:300000320; rev:1;) -alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"rundeveloped-bestoverlyfile.best",nocase; classtype:web-application-activity; sid:300000321; rev:1;) -alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"runextremely-bestadvancedfile.best",nocase; classtype:web-application-activity; sid:300000322; rev:1;) -alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"runextremely-bestcurrentfile.best",nocase; classtype:web-application-activity; sid:300000323; rev:1;) -alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"runextremely-bestlatestfile.best",nocase; classtype:web-application-activity; sid:300000324; rev:1;) -alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"runextremely-bestrecentfile.best",nocase; classtype:web-application-activity; sid:300000325; rev:1;) -alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"runfree-bestoverlyfile.best",nocase; classtype:web-application-activity; sid:300000326; rev:1;) -alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"runintensely-bestrenewedfile.best",nocase; classtype:web-application-activity; sid:300000327; rev:1;) -alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"runlatest-besthighlyfile.best",nocase; classtype:web-application-activity; sid:300000328; rev:1;) -alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"runnewest-bestextremelyfile.best",nocase; classtype:web-application-activity; sid:300000329; rev:1;) -alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"runoriginal-bestextremelyfile.best",nocase; classtype:web-application-activity; sid:300000330; rev:1;) -alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"runoriginal-bestintenselyfile.best",nocase; classtype:web-application-activity; sid:300000331; rev:1;) -alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"runoverly-bestdevelopedfile.best",nocase; classtype:web-application-activity; sid:300000332; rev:1;) -alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"runoverly-bestquickfile.best",nocase; classtype:web-application-activity; sid:300000333; rev:1;) -alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"runoverly-bestsophisticatedfile.best",nocase; classtype:web-application-activity; sid:300000334; rev:1;) -alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"runprogressive-bestmostfile.best",nocase; classtype:web-application-activity; sid:300000335; rev:1;) -alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"runrecent-bestextremelyfile.best",nocase; classtype:web-application-activity; sid:300000336; rev:1;) -alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"runrecent-besthighlyfile.best",nocase; classtype:web-application-activity; sid:300000337; rev:1;) -alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"safest4placeupdate.info",nocase; classtype:web-application-activity; sid:300000338; rev:1;) -alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"safest4placeupdates.info",nocase; classtype:web-application-activity; sid:300000339; rev:1;) -alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"savagegrowplus.net",nocase; classtype:web-application-activity; sid:300000340; rev:1;) -alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"scoopswoop.info",nocase; classtype:web-application-activity; sid:300000341; rev:1;) -alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"score-monitoring.xyz",nocase; classtype:web-application-activity; sid:300000342; rev:1;) -alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"search4theupdatefree.work",nocase; classtype:web-application-activity; sid:300000343; rev:1;) -alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"searchoffers.info",nocase; classtype:web-application-activity; sid:300000344; rev:1;) -alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"seasoned.co",nocase; classtype:web-application-activity; sid:300000345; rev:1;) -alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"sec-alert.xyz",nocase; classtype:web-application-activity; sid:300000346; rev:1;) -alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"sec-alerts.xyz",nocase; classtype:web-application-activity; sid:300000347; rev:1;) -alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"securitevpn.me",nocase; classtype:web-application-activity; sid:300000348; rev:1;) -alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"security-made-easy.xyz",nocase; classtype:web-application-activity; sid:300000349; rev:1;) -alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"securityvpnpro.me",nocase; classtype:web-application-activity; sid:300000350; rev:1;) -alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"seemlast.monster",nocase; classtype:web-application-activity; sid:300000351; rev:1;) -alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"sergey-tracks.xyz",nocase; classtype:web-application-activity; sid:300000352; rev:1;) -alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"service-care.space",nocase; classtype:web-application-activity; sid:300000353; rev:1;) -alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"settothereliableupgradingnew.work",nocase; classtype:web-application-activity; sid:300000354; rev:1;) -alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"shopnsave.world",nocase; classtype:web-application-activity; sid:300000355; rev:1;) -alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"signupandturnyourscreenoffsafepowernow.date",nocase; classtype:web-application-activity; sid:300000356; rev:1;) -alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"smartys.link",nocase; classtype:web-application-activity; sid:300000357; rev:1;) -alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"sorrectionki.space",nocase; classtype:web-application-activity; sid:300000358; rev:1;) -alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"spotmapd.xyz",nocase; classtype:web-application-activity; sid:300000359; rev:1;) -alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"springplanetf.xyz",nocase; classtype:web-application-activity; sid:300000360; rev:1;) -alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"start-page.one",nocase; classtype:web-application-activity; sid:300000361; rev:1;) -alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"startos.win",nocase; classtype:web-application-activity; sid:300000362; rev:1;) -alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"stay-notified.cc",nocase; classtype:web-application-activity; sid:300000363; rev:1;) -alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"stickr.co",nocase; classtype:web-application-activity; sid:300000364; rev:1;) +alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"rootessential.info",nocase; classtype:web-application-activity; sid:300000317; rev:1;) +alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"runadvanced-bestextremelyfile.best",nocase; classtype:web-application-activity; sid:300000318; rev:1;) +alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"runcurrent-bestextremelyfile.best",nocase; classtype:web-application-activity; sid:300000319; rev:1;) +alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"rundeveloped-bestoverlyfile.best",nocase; classtype:web-application-activity; sid:300000320; rev:1;) +alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"runextremely-bestadvancedfile.best",nocase; classtype:web-application-activity; sid:300000321; rev:1;) +alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"runextremely-bestcurrentfile.best",nocase; classtype:web-application-activity; sid:300000322; rev:1;) +alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"runextremely-bestlatestfile.best",nocase; classtype:web-application-activity; sid:300000323; rev:1;) +alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"runextremely-bestrecentfile.best",nocase; classtype:web-application-activity; sid:300000324; rev:1;) +alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"runfree-bestoverlyfile.best",nocase; classtype:web-application-activity; sid:300000325; rev:1;) +alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"runintensely-bestrenewedfile.best",nocase; classtype:web-application-activity; sid:300000326; rev:1;) +alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"runlatest-besthighlyfile.best",nocase; classtype:web-application-activity; sid:300000327; rev:1;) +alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"runnewest-bestextremelyfile.best",nocase; classtype:web-application-activity; sid:300000328; rev:1;) +alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"runoriginal-bestextremelyfile.best",nocase; classtype:web-application-activity; sid:300000329; rev:1;) +alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"runoriginal-bestintenselyfile.best",nocase; classtype:web-application-activity; sid:300000330; rev:1;) +alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"runoverly-bestdevelopedfile.best",nocase; classtype:web-application-activity; sid:300000331; rev:1;) +alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"runoverly-bestquickfile.best",nocase; classtype:web-application-activity; sid:300000332; rev:1;) +alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"runoverly-bestsophisticatedfile.best",nocase; classtype:web-application-activity; sid:300000333; rev:1;) +alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"runprogressive-bestmostfile.best",nocase; classtype:web-application-activity; sid:300000334; rev:1;) +alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"runrecent-bestextremelyfile.best",nocase; classtype:web-application-activity; sid:300000335; rev:1;) +alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"runrecent-besthighlyfile.best",nocase; classtype:web-application-activity; sid:300000336; rev:1;) +alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"safest4placeupdate.info",nocase; classtype:web-application-activity; sid:300000337; rev:1;) +alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"safest4placeupdates.info",nocase; classtype:web-application-activity; sid:300000338; rev:1;) +alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"savagegrowplus.net",nocase; classtype:web-application-activity; sid:300000339; rev:1;) +alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"scoopswoop.info",nocase; classtype:web-application-activity; sid:300000340; rev:1;) +alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"score-monitoring.xyz",nocase; classtype:web-application-activity; sid:300000341; rev:1;) +alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"search4theupdatefree.work",nocase; classtype:web-application-activity; sid:300000342; rev:1;) +alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"searchoffers.info",nocase; classtype:web-application-activity; sid:300000343; rev:1;) +alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"seasoned.co",nocase; classtype:web-application-activity; sid:300000344; rev:1;) +alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"sec-alert.xyz",nocase; classtype:web-application-activity; sid:300000345; rev:1;) +alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"sec-alerts.xyz",nocase; classtype:web-application-activity; sid:300000346; rev:1;) +alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"securitevpn.me",nocase; classtype:web-application-activity; sid:300000347; rev:1;) +alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"security-made-easy.xyz",nocase; classtype:web-application-activity; sid:300000348; rev:1;) +alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"securityvpnpro.me",nocase; classtype:web-application-activity; sid:300000349; rev:1;) +alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"seemlast.monster",nocase; classtype:web-application-activity; sid:300000350; rev:1;) +alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"sergey-tracks.xyz",nocase; classtype:web-application-activity; sid:300000351; rev:1;) +alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"service-care.space",nocase; classtype:web-application-activity; sid:300000352; rev:1;) +alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"settothereliableupgradingnew.work",nocase; classtype:web-application-activity; sid:300000353; rev:1;) +alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"shopnsave.world",nocase; classtype:web-application-activity; sid:300000354; rev:1;) +alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"signupandturnyourscreenoffsafepowernow.date",nocase; classtype:web-application-activity; sid:300000355; rev:1;) +alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"smartys.link",nocase; classtype:web-application-activity; sid:300000356; rev:1;) +alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"sorrectionki.space",nocase; classtype:web-application-activity; sid:300000357; rev:1;) +alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"spotmapd.xyz",nocase; classtype:web-application-activity; sid:300000358; rev:1;) +alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"springplanetf.xyz",nocase; classtype:web-application-activity; sid:300000359; rev:1;) +alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"start-page.one",nocase; classtype:web-application-activity; sid:300000360; rev:1;) +alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"startos.win",nocase; classtype:web-application-activity; sid:300000361; rev:1;) +alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"stay-notified.cc",nocase; classtype:web-application-activity; sid:300000362; rev:1;) +alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"stickr.co",nocase; classtype:web-application-activity; sid:300000363; rev:1;) +alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"stogether.fun",nocase; classtype:web-application-activity; sid:300000364; rev:1;) alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"streamadvanced-bestcompletelyfile.best",nocase; classtype:web-application-activity; sid:300000365; rev:1;) alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"streamadvanced-bestextremelyfile.best",nocase; classtype:web-application-activity; sid:300000366; rev:1;) alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"streamdeveloped-bestoverlyfile.best",nocase; classtype:web-application-activity; sid:300000367; rev:1;) diff --git a/dist/pup-filter-suricata.rules b/dist/pup-filter-suricata.rules index 2632e28..eb2aa01 100644 --- a/dist/pup-filter-suricata.rules +++ b/dist/pup-filter-suricata.rules @@ -1,6 +1,6 @@ # Title: PUP Domains Suricata Ruleset # Description: Block domains that host potentially unwanted programs (PUP) -# Updated: Sat, 31 Jul 2021 00:02:56 +0000 +# Updated: Sat, 31 Jul 2021 12:03:04 +0000 # Expires: 1 day (update frequency) # Homepage: https://gitlab.com/curben/pup-filter # License: https://gitlab.com/curben/pup-filter#license @@ -321,54 +321,54 @@ alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detec alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"rewardsluckygiveawayprize.cyou"; classtype:web-application-activity; sid:300000314; rev:1;) alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"rewardspromotionwinnersuper.cyou"; classtype:web-application-activity; sid:300000315; rev:1;) alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"ritaus.org"; classtype:web-application-activity; sid:300000316; rev:1;) -alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"robogarden.io"; classtype:web-application-activity; sid:300000317; rev:1;) -alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"rootessential.info"; classtype:web-application-activity; sid:300000318; rev:1;) -alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"runadvanced-bestextremelyfile.best"; classtype:web-application-activity; sid:300000319; rev:1;) -alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"runcurrent-bestextremelyfile.best"; classtype:web-application-activity; sid:300000320; rev:1;) -alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"rundeveloped-bestoverlyfile.best"; classtype:web-application-activity; sid:300000321; rev:1;) -alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"runextremely-bestadvancedfile.best"; classtype:web-application-activity; sid:300000322; rev:1;) -alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"runextremely-bestcurrentfile.best"; classtype:web-application-activity; sid:300000323; rev:1;) -alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"runextremely-bestlatestfile.best"; classtype:web-application-activity; sid:300000324; rev:1;) -alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"runextremely-bestrecentfile.best"; classtype:web-application-activity; sid:300000325; rev:1;) -alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"runfree-bestoverlyfile.best"; classtype:web-application-activity; sid:300000326; rev:1;) -alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"runintensely-bestrenewedfile.best"; classtype:web-application-activity; sid:300000327; rev:1;) -alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"runlatest-besthighlyfile.best"; classtype:web-application-activity; sid:300000328; rev:1;) -alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"runnewest-bestextremelyfile.best"; classtype:web-application-activity; sid:300000329; rev:1;) -alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"runoriginal-bestextremelyfile.best"; classtype:web-application-activity; sid:300000330; rev:1;) -alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"runoriginal-bestintenselyfile.best"; classtype:web-application-activity; sid:300000331; rev:1;) -alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"runoverly-bestdevelopedfile.best"; classtype:web-application-activity; sid:300000332; rev:1;) -alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"runoverly-bestquickfile.best"; classtype:web-application-activity; sid:300000333; rev:1;) -alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"runoverly-bestsophisticatedfile.best"; classtype:web-application-activity; sid:300000334; rev:1;) -alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"runprogressive-bestmostfile.best"; classtype:web-application-activity; sid:300000335; rev:1;) -alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"runrecent-bestextremelyfile.best"; classtype:web-application-activity; sid:300000336; rev:1;) -alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"runrecent-besthighlyfile.best"; classtype:web-application-activity; sid:300000337; rev:1;) -alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"safest4placeupdate.info"; classtype:web-application-activity; sid:300000338; rev:1;) -alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"safest4placeupdates.info"; classtype:web-application-activity; sid:300000339; rev:1;) -alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"savagegrowplus.net"; classtype:web-application-activity; sid:300000340; rev:1;) -alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"scoopswoop.info"; classtype:web-application-activity; sid:300000341; rev:1;) -alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"score-monitoring.xyz"; classtype:web-application-activity; sid:300000342; rev:1;) -alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"search4theupdatefree.work"; classtype:web-application-activity; sid:300000343; rev:1;) -alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"searchoffers.info"; classtype:web-application-activity; sid:300000344; rev:1;) -alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"seasoned.co"; classtype:web-application-activity; sid:300000345; rev:1;) -alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"sec-alert.xyz"; classtype:web-application-activity; sid:300000346; rev:1;) -alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"sec-alerts.xyz"; classtype:web-application-activity; sid:300000347; rev:1;) -alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"securitevpn.me"; classtype:web-application-activity; sid:300000348; rev:1;) -alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"security-made-easy.xyz"; classtype:web-application-activity; sid:300000349; rev:1;) -alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"securityvpnpro.me"; classtype:web-application-activity; sid:300000350; rev:1;) -alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"seemlast.monster"; classtype:web-application-activity; sid:300000351; rev:1;) -alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"sergey-tracks.xyz"; classtype:web-application-activity; sid:300000352; rev:1;) -alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"service-care.space"; classtype:web-application-activity; sid:300000353; rev:1;) -alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"settothereliableupgradingnew.work"; classtype:web-application-activity; sid:300000354; rev:1;) -alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"shopnsave.world"; classtype:web-application-activity; sid:300000355; rev:1;) -alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"signupandturnyourscreenoffsafepowernow.date"; classtype:web-application-activity; sid:300000356; rev:1;) -alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"smartys.link"; classtype:web-application-activity; sid:300000357; rev:1;) -alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"sorrectionki.space"; classtype:web-application-activity; sid:300000358; rev:1;) -alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"spotmapd.xyz"; classtype:web-application-activity; sid:300000359; rev:1;) -alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"springplanetf.xyz"; classtype:web-application-activity; sid:300000360; rev:1;) -alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"start-page.one"; classtype:web-application-activity; sid:300000361; rev:1;) -alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"startos.win"; classtype:web-application-activity; sid:300000362; rev:1;) -alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"stay-notified.cc"; classtype:web-application-activity; sid:300000363; rev:1;) -alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"stickr.co"; classtype:web-application-activity; sid:300000364; rev:1;) +alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"rootessential.info"; classtype:web-application-activity; sid:300000317; rev:1;) +alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"runadvanced-bestextremelyfile.best"; classtype:web-application-activity; sid:300000318; rev:1;) +alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"runcurrent-bestextremelyfile.best"; classtype:web-application-activity; sid:300000319; rev:1;) +alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"rundeveloped-bestoverlyfile.best"; classtype:web-application-activity; sid:300000320; rev:1;) +alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"runextremely-bestadvancedfile.best"; classtype:web-application-activity; sid:300000321; rev:1;) +alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"runextremely-bestcurrentfile.best"; classtype:web-application-activity; sid:300000322; rev:1;) +alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"runextremely-bestlatestfile.best"; classtype:web-application-activity; sid:300000323; rev:1;) +alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"runextremely-bestrecentfile.best"; classtype:web-application-activity; sid:300000324; rev:1;) +alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"runfree-bestoverlyfile.best"; classtype:web-application-activity; sid:300000325; rev:1;) +alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"runintensely-bestrenewedfile.best"; classtype:web-application-activity; sid:300000326; rev:1;) +alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"runlatest-besthighlyfile.best"; classtype:web-application-activity; sid:300000327; rev:1;) +alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"runnewest-bestextremelyfile.best"; classtype:web-application-activity; sid:300000328; rev:1;) +alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"runoriginal-bestextremelyfile.best"; classtype:web-application-activity; sid:300000329; rev:1;) +alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"runoriginal-bestintenselyfile.best"; classtype:web-application-activity; sid:300000330; rev:1;) +alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"runoverly-bestdevelopedfile.best"; classtype:web-application-activity; sid:300000331; rev:1;) +alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"runoverly-bestquickfile.best"; classtype:web-application-activity; sid:300000332; rev:1;) +alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"runoverly-bestsophisticatedfile.best"; classtype:web-application-activity; sid:300000333; rev:1;) +alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"runprogressive-bestmostfile.best"; classtype:web-application-activity; sid:300000334; rev:1;) +alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"runrecent-bestextremelyfile.best"; classtype:web-application-activity; sid:300000335; rev:1;) +alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"runrecent-besthighlyfile.best"; classtype:web-application-activity; sid:300000336; rev:1;) +alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"safest4placeupdate.info"; classtype:web-application-activity; sid:300000337; rev:1;) +alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"safest4placeupdates.info"; classtype:web-application-activity; sid:300000338; rev:1;) +alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"savagegrowplus.net"; classtype:web-application-activity; sid:300000339; rev:1;) +alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"scoopswoop.info"; classtype:web-application-activity; sid:300000340; rev:1;) +alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"score-monitoring.xyz"; classtype:web-application-activity; sid:300000341; rev:1;) +alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"search4theupdatefree.work"; classtype:web-application-activity; sid:300000342; rev:1;) +alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"searchoffers.info"; classtype:web-application-activity; sid:300000343; rev:1;) +alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"seasoned.co"; classtype:web-application-activity; sid:300000344; rev:1;) +alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"sec-alert.xyz"; classtype:web-application-activity; sid:300000345; rev:1;) +alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"sec-alerts.xyz"; classtype:web-application-activity; sid:300000346; rev:1;) +alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"securitevpn.me"; classtype:web-application-activity; sid:300000347; rev:1;) +alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"security-made-easy.xyz"; classtype:web-application-activity; sid:300000348; rev:1;) +alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"securityvpnpro.me"; classtype:web-application-activity; sid:300000349; rev:1;) +alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"seemlast.monster"; classtype:web-application-activity; sid:300000350; rev:1;) +alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"sergey-tracks.xyz"; classtype:web-application-activity; sid:300000351; rev:1;) +alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"service-care.space"; classtype:web-application-activity; sid:300000352; rev:1;) +alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"settothereliableupgradingnew.work"; classtype:web-application-activity; sid:300000353; rev:1;) +alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"shopnsave.world"; classtype:web-application-activity; sid:300000354; rev:1;) +alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"signupandturnyourscreenoffsafepowernow.date"; classtype:web-application-activity; sid:300000355; rev:1;) +alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"smartys.link"; classtype:web-application-activity; sid:300000356; rev:1;) +alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"sorrectionki.space"; classtype:web-application-activity; sid:300000357; rev:1;) +alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"spotmapd.xyz"; classtype:web-application-activity; sid:300000358; rev:1;) +alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"springplanetf.xyz"; classtype:web-application-activity; sid:300000359; rev:1;) +alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"start-page.one"; classtype:web-application-activity; sid:300000360; rev:1;) +alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"startos.win"; classtype:web-application-activity; sid:300000361; rev:1;) +alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"stay-notified.cc"; classtype:web-application-activity; sid:300000362; rev:1;) +alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"stickr.co"; classtype:web-application-activity; sid:300000363; rev:1;) +alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"stogether.fun"; classtype:web-application-activity; sid:300000364; rev:1;) alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"streamadvanced-bestcompletelyfile.best"; classtype:web-application-activity; sid:300000365; rev:1;) alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"streamadvanced-bestextremelyfile.best"; classtype:web-application-activity; sid:300000366; rev:1;) alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; flow:established,from_client; http.method; content:"GET"; http.host; content:"streamdeveloped-bestoverlyfile.best"; classtype:web-application-activity; sid:300000367; rev:1;) diff --git a/dist/pup-filter-unbound.conf b/dist/pup-filter-unbound.conf index b0bc1f2..8de8115 100644 --- a/dist/pup-filter-unbound.conf +++ b/dist/pup-filter-unbound.conf @@ -1,6 +1,6 @@ # Title: PUP Domains Unbound Blocklist # Description: Block domains that host potentially unwanted programs (PUP) -# Updated: Sat, 31 Jul 2021 00:02:56 +0000 +# Updated: Sat, 31 Jul 2021 12:03:04 +0000 # Expires: 1 day (update frequency) # Homepage: https://gitlab.com/curben/pup-filter # License: https://gitlab.com/curben/pup-filter#license @@ -321,7 +321,6 @@ local-zone: "rewards-promotion-winner-super.cyou" always_nxdomain local-zone: "rewardsluckygiveawayprize.cyou" always_nxdomain local-zone: "rewardspromotionwinnersuper.cyou" always_nxdomain local-zone: "ritaus.org" always_nxdomain -local-zone: "robogarden.io" always_nxdomain local-zone: "rootessential.info" always_nxdomain local-zone: "runadvanced-bestextremelyfile.best" always_nxdomain local-zone: "runcurrent-bestextremelyfile.best" always_nxdomain @@ -369,6 +368,7 @@ local-zone: "start-page.one" always_nxdomain local-zone: "startos.win" always_nxdomain local-zone: "stay-notified.cc" always_nxdomain local-zone: "stickr.co" always_nxdomain +local-zone: "stogether.fun" always_nxdomain local-zone: "streamadvanced-bestcompletelyfile.best" always_nxdomain local-zone: "streamadvanced-bestextremelyfile.best" always_nxdomain local-zone: "streamdeveloped-bestoverlyfile.best" always_nxdomain diff --git a/dist/pup-filter-vivaldi.txt b/dist/pup-filter-vivaldi.txt index 82bcd99..206c099 100644 --- a/dist/pup-filter-vivaldi.txt +++ b/dist/pup-filter-vivaldi.txt @@ -1,6 +1,6 @@ ! Title: PUP Domains Blocklist (Vivaldi) ! Description: Block domains that host potentially unwanted programs (PUP) -! Updated: Sat, 31 Jul 2021 00:02:56 +0000 +! Updated: Sat, 31 Jul 2021 12:03:04 +0000 ! Expires: 1 day (update frequency) ! Homepage: https://gitlab.com/curben/pup-filter ! License: https://gitlab.com/curben/pup-filter#license @@ -321,7 +321,6 @@ ||rewardsluckygiveawayprize.cyou$document ||rewardspromotionwinnersuper.cyou$document ||ritaus.org$document -||robogarden.io$document ||rootessential.info$document ||runadvanced-bestextremelyfile.best$document ||runcurrent-bestextremelyfile.best$document @@ -369,6 +368,7 @@ ||startos.win$document ||stay-notified.cc$document ||stickr.co$document +||stogether.fun$document ||streamadvanced-bestcompletelyfile.best$document ||streamadvanced-bestextremelyfile.best$document ||streamdeveloped-bestoverlyfile.best$document diff --git a/dist/pup-filter.tpl b/dist/pup-filter.tpl index 4975bd6..80bdc50 100644 --- a/dist/pup-filter.tpl +++ b/dist/pup-filter.tpl @@ -1,7 +1,7 @@ msFilterList # Title: PUP Hosts Blocklist (IE) # Description: Block domains that host potentially unwanted programs (PUP) -# Updated: Sat, 31 Jul 2021 00:02:56 +0000 +# Updated: Sat, 31 Jul 2021 12:03:04 +0000 # Expires: 1 day (update frequency) # Homepage: https://gitlab.com/curben/pup-filter # License: https://gitlab.com/curben/pup-filter#license @@ -324,7 +324,6 @@ msFilterList -d rewardsluckygiveawayprize.cyou -d rewardspromotionwinnersuper.cyou -d ritaus.org --d robogarden.io -d rootessential.info -d runadvanced-bestextremelyfile.best -d runcurrent-bestextremelyfile.best @@ -372,6 +371,7 @@ msFilterList -d startos.win -d stay-notified.cc -d stickr.co +-d stogether.fun -d streamadvanced-bestcompletelyfile.best -d streamadvanced-bestextremelyfile.best -d streamdeveloped-bestoverlyfile.best diff --git a/dist/pup-filter.txt b/dist/pup-filter.txt index cfae629..392737e 100644 --- a/dist/pup-filter.txt +++ b/dist/pup-filter.txt @@ -1,6 +1,6 @@ ! Title: PUP Domains Blocklist ! Description: Block domains that host potentially unwanted programs (PUP) -! Updated: Sat, 31 Jul 2021 00:02:56 +0000 +! Updated: Sat, 31 Jul 2021 12:03:04 +0000 ! Expires: 1 day (update frequency) ! Homepage: https://gitlab.com/curben/pup-filter ! License: https://gitlab.com/curben/pup-filter#license @@ -321,7 +321,6 @@ rewards-promotion-winner-super.cyou rewardsluckygiveawayprize.cyou rewardspromotionwinnersuper.cyou ritaus.org -robogarden.io rootessential.info runadvanced-bestextremelyfile.best runcurrent-bestextremelyfile.best @@ -369,6 +368,7 @@ start-page.one startos.win stay-notified.cc stickr.co +stogether.fun streamadvanced-bestcompletelyfile.best streamadvanced-bestextremelyfile.best streamdeveloped-bestoverlyfile.best